www.thecrimson.com Open in urlscan Pro
52.222.214.30 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://www.thecrimson.com/article/2022/6/1/draft-human-remains-report//u003e.
Effective URL:
https://www.thecrimson.com/article/2022/6/1/draft-human-remains-report//u003e.
Submission: On October 03 via api (October 3rd 2022, 6:27:32 am UTC) from PL — Scanned from DE

Summary HTTP 194 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 47 IPs in 8 countries across 52 domains to perform 194 HTTP transactions. The main IP is 52.222.214.30, located in United States and belongs to AMAZON-02, US. The main domain is www.thecrimson.com. The Cisco Umbrella rank of the primary domain is 333728.
TLS certificate: Issued by Amazon on September 30th 2022. Valid for: a year.

This is the only time www.thecrimson.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2	52.222.214.30 52.222.214.30	16509 (AMAZON-02) (AMAZON-02)
10	13.224.189.115 13.224.189.115	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:827::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400d:80a::200a	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a02:26f0:350... 2a02:26f0:3500:889::13b8	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	104.17.119.107 104.17.119.107	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:2800:234... 2606:2800:234:59:254c:406:2366:268c	15133 (EDGECAST) (EDGECAST)
6	2a00:1450:400... 2a00:1450:400d:80c::2002	15169 (GOOGLE) (GOOGLE)
5	104.75.88.126 104.75.88.126	16625 (AKAMAI-AS) (AKAMAI-AS)
3	54.231.198.144 54.231.198.144	16509 (AMAZON-02) (AMAZON-02)
2	2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2	2a00:1450:400... 2a00:1450:4001:80f::200e	15169 (GOOGLE) (GOOGLE)
4	2606:4700:303... 2606:4700:3034::ac43:9ef1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2.18.69.141 2.18.69.141	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2a00:1450:400... 2a00:1450:4001:800::2003	15169 (GOOGLE) (GOOGLE)
1	104.244.42.200 104.244.42.200	13414 (TWITTER) (TWITTER)
16	2a00:1450:400... 2a00:1450:4001:802::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400d:80a::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:828::2001	15169 (GOOGLE) (GOOGLE)
1	3.68.42.108 3.68.42.108	16509 (AMAZON-02) (AMAZON-02)
1	216.52.2.30 216.52.2.30	30282 (AS-INAPCD...) (AS-INAPCDN-OCY)
2	2a03:2880:f11... 2a03:2880:f11c:8083:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	3.71.169.66 3.71.169.66	16509 (AMAZON-02) (AMAZON-02)
9	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
12	2a00:1450:400... 2a00:1450:400d:806::2001	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:813::2004	15169 (GOOGLE) (GOOGLE)
3	2600:1901:0:7... 2600:1901:0:76b9::	15169 (GOOGLE) (GOOGLE)
36	2606:4700:20:... 2606:4700:20::681a:bd1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 2	185.29.132.241 185.29.132.241	30419 (MEDIAMATH...) (MEDIAMATH-INC)
1 19	142.250.186.98 142.250.186.98	15169 (GOOGLE) (GOOGLE)
2	15.197.193.217 15.197.193.217	16509 (AMAZON-02) (AMAZON-02)
3 3	66.155.71.149 66.155.71.149	13768 (COGECO-PEER1) (COGECO-PEER1)
1 1	2a05:d018:d29... 2a05:d018:d29:3605:9448:e453:d99b:3ba1	16509 (AMAZON-02) (AMAZON-02)
1 1	2600:9000:225... 2600:9000:225e:7200:1b:5138:8a40:93a1	16509 (AMAZON-02) (AMAZON-02)
2 2	3.126.56.137 3.126.56.137	16509 (AMAZON-02) (AMAZON-02)
3 3	185.89.210.141 185.89.210.141	29990 (ASN-APPNEX) (ASN-APPNEX)
3	2606:4700:20:... 2606:4700:20::681a:61b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	2606:4700:20:... 2606:4700:20::ac43:4a81	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	151.101.66.49 151.101.66.49	54113 (FASTLY) (FASTLY)
1 1	85.114.159.118 85.114.159.118	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
3 3	52.58.8.248 52.58.8.248	16509 (AMAZON-02) (AMAZON-02)
2 2	35.156.85.196 35.156.85.196	16509 (AMAZON-02) (AMAZON-02)
2 2	37.157.5.142 37.157.5.142	198622 (ADFORM) (ADFORM)
2 2	76.223.111.18 76.223.111.18	16509 (AMAZON-02) (AMAZON-02)
3 5	92.123.17.141 92.123.17.141	16625 (AKAMAI-AS) (AKAMAI-AS)
1	148.251.139.77 148.251.139.77	24940 (HETZNER-AS) (HETZNER-AS)
1	2606:4700::68... 2606:4700::6812:7f05	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	3.11.195.34 3.11.195.34	16509 (AMAZON-02) (AMAZON-02)
1 2	2001:678:cb4:... 2001:678:cb4:bbbb::11	56396 (AMOBEE) (AMOBEE)
1 2	2606:4700:440... 2606:4700:4400::6812:230b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	35.190.0.66 35.190.0.66	15169 (GOOGLE) (GOOGLE)
3 3	213.19.147.45 213.19.147.45	26120 (RHYTHMONE) (RHYTHMONE)
3	13.224.189.4 13.224.189.4	16509 (AMAZON-02) (AMAZON-02)
2	13.225.78.118 13.225.78.118	16509 (AMAZON-02) (AMAZON-02)
4 4	142.250.185.134 142.250.185.134	15169 (GOOGLE) (GOOGLE)
4 4	84.200.5.215 84.200.5.215	44066 (DE-FIRSTC...) (DE-FIRSTCOLO www.first-colo.net)
1	78.46.85.162 78.46.85.162	24940 (HETZNER-AS) (HETZNER-AS)
1	46.4.41.145 46.4.41.145	24940 (HETZNER-AS) (HETZNER-AS)
6	18.133.56.86 18.133.56.86	16509 (AMAZON-02) (AMAZON-02)
1	52.21.197.24 52.21.197.24	() ()
194	47

2 52.222.214.30 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-214-30.fra56.r.cloudfront.net

www.thecrimson.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 13.224.189.115 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-189-115.fra2.r.cloudfront.net

static.thecrimson.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:80a::200a (Ireland)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:3500:889::13b8 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

cdn.optimizely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.17.119.107 (Shahr, Iran, Islamic Republic Of)

ASN13335 (CLOUDFLARENET, US)

biddr.brealtime.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:2800:234:59:254c:406:2366:268c (United States)

ASN15133 (EDGECAST, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:400d:80c::2002 (Ireland)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 104.75.88.126 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-75-88-126.deploy.static.akamaitechnologies.com

s7.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
v1.addthisedge.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
m.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.231.198.144 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1.amazonaws.com

s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f02d:12:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:3034::ac43:9ef1 (United States)

ASN13335 (CLOUDFLARENET, US)

adblockrelief.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.69.141 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-69-141.deploy.static.akamaitechnologies.com

z.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.200 (United States)

ASN13414 (TWITTER, US)

syndication.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:80a::2002 (Ireland)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:828::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

6ebdd67972871d470294b21b6b0626bd.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.68.42.108 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-68-42-108.eu-central-1.compute.amazonaws.com

hb.emxdgt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.52.2.30 (United States)

ASN30282 (AS-INAPCDN-OCY, US)

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f11c:8083:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.71.169.66 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-71-169-66.eu-central-1.compute.amazonaws.com

e1.emxdgt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:400d:806::2001 (Ireland)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:813::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:1901:0:76b9:: (Kansas City, United States)

ASN15169 (GOOGLE, US)

prod-rtb.ad4mat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

36 2606:4700:20::681a:bd1 (United States)

ASN13335 (CLOUDFLARENET, US)

as.ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
assets.ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.29.132.241 (United Kingdom) 2 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 142.250.186.98 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 15.197.193.217 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 66.155.71.149 (Portsmouth, United Kingdom) 3 redirects

ASN13768 (COGECO-PEER1, CA)

pixel-sync.sitescout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d018:d29:3605:9448:e453:d99b:3ba1 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:225e:7200:1b:5138:8a40:93a1 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

s.ad.smaato.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.126.56.137 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-56-137.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.89.210.141 (Frankfurt am Main, Germany) 3 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:20::681a:61b (United States)

ASN13335 (CLOUDFLARENET, US)

static-de.ad4mat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700:20::ac43:4a81 (United States)

ASN13335 (CLOUDFLARENET, US)

ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.66.49 (United States)

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.114.159.118 (Schopfheim, Germany) 1 redirects

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com

dsp.adfarm1.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.58.8.248 (Frankfurt am Main, Germany) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-58-8-248.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.156.85.196 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-35-156-85-196.eu-central-1.compute.amazonaws.com

ads.creative-serving.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.5.142 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 76.223.111.18 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 92.123.17.141 (Vienna, Austria) 3 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a92-123-17-141.deploy.static.akamaitechnologies.com

www.awin1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.zenaps.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 148.251.139.77 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.77.139.251.148.clients.your-server.de

banner.congstar.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:7f05 (United States)

ASN13335 (CLOUDFLARENET, US)

www.conrad.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 3.11.195.34 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-11-195-34.eu-west-2.compute.amazonaws.com

track.webgains.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:678:cb4:bbbb::11 (United Kingdom) 1 redirects

ASN56396 (AMOBEE, GB)

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
r.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:4400::6812:230b (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

a.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.190.0.66 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 66.0.190.35.bc.googleusercontent.com

ads.travelaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 213.19.147.45 (Amsterdam, Netherlands) 3 redirects

ASN26120 (RHYTHMONE, US)

sync.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.targeting.unrulymedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.224.189.4 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-189-4.fra2.r.cloudfront.net

analytics.webgains.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.225.78.118 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-118.fra2.r.cloudfront.net

cdn.track.production.webgains.team	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.185.134 (United States) 4 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 84.200.5.215 (Germany) 4 redirects

ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE)

www.telefonica-partner.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.lead-alliance.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 78.46.85.162 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: nonstopads1.sunbonet.de

partner.o2online.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 46.4.41.145 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: nonstopads2.sunbonet.de

partner.blau.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 18.133.56.86 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-133-56-86.eu-west-2.compute.amazonaws.com

api.webgains.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.21.197.24 (None, )

ASN- ()

emxhb.emxdgt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
42	ad4m.at as.ad4m.at — Cisco Umbrella Rank: 29897 ad4m.at — Cisco Umbrella Rank: 10156 assets.ad4m.at — Cisco Umbrella Rank: 37542	2 MB
39	doubleclick.net 5 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 180 cm.g.doubleclick.net — Cisco Umbrella Rank: 212 ad.doubleclick.net — Cisco Umbrella Rank: 163	170 KB
24	googlesyndication.com 6ebdd67972871d470294b21b6b0626bd.safeframe.googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 102 tpc.googlesyndication.com — Cisco Umbrella Rank: 143	101 KB
12	thecrimson.com www.thecrimson.com — Cisco Umbrella Rank: 333728 static.thecrimson.com	243 KB
9	webgains.io analytics.webgains.io — Cisco Umbrella Rank: 22113 api.webgains.io — Cisco Umbrella Rank: 59808	94 KB
6	ad4mat.net prod-rtb.ad4mat.net — Cisco Umbrella Rank: 126281 static-de.ad4mat.net — Cisco Umbrella Rank: 172134	12 KB
6	google.com adservice.google.com — Cisco Umbrella Rank: 76 www.google.com — Cisco Umbrella Rank: 2	2 KB
4	webgains.com track.webgains.com — Cisco Umbrella Rank: 49931	54 KB
4	awin1.com 2 redirects www.awin1.com — Cisco Umbrella Rank: 16217	3 KB
4	adblockrelief.com adblockrelief.com	2 KB
4	addthis.com s7.addthis.com — Cisco Umbrella Rank: 1572 m.addthis.com — Cisco Umbrella Rank: 1510	142 KB
4	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 191	158 KB
3	bidswitch.net 3 redirects x.bidswitch.net — Cisco Umbrella Rank: 288	2 KB
3	adnxs.com 3 redirects secure.adnxs.com — Cisco Umbrella Rank: 428	3 KB
3	yahoo.com 3 redirects pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 439 ups.analytics.yahoo.com — Cisco Umbrella Rank: 282	1 KB
3	sitescout.com 3 redirects pixel-sync.sitescout.com — Cisco Umbrella Rank: 573	1 KB
3	emxdgt.com hb.emxdgt.com — Cisco Umbrella Rank: 2400 e1.emxdgt.com — Cisco Umbrella Rank: 1184 emxhb.emxdgt.com	363 B
3	amazonaws.com s3.amazonaws.com	283 KB
3	twitter.com platform.twitter.com — Cisco Umbrella Rank: 704 syndication.twitter.com — Cisco Umbrella Rank: 964	133 KB
3	brealtime.com biddr.brealtime.com — Cisco Umbrella Rank: 2807	50 KB
2	lead-alliance.net 2 redirects www.lead-alliance.net — Cisco Umbrella Rank: 79626	699 B
2	telefonica-partner.de 2 redirects www.telefonica-partner.de — Cisco Umbrella Rank: 78637	489 B
2	webgains.team cdn.track.production.webgains.team — Cisco Umbrella Rank: 69712	96 KB
2	1rx.io 2 redirects sync.1rx.io — Cisco Umbrella Rank: 530	2 KB
2	tribalfusion.com 1 redirects a.tribalfusion.com — Cisco Umbrella Rank: 805 s.tribalfusion.com — Cisco Umbrella Rank: 2173	1 KB
2	turn.com 1 redirects ad.turn.com — Cisco Umbrella Rank: 746 r.turn.com — Cisco Umbrella Rank: 3326	869 B
2	3lift.com 2 redirects eb2.3lift.com — Cisco Umbrella Rank: 376	962 B
2	adform.net 2 redirects c1.adform.net — Cisco Umbrella Rank: 614	1 KB
2	creative-serving.com 2 redirects ads.creative-serving.com — Cisco Umbrella Rank: 3941	1 KB
2	everesttech.net sync-tm.everesttech.net — Cisco Umbrella Rank: 537	239 B
2	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 344	529 B
2	mathtag.com 2 redirects sync.mathtag.com — Cisco Umbrella Rank: 441	2 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 114	222 B
2	google.de adservice.google.de — Cisco Umbrella Rank: 8962	914 B
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 28	20 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 151	111 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 41 ajax.googleapis.com — Cisco Umbrella Rank: 284	36 KB
1	blau.de partner.blau.de — Cisco Umbrella Rank: 110030	1 KB
1	o2online.de partner.o2online.de — Cisco Umbrella Rank: 83833	1 KB
1	unrulymedia.com 1 redirects sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 1165	574 B
1	travelaudience.com 1 redirects ads.travelaudience.com — Cisco Umbrella Rank: 13202	551 B
1	conrad.de www.conrad.de — Cisco Umbrella Rank: 68381	653 B
1	zenaps.com 1 redirects www.zenaps.com — Cisco Umbrella Rank: 19602	698 B
1	congstar.de banner.congstar.de — Cisco Umbrella Rank: 80410	518 B
1	adition.com 1 redirects dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1523	584 B
1	smaato.net 1 redirects s.ad.smaato.net — Cisco Umbrella Rank: 712	443 B
1	lijit.com ap.lijit.com — Cisco Umbrella Rank: 598	654 B
1	addthisedge.com v1.addthisedge.com — Cisco Umbrella Rank: 1755	325 B
1	gstatic.com fonts.gstatic.com	23 KB
1	moatads.com z.moatads.com — Cisco Umbrella Rank: 385	1 KB
1	optimizely.com cdn.optimizely.com — Cisco Umbrella Rank: 726	62 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 208	22 KB
194	52

	Domain	Requested by
19	cm.g.doubleclick.net	1 redirects 6ebdd67972871d470294b21b6b0626bd.safeframe.googlesyndication.com
18	assets.ad4m.at	as.ad4m.at
16	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net www.thecrimson.com
12	ad4m.at	as.ad4m.at ad4m.at
12	as.ad4m.at	6ebdd67972871d470294b21b6b0626bd.safeframe.googlesyndication.com as.ad4m.at ad4m.at
12	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com 6ebdd67972871d470294b21b6b0626bd.safeframe.googlesyndication.com
10	static.thecrimson.com	www.thecrimson.com static.thecrimson.com ajax.googleapis.com
8	pagead2.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com 6ebdd67972871d470294b21b6b0626bd.safeframe.googlesyndication.com www.googletagservices.com
6	api.webgains.io	analytics.webgains.io
4	ad.doubleclick.net	4 redirects
4	track.webgains.com	as.ad4m.at
4	www.awin1.com	2 redirects as.ad4m.at
4	www.google.com	tpc.googlesyndication.com 6ebdd67972871d470294b21b6b0626bd.safeframe.googlesyndication.com
4	6ebdd67972871d470294b21b6b0626bd.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
4	adblockrelief.com	www.thecrimson.com adblockrelief.com
4	www.googletagservices.com	www.thecrimson.com 6ebdd67972871d470294b21b6b0626bd.safeframe.googlesyndication.com
3	analytics.webgains.io	track.webgains.com
3	x.bidswitch.net	3 redirects
3	static-de.ad4mat.net	as.ad4m.at
3	secure.adnxs.com	3 redirects
3	pixel-sync.sitescout.com	3 redirects
3	prod-rtb.ad4mat.net	www.thecrimson.com
3	s3.amazonaws.com	www.thecrimson.com
3	s7.addthis.com	www.thecrimson.com s7.addthis.com
3	biddr.brealtime.com	www.thecrimson.com biddr.brealtime.com
2	www.lead-alliance.net	2 redirects
2	www.telefonica-partner.de	2 redirects
2	cdn.track.production.webgains.team	as.ad4m.at
2	sync.1rx.io	2 redirects
2	eb2.3lift.com	2 redirects
2	c1.adform.net	2 redirects
2	ads.creative-serving.com	2 redirects
2	sync-tm.everesttech.net	6ebdd67972871d470294b21b6b0626bd.safeframe.googlesyndication.com
2	ups.analytics.yahoo.com	2 redirects
2	match.adsrvr.org	6ebdd67972871d470294b21b6b0626bd.safeframe.googlesyndication.com
2	sync.mathtag.com	2 redirects
2	www.facebook.com	www.thecrimson.com
2	adservice.google.com	securepubads.g.doubleclick.net
2	adservice.google.de	securepubads.g.doubleclick.net
2	www.google-analytics.com	www.thecrimson.com www.google-analytics.com
2	connect.facebook.net	www.thecrimson.com connect.facebook.net
2	platform.twitter.com	www.thecrimson.com platform.twitter.com
2	www.thecrimson.com	ajax.googleapis.com
1	emxhb.emxdgt.com	biddr.brealtime.com
1	partner.blau.de	as.ad4m.at
1	partner.o2online.de	as.ad4m.at
1	sync.targeting.unrulymedia.com	1 redirects
1	ads.travelaudience.com	1 redirects
1	s.tribalfusion.com
1	a.tribalfusion.com	1 redirects
1	r.turn.com	6ebdd67972871d470294b21b6b0626bd.safeframe.googlesyndication.com
1	ad.turn.com	1 redirects
1	www.conrad.de	as.ad4m.at
1	www.zenaps.com	1 redirects
1	banner.congstar.de	as.ad4m.at
1	dsp.adfarm1.adition.com	1 redirects
1	s.ad.smaato.net	1 redirects
1	pr-bh.ybp.yahoo.com	1 redirects
1	e1.emxdgt.com	biddr.brealtime.com
1	ap.lijit.com	biddr.brealtime.com
1	hb.emxdgt.com	biddr.brealtime.com
1	syndication.twitter.com	platform.twitter.com
1	m.addthis.com	s7.addthis.com
1	v1.addthisedge.com	s7.addthis.com
1	fonts.gstatic.com	fonts.googleapis.com
1	z.moatads.com	s7.addthis.com
1	cdn.optimizely.com	www.thecrimson.com
1	cdnjs.cloudflare.com	www.thecrimson.com
1	ajax.googleapis.com	www.thecrimson.com
1	fonts.googleapis.com	www.thecrimson.com
194	70

This site contains links to these domains. Also see Links.

Domain
subscribe.thecrimson.com
programs.thecrimson.com
store.thecrimson.com
www.printing.thecrimson.com

Subject Issuer	Validity	Valid
thecrimson.com Amazon	`2022-09-30` - `2023-10-29`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-08-03` - `2023-08-02`	a year	crt.sh
cdn.optimizely.com DigiCert SHA2 Secure Server CA	`2021-12-24` - `2022-12-24`	a year	crt.sh
*.brealtime.com Go Daddy Secure Certificate Authority - G2	`2022-01-21` - `2023-02-22`	a year	crt.sh
*.twimg.com DigiCert TLS RSA SHA256 2020 CA1	`2021-10-20` - `2022-10-19`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
odc-addthis-prod-01.oracle.com DigiCert SHA2 Secure Server CA	`2022-02-27` - `2023-02-28`	a year	crt.sh
s3.amazonaws.com Amazon	`2022-04-01` - `2023-03-30`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-07-12` - `2022-10-10`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
moatads.com DigiCert SHA2 Secure Server CA	`2021-11-27` - `2022-11-29`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
syndication.twitter.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-03-07` - `2023-03-06`	a year	crt.sh
*.google.de GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.emxdgt.com Amazon	`2022-06-02` - `2023-07-01`	a year	crt.sh
*.lijit.com Go Daddy Secure Certificate Authority - G2	`2022-06-27` - `2023-06-05`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
prod-rtb.ad4mat.net GTS CA 1D4	`2022-08-16` - `2022-11-14`	3 months	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2022-03-31` - `2023-05-02`	a year	crt.sh
*.everesttech.net GlobalSign Atlas R3 DV TLS CA 2022 Q1	`2022-02-03` - `2023-03-07`	a year	crt.sh
*.webgains.com Amazon	`2022-06-14` - `2023-07-13`	a year	crt.sh
www.awin1.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-04-18` - `2023-04-19`	a year	crt.sh
*.webgains.io Amazon	`2022-08-23` - `2023-09-21`	a year	crt.sh
cdn.track.production.webgains.team Amazon	`2022-09-29` - `2023-10-28`	a year	crt.sh

This page contains 24 frames:

Primary Page: https://www.thecrimson.com/article/2022/6/1/draft-human-remains-report//u003e.
Frame ID: EB85C961E565AF67DD0C433142E9B3A5
Requests: 63 HTTP requests in this frame

Frame: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Frame ID: 30B8121DDFB273B37C0CC026120D4468
Requests: 1 HTTP requests in this frame

Frame: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Frame ID: 6D779254DE2A2EEBDE0DB49AD1944305
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.7dae38096d06923d683a2a807172322a.html?origin=https%3A%2F%2Fwww.thecrimson.com
Frame ID: F2DD0E64D8A2D5A064B8217FE66D9D11
Requests: 2 HTTP requests in this frame

Frame: https://biddr.brealtime.com/check.js?nnn=1664778447044
Frame ID: 2E01943FAC76CA8D5E0EEAE2822B0F66
Requests: 2 HTTP requests in this frame

Frame: https://6ebdd67972871d470294b21b6b0626bd.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: FFC427B1997B1D4C9D57529FFAA1AC10
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 5984E9C3FDFCCB08913376ACDA174407
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 0FC2B1C9100938580104186ED0AD0526
Requests: 2 HTTP requests in this frame

Frame: https://6ebdd67972871d470294b21b6b0626bd.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 507CA192526DEED895D59E7599FE541B
Requests: 9 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1j486ygwx0meewd9hx4g8wykby3e24e1s5awj8r9y9hb1qj59a3r58jybpsfma685dvg17r8k1fran374817p01r8c8wa21ekf7ndd7mhd9pdbnwzchz4qxnre8s9qn6pqmhwr7jpyg7w7j4yyj2e0qey70s5s507fryg7qwnt557fz1jga50nw3pjvd54yymqqhr9ewd2jj3eh52npy36zh02dbjxkr116attc2t5a4v7bsepskpcy848htmz8gbfx4n7d74bad0n8w4n11mqmra4n2w1t598q3c8texyk6r4d6jvky66xb7qef224jsv580gf5a1say9g4ba9wmbpfybf77qfj0gyyz1938b51gn39xrcbqh3n1jfkdr5gmk7syk4y7v2ngfj6km97z19gcsj0r7k6&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC5v9V0IA6Y6DbH7KO7_UPlPeOyAmQ4YGEXLaoworwAsCNtwEQASAAYJW6rYK0B4IBF2NhLXB1Yi0xMzMzODcyMzI2MDU0MTQ2oAHCrujdA8gBCakCFoTab7hxsD7gAgCoAwGqBNECT9B_kOCJkpZy9YQX7qulASrLXSV0ZwTiHkX6BsSpb_pblY7NTO6s8OaGvRzAT576Hc6qAbm44_7LJ-d95U36GQ3oeRBOgkxwXFS3hOLfnPmssW_Y2gF9B_AD9aX4AmHTfj3lWaXPkHpOWHdzq3bL_Hhp-_G3B5FkYKLU1g4jvpEg6pKOxa4nn6aleOtUWXd7OOYC65gYyON0y7elZbHCeZKXIWFUoGdeug_SeTS3FG2c6HilI_LNLlxUJ6lG2-aEQG7Oud_8aRRBLADRPyftA-np_PkZvrzF8NNAqmEcrcTVGzPDorLfAWeqLI4vHKn-LEBTZP0SXBSR8TehVyvVX7mc14ijAWJh81XL1S76KmxxJvgOl-ApuF8odU5FFYpAU-02tNkFPhFNxizldFKIjI_Lx3t3YJFH25PBrOzpllQVnUs3Rqk9Phu4V_h-mzNE1-AEAYAGv8uJxrfT-dFboAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3WD1hW4u_84XEFacGRbFHzrPa4uw%26client%3Dca-pub-1333872326054146%26adurl%3D
Frame ID: 35DB42CA9F23B286C381885E9D09D833
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: CCCCB24377432F5CD82199BBA1AB8352
Requests: 9 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: 9E8B0C59F40AC792C834A81F67785140
Requests: 1 HTTP requests in this frame

Frame: https://6ebdd67972871d470294b21b6b0626bd.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: ECB17CA826E08DA957DC265D14B81D64
Requests: 9 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1hp24tqcs53p5aqc5mynqtggd4hf5fjjtaejkkz55qhy5b2y55zwvfv3238egab6veq6wdjjgwymh49gy8ty0baczev3s555n72fvnpc3rnssdqtk6f2wrmv1rhcdm5xx3y5th487g367nja0zad5gf1eat973938x4ffwmkb97xm7ws7n6z561cghjpjk6b5kpp95jbr67her8sksazhrjx2arf9vzpdy7yncttp25yvyepe997fe3bmr16j31fhfg71yhm46ygm9147hzvftq3jx5b4g4b88rctgpvhvkg1xmp59bxwrq35wkxzzeq4z11y9c6txp710s3bfz8410ja0qdqjvsxtfh9s105rqt2bdmxn28j2gx36t9bwze5desg6285pzp31tjhxe8mjkxd1qtkvj0zw&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC_FGe0IA6Y_SYLZqD7_UPh-OAyAeQ4YGEXLaoworwAsCNtwEQASAAYJW6rYK0B4IBF2NhLXB1Yi0xMzMzODcyMzI2MDU0MTQ2oAHCrujdA8gBCakCFoTab7hxsD7gAgCoAwGqBNYCT9BBqetV0P2F6u20hUbXrhuzReuR6kzRZBF8f1G__ZijCOsg66rDc-oRCApLhJjLWAzqTpqtwknTBqYntxXJfLcTT5H4sW3q-MebmQ3g1k40G1nsqa7_NAUnr8cbjHRxnxmFkegzTBgntNwcQjLRNu5YHX-e6__ZOjxZc5iBwWpUzQyQ6emqWz913ADH2VIzEx1xYFcgWEjFZ_1iDkyKdpJYkgGDNzc6MvESzpOVEp3fl4sxMHCG3s_qa2RVCrLGCypysksw69rqlVH2GFNZ2mrk-QGictdAqrBLiI3QDOtbC156lClws-T4Quc5roGLCc3Xmb2Iz7Wcq2Vyh8SYT14-f48wJgGeSmYpncaUTIX7plwS9ByTe89b5Kp0Smb8XloQLEJDYPeAGQoPvP_NqkAhl0QI69RpwCHSMQ3dWIv9h_ThNbyXa9_dHt06AEMVzIWMjJii4AQBgAbxur7BzIOftfwBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0FF3DdNYpJEsJwUdauwlyFemV_fA%26client%3Dca-pub-1333872326054146%26adurl%3D
Frame ID: 8A3BB88190A70BDDC86BC071608F8878
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: BC77E387BBAE457807E504848DE662A3
Requests: 9 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=196438%2C24673%2C188429&b=GjeTBfpfXwx9UKHeHGtPt31dHZSYTeA9tE%2C4rehEf5fRAzhGH9HdtAtmJAsbSpTr6XuK%2C3PZfpf4fXZ6Rs7HrHAtEt9REtPSWTA14ad&f=Vx7fwfmfDjJEfVHbHAtXC8j4cBSzTzQkTQ%2Cr2GcQf9fd3jTAH7HjtJCBwxuYS8TKxdhd%2CWKmcrfdfZwJeFYH5HjtDCXjeH3SETJdPC2&c=728&d=90&e=&g=bbf7eca2c79275dd37e1836a8a221a1a%2F2905473800889214588&i=25174%2C20430%2C21596&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1664778448945&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jf5fh1rb4tmhhf4jdm7bfqj2x9k72a43338k6b12q7rqmd8k8d5hxq0kr8gaz6vp2r3yvhtm5txj306zpye0q8kmn9yxz2a4xqerj6s5b2wpwtrwxbhevym5mjzry3rvjgdz9jgtechcjd66jc0ktfadzqfd9mf0wxvvdgdeeyvxyxwwh1esf6n5f2kjsderrjgz3pndn0v4qkwyj5bc7nqp2rg1y7070axeh1eyycysvpcpfzvw1vwjytk983fe2vzf03008982%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC5v9V0IA6Y6DbH7KO7_UPlPeOyAmQ4YGEXLaoworwAsCNtwEQASAAYJW6rYK0B4IBF2NhLXB1Yi0xMzMzODcyMzI2MDU0MTQ2oAHCrujdA8gBCakCFoTab7hxsD7gAgCoAwGqBNECT9B_kOCJkpZy9YQX7qulASrLXSV0ZwTiHkX6BsSpb_pblY7NTO6s8OaGvRzAT576Hc6qAbm44_7LJ-d95U36GQ3oeRBOgkxwXFS3hOLfnPmssW_Y2gF9B_AD9aX4AmHTfj3lWaXPkHpOWHdzq3bL_Hhp-_G3B5FkYKLU1g4jvpEg6pKOxa4nn6aleOtUWXd7OOYC65gYyON0y7elZbHCeZKXIWFUoGdeug_SeTS3FG2c6HilI_LNLlxUJ6lG2-aEQG7Oud_8aRRBLADRPyftA-np_PkZvrzF8NNAqmEcrcTVGzPDorLfAWeqLI4vHKn-LEBTZP0SXBSR8TehVyvVX7mc14ijAWJh81XL1S76KmxxJvgOl-ApuF8odU5FFYpAU-02tNkFPhFNxizldFKIjI_Lx3t3YJFH25PBrOzpllQVnUs3Rqk9Phu4V_h-mzNE1-AEAYAGv8uJxrfT-dFboAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3WD1hW4u_84XEFacGRbFHzrPa4uw%2526client%253Dca-pub-1333872326054146%2526adurl%253D&y=1&s=&z=0
Frame ID: A6ED6257942A48063868480FF9653183
Requests: 14 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: 81DA599C053D49E84F00204153DF2C66
Requests: 1 HTTP requests in this frame

Frame: https://6ebdd67972871d470294b21b6b0626bd.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: F7E3A0FC4AA7B59EB017C67BB300862B
Requests: 10 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1h2yjr18p2202zcte99as4snjv473y0nm3d49bzmjszgmqqh337d9x87z2c7k490xe45khvysvgfqk9ykb61py5x1849drpav0aq9wzg5m2t5t9mj3h9rhhxf2jdsmsrwmmat4v7vwhgdjb7sxwwd4ss555fw6h7zbttybn9j1e99ped2rtajp2kfm552pn2zrkc8nydafmps5x0csmc83nzyvdh7je6jykmrzsv5grarav0e62q3ycapqtjwygbvqcrnkmwcm9epk6h3cjyqj3wjcnshh6gc9r0zxemmb6hd625g1pdft4a5aqkyq542k44tn81xfkxdbk8njtv22waq1rzjhks3ma44xjsqtb5jywq8mjmrrpzq3pf457beb8zm8h9mq4cdqzbe8dkfgf4s6w9v36npr&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCTPNY0IA6Y73oO_m99u8Pzq61kAiQ4YGEXLaoworwAsCNtwEQASAAYJW6rYK0B4IBF2NhLXB1Yi0xMzMzODcyMzI2MDU0MTQ2oAHCrujdA8gBCakCFoTab7hxsD7gAgCoAwGqBNYCT9A1QzuY_39DCWK2YqW5-LhTm7Mh39oaRS1rzRa3DlI3PImCpzu3GU4fwXuHKiqKHVvPnnm0zJIwCF2QfxOlYEojf4i7i4oWFvQpo7sVARWTp1nOjowrZAHgLsYXKi_BbgQqZdHa4yRIIGaFef_K9NusA_LLU_yoT4snoDq5_G7saSrTdTwdw4Rs_H0RlRryDI3OtTBZgXoaHjXEmAZnpp38YIhs7WDfQapkziwaY7kYoR4tmbIXah7q7VkSM2Ciq59kj0LR4HtOKt5qdmzmD9HVSBR31Xtm4fv_Q-JIf0E7sMCcrpueINP5GV9AVTrTraqBk-OVL0bgB0eesCz3jZzzBFWODIwOlKc8shcPoNnRxAbLxFmysZBTh1dhF86mxZsQa9eNgBwlKrDvLIzPoB5hsEtYhulsPTTCKwscQUkqH7U--dBWV6tiQKVsrRE6tXcvvCPK4AQBgAbxur7BzIOftfwBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1ABROh2ouoTmi9HSy1ePSF9LA92w%26client%3Dca-pub-1333872326054146%26adurl%3D
Frame ID: 0D795E609D7FEF3C237E7B5F7BA15464
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 1E7E0353D95449A030F18F7D315E3F59
Requests: 9 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=117569%2C61651%2C14044&b=r2GcQf9f8qB2CAH7Hjtqt8DYtYS8TKxdhd%2CwA3SdfjfD5b6hEHRH2tXtxVEUzSATDzRT5%2CXxVfzfrfqw7U6H4HetqtxD7UQSkTXKPfJ&f=PxefBfbf4YMAU9HjHbtgCYqGUJS9TPM7Fp%2CgVXF8frfkpAGaPHbH8txCzDPhmSQTm7VFe%2Ce7RC3fVfxBVcjHZHet2CeW3swSQTx8Ja1&c=300&d=250&e=&g=685a12d69d9862109b8d9a1cc87ddf1e%2F17001745813211297087&i=29981%2C24905%2C25007&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1664778449133&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hk1hwyx4rt65ezhfsqvnsmq8cpmmtczvk9f29hcw3qw6ge2t5gk6pa77gg19djq4n55h2y0z31115f6vxt4hz2p317k19htx7njmz3abf7fxvq5kyxhsm8v51nx0mw6bt8w0ycyd2kje18gqnmcqcrv7j2cgynxzk53bag0vdc283zrhddh6yqw10fj2366xd5znqg6a3ss1k65524h6pd6abj5m12hsm2ysbvdjnchbbq4r08dj7vz7csk0vaj8f7gev3jy3phy%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC_FGe0IA6Y_SYLZqD7_UPh-OAyAeQ4YGEXLaoworwAsCNtwEQASAAYJW6rYK0B4IBF2NhLXB1Yi0xMzMzODcyMzI2MDU0MTQ2oAHCrujdA8gBCakCFoTab7hxsD7gAgCoAwGqBNYCT9BBqetV0P2F6u20hUbXrhuzReuR6kzRZBF8f1G__ZijCOsg66rDc-oRCApLhJjLWAzqTpqtwknTBqYntxXJfLcTT5H4sW3q-MebmQ3g1k40G1nsqa7_NAUnr8cbjHRxnxmFkegzTBgntNwcQjLRNu5YHX-e6__ZOjxZc5iBwWpUzQyQ6emqWz913ADH2VIzEx1xYFcgWEjFZ_1iDkyKdpJYkgGDNzc6MvESzpOVEp3fl4sxMHCG3s_qa2RVCrLGCypysksw69rqlVH2GFNZ2mrk-QGictdAqrBLiI3QDOtbC156lClws-T4Quc5roGLCc3Xmb2Iz7Wcq2Vyh8SYT14-f48wJgGeSmYpncaUTIX7plwS9ByTe89b5Kp0Smb8XloQLEJDYPeAGQoPvP_NqkAhl0QI69RpwCHSMQ3dWIv9h_ThNbyXa9_dHt06AEMVzIWMjJii4AQBgAbxur7BzIOftfwBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_0FF3DdNYpJEsJwUdauwlyFemV_fA%2526client%253Dca-pub-1333872326054146%2526adurl%253D&y=1&s=&z=0
Frame ID: 18BF6FD2DE7477529B005E362709B4AC
Requests: 14 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: 13149DEFBD9CCFEFACD5DB47D3637836
Requests: 1 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=183975%2C19456%2C37798&b=e7RC3fVfrkRMajHZHet1t4jXTwSQTx8Ja1%2CdEQfEfkf2JVSEHjHwtEtbbrfeS4TGW4fj%2CEjeTDfEfzWzczHAHjt4t44bfKSVTZAGT7&f=DjeT3fwfGA3rF3HmH9twCZ3kTxSmTk8rFV%2CK1eHRfZfMPmt5HMHktzCBB4C7SATwGkFq%2CADeFYfqf5Y5CAHRH4tMCMMGsRS4TDVQT9&c=300&d=250&e=&g=f5fa9b8764c4fb9bd290769ebe7b0e5f%2F17545794819499481961&i=20597%2C20774%2C20773&j=21%2C14%2C14&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1664778449388&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1geefvmf7w9tnrnj9512sc0883yw7qp58gn9dt8qtndggn39qxz68zzqbws1fhmd9pt8pq5p4r6b20mvpakq2zmwg4vx1hmke23yney9mvwfk1awa4bxzba3960apf4seyr290z5zsr9vfcgfyt7wzzrte3f7vb289z867n0v56h8rnp1k9fxdy02kc2mwgm6a4nf1pfkzg04wxvyqjnm50vh3vr0fha5ypa7rhj3p1mpfbq5ks4vj5t53z8tfc6atxbbj905b18g%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCTPNY0IA6Y73oO_m99u8Pzq61kAiQ4YGEXLaoworwAsCNtwEQASAAYJW6rYK0B4IBF2NhLXB1Yi0xMzMzODcyMzI2MDU0MTQ2oAHCrujdA8gBCakCFoTab7hxsD7gAgCoAwGqBNYCT9A1QzuY_39DCWK2YqW5-LhTm7Mh39oaRS1rzRa3DlI3PImCpzu3GU4fwXuHKiqKHVvPnnm0zJIwCF2QfxOlYEojf4i7i4oWFvQpo7sVARWTp1nOjowrZAHgLsYXKi_BbgQqZdHa4yRIIGaFef_K9NusA_LLU_yoT4snoDq5_G7saSrTdTwdw4Rs_H0RlRryDI3OtTBZgXoaHjXEmAZnpp38YIhs7WDfQapkziwaY7kYoR4tmbIXah7q7VkSM2Ciq59kj0LR4HtOKt5qdmzmD9HVSBR31Xtm4fv_Q-JIf0E7sMCcrpueINP5GV9AVTrTraqBk-OVL0bgB0eesCz3jZzzBFWODIwOlKc8shcPoNnRxAbLxFmysZBTh1dhF86mxZsQa9eNgBwlKrDvLIzPoB5hsEtYhulsPTTCKwscQUkqH7U--dBWV6tiQKVsrRE6tXcvvCPK4AQBgAbxur7BzIOftfwBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1ABROh2ouoTmi9HSy1ePSF9LA92w%2526client%253Dca-pub-1333872326054146%2526adurl%253D&y=1&s=&z=0
Frame ID: 0CBDBB5C9AD67582293A95809DB430C9
Requests: 14 HTTP requests in this frame

Frame: https://biddr.brealtime.com/check.html
Frame ID: 510428096951D5D8CD605859049B4953
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Page not found | The Harvard CrimsonFacebookTwitterCopy Link

Detected technologies

AddThis (Widgets) Expand

DoubleClick Ad Exchange (AdX) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

tpc\.googlesyndication\.com/safeframe

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Lodash (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

lodash.*\.js

Moat (Analytics) Expand

Overall confidence: 100%
Detected patterns

moatads\.com

Optimizely (Analytics) Expand

Overall confidence: 100%
Detected patterns

optimizely\.com.*\.js

Twitter (Widgets) Expand

Overall confidence: 100%
Detected patterns

//platform\.twitter\.com/widgets\.js

Webgains (Affiliate programs) Expand

Overall confidence: 100%
Detected patterns

analytics\.webgains\.io

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

194
Requests

88 %
HTTPS

43 %
IPv6

52
Domains

70
Subdomains

47
IPs

8
Countries

3993 kB
Transfer

6789 kB
Size

55
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://subscribe.thecrimson.com/
Title: Subscriptions

Search URL Search Domain Scan URL

URL: http://programs.thecrimson.com/
Title: Journalism Programs

Search URL Search Domain Scan URL

URL: http://store.thecrimson.com/
Title: Photo Store

Search URL Search Domain Scan URL

URL: https://www.printing.thecrimson.com/
Title: Printing Services

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 83

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEOGE6zJ1JJtetur8PCEIiBY&google_cver=1&google_push=AZmPxg8JFjZi0RjTKvw9JzV8BgCxc9er6sLH-Q2y2cGkHiuG2hMKsj_wChcRwZs07DfBmNa6gomFJFSPRrKAoLm2RxIf4jPQ2aKu HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AZmPxg8JFjZi0RjTKvw9JzV8BgCxc9er6sLH-Q2y2cGkHiuG2hMKsj_wChcRwZs07DfBmNa6gomFJFSPRrKAoLm2RxIf4jPQ2aKu

Request Chain 85

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=8&google_gid=CAESEM3_IKXvyXHo2XHaN78dRV4&google_cver=1&google_push=AZmPxg8rErG7FptzC0bwUNs51-U2gOsAxtYuzFF8ab7Yv5jkcI-j2s_sjSIJNB55xp1iqUvNOf9eOtkDAvBzSE6iznCffvcpNqbc HTTP 302
https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=8&google_gid=CAESEM3_IKXvyXHo2XHaN78dRV4&google_cver=1&google_push=AZmPxg8rErG7FptzC0bwUNs51-U2gOsAxtYuzFF8ab7Yv5jkcI-j2s_sjSIJNB55xp1iqUvNOf9eOtkDAvBzSE6iznCffvcpNqbc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=ssc&google_hm=-fnrf8-ATY6RLtcb_oRtRGM6gNA

Request Chain 86

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEAlSWO2NtG7vcsOG0oqelo0&google_cver=1&google_push=AZmPxg9g5mSX9gGySZX_F3ACguob-D9Ny7HYZOQ0zu_e9AFJVRGIS439Cfw6_yJy4YISdrnu-7rP9keOQCPhbgLU-6Pl2KgxXjc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AZmPxg9g5mSX9gGySZX_F3ACguob-D9Ny7HYZOQ0zu_e9AFJVRGIS439Cfw6_yJy4YISdrnu-7rP9keOQCPhbgLU-6Pl2KgxXjc&google_hm=MjY4OTYxOTcyMTM3MjQzMjk4OA%3D%3D

Request Chain 87

https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEOF7m7EQ9lYQ3JD-PT3_hqw&google_cver=1&google_push=AZmPxg9rLwf87zBf202H4Iru8PDs4Ppnu91-eDzt_GAPdTxJIDhsynrGuwH5E6Z9TMbNkwGkt44OZHjvpNRYKYRbNyYmMCkWhlgs HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AZmPxg9rLwf87zBf202H4Iru8PDs4Ppnu91-eDzt_GAPdTxJIDhsynrGuwH5E6Z9TMbNkwGkt44OZHjvpNRYKYRbNyYmMCkWhlgs

Request Chain 88

https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEP2wsVnAewR66vczYyiEdHw&google_cver=1&google_push=AZmPxg8Ef67J4pMlWnPfsSWZG3nA11LSEmtjtIJYWjD3s5QapBlx3UOuhowkQqIJPbAk0mL2wcxmo_jHQYyYZdEfJD6ZjT9uPI_NbA HTTP 302
https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEP2wsVnAewR66vczYyiEdHw&google_cver=1&google_push=AZmPxg8Ef67J4pMlWnPfsSWZG3nA11LSEmtjtIJYWjD3s5QapBlx3UOuhowkQqIJPbAk0mL2wcxmo_jHQYyYZdEfJD6ZjT9uPI_NbA&verify=true HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS14VkYzQVVWRTJ1SGJlY2RoQzd5MThpNmxQN000cFRWaH5B&google_push=AZmPxg8Ef67J4pMlWnPfsSWZG3nA11LSEmtjtIJYWjD3s5QapBlx3UOuhowkQqIJPbAk0mL2wcxmo_jHQYyYZdEfJD6ZjT9uPI_NbA

Request Chain 89

https://secure.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=${BASE64_UID_ENC}&google_gid=CAESEDcy4sZFD_kyrwDVpIP39Ss&google_cver=1&google_push=AZmPxg_xtp2BsrVP8bEKwU3968DpXXoM_7mhzzNWQaFsDt6sXphpy2Pej7i0PQq2XNJj0-JHnB9-MsBFhvFAKkEiNizx9mrfW0sd HTTP 307
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dxandr_eb%26google_hm%3D%24%7BBASE64_UID_ENC%7D%26google_gid%3DCAESEDcy4sZFD_kyrwDVpIP39Ss%26google_cver%3D1%26google_push%3DAZmPxg_xtp2BsrVP8bEKwU3968DpXXoM_7mhzzNWQaFsDt6sXphpy2Pej7i0PQq2XNJj0-JHnB9-MsBFhvFAKkEiNizx9mrfW0sd HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=ODAwOTI5MzExMjI4NzE4NzU3Ng%3D%3D&google_gid=CAESEDcy4sZFD_kyrwDVpIP39Ss&google_cver=1&google_push=AZmPxg_xtp2BsrVP8bEKwU3968DpXXoM_7mhzzNWQaFsDt6sXphpy2Pej7i0PQq2XNJj0-JHnB9-MsBFhvFAKkEiNizx9mrfW0sd

Request Chain 112

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEF2VobGcf4gtsMCTi032xXk&google_cver=1&google_push=AZmPxg96Ul_YsfmdJsbLoZr_x9pyDDqL0dLYaWrZUvpC2D0C0KnCTV6tAAmK6qcz1OVVRvZVfSW3ZBBhINVUJJ0X7-TCsH6DUadZ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzE1MDE2ODk5MzU0MjEwOTMzMw%3D%3D&google_push=AZmPxg96Ul_YsfmdJsbLoZr_x9pyDDqL0dLYaWrZUvpC2D0C0KnCTV6tAAmK6qcz1OVVRvZVfSW3ZBBhINVUJJ0X7-TCsH6DUadZ

Request Chain 113

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEIV6LgsNk_gPX0ITr1YtgjE&google_cver=1&google_push=AZmPxg9VVS-PoU9ak5tYShwlVRm5VgLBl-gZZ3gZmsLclt2ruPrCHMzJEHPR57zKZdHDYLsjFHH3d2vFiHbVx_7Cd481MK9rUnfJTg HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEIV6LgsNk_gPX0ITr1YtgjE&google_cver=1&google_push=AZmPxg9VVS-PoU9ak5tYShwlVRm5VgLBl-gZZ3gZmsLclt2ruPrCHMzJEHPR57zKZdHDYLsjFHH3d2vFiHbVx_7Cd481MK9rUnfJTg HTTP 302
https://ads.creative-serving.com/bsw_sync?bidswitch_ssp_id=google&bsw_custom_parameter=a1725583-c012-48bf-b099-7c9b519d0ba2 HTTP 302
https://ads.creative-serving.com/ul_cb/bsw_sync?bidswitch_ssp_id=google&bsw_custom_parameter=a1725583-c012-48bf-b099-7c9b519d0ba2 HTTP 302
https://x.bidswitch.net/sync?dsp_id=4&user_id=8c9095ec-b813-4b8a-9223-fb2ebb875b58&ssp=google&expires=30&user_group=5&bsw_param=a1725583-c012-48bf-b099-7c9b519d0ba2 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AZmPxg9VVS-PoU9ak5tYShwlVRm5VgLBl-gZZ3gZmsLclt2ruPrCHMzJEHPR57zKZdHDYLsjFHH3d2vFiHbVx_7Cd481MK9rUnfJTg&google_hm=oXJVg8ASSL-wmXybUZ0Log==

Request Chain 114

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEKqA4DRBCq1fRULRfRw-LCc&google_cver=1&google_push=AZmPxg__fcpfwM35CfBpb7-bJoJhyU2jPwQ-qUokM5ob2cWX9RXnOU8QH_bG1XhBZnDwLIPf23ZmGD3FkNNH8NZ3T6jar92IZNfIew HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEKqA4DRBCq1fRULRfRw-LCc&google_cver=1&google_push=AZmPxg__fcpfwM35CfBpb7-bJoJhyU2jPwQ-qUokM5ob2cWX9RXnOU8QH_bG1XhBZnDwLIPf23ZmGD3FkNNH8NZ3T6jar92IZNfIew HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODYyODEwODY2ODQ2MDY2NDMyMQ&google_push=AZmPxg__fcpfwM35CfBpb7-bJoJhyU2jPwQ-qUokM5ob2cWX9RXnOU8QH_bG1XhBZnDwLIPf23ZmGD3FkNNH8NZ3T6jar92IZNfIew

Request Chain 115

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEFj5G_OLF4O8NCoNhsUouOE&google_cver=1&google_push=AZmPxg_onaKzKofKgZyErckYJSkpsjol97KvJVBm-H92j4t5kmLZ4SYa0Rhh4zIO6CnMbDP40bZhzhESG_jjpATO9Ph8UUjMUMNpXQ HTTP 302
https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=AZmPxg_onaKzKofKgZyErckYJSkpsjol97KvJVBm-H92j4t5kmLZ4SYa0Rhh4zIO6CnMbDP40bZhzhESG_jjpATO9Ph8UUjMUMNpXQ&google_gid=CAESEFj5G_OLF4O8NCoNhsUouOE HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NDM1MjU1Mjk1MTMxNjY0OTc5ODkzNQ%3D%3D&google_push=AZmPxg_onaKzKofKgZyErckYJSkpsjol97KvJVBm-H92j4t5kmLZ4SYa0Rhh4zIO6CnMbDP40bZhzhESG_jjpATO9Ph8UUjMUMNpXQ

Request Chain 116

https://secure.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=${BASE64_UID_ENC}&google_gid=CAESEBibbsLDmExsgU9Qu9zKqdk&google_cver=1&google_push=AZmPxg_RsU3QOnHyMukvmobiglOuAJLcvW5j3-wR7AwWL3xkR5YicAB4rW65SfMhhfrINOtWT-K5tdApNB7VtEAH-WhZZ0tXs0SbprU HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=ODAwOTI5MzExMjI4NzE4NzU3Ng%3D%3D&google_gid=CAESEBibbsLDmExsgU9Qu9zKqdk&google_cver=1&google_push=AZmPxg_RsU3QOnHyMukvmobiglOuAJLcvW5j3-wR7AwWL3xkR5YicAB4rW65SfMhhfrINOtWT-K5tdApNB7VtEAH-WhZZ0tXs0SbprU

Request Chain 125

https://www.awin1.com/cawshow.php?v=11938&s=2542680&q=367022&r=412871&pv=1&pref3=pv_oneidGjeTBfpfXwx9UKHeHGtPt31dHZSYTeA9tEoneid__dc_reach_suite02wkz&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1664778449_74820c51-42e4-11ed-bf79-22313f494a88

Request Chain 130

https://www.awin1.com/cshow.php?s=2470167&v=11354&q=377133&r=412871&pv=1&pref3=oneid3PZfpf4fXZ6Rs7HrHAtEt9REtPSWTA14adoneid__dc_reach_suite02wkz&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://www.zenaps.com/cshow.php?pvr=74828180-42e4-11ed-96b9-2237162cbb98&v=11354&r=412871&q=377133&s=2470167&viewref3=oneid3PZfpf4fXZ6Rs7HrHAtEt9REtPSWTA14adoneid__dc_reach_suite02wkz&pv=1&gdpr=0&gdpr_consent= HTTP 302
https://www.conrad.de/ztpv.php?awc=11354_412871_1664778449_74828180-42e4-11ed-96b9-2237162cbb98&insert=AW&&gdpr=0&gdpr_consent=

Request Chain 145

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEFpcUXMf2DbUHFRkEDTJOfQ&google_cver=1&google_push=AZmPxg-c8fFTHOWD1hqBX7bVAU7RmJNwF_AqPAqJyBOnYahPaUq4z83Y-7gC0vKuxKTmQtutiw494Wpr1qFpkmqAJpO9MpB09659 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=ODE4NjIxOTI5MTAxMTkwMjQzOQ==&gdpr=&gdpr_consent= HTTP 302
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEFpcUXMf2DbUHFRkEDTJOfQ&google_cver=1

Request Chain 146

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEPcRbeB2Ttn0x1rbYyV3OQQ&google_cver=1&google_push=AZmPxg9zeWXzDk51tiej7pHuGNe429dIP93WKp_2h5VRwenOHDmsUTncqy7OSZeF115r0OYakqgVENxVMzttx5ZpOdfJ0yyNWnTb HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AZmPxg9zeWXzDk51tiej7pHuGNe429dIP93WKp_2h5VRwenOHDmsUTncqy7OSZeF115r0OYakqgVENxVMzttx5ZpOdfJ0yyNWnTb

Request Chain 147

https://a.tribalfusion.com/i.match?p=b6&u=CAESEG_zwgk6OSBmPV0FWwayxqU&google_cver=1&google_push=AZmPxg_-FSMEMCfhx_fko8PcR_5668n1hTe0eXCyqq7wjbcdBRxf7xwm30dcaepzolQaUB3A1lRoRyVFSvoxUCHiE9jmlFICxQbo&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAZmPxg_-FSMEMCfhx_fko8PcR_5668n1hTe0eXCyqq7wjbcdBRxf7xwm30dcaepzolQaUB3A1lRoRyVFSvoxUCHiE9jmlFICxQbo%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEG_zwgk6OSBmPV0FWwayxqU&google_cver=1&google_push=AZmPxg_-FSMEMCfhx_fko8PcR_5668n1hTe0eXCyqq7wjbcdBRxf7xwm30dcaepzolQaUB3A1lRoRyVFSvoxUCHiE9jmlFICxQbo&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAZmPxg_-FSMEMCfhx_fko8PcR_5668n1hTe0eXCyqq7wjbcdBRxf7xwm30dcaepzolQaUB3A1lRoRyVFSvoxUCHiE9jmlFICxQbo%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24

Request Chain 149

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=8&google_gid=CAESEJGw7EzoO8-5fAlo2FzuU4U&google_cver=1&google_push=AZmPxg_WQJZe5BbzjleRD-_c7Jqs1aJXw_jskQd7f-oMT72j96je_6sRWcgBnXEBMro2nLfqCEvEKRq0EgMDsLWdJfYmmpWwWvU HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=ssc&google_hm=-fnrf8-ATY6RLtcb_oRtRGM6gNA

Request Chain 150

https://ads.travelaudience.com/google_pixel?google_gid=CAESEHwOFP3iVxW0Pn7FTAXdQu0&google_cver=1&google_push=AZmPxg9SITsiyIFsApHwfqZOO-GhV213A7vUPzfh8hK-4qvLSDr-3xKIs-pzlxQektZru0ADAs_4tNF2-Tj6sppq1BVZQlaIkKc HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=NhT04KlFT2WWokjICYId9g2&google_push=AZmPxg9SITsiyIFsApHwfqZOO-GhV213A7vUPzfh8hK-4qvLSDr-3xKIs-pzlxQektZru0ADAs_4tNF2-Tj6sppq1BVZQlaIkKc

Request Chain 151

https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEJG5XQzQSgM4GtqF11CEOMM&google_cver=1&google_push=AZmPxg8Yd2m1tTr_4Z8IEkTihxldiCUxPkcV5mkTuXUCSYmoNjXIh5EE3LxGbkcc8tB-dicB3YvNz-5deNpxPUxy08Sfpgz5Z8Mf HTTP 302
https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=AZmPxg8Yd2m1tTr_4Z8IEkTihxldiCUxPkcV5mkTuXUCSYmoNjXIh5EE3LxGbkcc8tB-dicB3YvNz-5deNpxPUxy08Sfpgz5Z8Mf&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&cb=1664778449232 HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-685fc331-9376-48bc-a315-9d296c310ba4-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAZmPxg8Yd2m1tTr_4Z8IEkTihxldiCUxPkcV5mkTuXUCSYmoNjXIh5EE3LxGbkcc8tB-dicB3YvNz-5deNpxPUxy08Sfpgz5Z8Mf%26google_hm%3DA2hfwzGTdki8oxWdKWwxC6Q HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AZmPxg8Yd2m1tTr_4Z8IEkTihxldiCUxPkcV5mkTuXUCSYmoNjXIh5EE3LxGbkcc8tB-dicB3YvNz-5deNpxPUxy08Sfpgz5Z8Mf&google_hm=A2hfwzGTdki8oxWdKWwxC6Q

Request Chain 180

https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?https%3A%2F%2Fwww.telefonica-partner.de%2Ftpv.php%3Ft%3D117679V1226132702M%26subid%3DviewoneiddEQfEfkf2JVSEHjHwtEtbbrfeS4TGW4fjoneid__dc_reach_suite02wkz%26gdpr_consent=%26gdpr=0%26gdpr_pd=0 HTTP 302
https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_pre=CPaM84C3w_oCFamSdwodhMIA2Q;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?https%3A%2F%2Fwww.telefonica-partner.de%2Ftpv.php%3Ft%3D117679V1226132702M%26subid%3DviewoneiddEQfEfkf2JVSEHjHwtEtbbrfeS4TGW4fjoneid__dc_reach_suite02wkz%26gdpr_consent=%26gdpr=0%26gdpr_pd=0 HTTP 302
https://www.telefonica-partner.de/tpv.php?t=117679V1226132702M&subid=viewoneiddEQfEfkf2JVSEHjHwtEtbbrfeS4TGW4fjoneid__dc_reach_suite02wkz&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://www.lead-alliance.net/tpv.php?t=117679V1226132702M&subid=viewoneiddEQfEfkf2JVSEHjHwtEtbbrfeS4TGW4fjoneid__dc_reach_suite02wkz&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117679&s_id=2022100308272977051021527X117679V1226132702MSviewoneiddEQfEfkf2JVSEHjHwtEtbbrfeS4TGW4fjoneid__dc_reach_suite02wkz&gdpr_consent=&gdpr=0&cons=0&spid=2022100308272977051021527X117679V1226132702MSviewoneiddEQfEfkf2JVSEHjHwtEtbbrfeS4TGW4fjoneid__dc_reach_suite02wkz&wfid=117679&partnerid=12218

Request Chain 183

https://ad.doubleclick.net/ddm/trackimp/N773418.3163536BLAU_AFFILIATE/B25532621.345088000;dc_trk_aid=536454876;dc_trk_cid=177082088;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?https%3A%2F%2Fwww.telefonica-partner.de%2Ftpv.php%3Ft%3D117663V1225131106M%26subid%3DviewoneidEjeTDfEfzWzczHAHjt4t44bfKSVTZAGT7oneid__dc_reach_suite02wkz%26gdpr_consent=%26gdpr=0%26gdpr_pd=0 HTTP 302
https://ad.doubleclick.net/ddm/trackimp/N773418.3163536BLAU_AFFILIATE/B25532621.345088000;dc_pre=CMKN84C3w_oCFTPyuwgdbJcB9g;dc_trk_aid=536454876;dc_trk_cid=177082088;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?https%3A%2F%2Fwww.telefonica-partner.de%2Ftpv.php%3Ft%3D117663V1225131106M%26subid%3DviewoneidEjeTDfEfzWzczHAHjt4t44bfKSVTZAGT7oneid__dc_reach_suite02wkz%26gdpr_consent=%26gdpr=0%26gdpr_pd=0 HTTP 302
https://www.telefonica-partner.de/tpv.php?t=117663V1225131106M&subid=viewoneidEjeTDfEfzWzczHAHjt4t44bfKSVTZAGT7oneid__dc_reach_suite02wkz&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://www.lead-alliance.net/tpv.php?t=117663V1225131106M&subid=viewoneidEjeTDfEfzWzczHAHjt4t44bfKSVTZAGT7oneid__dc_reach_suite02wkz&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://partner.blau.de/a/?i=pview&client=blau&camp=pview&l=de&nw=lea1&affiliate=117663&s_id=2022100308272977051021529X117663V1225131106MSviewoneidEjeTDfEfzWzczHAHjt4t44bfKSVTZAGT7oneid__dc_reach_suite02wkz&gdpr_consent=&gdpr=0&cons=0

194 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 404 Primary Request u003e. Show response
www.thecrimson.com/article/2022/6/1/draft-human-remains-report// 37 KB
8 KB 492ms
464ms Document
text/html 52.222.214.30
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thecrimson.com/article/2022/6/1/draft-human-remains-report//u003e.
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.214.30 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-214-30.fra56.r.cloudfront.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 33a5c68fb1130aa7ecae696f94a5b4e31f4e6b87c369080a094556b376d694d3

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-length: 7591
content-type: text/html; charset=utf-8
date: Mon, 03 Oct 2022 06:27:26 GMT
server: nginx/1.14.0 (Ubuntu)
vary: Accept-Encoding
via: 1.1 54fc556adf6e8c787574c6f132d70178.cloudfront.net (CloudFront)
x-amz-cf-id: m2Job--bB3JHpKEwXrHyhi0Uo5lWYZ9WAiJduJlD_66u0cOAR6-BzQ==
x-amz-cf-pop: FRA56-P3
x-cache: Error from cloudfront

GET
H2 200 159197cf71ef.css
static.thecrimson.com/CACHE/css/ 103 KB
19 KB 62ms
8ms Stylesheet
text/css 13.224.189.115
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.thecrimson.com/CACHE/css/159197cf71ef.css
Requested by: Host: www.thecrimson.com
URL: https://www.thecrimson.com/article/2022/6/1/draft-human-remains-report//u003e.
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.189.115 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-189-115.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 159197cf71efd13e088af7cc36beeb3298011ba718eced0ef906e728ce49a4f6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thecrimson.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sun, 02 Oct 2022 22:00:28 GMT
content-encoding: gzip
via: 1.1 96ab38d99b79d57e5c7e9b8a07c0fad2.cloudfront.net (CloudFront)
last-modified: Sat, 24 Sep 2022 20:11:04 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C1
age: 30419
etag: W/"ca6dfa6629249198c77a2a0c72a817c3"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
x-amz-cf-id: -4ZjhKQRPdxM0MMHnhFdew0O7ameQWDkV6N90hR1FK2k6Ht4_h75kg==

GET
H2 200 css
fonts.googleapis.com/ 23 KB
2 KB 41ms
18ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=PT+Serif|Vollkorn:400italic,700italic,400,700|Open+Sans:300,400,600|Lato:300,400,700|Lora:400,700,400italic

Requested by

Host: www.thecrimson.com
URL: https://www.thecrimson.com/article/2022/6/1/draft-human-remains-report//u003e.

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

772ef9a3aeccda950aa61d162e8b5c72a8586e193fd1c61454937013383fdb92

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thecrimson.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 03 Oct 2022 06:27:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 03 Oct 2022 06:27:26 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 03 Oct 2022 06:27:26 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.12.4/ 95 KB
34 KB 94ms
23ms Script
text/javascript 2a00:1450:400d:80a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js

Requested by

Host: www.thecrimson.com
URL: https://www.thecrimson.com/article/2022/6/1/draft-human-remains-report//u003e.

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thecrimson.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 04:12:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 8071
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33951
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 03 Oct 2023 04:12:55 GMT

GET
H2 200 lodash.min.js Show response
cdnjs.cloudflare.com/ajax/libs/lodash.js/4.17.10/ 71 KB
22 KB 36ms
14ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/lodash.js/4.17.10/lodash.min.js

Requested by

Host: www.thecrimson.com
URL: https://www.thecrimson.com/article/2022/6/1/draft-human-remains-report//u003e.

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

54a21333ad7aad5cd5f8c23791930d503a18e6e4ecb9297566f11e6613682559

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thecrimson.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 06:27:26 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 2088442
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 21762
last-modified: Mon, 04 May 2020 16:12:02 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ed2-11dc4"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SujfaPoKgYEQzQOonXf6w%2FVk12ezv9VmZoqlR3s35FBF8%2BcwaMoECcC1uEp1wKMYaaGo6IvyJdg7VyfNQFifMuxcBaDI5g83Z6JfesjrI4NviHJyzxZ4a9hG1XcGQOZx8O%2FUQ7ScXfuOyP5kLiww7RU1"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 75439cac1d3e926e-FRA
expires: Sat, 23 Sep 2023 06:27:26 GMT

GET
H2 200 b9e85d0c7453.js Show response
static.thecrimson.com/CACHE/js/ 46 KB
16 KB 61ms
9ms Script
application/javascript 13.224.189.115
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.thecrimson.com/CACHE/js/b9e85d0c7453.js
Requested by: Host: www.thecrimson.com
URL: https://www.thecrimson.com/article/2022/6/1/draft-human-remains-report//u003e.
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.189.115 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-189-115.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b9e85d0c7453955051d39d63f3f0f35eccb9fcf3ca65023441c2c949466e135c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thecrimson.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sun, 02 Oct 2022 09:43:37 GMT
content-encoding: gzip
via: 1.1 96ab38d99b79d57e5c7e9b8a07c0fad2.cloudfront.net (CloudFront)
last-modified: Sat, 24 Sep 2022 20:11:04 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C1
age: 74630
etag: W/"f06ee689fa70dbb0297f8372053d96f6"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: QFfc9oi47O0C-_dsSqWQp5WdqT2OkcPa5QUFM2ZsjbeLHcmFdqFBJg==

GET
H2 200 3538141030.js Show response
cdn.optimizely.com/js/ 171 KB
62 KB 467ms
399ms Script
text/javascript 2a02:26f0:3500:889::13b8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.optimizely.com/js/3538141030.js

Requested by

Host: www.thecrimson.com
URL: https://www.thecrimson.com/article/2022/6/1/draft-human-remains-report//u003e.

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:889::13b8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

AmazonS3 /

Resource Hash

da25b533b1b3565ef1463a11bcd513d1bcbecb0730317464b80761911475f81e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thecrimson.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

unused62: 8096267
x-amz-version-id: qM70s3wam5CqWWumHujr4BCgC0rp1Eqk
content-encoding: gzip
date: Mon, 03 Oct 2022 06:27:27 GMT
strict-transport-security: max-age=15768000
x-amz-request-id: ABA79419520E3663
x-amz-meta-revision: 42
server-timing: cdn;desc="AkamaiION";dur=0,rtt;desc="6";dur=0,cdnip;desc="2a02:26f0:3500:889::13b8";dur=0,cdnmap;desc="a5048.dsca.akamaiedge.net";dur=0,proto;desc="h2";dur=0
content-length: 62210
x-amz-id-2: qFTpFz/51nR9hZBbR+oG2WBaI9ANWzzAj4FwSSHsixVLLR81xDNfYzwJolLaSUWdF60PpZ0eErQ=
last-modified: Sat, 29 Oct 2016 02:05:34 GMT
server: AmazonS3
etag: "330fe3e4b8651520ce50aeebc9ce4b7b"
vary: Accept-Encoding
access-control-max-age: 86400
content-type: text/javascript
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-expose-headers: x-amz-meta-revision
cache-control: max-age=120
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: *

GET
H/1.1 200
OK 16203539-1164.js Show response
biddr.brealtime.com/ 149 KB
48 KB 87ms
37ms Script
text/javascript 104.17.119.107
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://biddr.brealtime.com/16203539-1164.js
Requested by: Host: www.thecrimson.com
URL: https://www.thecrimson.com/article/2022/6/1/draft-human-remains-report//u003e.
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.17.119.107 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 44108a8dc7b52da438d3b1655188863a84f2d21a029719879f5899dbba6697f3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thecrimson.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date: Mon, 03 Oct 2022 06:27:26 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
x-amz-request-id: 0SN45H1EJKY91V1J
Age: 1680
Transfer-Encoding: chunked
Connection: keep-alive
x-amz-id-2: 3Iqwk5zi2W4SzbUvxVqzIqTatzfmkzbCqpQsDOSUcfwDZjlYFE3d6PYJlFT9O+ywvVcyY9STjy8=
Last-Modified: Tue, 14 Jan 2020 20:05:51 GMT
Server: cloudflare
ETag: W/"6e887faf71e729eedab299c4992fbf79"
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: public, max-age=60
CF-RAY: 75439cad4bfebbbc-FRA
Expires: Mon, 03 Oct 2022 06:28:26 GMT

GET
H/1.1 200
OK widgets.js Show response
platform.twitter.com/ 97 KB
29 KB 34ms
7ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets.js
Requested by: Host: www.thecrimson.com
URL: https://www.thecrimson.com/article/2022/6/1/draft-human-remains-report//u003e.
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/67BA) /
Resource Hash: 9bd8dcc115a0e9fce94520cecad5254352b86d55bca2506833057bb52e87ee1a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thecrimson.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date: Mon, 03 Oct 2022 06:27:26 GMT
Content-Encoding: gzip
Age: 1057
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=,edge;dur=1
Content-Length: 29223
Last-Modified: Wed, 28 Sep 2022 20:05:37 GMT
Server: ECS (frb/67BA)
Etag: "f26384f93da6974ed577808dfa1fede5+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
x-tw-cdn: VZ
Cache-Control: public, max-age=1800

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 80 KB
28 KB 147ms
61ms Script
text/javascript 2a00:1450:400d:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: www.thecrimson.com
URL: https://www.thecrimson.com/article/2022/6/1/draft-human-remains-report//u003e.

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ae388e90d1d107bada200f4a5aed66e979bc034fa6ebe7c45aa3fbecdcde0e09

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thecrimson.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 06:27:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27695
x-xss-protection: 0
server: sffe
etag: "1352 / 619 of 1000 / last-modified: 1664575578"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Mon, 03 Oct 2022 06:27:27 GMT

GET
H2 200 addthis_widget.js Show response
s7.addthis.com/js/300/ 353 KB
114 KB 92ms
43ms Script
application/javascript 104.75.88.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/js/300/addthis_widget.js

Requested by

Host: www.thecrimson.com
URL: https://www.thecrimson.com/article/2022/6/1/draft-human-remains-report//u003e.

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-88-126.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thecrimson.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
date: Mon, 03 Oct 2022 06:27:26 GMT
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
server: nginx/1.15.8
etag: "5f971164-5834c"
vary: Accept-Encoding
x-distribution: 99
content-type: application/javascript
cache-control: public, max-age=600
x-host: s7.addthis.com
content-length: 116423

GET
H2 200 header-logo.png
static.thecrimson.com/images/ 146 KB
147 KB 10ms
8ms Image
image/png 13.224.189.115
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.thecrimson.com/images/header-logo.png
Requested by: Host: www.thecrimson.com
URL: https://www.thecrimson.com/article/2022/6/1/draft-human-remains-report//u003e.
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.189.115 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-189-115.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 154d03f06417268a3786feb16ac77ea6b4fa6f59f0ff0cb80f67a538210c7019

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thecrimson.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 04:50:33 GMT
via: 1.1 96ab38d99b79d57e5c7e9b8a07c0fad2.cloudfront.net (CloudFront)
last-modified: Sat, 24 Sep 2022 20:09:31 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C1
age: 5814
etag: "3685c571b6d7795cc7c5e686995751cd"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/png
content-length: 149819
x-amz-cf-id: N8Ubk1GEPR7n-FHFbCwRztTdLbNT9h6M2TivE7cFnQxMw2m6masseA==

GET
H2 200 menu.svg
static.thecrimson.com/images/ 606 B
936 B 10ms
8ms Image
image/svg+xml 13.224.189.115
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.thecrimson.com/images/menu.svg
Requested by: Host: www.thecrimson.com
URL: https://www.thecrimson.com/article/2022/6/1/draft-human-remains-report//u003e.
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.189.115 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-189-115.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 71c9f1583a1a94b8a83d506514a0148091d90a3b03060023a86ee87503637282

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thecrimson.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sun, 02 Oct 2022 10:50:05 GMT
via: 1.1 96ab38d99b79d57e5c7e9b8a07c0fad2.cloudfront.net (CloudFront)
last-modified: Sat, 24 Sep 2022 20:09:26 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C1
age: 70642
etag: "e4d7edc4723933ecf96000bceadf7ce6"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
content-length: 606
x-amz-cf-id: k2aI-E1auKOQhb4HBO2KzJ5irhCyAwSZd8Bskn0rVzYLGiHZUg1ujQ==

GET
H2 200 magnifying_glass.svg
static.thecrimson.com/images/ 256 B
587 B 10ms
9ms Image
image/svg+xml 13.224.189.115
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.thecrimson.com/images/magnifying_glass.svg
Requested by: Host: www.thecrimson.com
URL: https://www.thecrimson.com/article/2022/6/1/draft-human-remains-report//u003e.
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.189.115 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-189-115.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 135506671d5cd0a922a6fac7eba82c56b68da0466bdcf1d4397176baf1ebcd2f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thecrimson.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sun, 02 Oct 2022 10:50:05 GMT
via: 1.1 96ab38d99b79d57e5c7e9b8a07c0fad2.cloudfront.net (CloudFront)
last-modified: Sat, 24 Sep 2022 20:09:29 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C1
age: 70642
etag: "b9bc1a3e5343c4ac42eed3b9997dc709"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
content-length: 256
x-amz-cf-id: zdFdPZuQ0SLC6zSJo3aVIhIFNidjLL7IqLXtmBOy0Ip98yHKW0wqgA==

GET
H/1.1 200
OK 203844_1357950.gif.305x207_q95_crop-smart_upscale.png
s3.amazonaws.com/thumbnails.thecrimson.com/photos/2022/09/29/ 137 KB
138 KB 322ms
115ms Image
image/png 54.231.198.144
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/thumbnails.thecrimson.com/photos/2022/09/29/203844_1357950.gif.305x207_q95_crop-smart_upscale.png
Requested by: Host: www.thecrimson.com
URL: https://www.thecrimson.com/article/2022/6/1/draft-human-remains-report//u003e.
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.231.198.144 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 8e224966210917d8d56eafb234923d3c094c9176055ba209f859208376825180

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thecrimson.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date: Mon, 03 Oct 2022 06:27:28 GMT
Last-Modified: Fri, 30 Sep 2022 02:57:37 GMT
Server: AmazonS3
x-amz-request-id: 7T4BZTF23G0CHRBX
ETag: "1a832f5e7c11e50d461bbd240141ad55"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 140456
x-amz-id-2: mYW7n37kYXyF8gXONlrbQc4XP15sqxvu18XyurPFqbgh4Fay9Vndm5wzF9YTpvc7fsYXwLyMeLE=

GET
H/1.1 200
OK 214500_1354100.gif.300x203_q95_crop-smart_upscale.png
s3.amazonaws.com/thumbnails.thecrimson.com/photos/2022/02/09/ 47 KB
47 KB 326ms
119ms Image
image/png 54.231.198.144
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/thumbnails.thecrimson.com/photos/2022/02/09/214500_1354100.gif.300x203_q95_crop-smart_upscale.png
Requested by: Host: www.thecrimson.com
URL: https://www.thecrimson.com/article/2022/6/1/draft-human-remains-report//u003e.
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.231.198.144 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 43e07a3c03e67f1e83d5e5bd7e476215dda917eb601f87c5f3d09b966159be41

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thecrimson.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date: Mon, 03 Oct 2022 06:27:28 GMT
Last-Modified: Thu, 10 Feb 2022 04:51:21 GMT
Server: AmazonS3
x-amz-request-id: 7T4CCBH4AV9453NV
ETag: "8cbe40acf8d4c9c9caecd80156918c1d"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 48277
x-amz-id-2: iqf2wpKVJ3UmXJxF5Ic8tnlp3p+fRnmPM8njTCIYNGjN3g0altPaDjExLD2kDi9HEOkLQJBk+YU=

GET
H/1.1 200
OK 214558_1354101.gif.305x207_q95_crop-smart_upscale.png
s3.amazonaws.com/thumbnails.thecrimson.com/photos/2022/02/09/ 98 KB
98 KB 330ms
122ms Image
image/png 54.231.198.144
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/thumbnails.thecrimson.com/photos/2022/02/09/214558_1354101.gif.305x207_q95_crop-smart_upscale.png
Requested by: Host: www.thecrimson.com
URL: https://www.thecrimson.com/article/2022/6/1/draft-human-remains-report//u003e.
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.231.198.144 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 108fda937a42c3a8a81aae1d03965b2b7b6757544cda51de51315e81af96fb24

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thecrimson.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date: Mon, 03 Oct 2022 06:27:28 GMT
Last-Modified: Thu, 10 Feb 2022 04:51:20 GMT
Server: AmazonS3
x-amz-request-id: 7T4FSW2T7H6FCGGK
ETag: "4af2b4caa31dbb042b0d065c9a209833"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 99896
x-amz-id-2: I6tp4vtJ7OuTNzOp1GDNg3KSRjrcYOoTf09btHF4B8xvMmB/h4E/aX0k5MiKhGdB3/e6ly97jek=

GET
H2 200 a921e165669d.css
static.thecrimson.com/CACHE/css/ 2 KB
1 KB 9ms
8ms Stylesheet
text/css 13.224.189.115
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.thecrimson.com/CACHE/css/a921e165669d.css
Requested by: Host: www.thecrimson.com
URL: https://www.thecrimson.com/article/2022/6/1/draft-human-remains-report//u003e.
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.189.115 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-189-115.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a921e165669d51c0b581acdb4ab7e3887df67eef1f48809a295818648aefac9e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thecrimson.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sun, 02 Oct 2022 11:44:50 GMT
content-encoding: gzip
via: 1.1 96ab38d99b79d57e5c7e9b8a07c0fad2.cloudfront.net (CloudFront)
last-modified: Sat, 24 Sep 2022 20:11:14 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C1
age: 67357
etag: W/"781540462ddff9ac415b00ec4febc33e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
x-amz-cf-id: ApDVjdlzm15zB-p2VPVaSi9L2Fl8h03AOQSk_OmFjQC_I3A07H8bSA==

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 101 KB
27 KB 40ms
9ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.thecrimson.com
URL: https://www.thecrimson.com/article/2022/6/1/draft-human-remains-report//u003e.

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

00a92494627ed8f758972b7dc47b3af186497c0637ea867a33fdb604c1548674

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thecrimson.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Mon, 03 Oct 2022 06:27:26 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 26840
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: rIQExC9FmqEMQoFIdD/YoOLccdosf3wKkdo5zaYXbQl7K90QPvN41LJb4iylbJGDqP2GtGFW/14y6eBg4j9/3A==
x-fb-trip-id: 917726464
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 32ms
6ms Script
text/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.thecrimson.com
URL: https://www.thecrimson.com/article/2022/6/1/draft-human-remains-report//u003e.

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

9e25469f734732205f33dd80ff8ca12080406c18d2fa99a1f368103e51f7999f

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thecrimson.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 03 Oct 2022 05:01:59 GMT
last-modified: Sun, 11 Sep 2022 13:50:09 GMT
server: Golfe2
age: 5127
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19826
expires: Mon, 03 Oct 2022 07:01:59 GMT

GET
H2 200 app.min.js Show response
adblockrelief.com/assets/js/ 991 B
979 B 176ms
99ms Script
application/javascript 2606:4700:3034::ac43:9ef1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://adblockrelief.com/assets/js/app.min.js
Requested by: Host: www.thecrimson.com
URL: https://www.thecrimson.com/article/2022/6/1/draft-human-remains-report//u003e.
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:9ef1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 08d8552fc147313b0d75e0cd2b74a18782a4af87171c74062011db48aa81992f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thecrimson.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 06:27:27 GMT
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Tue, 23 Jan 2018 14:33:42 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"3df-16123705d70"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=guOcWh4sJpVk4UZpuxm1PhrwWei%2FmZ2ud7hj%2Buxm4M9Z2a%2FauJKyU%2F8kYq24tP2a%2BtzRVlgthF1bpyLvpgRLljSyAd%2BgZtOSVBAgNtCdMLEM%2FEWkmbJ4L6PJVft3sb4NY0Ad16FjuuTImFnMI2tBjg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=14400
cf-ray: 75439cadae23929f-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 moatframe.js Show response
z.moatads.com/addthismoatframe568911941483/ 2 KB
1 KB 80ms
18ms Script
application/x-javascript 2.18.69.141
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/addthismoatframe568911941483/moatframe.js
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.69.141 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-69-141.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thecrimson.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 06:27:27 GMT
content-encoding: gzip
last-modified: Fri, 08 Nov 2019 20:13:52 GMT
server: AmazonS3
x-amz-request-id: 3DA20F33DFB043F4
etag: "f14b4e1f799b14f798a195f43cf58376"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=20034
accept-ranges: bytes
content-length: 948
x-amz-id-2: g7+QTkfgFpKXdjIV1ns3PedgNVHG4mi9TLupYfjziOmGieTRD5DTu0V21U3C4oqBbTG5njMGxL0=

GET
H2 200 BigMoore-Regular.woff
static.thecrimson.com/fonts/ 31 KB
32 KB 43ms
22ms Font
application/font-woff 13.224.189.115
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.thecrimson.com/fonts/BigMoore-Regular.woff?dab78451b9b2
Requested by: Host: static.thecrimson.com
URL: https://static.thecrimson.com/CACHE/css/159197cf71ef.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.189.115 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-189-115.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ae86e060489a4d03d69290a066dd35500dce3eac8ecd484bce815f791deefbe7

Request headers

Referer: https://static.thecrimson.com/CACHE/css/159197cf71ef.css
Origin: https://www.thecrimson.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 00:30:36 GMT
via: 1.1 d7e55181ad8192e74c103c6003cd4d9c.cloudfront.net (CloudFront)
last-modified: Sat, 24 Sep 2022 20:10:18 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C1
age: 21411
etag: "f213cb76548f65ab93d4ce7263027562"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/font-woff
access-control-allow-origin: https://www.thecrimson.com
x-cache: Hit from cloudfront
access-control-allow-credentials: true
content-length: 32076
x-amz-cf-id: 5BpSRNb7mgK48Gp_xPqrsGp99X3F2l-ciqEEV7Vl62VYdeu6faW0kQ==

GET
H2 200 ColabLig-webfont.woff
static.thecrimson.com/fonts/ 16 KB
17 KB 32ms
12ms Font
application/font-woff 13.224.189.115
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.thecrimson.com/fonts/ColabLig-webfont.woff?66d7c6b7e1a8
Requested by: Host: static.thecrimson.com
URL: https://static.thecrimson.com/CACHE/css/159197cf71ef.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.189.115 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-189-115.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ee91b2d0975876da0981cade689a3577c943deee498f62bada6a65a630aa703a

Request headers

Referer: https://static.thecrimson.com/CACHE/css/159197cf71ef.css
Origin: https://www.thecrimson.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 06:14:52 GMT
via: 1.1 d7e55181ad8192e74c103c6003cd4d9c.cloudfront.net (CloudFront)
last-modified: Sat, 24 Sep 2022 20:10:14 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C1
age: 755
etag: "333a60a4c869a98195c83dbb5458a6ff"
access-control-allow-methods: GET
content-type: application/font-woff
access-control-allow-origin: https://www.thecrimson.com
x-cache: Hit from cloudfront
access-control-allow-credentials: true
content-length: 16804
x-amz-cf-id: GXfsRc053RZK6iHLyO1hpP9KZ3ZJbxpVxN-TAMblqCiONvwmVV-3_g==

GET
H2 200 S6u9w4BMUTPHh7USSwiPGQ.woff2
fonts.gstatic.com/s/lato/v23/ 23 KB
23 KB 34ms
11ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v23/S6u9w4BMUTPHh7USSwiPGQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=PT+Serif|Vollkorn:400italic,700italic,400,700|Open+Sans:300,400,600|Lato:300,400,700|Lora:400,700,400italic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

115f6a626ca115d4ad5581b59275327e0e860b30330a52b0f785561332dd2429

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.thecrimson.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Tue, 27 Sep 2022 17:12:19 GMT
x-content-type-options: nosniff
age: 479707
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23236
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 16:04:12 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 27 Sep 2023 17:12:19 GMT

GET Crimson-Roman-webfont.woff
static.thecrimson.com/fonts/ 0
0

GET
H2 200 ads.js Show response
static.thecrimson.com/js/ 43 B
453 B 21ms
21ms XHR
application/javascript 13.224.189.115
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.thecrimson.com/js/ads.js
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.189.115 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-189-115.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1f44e9fc3fd437708cb15104fb2bf44eb493003847a0eb2862aa15bba439cf63

Request headers

Accept: */*
Referer: https://www.thecrimson.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sun, 02 Oct 2022 15:23:56 GMT
via: 1.1 d7e55181ad8192e74c103c6003cd4d9c.cloudfront.net (CloudFront)
last-modified: Sat, 24 Sep 2022 20:09:57 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C1
age: 54211
etag: "c2680dd63778c62b398debcc23d47fd5"
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: https://www.thecrimson.com
x-cache: Hit from cloudfront
access-control-allow-credentials: true
content-length: 43
x-amz-cf-id: t9CUUUbv8c9P30HTAD63zg4cRbCBrTeUMQ2gbe4PYGJ4aqfpc82X8Q==

GET
H2 200 _ate.track.config_resp Show response
v1.addthisedge.com/live/boost/thecrimson/ 166 B
325 B 97ms
52ms Script
application/javascript 104.75.88.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://v1.addthisedge.com/live/boost/thecrimson/_ate.track.config_resp
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-126.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 4cf8b4da854cac70fb514c2d255e93904353bda1fcc7229de2f59d5971d83028

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thecrimson.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 06:27:27 GMT
content-encoding: gzip
etag: 659743217
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
cache-control: public, max-age=9, s-maxage=86400
content-disposition: attachment; filename=1.txt
content-length: 154

GET
H2 200 300lo.json Show response
m.addthis.com/live/red_lojson/ 89 B
249 B 313ms
154ms Script
application/javascript 104.75.88.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://m.addthis.com/live/red_lojson/300lo.json?si=633a80cea3f57df0&bkl=0&bl=1&pdt=498&sid=633a80cea3f57df0&pub=thecrimson&rev=v8.28.8-wp&ln=en&pc=men&cb=0&ab=-&dp=www.thecrimson.com&fp=article%2F2022%2F6%2F1%2Fdraft-human-remains-report%2F%2Fu003e.&fr=&of=0&pd=0&irt=0&vcl=0&md=0&ct=1&tct=0&abt=0&cdn=0&pi=1&rb=0&gen=100&chr=UTF-8&colc=1664778446957&jsl=1&uvs=633a80cea253d6a9000&skipb=1&callback=addthis.cbs.jsonp__14906558829791040
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-126.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 8d4307104e0303e34e8e9cb0d569e9b1b2f09b5d7bbfab670461f957e8c7efe3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thecrimson.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 Oct 2022 06:27:27 GMT
cache-control: max-age=0, no-cache, no-store, no-transform
content-disposition: attachment; filename=1.txt
content-length: 89
content-type: application/javascript;charset=utf-8

GET sh.f48a1a04fe8dbf021b4cda1d.html
s7.addthis.com/static/ Frame 30B8 0
0

GET
H2 200 sh.f48a1a04fe8dbf021b4cda1d.html Show response
s7.addthis.com/static/ Frame 6D77 71 KB
26 KB 15ms
15ms Document
text/html 104.75.88.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-88-126.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

7b6bfa13f0778c40bb2a00af9819bea2f07afcb4d071e7e4f436196953a5db4d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://www.thecrimson.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: public, max-age=86313600
content-encoding: gzip
content-length: 26421
content-type: text/html
date: Mon, 03 Oct 2022 06:27:26 GMT
etag: W/"5f971164-11adc"
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
p3p: CP="NON ADM OUR DEV IND COM STA"
server: nginx/1.15.8
strict-transport-security: max-age=15724800; includeSubDomains
timing-allow-origin: *
vary: Accept-Encoding
x-host: s7.addthis.com

GET Crimson-Roman-webfont.ttf
static.thecrimson.com/fonts/ 0
0

GET
H2 200 / Show response
www.thecrimson.com/interstitials/ad_600x500/ 3 KB
1 KB 492ms
491ms XHR
text/html 52.222.214.30
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thecrimson.com/interstitials/ad_600x500/
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.214.30 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-214-30.fra56.r.cloudfront.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: dcd480e56c9da9de1cadb95971265cff3320fcc900d00c3a199ff141132d757e

Request headers

Accept: text/html, */*; q=0.01
Referer: https://www.thecrimson.com/article/2022/6/1/draft-human-remains-report//u003e.
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 06:27:27 GMT
content-encoding: gzip
via: 1.1 54fc556adf6e8c787574c6f132d70178.cloudfront.net (CloudFront)
server: nginx/1.14.0 (Ubuntu)
x-amz-cf-pop: FRA56-P3
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: text/html; charset=utf-8
content-length: 771
x-amz-cf-id: EufIVPmKZuDXV82_M0rArYU8jZHtA24l2nJef1O_1D1BZpiEt7izjQ==

GET
H/1.1 200
OK widget_iframe.7dae38096d06923d683a2a807172322a.html Show response
platform.twitter.com/widgets/ Frame F2DD 320 KB
104 KB 8ms
8ms Document
text/html 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/widget_iframe.7dae38096d06923d683a2a807172322a.html?origin=https%3A%2F%2Fwww.thecrimson.com
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6776) /
Resource Hash: 8c0531412c543b9bd978e29acb8f5cf330db9891115d1e9924519d9a675b7b74

Request headers

Referer: https://www.thecrimson.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 289369
Cache-Control: public, max-age=315360000
Content-Encoding: gzip
Content-Length: 105445
Content-Type: text/html; charset=utf-8
Date: Mon, 03 Oct 2022 06:27:27 GMT
Etag: "50d73c0b4a4c7e4697b9c6ac6f1ecd75+gzip"
Last-Modified: Wed, 28 Sep 2022 20:04:27 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (frb/6776)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=1
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
209 B 15ms
14ms XHR
text/plain 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j97&a=352307090&t=pageview&_s=1&dl=https%3A%2F%2Fwww.thecrimson.com%2Farticle%2F2022%2F6%2F1%2Fdraft-human-remains-report%2F%2Fu003e.&ul=en-us&de=UTF-8&dt=Page%20not%20found%20%7C%20The%20Harvard%20Crimson&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAAABAAAAAC~&jid=252532102&gjid=2064287681&cid=151258367.1664778447&tid=UA-327124-1&_gid=1423931104.1664778447&_r=1&_slc=1&z=534085545

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.thecrimson.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 03 Oct 2022 06:27:27 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.thecrimson.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 996622380431758 Show response
connect.facebook.net/signals/config/ 293 KB
84 KB 131ms
130ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/996622380431758?v=2.9.84&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

a2db3a108b27ca0b5f0444a46e3462472dfb49e3e2a98e6a00e0e985f4817310

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thecrimson.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Mon, 03 Oct 2022 06:27:27 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: ZMgVNXAp+RAcDKIb/zm4hoEqOGMfxID5JUE7TVQFx6lbIqwwrnWYhuBbWXrxwXYUFKsYLST1MBZGRlwLJZUAjQ==
x-fb-trip-id: 917726464
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK check.js Show response
biddr.brealtime.com/ Frame 2E01 641 B
936 B 246ms
246ms Script
application/javascript 104.17.119.107
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://biddr.brealtime.com/check.js?nnn=1664778447044
Requested by: Host: biddr.brealtime.com
URL: https://biddr.brealtime.com/16203539-1164.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.17.119.107 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cacbe8d075be5b96af1d81fa4753efcb5fdf25ae5acfbf8b6fe16fba1197eace

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thecrimson.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date: Mon, 03 Oct 2022 06:27:27 GMT
Content-Encoding: gzip
CF-Cache-Status: MISS
Last-Modified: Tue, 11 Feb 2020 20:09:04 GMT
Server: cloudflare
x-amz-request-id: 7T4EZWVG5XXAE4VD
ETag: W/"81b479edefd671af66d52c0ad9347d68"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: public, max-age=3600
Connection: keep-alive
CF-RAY: 75439cae0decbbbc-FRA
x-amz-id-2: Ek1SzlU61MTK/rnaB4BaInQm7rW37m7oxhgyDUET4h5aCTpLSlRISazH3HYjK6h+eIdDkMHcaKw=
Expires: Mon, 03 Oct 2022 07:27:27 GMT

GET
H2 200 settings Show response
syndication.twitter.com/ Frame F2DD 770 B
645 B 288ms
114ms Fetch
application/json 104.244.42.200
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://syndication.twitter.com/settings?session_id=17c16d71752f3371e6fde343f9d39d50e55542d7

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.7dae38096d06923d683a2a807172322a.html?origin=https%3A%2F%2Fwww.thecrimson.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.200 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

9ee10ccd9a93c142b161a6507a9f23cfcd9e279f6b6ae77f35c2fa5ad1d32deb

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://platform.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

x-response-time: 106
date: Mon, 03 Oct 2022 06:27:26 GMT
content-encoding: gzip
strict-transport-security: max-age=631138519
last-modified: Mon, 03 Oct 2022 06:27:27 GMT
server: tsa_o
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://platform.twitter.com
x-transaction-id: 72dfc679dfd5649f
cache-control: must-revalidate, max-age=600
access-control-allow-credentials: true
perf: 7626143928
x-connection-hash: 2ad91b16b5d5d98535e29f0b8a29cc9fa3dffde7e04d1b7f0466dbb973f0b26f
content-length: 323

GET
H2 200 151.67aec2e0546e639563bb.js Show response
s7.addthis.com/static/ 2 KB
1 KB 10ms
10ms Script
application/javascript 104.75.88.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/static/151.67aec2e0546e639563bb.js

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-88-126.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

e1fa72e38624f68bc2039aded02a054eead1fbf24646f4df60abcacc665a8690

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thecrimson.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
date: Mon, 03 Oct 2022 06:27:27 GMT
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
server: nginx/1.15.8
etag: W/"5f971164-68f"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=86313600
x-host: s7.addthis.com
timing-allow-origin: *
content-length: 815

GET
H2 200 pubads_impl_2022092801.js Show response
securepubads.g.doubleclick.net/gpt/ 377 KB
128 KB 32ms
7ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092801.js?cb=31070024

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d74aacbaed4132cc593f2f2ab77bfc980733ad393dee2a722757d29d0eec941f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thecrimson.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sat, 01 Oct 2022 18:29:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 129505
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 130694
x-xss-protection: 0
last-modified: Wed, 28 Sep 2022 08:38:16 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sun, 01 Oct 2023 18:29:02 GMT

GET
H2 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 141 B
742 B 42ms
19ms XHR
application/json 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.thecrimson.com

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b31c49facd821a229221d04676a760badcdb8b98a1fa4acdcd0252e4b370b633

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thecrimson.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 06:27:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 106
x-xss-protection: 0
expires: Mon, 03 Oct 2022 06:27:27 GMT

POST
H3 200 1 Show response
adblockrelief.com/abr/submit/2RyykFJ6kZZC/v/ 4 B
480 B 201ms
187ms XHR
text/plain 2606:4700:3034::ac43:9ef1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://adblockrelief.com/abr/submit/2RyykFJ6kZZC/v/1
Requested by: Host: adblockrelief.com
URL: https://adblockrelief.com/assets/js/app.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::ac43:9ef1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fdc96ffbf256523aec8846ae56321053c7ab751c99eb766e6bb4a7d362a4f060

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thecrimson.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 06:27:27 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YYOoWAKBwCt3Dm7bxMAFk73B7BrlCLEX3NrDbg1FFeqhnPGBwzRmYR16hl2bcDlRwldfWE7BExx0dikxvyv3w8lykEoFPwAaFQtarIj412CQXLmRvxbWSt2oMcKI5mzl2cx%2FQsUAx5Vq%2B20jLASjKA%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://www.thecrimson.com
access-control-allow-credentials: true
cf-ray: 75439caea80e929f-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 ads.js Show response
adblockrelief.com/assets/js/abr/ads/ 31 B
561 B 196ms
183ms Script
application/javascript 2606:4700:3034::ac43:9ef1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://adblockrelief.com/assets/js/abr/ads/ads.js
Requested by: Host: adblockrelief.com
URL: https://adblockrelief.com/assets/js/app.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::ac43:9ef1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 61595e7e3de6ff0c94157a7782af57f1d0d0f6ac84bd4bb53a6c219427348760

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thecrimson.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 06:27:27 GMT
cf-cache-status: EXPIRED
last-modified: Fri, 08 Dec 2017 15:35:52 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"1f-16036c4bfc0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0XeQJjZyNIUIyTeWpKq5zOj%2FhaLOEILe0BGAvyRrcTlOe%2FdtrpSKgGGlUq32Cqcpfp4uAq5Ly2Tv%2FOnTNwnNZkDvJFqFojASW2qhOd8BluMNbmhD106GZEaLLIPq7JnrAebYXNFhnVe829Zk2QqsNw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 75439caeabc09b70-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 31

GET
H3 200 safe.js Show response
adblockrelief.com/assets/js/abr/ 34 B
529 B 201ms
188ms Script
application/javascript 2606:4700:3034::ac43:9ef1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://adblockrelief.com/assets/js/abr/safe.js
Requested by: Host: adblockrelief.com
URL: https://adblockrelief.com/assets/js/app.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::ac43:9ef1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dd2db56f58de72cabd6c091404572b2500378bec771ee08873052fe45e615cb6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thecrimson.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 06:27:27 GMT
cf-cache-status: EXPIRED
last-modified: Fri, 08 Dec 2017 15:02:04 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"22-16036a5cde0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ec7VS9NBACSSKk21ISZcCUWwDbJo5rxsOAC%2BL8I9qZVU4w9eS5qM7qMAIHegSYsTDfCZCGVAJY0JxFJi4Daysf9%2Bg%2BCO7%2BoH2TSgEK6x6734Xewujg4mp9nklDSm3TpP2JQFOFlndQ2BvLeCdGvbiQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 75439caeabc39b70-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 34

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 131ms
49ms Script
application/javascript 2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.thecrimson.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092801.js?cb=31070024

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thecrimson.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 06:27:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 127ms
47ms Script
application/javascript 2a00:1450:400d:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.thecrimson.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092801.js?cb=31070024

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thecrimson.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 06:27:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 657 B
406 B 566ms
546ms XHR
text/plain 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4328281532519187&correlator=1110368269283756&eid=31068457%2C31068498%2C31070024%2C31069354%2C31062931&output=ldjh&gdfp_req=1&vrg=2022092801&ptt=17&impl=fif&iu_parts=1046082%2CTheCrimson_AllArticles_ATF_728x90&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&ifi=1&adks=1518167480&sfv=1-0-38&fsapi=false&sc=1&cookie_enabled=1&abxe=1&dt=1664778447229&lmt=1664778447&dlt=1664778446715&idt=469&adxs=436&adys=174&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.thecrimson.com%2Farticle%2F2022%2F6%2F1%2Fdraft-human-remains-report%2F%2Fu003e.&frm=20&vis=1&psz=740x102&msz=728x-1&fws=0&ohw=0&ga_vid=151258367.1664778447&ga_sid=1664778447&ga_hid=352307090&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092801.js?cb=31070024

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1d32e6efe1da352df9282e8769be7dd2c1630b30f5e168010d6824a1055dee55

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thecrimson.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 06:27:27 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 376
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.thecrimson.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 456 B
280 B 216ms
198ms XHR
text/plain 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4328281532519187&correlator=1110368269283756&eid=31068457%2C31068498%2C31070024%2C31069354%2C31062931&output=ldjh&gdfp_req=1&vrg=2022092801&ptt=17&impl=fif&iu_parts=1046082%2CTheCrimson_AllArticles_AllPositions_300x600&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x600&ifi=2&adks=2192721787&sfv=1-0-38&fsapi=false&sc=1&cookie_enabled=1&abxe=1&dt=1664778447237&lmt=1664778447&dlt=1664778446715&idt=469&adxs=972&adys=591&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.thecrimson.com%2Farticle%2F2022%2F6%2F1%2Fdraft-human-remains-report%2F%2Fu003e.&frm=20&vis=1&psz=312x612&msz=300x-1&fws=0&ohw=0&ga_vid=151258367.1664778447&ga_sid=1664778447&ga_hid=352307090&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092801.js?cb=31070024

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

288501f8b9d4de0d43d1cd85d582d0f63612cc53dbce9663e42fd039550eaf58

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thecrimson.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 06:27:27 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 250
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.thecrimson.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 453 B
277 B 746ms
728ms XHR
text/plain 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4328281532519187&correlator=1110368269283756&eid=31068457%2C31068498%2C31070024%2C31069354%2C31062931&output=ldjh&gdfp_req=1&vrg=2022092801&ptt=17&impl=fif&iu_parts=1046082%2CTheCrimson_AllArticles_ATF_300x250&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&ifi=3&adks=2310517307&sfv=1-0-38&fsapi=false&sc=1&cookie_enabled=1&abxe=1&dt=1664778447239&lmt=1664778447&dlt=1664778446715&idt=469&adxs=972&adys=1318&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.thecrimson.com%2Farticle%2F2022%2F6%2F1%2Fdraft-human-remains-report%2F%2Fu003e.&frm=20&vis=1&psz=312x262&msz=300x-1&fws=0&ohw=0&ga_vid=151258367.1664778447&ga_sid=1664778447&ga_hid=352307090&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092801.js?cb=31070024

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

eb781db79756e57eb7bc118b50bae77cbd0376cd76ded38c9f64bb6a9b278d37

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thecrimson.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 06:27:27 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 247
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.thecrimson.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 447 B
272 B 463ms
445ms XHR
text/plain 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4328281532519187&correlator=1110368269283756&eid=31068457%2C31068498%2C31070024%2C31069354%2C31062931&output=ldjh&gdfp_req=1&vrg=2022092801&ptt=17&impl=fif&iu_parts=1046082%2CTheCrimson_AllArticles_BTF_300x250&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&ifi=4&adks=378089528&sfv=1-0-38&fsapi=false&sc=1&cookie_enabled=1&abxe=1&dt=1664778447242&lmt=1664778447&dlt=1664778446715&idt=469&adxs=972&adys=1590&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=2&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.thecrimson.com%2Farticle%2F2022%2F6%2F1%2Fdraft-human-remains-report%2F%2Fu003e.&frm=20&vis=1&psz=312x262&msz=300x-1&fws=0&ohw=0&ga_vid=151258367.1664778447&ga_sid=1664778447&ga_hid=352307090&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092801.js?cb=31070024

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

369a6df3e18b8e561053fdb248d70c23ac8c3842a5f795d2a9d3292891043894

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thecrimson.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 06:27:27 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 242
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.thecrimson.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 445 B
274 B 349ms
331ms XHR
text/plain 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4328281532519187&correlator=1110368269283756&eid=31068457%2C31068498%2C31070024%2C31069354%2C31062931&output=ldjh&gdfp_req=1&vrg=2022092801&ptt=17&impl=fif&iu_parts=1046082%2CTheCrimson_AllArticles_BTF_728x90&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&ifi=5&adks=1556939419&sfv=1-0-38&fsapi=false&sc=1&cookie_enabled=1&abxe=1&dt=1664778447246&lmt=1664778447&dlt=1664778446715&idt=469&adxs=436&adys=1896&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=3&ucis=5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.thecrimson.com%2Farticle%2F2022%2F6%2F1%2Fdraft-human-remains-report%2F%2Fu003e.&frm=20&vis=1&psz=740x102&msz=728x-1&fws=0&ohw=0&ga_vid=151258367.1664778447&ga_sid=1664778447&ga_hid=352307090&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092801.js?cb=31070024

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a18ad459290eb68105bb8d27dc3d4473883401dd85102db59a07c7ed48c5c7ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thecrimson.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 06:27:27 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 244
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.thecrimson.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
6ebdd67972871d470294b21b6b0626bd.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame FFC4 6 KB
4 KB 192ms
15ms Document
text/html 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://6ebdd67972871d470294b21b6b0626bd.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092801.js?cb=31070024

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.thecrimson.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 03 Oct 2022 06:27:27 GMT
expires: Tue, 03 Oct 2023 06:27:27 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 204 / Show response
hb.emxdgt.com/ 0
161 B 57ms
11ms XHR
text/plain 3.68.42.108
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.emxdgt.com/?t=1500&ts=1664778447266&src=pbjs
Requested by: Host: biddr.brealtime.com
URL: https://biddr.brealtime.com/16203539-1164.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.68.42.108 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-68-42-108.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.thecrimson.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.thecrimson.com
date: Mon, 03 Oct 2022 06:27:27 GMT
cache-control: no-cache
access-control-allow-credentials: true
access-control-allow-headers: security, Content-Type

POST
H/1.1 200
OK bid Show response
ap.lijit.com/rtb/ 23 B
654 B 173ms
43ms XHR
application/json 216.52.2.30
AS-INAPCDN-OCY

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/rtb/bid?src=prebid_prebid_2.12.0
Requested by: Host: biddr.brealtime.com
URL: https://biddr.brealtime.com/16203539-1164.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.30 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software: /
Resource Hash: c8615e326d4c95779a3e715c06e4ca263897cbcc5c74e665dc14c82d33c2687e

Request headers

Referer: https://www.thecrimson.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 03 Oct 2022 06:27:27 GMT
pod: X-Sovrn-Pod: ad_ap6ams1
vary: Accept-Encoding, User-Agent
access-control-allow-methods: GET, POST, DELETE, PUT
content-type: application/json
access-control-allow-origin: https://www.thecrimson.com
access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With, Content-Type
content-length: 23

GET
H2 200 /
www.facebook.com/tr/ 0
204 B 42ms
9ms Image
text/plain 2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=996622380431758&ev=PageView&dl=https%3A%2F%2Fwww.thecrimson.com%2Farticle%2F2022%2F6%2F1%2Fdraft-human-remains-report%2F%2Fu003e.&rl=&if=false&ts=1664778447275&sw=1600&sh=1200&v=2.9.84&r=stable&ec=0&o=30&fbp=fb.1.1664778447275.473271883&it=1664778447027&coo=false&rqm=GET

Requested by

Host: www.thecrimson.com
URL: https://www.thecrimson.com/article/2022/6/1/draft-human-remains-report//u003e.

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thecrimson.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 03 Oct 2022 06:27:27 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0

GET
H2 204 / Show response
e1.emxdgt.com/sync/ Frame 2E01 0
55 B 63ms
7ms Script
text/html 3.71.169.66
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://e1.emxdgt.com/sync/
Requested by: Host: biddr.brealtime.com
URL: https://biddr.brealtime.com/check.js?nnn=1664778447044
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.71.169.66 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-71-169-66.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thecrimson.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 06:27:26 GMT
content-length: 0
content-type: text/html

GET
H2 200 2285484070a3.css
static.thecrimson.com/CACHE/css/ 1 KB
828 B 27ms
26ms Stylesheet
text/css 13.224.189.115
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.thecrimson.com/CACHE/css/2285484070a3.css
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.189.115 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-189-115.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2285484070a3565f8f1c5657521163294178999c9bf004e774fcf7d491776657

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thecrimson.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sun, 02 Oct 2022 22:00:30 GMT
content-encoding: gzip
via: 1.1 96ab38d99b79d57e5c7e9b8a07c0fad2.cloudfront.net (CloudFront)
last-modified: Sat, 24 Sep 2022 20:11:16 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C1
age: 30418
etag: W/"c9bf60e099a5116b6e3771025d50cd34"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
x-amz-cf-id: OpvmB2Y-lnWjza778uWN_8M0O3LGkiq3gkyoE3zxCBMLEpCWeGnA1g==

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
11 KB 164ms
125ms XHR
application/json 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022092801&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092801.js?cb=31070024

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6b8bdccffc2e33e37900a181bfad479783315cf9c329eeeaad2370c4cd7c2f51

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thecrimson.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 06:27:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11321
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 215ms
134ms Script
text/javascript 2a00:1450:400d:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092801.js?cb=31070024

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thecrimson.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 06:27:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 03 Oct 2022 06:27:27 GMT

GET
H3 200 /
www.facebook.com/tr/ 0
18 B 18ms
7ms Image
text/plain 2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=996622380431758&ev=Microdata&dl=https%3A%2F%2Fwww.thecrimson.com%2Farticle%2F2022%2F6%2F1%2Fdraft-human-remains-report%2F%2Fu003e.&rl=&if=false&ts=1664778447780&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Page%20not%20found%20%7C%20The%20Harvard%20Crimson%22%7D&cd[OpenGraph]=%7B%22og%3Aimage%22%3A%22https%3A%2F%2Fstatic.thecrimson.com%2Fimages%2Fseal.jpg%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.84&r=stable&ec=1&o=30&fbp=fb.1.1664778447275.473271883&it=1664778447027&coo=false&es=automatic&tm=3&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thecrimson.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 03 Oct 2022 06:27:27 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 5984 13 KB
5 KB 80ms
25ms Document
text/html 2a00:1450:400d:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.thecrimson.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 318921
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 29 Sep 2022 13:52:06 GMT
expires: Fri, 29 Sep 2023 13:52:06 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 0FC2 783 B
1 KB 44ms
19ms Document
text/html 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

aa4a257ca69f8db5f5477afc2d5c8284ae8d6fa52a8bd7aebfcd7369264f159e

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Emca4hGoa_XrP764V_E8eQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.thecrimson.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 512
content-security-policy: script-src 'report-sample' 'nonce-Emca4hGoa_XrP764V_E8eQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 03 Oct 2022 06:27:27 GMT
expires: Mon, 03 Oct 2022 06:27:27 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 0FC2 0
0 59ms
42ms Image
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022092801&jk=4328281532519187&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

GET
H3 200 FfRQa39nZAvr1dE-0tAG9JrhPraJGrBbwHLzQGJT38Q.js Show response
pagead2.googlesyndication.com/bg/ Frame 5984 36 KB
16 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/FfRQa39nZAvr1dE-0tAG9JrhPraJGrBbwHLzQGJT38Q.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

15f4506b7f67640bebd5d13ed2d006f49ae13eb6891ab05bc072f3406253dfc4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sun, 02 Oct 2022 20:44:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 34989
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16034
x-xss-protection: 0
last-modified: Tue, 27 Sep 2022 16:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 02 Oct 2023 20:44:18 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 5984 0
10 B 25ms
25ms Image
text/plain 2a00:1450:400d:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?R0zjrg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400d:806::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 06:27:28 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 49ms
16ms Script
application/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.thecrimson.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092801.js?cb=31070024

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thecrimson.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 06:27:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 92ms
45ms Script
application/javascript 2a00:1450:400d:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.thecrimson.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092801.js?cb=31070024

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thecrimson.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 06:27:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 428 B
261 B 262ms
261ms XHR
text/plain 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4328281532519187&correlator=2863165175756773&eid=31068457%2C31068498%2C31070024%2C31069354%2C31062931&output=ldjh&gdfp_req=1&vrg=2022092801&ptt=17&impl=fif&iu_parts=1046082%2CTheCrimson_AllArticles_ATF_728x90&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&ifi=6&adks=1518167480&sfv=1-0-38&ris=1&rcs=1&fsapi=false&eri=1&sc=1&cookie=ID%3D04127161d9756777-2297297f39ce002b%3AT%3D1664778447%3AS%3DALNI_MbBDO90EVNKeDRa0n7R75W1TWgi0A&abxe=1&dt=1664778448464&lmt=1664778448&dlt=1664778446715&idt=469&adxs=436&adys=174&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.thecrimson.com%2Farticle%2F2022%2F6%2F1%2Fdraft-human-remains-report%2F%2Fu003e.&frm=20&vis=1&psz=740x12&msz=728x-1&fws=128&ohw=0&psts=APxP-9A6SzCjClfzuPGV4idFIHVR%2CAPxP-9A6SzCjClfzuPGV4idFIHVR%2CAPxP-9A6SzCjClfzuPGV4idFIHVR%2CAPxP-9A6SzCjClfzuPGV4idFIHVR&ga_vid=151258367.1664778447&ga_sid=1664778447&ga_hid=352307090&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092801.js?cb=31070024

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e31335460f6af889baff20bbe814999bd158feb6dae84b21aff7952b19957b73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thecrimson.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 06:27:28 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 230
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.thecrimson.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 26 KB
11 KB 163ms
161ms XHR
text/plain 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4328281532519187&correlator=2863165175756773&eid=31068457%2C31068498%2C31070024%2C31069354%2C31062931&output=ldjh&gdfp_req=1&vrg=2022092801&ptt=17&impl=fif&iu_parts=1046082%2CTheCrimson_AllArticles_BTF_728x90&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&ifi=7&adks=1556939419&sfv=1-0-38&ris=1&rcs=1&fsapi=false&eri=1&sc=1&cookie=ID%3D04127161d9756777-2297297f39ce002b%3AT%3D1664778447%3AS%3DALNI_MbBDO90EVNKeDRa0n7R75W1TWgi0A&abxe=1&dt=1664778448467&lmt=1664778448&dlt=1664778446715&idt=469&adxs=436&adys=977&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.thecrimson.com%2Farticle%2F2022%2F6%2F1%2Fdraft-human-remains-report%2F%2Fu003e.&frm=20&vis=1&psz=740x12&msz=728x-1&fws=128&ohw=0&psts=APxP-9A6SzCjClfzuPGV4idFIHVR%2CAPxP-9A6SzCjClfzuPGV4idFIHVR%2CAPxP-9A6SzCjClfzuPGV4idFIHVR%2CAPxP-9A6SzCjClfzuPGV4idFIHVR&ga_vid=151258367.1664778447&ga_sid=1664778447&ga_hid=352307090&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092801.js?cb=31070024

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2babad32e124615c3cb67966dd65360024e74fc00aeb96dd2f22eb0a95211a2a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thecrimson.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 06:27:28 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11666
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.thecrimson.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 439 B
267 B 504ms
502ms XHR
text/plain 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4328281532519187&correlator=2863165175756773&eid=31068457%2C31068498%2C31070024%2C31069354%2C31062931&output=ldjh&gdfp_req=1&vrg=2022092801&ptt=17&impl=fif&iu_parts=1046082%2CTheCrimson_AllArticles_AllPositions_300x600&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x600&ifi=8&adks=2192721787&sfv=1-0-38&ris=1&rcs=1&fsapi=false&eri=1&sc=1&cookie=ID%3D04127161d9756777-2297297f39ce002b%3AT%3D1664778447%3AS%3DALNI_MbBDO90EVNKeDRa0n7R75W1TWgi0A&abxe=1&dt=1664778448471&lmt=1664778448&dlt=1664778446715&idt=469&adxs=972&adys=501&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.thecrimson.com%2Farticle%2F2022%2F6%2F1%2Fdraft-human-remains-report%2F%2Fu003e.&frm=20&vis=1&psz=312x12&msz=300x-1&fws=128&ohw=0&psts=APxP-9A6SzCjClfzuPGV4idFIHVR%2CAPxP-9A6SzCjClfzuPGV4idFIHVR%2CAPxP-9A6SzCjClfzuPGV4idFIHVR%2CAPxP-9A6SzCjClfzuPGV4idFIHVR&ga_vid=151258367.1664778447&ga_sid=1664778447&ga_hid=352307090&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092801.js?cb=31070024

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

de603f0d1ad5e210f31eb70b0362301c363a312bf47391ff728c50a533e95fa4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thecrimson.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 06:27:28 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 236
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.thecrimson.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 26 KB
12 KB 633ms
631ms XHR
text/plain 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4328281532519187&correlator=2863165175756773&eid=31068457%2C31068498%2C31070024%2C31069354%2C31062931&output=ldjh&gdfp_req=1&vrg=2022092801&ptt=17&impl=fif&iu_parts=1046082%2CTheCrimson_AllArticles_ATF_300x250&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&ifi=9&adks=2310517307&sfv=1-0-38&ris=1&rcs=1&fsapi=false&eri=1&sc=1&cookie=ID%3D04127161d9756777-2297297f39ce002b%3AT%3D1664778447%3AS%3DALNI_MbBDO90EVNKeDRa0n7R75W1TWgi0A&abxe=1&dt=1664778448474&lmt=1664778448&dlt=1664778446715&idt=469&adxs=972&adys=899&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.thecrimson.com%2Farticle%2F2022%2F6%2F1%2Fdraft-human-remains-report%2F%2Fu003e.&frm=20&vis=1&psz=312x12&msz=300x-1&fws=128&ohw=0&psts=APxP-9A6SzCjClfzuPGV4idFIHVR%2CAPxP-9A6SzCjClfzuPGV4idFIHVR%2CAPxP-9A6SzCjClfzuPGV4idFIHVR%2CAPxP-9A6SzCjClfzuPGV4idFIHVR&ga_vid=151258367.1664778447&ga_sid=1664778447&ga_hid=352307090&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092801.js?cb=31070024

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c21269b18f8c76740a71759fdd6ab0041b63857c1955ad6761d930f4a5000003

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thecrimson.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 06:27:29 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11948
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.thecrimson.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 26 KB
12 KB 406ms
404ms XHR
text/plain 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4328281532519187&correlator=2863165175756773&eid=31068457%2C31068498%2C31070024%2C31069354%2C31062931&output=ldjh&gdfp_req=1&vrg=2022092801&ptt=17&impl=fif&iu_parts=1046082%2CTheCrimson_AllArticles_BTF_300x250&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&ifi=10&adks=378089528&sfv=1-0-38&ris=1&rcs=1&fsapi=false&eri=1&sc=1&cookie=ID%3D04127161d9756777-2297297f39ce002b%3AT%3D1664778447%3AS%3DALNI_MbBDO90EVNKeDRa0n7R75W1TWgi0A&abxe=1&dt=1664778448478&lmt=1664778448&dlt=1664778446715&idt=469&adxs=972&adys=921&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.thecrimson.com%2Farticle%2F2022%2F6%2F1%2Fdraft-human-remains-report%2F%2Fu003e.&frm=20&vis=1&psz=312x12&msz=300x-1&fws=128&ohw=0&psts=APxP-9A6SzCjClfzuPGV4idFIHVR%2CAPxP-9A6SzCjClfzuPGV4idFIHVR%2CAPxP-9A6SzCjClfzuPGV4idFIHVR%2CAPxP-9A6SzCjClfzuPGV4idFIHVR&ga_vid=151258367.1664778447&ga_sid=1664778447&ga_hid=352307090&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092801.js?cb=31070024

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

009545a63301070f7daa29bbc68e2e7172a8cb251cd9b5894338d5a57199a95e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thecrimson.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 06:27:28 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11766
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.thecrimson.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 403 B
246 B 275ms
273ms XHR
text/plain 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4328281532519187&correlator=2863165175756773&eid=31068457%2C31068498%2C31070024%2C31069354%2C31062931&output=ldjh&gdfp_req=1&vrg=2022092801&ptt=17&impl=fif&iu_parts=1046082%2C1x1_ad_unit&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=11&adks=3832109050&sfv=1-0-38&fsapi=false&eri=1&sc=1&cookie=ID%3D04127161d9756777-2297297f39ce002b%3AT%3D1664778447%3AS%3DALNI_MbBDO90EVNKeDRa0n7R75W1TWgi0A&abxe=1&dt=1664778448483&lmt=1664778448&dlt=1664778446715&idt=469&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=6&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.thecrimson.com%2Farticle%2F2022%2F6%2F1%2Fdraft-human-remains-report%2F%2Fu003e.&frm=20&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&psts=APxP-9A6SzCjClfzuPGV4idFIHVR%2CAPxP-9A6SzCjClfzuPGV4idFIHVR%2CAPxP-9A6SzCjClfzuPGV4idFIHVR%2CAPxP-9A6SzCjClfzuPGV4idFIHVR%2CAPxP-9A6SzCjClfzuPGV4idFIHVR&ga_vid=151258367.1664778447&ga_sid=1664778447&ga_hid=352307090&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092801.js?cb=31070024

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

da664629253dbbd7a5261262a6e63f2b0108ab32eadebc8707be53622e0bb7e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thecrimson.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 06:27:28 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 215
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.thecrimson.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 44ms
44ms Image
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022092801&jk=4328281532519187&bg=!1Nel15PNAAYQgTJdMIE7ACkAdvg8Wr1E1-dbwBfq32Y3z7KA7G6HoHlz43pa_F5TMAI9AmqG2IYG8QIAAABOUgAAAANoAQcKAEl8-Qs3yFX3fvu7SabYQQ5IeFi0XjQTA_oN0ICnQRRuD_Rfxr2Q_jTV38uxmX5O0802Odv1kLQmiha6NIRJuD-rLP2RUJ8u2qXimQK8P2bqYk1Qrt-PTeJDccOE-CbbaxaiudmC8wiZnthpEWIUKfIA3SKtmrbF4n6bYO-5k5-heefI6R89lrLYV4EHDzRzSzh41sTpoP1lFPsGiE1euOoAMb81w0v8MKrPUK3b3Z8JyBu_FAllDzDn8c4_4lRmH4eGK2wMG7dJWOIOwxNQO6SZEo8sWcjnyG7SRBKmAgbpErKj8i9vFqf7mEv39EsPHgSiX9hMjtSw51s92h2enQQo_9X5iNI1yJ1rJflOhkiUB_H5DiNHSd8jrNbYuU3H3UNI91YI-lV_mYOKSIxGzXye7iIPGea3uPnuCv1EPSAy00wQ0A5lCRPz2EYnj1HGgc14KRZQDjMayK_x6hmzZGW_kScp4Y_euQqiRMlXsiQ5eWUGoK1cmm24UYdZknHKuXWB9ippMC9tSUykZs5EVWNIIqau6NzpEwU5O17cVVkMyjD3RCXpf4tVBorS58nOswaGCuOJOMmwCl3k7xGbmmECFFGd7iv59XTYsNgrgw19hgCGW01VTpl4ArEG64XsNfcZ8f6fvR1awmnaL-p6DCqwcMSbgYzdYVs2ht2QvpH4Z5DY4tS5hqcKARujuGo525uRcmi2xfefy3st6b05g1oy_6lup8OS6v-1R7oOoDJ3g381YzP2B0RIB6JC71GJEqXUeeuGvfaqOKPbgZrDfBu6zT-FioIeesfuB2G6XtC6fqST9dkkfA3wWWM_P-02IPexGjLyoPV42ANxMA9O9EIdxXvSQ6Cu8BqmysydW1Fi_jVJWo9P2zAPZ6AJ8wuvZhQ4-7HhMgvvBlmp-wQ3U0h1EWyZohrWLNIorJKTxDV0Uq6zcMfmowZ7aRJmuts9q52yT6XzmE8sJ0HxM9SZHzwoPmAtzu8dQTHOmn9CqG-l1tCQtc6u9p4kZ9QemCS3hQCkLC5a7cPRaA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thecrimson.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

GET
H3 200 container.html Show response
6ebdd67972871d470294b21b6b0626bd.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 507C 6 KB
3 KB 25ms
8ms Document
text/html 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://6ebdd67972871d470294b21b6b0626bd.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092801.js?cb=31070024

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.thecrimson.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 03 Oct 2022 06:27:27 GMT
expires: Tue, 03 Oct 2023 06:27:27 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 507C 0
0 52ms
52ms Fetch
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CWeoq0IA6Y6DbH7KO7_UPlPeOyAmQ4YGEXLaoworwAsCNtwEQASAAYJW6rYK0B4IBF2NhLXB1Yi0xMzMzODcyMzI2MDU0MTQ2oAHCrujdA8gBCakCFoTab7hxsD7gAgCoAwGqBM4CT9B_kOCJkpZy9YQX7qulASrLXSV0ZwTiHkX6BsSpb_pblY7NTO6s8OaGvRzAT576Hc6qAbm44_7LJ-d95U36GQ3oeRBOgkxwXFS3hOLfnPmssW_Y2gF9B_AD9aX4AmHTfj3lWaXPkHpOWHdzq3bL_Hhp-_G3B5FkYKLU1g4jvpEg6pKOxa4nn6aleOtUWXd7OOYC65gYyON0y7elZbHCeZKXIWFUoGdeug_SeTS3FG2c6HilI_LNLlxUJ6lG2-aEQG7Oud_8aRRBLADRPyftA-np_PkZvrzF8NNAqmEcrcTVGzPDorLfAWeqLI4vHKn-LEBTZP0SXBSR8TehVyvVX7mc14ijAWJh81XL1S76KmxxJvgOl-ApuF8odU5FFYpAU-02tNkFPhEPxA13o6sPzEdMj-2tKQO14ofLAebHjomVXwKlvj0jEgNti2c-U-AEAYAGv8uJxrfT-dFboAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQIAKA_oLAggBgAwB0BUBgBcBshccChoSFHB1Yi0xMzMzODcyMzI2MDU0MTQ2GJKnCA&sigh=_TyAwPQWP6s&uach_m=[UACH]&cid=CAQSOwCsnQUxlB3-Yn1Kvdu5SO3Sa5Og9uFhXTRCZ-2okbURSRo4oVQneEKj-A2IbFO-S7nvcwb8fBehqyRsGAEgEw
Requested by: Host: www.thecrimson.com
URL: https://www.thecrimson.com/article/2022/6/1/draft-human-remains-report//u003e.
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6ebdd67972871d470294b21b6b0626bd.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

GET
H2 204 winResponse
prod-rtb.ad4mat.net/ Frame 507C 0
0 47ms
17ms Fetch
image/gif 2600:1901:0:76b9::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://prod-rtb.ad4mat.net/winResponse?a=1gsp8vf7b2jqydasasz16rfpeg6zhyxtgday6c8h8ef4pa3dydydr95xtpvz545nsqb6v5a3jhjj8877jakge7kynr9t64s61nyx1zfrjv25mmka57pcx8kc13a5yy1vz63e5xstgdm53xanny7jn4w8hzjegffk74zz4yaj2mn07d10s03rnak70dd968qqrjnb12tmegtrpve338fwdhm15y8c0nk09e9t494a946zk0zhhpf2cxex75z17kb2fthqvfjcsg3b2j799rzvxwrcbqzfnxgkyjf7z9p03ems4z4s7dzjygrtwhp9fzv9490apn3jn651acn8h32pcrycewn2r90x9fjw7yt516j2addjwyawswgwd9tb5fg5ya25kp8v4ry9y98n4d58qzt4mm&b=YzqA0AAH7aAIu8cyAAO7lHuSeDtpypZkfb1H3w
Requested by: Host: www.thecrimson.com
URL: https://www.thecrimson.com/article/2022/6/1/draft-human-remains-report//u003e.
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6ebdd67972871d470294b21b6b0626bd.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 03 Oct 2022 06:27:28 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: image/gif

GET
H2 200 dr Show response
as.ad4m.at/ad/ Frame 35DB 2 KB
3 KB 72ms
36ms Document
text/html 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/dr?ed=1j486ygwx0meewd9hx4g8wykby3e24e1s5awj8r9y9hb1qj59a3r58jybpsfma685dvg17r8k1fran374817p01r8c8wa21ekf7ndd7mhd9pdbnwzchz4qxnre8s9qn6pqmhwr7jpyg7w7j4yyj2e0qey70s5s507fryg7qwnt557fz1jga50nw3pjvd54yymqqhr9ewd2jj3eh52npy36zh02dbjxkr116attc2t5a4v7bsepskpcy848htmz8gbfx4n7d74bad0n8w4n11mqmra4n2w1t598q3c8texyk6r4d6jvky66xb7qef224jsv580gf5a1say9g4ba9wmbpfybf77qfj0gyyz1938b51gn39xrcbqh3n1jfkdr5gmk7syk4y7v2ngfj6km97z19gcsj0r7k6&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC5v9V0IA6Y6DbH7KO7_UPlPeOyAmQ4YGEXLaoworwAsCNtwEQASAAYJW6rYK0B4IBF2NhLXB1Yi0xMzMzODcyMzI2MDU0MTQ2oAHCrujdA8gBCakCFoTab7hxsD7gAgCoAwGqBNECT9B_kOCJkpZy9YQX7qulASrLXSV0ZwTiHkX6BsSpb_pblY7NTO6s8OaGvRzAT576Hc6qAbm44_7LJ-d95U36GQ3oeRBOgkxwXFS3hOLfnPmssW_Y2gF9B_AD9aX4AmHTfj3lWaXPkHpOWHdzq3bL_Hhp-_G3B5FkYKLU1g4jvpEg6pKOxa4nn6aleOtUWXd7OOYC65gYyON0y7elZbHCeZKXIWFUoGdeug_SeTS3FG2c6HilI_LNLlxUJ6lG2-aEQG7Oud_8aRRBLADRPyftA-np_PkZvrzF8NNAqmEcrcTVGzPDorLfAWeqLI4vHKn-LEBTZP0SXBSR8TehVyvVX7mc14ijAWJh81XL1S76KmxxJvgOl-ApuF8odU5FFYpAU-02tNkFPhFNxizldFKIjI_Lx3t3YJFH25PBrOzpllQVnUs3Rqk9Phu4V_h-mzNE1-AEAYAGv8uJxrfT-dFboAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3WD1hW4u_84XEFacGRbFHzrPa4uw%26client%3Dca-pub-1333872326054146%26adurl%3D

Requested by

Host: 6ebdd67972871d470294b21b6b0626bd.safeframe.googlesyndication.com
URL: https://6ebdd67972871d470294b21b6b0626bd.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

451eb7c2fc3f17fd7234a9172dcdd9b95767d98145bebded7d366c8ce8526ce6

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-ancestors * data:;frame-src ;img-src data:;manifest-src 'none';media-src 'none';navigate-to ;object-src 'none';prefetch-src 'none';script-src 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://6ebdd67972871d470294b21b6b0626bd.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 75439cb89e549b77-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Mon, 03 Oct 2022 06:27:28 GMT
expires: 0
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220928/r20110914/client/ Frame 507C 3 KB
1 KB 25ms
25ms Script
text/javascript 2a00:1450:400d:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220928/r20110914/client/window_focus_fy2021.js

Requested by

Host: 6ebdd67972871d470294b21b6b0626bd.safeframe.googlesyndication.com
URL: https://6ebdd67972871d470294b21b6b0626bd.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6ebdd67972871d470294b21b6b0626bd.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 06:13:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 811
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 17 Oct 2022 06:13:57 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame CCCC 1 KB
749 B 8ms
7ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 6ebdd67972871d470294b21b6b0626bd.safeframe.googlesyndication.com
URL: https://6ebdd67972871d470294b21b6b0626bd.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://6ebdd67972871d470294b21b6b0626bd.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 34819
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: gzip
content-length: 724
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 02 Oct 2022 20:47:09 GMT
etag: 48472445140208031
expires: Mon, 03 Oct 2022 20:47:09 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220928/r20110914/client/ Frame 507C 17 KB
7 KB 26ms
25ms Script
text/javascript 2a00:1450:400d:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220928/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 6ebdd67972871d470294b21b6b0626bd.safeframe.googlesyndication.com
URL: https://6ebdd67972871d470294b21b6b0626bd.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

86d8e892ceacd8c8a7e7125c68dd0e1b311f8399871b6d64b8b6795f0235c1d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6ebdd67972871d470294b21b6b0626bd.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 06:19:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 501
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7559
x-xss-protection: 0
server: cafe
etag: 15289875785628835784
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 17 Oct 2022 06:19:07 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 507C 0
0 32ms
14ms Image
text/html 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaT7OYDrKrnRFcv4NZBN9q0OZQ7tbqXCOKmyV0G8_sD_sntQTWw_5Vt_Rz9QJK2R37if1sGnWprHgrqdg-ORoSkBfhtJ-Q
Requested by: Host: 6ebdd67972871d470294b21b6b0626bd.safeframe.googlesyndication.com
URL: https://6ebdd67972871d470294b21b6b0626bd.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6ebdd67972871d470294b21b6b0626bd.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame 507C 22 KB
7 KB 27ms
25ms Script
text/javascript 2a00:1450:400d:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js

Requested by

Host: 6ebdd67972871d470294b21b6b0626bd.safeframe.googlesyndication.com
URL: https://6ebdd67972871d470294b21b6b0626bd.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6ebdd67972871d470294b21b6b0626bd.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 15:28:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 313129
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7022
x-xss-protection: 0
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 29 Sep 2023 15:28:39 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 507C 140 KB
44 KB 213ms
164ms Script
text/javascript 2a00:1450:400d:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 6ebdd67972871d470294b21b6b0626bd.safeframe.googlesyndication.com
URL: https://6ebdd67972871d470294b21b6b0626bd.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

da8438b81e390283f6eb8cc9cf49ccde3d00c954b4fbccdf6372c162c4b58ab2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6ebdd67972871d470294b21b6b0626bd.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 06:27:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44530
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1664365478704152"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 03 Oct 2022 06:27:28 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame CCCC
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEOGE6zJ1JJtetur8PCEIiBY&google_cver=1&google_push=AZmPxg8JFjZi0RjTKvw9JzV8BgCxc9er6sLH-Q2y2cGkHiuG2hMKsj_wChcRwZs07DfBmNa6gomFJFSPRrKAoLm2...
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AZmPxg8JFjZi0RjTKvw9JzV8BgCxc9er6sLH-Q2y2cGkHiuG2hMKsj_wChcRwZs07DfBmNa6gomFJFSPRrKAoLm2RxIf4jPQ2aKu

170 B
188 B

18ms
18ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AZmPxg8JFjZi0RjTKvw9JzV8BgCxc9er6sLH-Q2y2cGkHiuG2hMKsj_wChcRwZs07DfBmNa6gomFJFSPRrKAoLm2RxIf4jPQ2aKu

Protocol

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 Oct 2022 06:27:29 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Mon, 03 Oct 2022 06:27:29 GMT
Server: MT3 4525 e1952b7 master zrh-pixel-x13 config:1.0.0
Content-Type: image/gif
Access-Control-Allow-Origin: *
location: https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AZmPxg8JFjZi0RjTKvw9JzV8BgCxc9er6sLH-Q2y2cGkHiuG2hMKsj_wChcRwZs07DfBmNa6gomFJFSPRrKAoLm2RxIf4jPQ2aKu
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 0
Expires: Mon, 03 Oct 2022 06:27:28 GMT

GET
H2 200 google
match.adsrvr.org/track/cmf/ Frame CCCC 70 B
265 B 111ms
31ms Image
image/gif 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/google?google_gid=CAESEEm1D7o-UPiRegXbXW2Eg9g&google_cver=1&google_push=AZmPxg88D_XZl1TmjzVMZt1hioZY4QizsdELv3V8qxMFe84NlIbE3d6HFLAaTAWQ6GeJFph0SAqKRX8djlZXzy2A1p8rJHqIs26i
Requested by: Host: 6ebdd67972871d470294b21b6b0626bd.safeframe.googlesyndication.com
URL: https://6ebdd67972871d470294b21b6b0626bd.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Mon, 03 Oct 2022 06:27:28 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame CCCC
Redirect Chain

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=8&google_gid=CAESEM3_IKXvyXHo2XHaN78dRV4&google_cver=1&google_push=AZmPxg8rErG7FptzC0bwUNs51-U2gOsAxtYuzFF8ab7Yv5jkcI-j2s_sjSIJNB55xp1iqUvNOf9eOtk...
https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=8&google_gid=CAESEM3_IKXvyXHo2XHaN78dRV4&google_cver=1&google_push=AZmPxg8rErG7FptzC0bwUNs51-U2gOsAxtYuzFF8ab7Yv5jkcI-j2s_sjSIJNB55xp1iq...
https://cm.g.doubleclick.net/pixel?google_nid=ssc&google_hm=-fnrf8-ATY6RLtcb_oRtRGM6gNA

170 B
188 B

19ms
18ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ssc&google_hm=-fnrf8-ATY6RLtcb_oRtRGM6gNA

Requested by

Host: 6ebdd67972871d470294b21b6b0626bd.safeframe.googlesyndication.com
URL: https://6ebdd67972871d470294b21b6b0626bd.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 Oct 2022 06:27:28 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 03 Oct 2022 06:27:27 GMT
server: AC1.1
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location: https://cm.g.doubleclick.net/pixel?google_nid=ssc&google_hm=-fnrf8-ATY6RLtcb_oRtRGM6gNA
cache-control: max-age=0,no-cache,no-store
content-length: 0
expires: Tue, 11 Oct 1977 12:34:56 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame CCCC
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEAlSWO2NtG7vcsOG0oqelo0&google_cver=1&google_push=AZmPxg9g5mSX9gGySZX_F3ACguob-D9Ny7HYZOQ0zu_e9AFJVRGIS439Cfw6_yJy4YISdrnu-7rP9keOQCPhbgLU-6Pl2Kg...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AZmPxg9g5mSX9gGySZX_F3ACguob-D9Ny7HYZOQ0zu_e9AFJVRGIS439Cfw6_yJy4YISdrnu-7rP9keOQCPhbgLU-6Pl2KgxXjc&google_hm=MjY4OTYxOTcyMTM3MjQzMjk...

170 B
188 B

18ms
18ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AZmPxg9g5mSX9gGySZX_F3ACguob-D9Ny7HYZOQ0zu_e9AFJVRGIS439Cfw6_yJy4YISdrnu-7rP9keOQCPhbgLU-6Pl2KgxXjc&google_hm=MjY4OTYxOTcyMTM3MjQzMjk4OA%3D%3D

Requested by

Host: 6ebdd67972871d470294b21b6b0626bd.safeframe.googlesyndication.com
URL: https://6ebdd67972871d470294b21b6b0626bd.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 Oct 2022 06:27:28 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Mon, 03 Oct 2022 06:27:28 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AZmPxg9g5mSX9gGySZX_F3ACguob-D9Ny7HYZOQ0zu_e9AFJVRGIS439Cfw6_yJy4YISdrnu-7rP9keOQCPhbgLU-6Pl2KgxXjc&google_hm=MjY4OTYxOTcyMTM3MjQzMjk4OA%3D%3D
content-length: 0

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame CCCC
Redirect Chain

https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEOF7m7EQ9lYQ3JD-PT3_hqw&google_cver=1&google_push=AZmPxg9rLwf87zBf202H4Iru8PDs4Ppnu91-eDzt_GAPdTxJIDhsynrGuwH5E6Z9TMbNkwGkt44OZHjvpNRYKYRb...
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AZmPxg9rLwf87zBf202H4Iru8PDs4Ppnu91-eDzt_GAPdTxJIDhsynrGuwH5E6Z9TMbNkwGkt44OZHjvpNRYKYRbNyYmMCkWhlgs

170 B
329 B

21ms
20ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AZmPxg9rLwf87zBf202H4Iru8PDs4Ppnu91-eDzt_GAPdTxJIDhsynrGuwH5E6Z9TMbNkwGkt44OZHjvpNRYKYRbNyYmMCkWhlgs

Requested by

Host: 6ebdd67972871d470294b21b6b0626bd.safeframe.googlesyndication.com
URL: https://6ebdd67972871d470294b21b6b0626bd.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 Oct 2022 06:27:28 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Mon, 03 Oct 2022 06:27:28 GMT
via: 1.1 19dbc4cbbe0be3dca8e57283a83b57c6.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA60-P4
x-cache: FunctionGeneratedResponse from cloudfront
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AZmPxg9rLwf87zBf202H4Iru8PDs4Ppnu91-eDzt_GAPdTxJIDhsynrGuwH5E6Z9TMbNkwGkt44OZHjvpNRYKYRbNyYmMCkWhlgs
cache-control: no-cache, must-revalidate
content-length: 0
x-amz-cf-id: pey1Z9Ssa65g_m4zOFrww1EynP04JNXPtTD4o_4kFYFoBZQwWo24RA==

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame CCCC
Redirect Chain

https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEP2wsVnAewR66vczYyiEdHw&google_cver=1&google_push=AZmPxg8Ef67J4pMlWnPfsSWZG3nA11LSEmtjtIJYWjD3s5QapBlx3UOuhowkQqIJPbAk0mL2wc...
https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEP2wsVnAewR66vczYyiEdHw&google_cver=1&google_push=AZmPxg8Ef67J4pMlWnPfsSWZG3nA11LSEmtjtIJYWjD3s5QapBlx3UOuhowkQqIJPbAk0mL2wc...
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS14VkYzQVVWRTJ1SGJlY2RoQzd5MThpNmxQN000cFRWaH5B&google_push=AZmPxg8Ef67J4pMlWnPfsSWZG3nA11LSEmtjtIJYWjD3s5QapBlx3UOuh...

170 B
188 B

34ms
18ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS14VkYzQVVWRTJ1SGJlY2RoQzd5MThpNmxQN000cFRWaH5B&google_push=AZmPxg8Ef67J4pMlWnPfsSWZG3nA11LSEmtjtIJYWjD3s5QapBlx3UOuhowkQqIJPbAk0mL2wcxmo_jHQYyYZdEfJD6ZjT9uPI_NbA

Requested by

Host: 6ebdd67972871d470294b21b6b0626bd.safeframe.googlesyndication.com
URL: https://6ebdd67972871d470294b21b6b0626bd.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 Oct 2022 06:27:28 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS14VkYzQVVWRTJ1SGJlY2RoQzd5MThpNmxQN000cFRWaH5B&google_push=AZmPxg8Ef67J4pMlWnPfsSWZG3nA11LSEmtjtIJYWjD3s5QapBlx3UOuhowkQqIJPbAk0mL2wcxmo_jHQYyYZdEfJD6ZjT9uPI_NbA
date: Mon, 03 Oct 2022 06:27:28 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.25
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame CCCC
Redirect Chain

https://secure.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=${BASE64_UID_ENC}&google_gid=CAESEDcy4sZFD_kyrwDVpIP39Ss&google_cver=1&google_push=AZmPxg_xtp2BsrVP8...
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dxandr_eb%26google_hm%3D%24%7BBASE64_UID_ENC%7D%26google_gid%3DCAESEDcy4sZFD_kyrwDVpIP39Ss%26goo...
https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=ODAwOTI5MzExMjI4NzE4NzU3Ng%3D%3D&google_gid=CAESEDcy4sZFD_kyrwDVpIP39Ss&google_cver=1&google_push=AZmPxg_xtp2BsrVP8bEKwU3968DpXXoM_7...

170 B
188 B

38ms
21ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=ODAwOTI5MzExMjI4NzE4NzU3Ng%3D%3D&google_gid=CAESEDcy4sZFD_kyrwDVpIP39Ss&google_cver=1&google_push=AZmPxg_xtp2BsrVP8bEKwU3968DpXXoM_7mhzzNWQaFsDt6sXphpy2Pej7i0PQq2XNJj0-JHnB9-MsBFhvFAKkEiNizx9mrfW0sd

Requested by

Host: 6ebdd67972871d470294b21b6b0626bd.safeframe.googlesyndication.com
URL: https://6ebdd67972871d470294b21b6b0626bd.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 Oct 2022 06:27:28 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 03 Oct 2022 06:27:28 GMT
AN-X-Request-Uuid: e10a3307-0692-4453-a437-632d91d4507f
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Location: https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=ODAwOTI5MzExMjI4NzE4NzU3Ng%3D%3D&google_gid=CAESEDcy4sZFD_kyrwDVpIP39Ss&google_cver=1&google_push=AZmPxg_xtp2BsrVP8bEKwU3968DpXXoM_7mhzzNWQaFsDt6sXphpy2Pej7i0PQq2XNJj0-JHnB9-MsBFhvFAKkEiNizx9mrfW0sd
Connection: keep-alive
X-Proxy-Origin: 138.199.38.132; 138.199.38.132; 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame CCCC 0
232 B 51ms
15ms Image
text/html 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13ICSV0xSdHFMeFVduklUysU2HI7IqKlFmtGbyTCMh1-dnlh07590D77vpcsz-mqWEEKZFU5pIs

Requested by

Host: 6ebdd67972871d470294b21b6b0626bd.safeframe.googlesyndication.com
URL: https://6ebdd67972871d470294b21b6b0626bd.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 06:27:28 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
DATA 200
OK truncated
/ Frame 507C 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 39c752717c6618d660c98c2f1aaa097ad8b7ee7bf3ce16f284a7c9b1009850fe

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.23/one-ad/ Frame 35DB 85 KB
11 KB 35ms
26ms Stylesheet
text/css 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/style/0.1.23/one-ad/default.css

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1j486ygwx0meewd9hx4g8wykby3e24e1s5awj8r9y9hb1qj59a3r58jybpsfma685dvg17r8k1fran374817p01r8c8wa21ekf7ndd7mhd9pdbnwzchz4qxnre8s9qn6pqmhwr7jpyg7w7j4yyj2e0qey70s5s507fryg7qwnt557fz1jga50nw3pjvd54yymqqhr9ewd2jj3eh52npy36zh02dbjxkr116attc2t5a4v7bsepskpcy848htmz8gbfx4n7d74bad0n8w4n11mqmra4n2w1t598q3c8texyk6r4d6jvky66xb7qef224jsv580gf5a1say9g4ba9wmbpfybf77qfj0gyyz1938b51gn39xrcbqh3n1jfkdr5gmk7syk4y7v2ngfj6km97z19gcsj0r7k6&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC5v9V0IA6Y6DbH7KO7_UPlPeOyAmQ4YGEXLaoworwAsCNtwEQASAAYJW6rYK0B4IBF2NhLXB1Yi0xMzMzODcyMzI2MDU0MTQ2oAHCrujdA8gBCakCFoTab7hxsD7gAgCoAwGqBNECT9B_kOCJkpZy9YQX7qulASrLXSV0ZwTiHkX6BsSpb_pblY7NTO6s8OaGvRzAT576Hc6qAbm44_7LJ-d95U36GQ3oeRBOgkxwXFS3hOLfnPmssW_Y2gF9B_AD9aX4AmHTfj3lWaXPkHpOWHdzq3bL_Hhp-_G3B5FkYKLU1g4jvpEg6pKOxa4nn6aleOtUWXd7OOYC65gYyON0y7elZbHCeZKXIWFUoGdeug_SeTS3FG2c6HilI_LNLlxUJ6lG2-aEQG7Oud_8aRRBLADRPyftA-np_PkZvrzF8NNAqmEcrcTVGzPDorLfAWeqLI4vHKn-LEBTZP0SXBSR8TehVyvVX7mc14ijAWJh81XL1S76KmxxJvgOl-ApuF8odU5FFYpAU-02tNkFPhFNxizldFKIjI_Lx3t3YJFH25PBrOzpllQVnUs3Rqk9Phu4V_h-mzNE1-AEAYAGv8uJxrfT-dFboAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3WD1hW4u_84XEFacGRbFHzrPa4uw%26client%3Dca-pub-1333872326054146%26adurl%3D

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

34c3ae81cd958df09f8912557b0a7c53fea002cc24b4d6058d852da53811e414

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/dr?ed=1j486ygwx0meewd9hx4g8wykby3e24e1s5awj8r9y9hb1qj59a3r58jybpsfma685dvg17r8k1fran374817p01r8c8wa21ekf7ndd7mhd9pdbnwzchz4qxnre8s9qn6pqmhwr7jpyg7w7j4yyj2e0qey70s5s507fryg7qwnt557fz1jga50nw3pjvd54yymqqhr9ewd2jj3eh52npy36zh02dbjxkr116attc2t5a4v7bsepskpcy848htmz8gbfx4n7d74bad0n8w4n11mqmra4n2w1t598q3c8texyk6r4d6jvky66xb7qef224jsv580gf5a1say9g4ba9wmbpfybf77qfj0gyyz1938b51gn39xrcbqh3n1jfkdr5gmk7syk4y7v2ngfj6km97z19gcsj0r7k6&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC5v9V0IA6Y6DbH7KO7_UPlPeOyAmQ4YGEXLaoworwAsCNtwEQASAAYJW6rYK0B4IBF2NhLXB1Yi0xMzMzODcyMzI2MDU0MTQ2oAHCrujdA8gBCakCFoTab7hxsD7gAgCoAwGqBNECT9B_kOCJkpZy9YQX7qulASrLXSV0ZwTiHkX6BsSpb_pblY7NTO6s8OaGvRzAT576Hc6qAbm44_7LJ-d95U36GQ3oeRBOgkxwXFS3hOLfnPmssW_Y2gF9B_AD9aX4AmHTfj3lWaXPkHpOWHdzq3bL_Hhp-_G3B5FkYKLU1g4jvpEg6pKOxa4nn6aleOtUWXd7OOYC65gYyON0y7elZbHCeZKXIWFUoGdeug_SeTS3FG2c6HilI_LNLlxUJ6lG2-aEQG7Oud_8aRRBLADRPyftA-np_PkZvrzF8NNAqmEcrcTVGzPDorLfAWeqLI4vHKn-LEBTZP0SXBSR8TehVyvVX7mc14ijAWJh81XL1S76KmxxJvgOl-ApuF8odU5FFYpAU-02tNkFPhFNxizldFKIjI_Lx3t3YJFH25PBrOzpllQVnUs3Rqk9Phu4V_h-mzNE1-AEAYAGv8uJxrfT-dFboAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3WD1hW4u_84XEFacGRbFHzrPa4uw%26client%3Dca-pub-1333872326054146%26adurl%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 06:27:28 GMT
strict-transport-security: max-age=86400; includeSubDomains; preload
via: 1.1 google
x-content-type-options: nosniff
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
cf-cache-status: HIT
age: 576611
cross-origin-embedder-policy: unsafe-none
cf-polished: origSize=86781
surrogate-control: no-store
content-encoding: br
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: same-origin
cf-bgj: minify
last-modified: Mon, 26 Sep 2022 14:17:17 GMT
cross-origin-opener-policy: unsafe-none
server: cloudflare
x-download-options: noopen
vary: accept-encoding
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
content-type: text/css; charset=utf-8
cache-control: max-age=3600, must-revalidate, proxy-revalidate
cf-ray: 75439cb8e82e9142-FRA
expires: 0

GET
H2 200 fxpcopuw.js Show response
ad4m.at/ Frame 35DB 36 KB
13 KB 37ms
25ms Script
application/javascript 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/fxpcopuw.js
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1j486ygwx0meewd9hx4g8wykby3e24e1s5awj8r9y9hb1qj59a3r58jybpsfma685dvg17r8k1fran374817p01r8c8wa21ekf7ndd7mhd9pdbnwzchz4qxnre8s9qn6pqmhwr7jpyg7w7j4yyj2e0qey70s5s507fryg7qwnt557fz1jga50nw3pjvd54yymqqhr9ewd2jj3eh52npy36zh02dbjxkr116attc2t5a4v7bsepskpcy848htmz8gbfx4n7d74bad0n8w4n11mqmra4n2w1t598q3c8texyk6r4d6jvky66xb7qef224jsv580gf5a1say9g4ba9wmbpfybf77qfj0gyyz1938b51gn39xrcbqh3n1jfkdr5gmk7syk4y7v2ngfj6km97z19gcsj0r7k6&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC5v9V0IA6Y6DbH7KO7_UPlPeOyAmQ4YGEXLaoworwAsCNtwEQASAAYJW6rYK0B4IBF2NhLXB1Yi0xMzMzODcyMzI2MDU0MTQ2oAHCrujdA8gBCakCFoTab7hxsD7gAgCoAwGqBNECT9B_kOCJkpZy9YQX7qulASrLXSV0ZwTiHkX6BsSpb_pblY7NTO6s8OaGvRzAT576Hc6qAbm44_7LJ-d95U36GQ3oeRBOgkxwXFS3hOLfnPmssW_Y2gF9B_AD9aX4AmHTfj3lWaXPkHpOWHdzq3bL_Hhp-_G3B5FkYKLU1g4jvpEg6pKOxa4nn6aleOtUWXd7OOYC65gYyON0y7elZbHCeZKXIWFUoGdeug_SeTS3FG2c6HilI_LNLlxUJ6lG2-aEQG7Oud_8aRRBLADRPyftA-np_PkZvrzF8NNAqmEcrcTVGzPDorLfAWeqLI4vHKn-LEBTZP0SXBSR8TehVyvVX7mc14ijAWJh81XL1S76KmxxJvgOl-ApuF8odU5FFYpAU-02tNkFPhFNxizldFKIjI_Lx3t3YJFH25PBrOzpllQVnUs3Rqk9Phu4V_h-mzNE1-AEAYAGv8uJxrfT-dFboAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3WD1hW4u_84XEFacGRbFHzrPa4uw%26client%3Dca-pub-1333872326054146%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 22cadce4f1aad2a4af3657f90efa02d4e3d32217fdf307ff69512771d1fb08ab

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 06:27:28 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 503226
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 27 Jul 2022 10:39:36 GMT
server: cloudflare
etag: W/"1a2552545a3303319c45b19addfd8947"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z7cpPMVB5Tig7xPrRzoE%2F4ndbrdGN8%2BCo%2FNhk1fO0fGpCwkKI9FGWRHhlenfehXXRhVuy3%2FM%2FHzpELEqZ862nWkSKo4iXQOMRSzuHn6BnG45H1uzUryms4QM7FxtYQKpUaxVnOk%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray: 75439cb8ff1c9b77-FRA
expires: Wed, 21 Sep 2022 13:12:03 GMT

GET
H2 200 adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame 35DB 3 KB
4 KB 96ms
52ms Image
image/png 2606:4700:20::681a:61b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/style/0.1.23/one-ad/default.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:61b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 06:27:28 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 18713479
x-guploader-uploadid: ADPycdsAM1RKIW8NW9FXGsxgzhi5bSYe4VqqEbCt8J5Oc8iEgAF2SjSQc54Zb1FETUd5c-MZGmZZMUkSoxlmANI9NVVBPD3Irw
x-goog-storage-class: STANDARD
x-goog-custom-time: 1970-01-01T00:00:00Z
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3262
x-goog-meta-
last-modified: Wed, 09 Jun 2021 12:35:14 GMT
server: cloudflare
etag: "794c84d30e213ec6a144d64215f07551"
vary: Accept-Encoding
x-goog-generation: 1623242114099744
content-type: image/png
x-goog-hash: crc32c=v7nNsg==, md5=eUyE0w4hPsahRNZCFfB1UQ==
cache-control: public, max-age=31536000, immutable
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SUQbDSp%2BpOifoKrSx3KiSHK%2BNGBBaerhgxN6bsX1HaecVzYUxvOzKSh0nLxiXTvKZYF4ZuBPtXkamxy56qLbtWTSehg7cZk6eAhXXkKSzKPa%2FWyoBqi4B5u38lm2EmO3XdrEPKfxBRBWje1cg7fxyFyt"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 3262
accept-ranges: bytes
cf-ray: 75439cb97b6b90c6-FRA
expires: Tue, 28 Feb 2023 16:16:09 GMT

GET
H3 200 frame.html Show response
ad4m.at/ Frame 9E8B 2 KB
1 KB 22ms
22ms Document
text/html 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/frame.html
Requested by: Host: ad4m.at
URL: https://ad4m.at/fxpcopuw.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 642136
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: public, max-age=3600
cf-cache-status: HIT
cf-ray: 75439cb938ad9142-FRA
content-encoding: br
content-language: en
content-type: text/html; charset=utf-8
date: Mon, 03 Oct 2022 06:27:28 GMT
expires: Sun, 25 Sep 2022 21:03:20 GMT
last-modified: Thu, 25 Aug 2022 14:12:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UUl23w4Md6Wl7qa1MwRUrVE%2B8rZZew7Vbwk8zxkYMKY3A0RvL19jtbSW57mQPc7rStG1yN6%2BPe%2FzTY1RSV9r8yCtt2ATFz0Oc%2F67riB2%2FJzgS8QvcvMyumfBlej8HHe8MaRUtjg%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

POST
H3 200 rs Show response
ad4m.at/ Frame 35DB 2 KB
2 KB 67ms
67ms XHR
text/plain 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Requested by: Host: ad4m.at
URL: https://ad4m.at/fxpcopuw.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0784841a8a45958776decba467621a03c9144f89b5cf36fef0a8dabce2899c1d

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 03 Oct 2022 06:27:28 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0K8mbyJIUoIjtFhl01fwJ8fZCV8FYgHRrYHWJjyYcU5DqzgD2hEWvAc07J%2BF32d79r7gFttsPY7Oh3KfV2tG1r798CsjPbjMy6fFS8y73WvbFgZb8LJVYqUwCO0Aol1%2BqCXPASY%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain
access-control-allow-origin: https://as.ad4m.at
access-control-allow-credentials: true
cf-ray: 75439cb9b88b6939-FRA
x-backend-server: aa-reachservice-group-europe-west1-46ds
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

OPTIONS
H3 200 rs
ad4m.at/ Frame 0
0 52ms
39ms Preflight
text/plain 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://as.ad4m.at
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin: https://as.ad4m.at
access-control-max-age: 1800
allow: HEAD,POST,GET,OPTIONS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 75439cb978136939-FRA
content-length: 24
content-type: text/plain
date: Mon, 03 Oct 2022 06:27:28 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ja0ws0ITNBcSeTYvoi5VzRcrPEbdnV3ksVPJAMUfvb73RIb5b962SJI3o21ACVxfpVd0UWqZBFc58j%2FD%2BdQcu6t3I2UARrO0rPldRB8yjLWXqVvdZaeoyTnlSSJWDAAA4%2FnMD7Y%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
via: 1.1 google
x-backend-server: aa-reachservice-group-europe-west1-46ds

GET
H3 200 container.html Show response
6ebdd67972871d470294b21b6b0626bd.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame ECB1 6 KB
3 KB 8ms
7ms Document
text/html 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://6ebdd67972871d470294b21b6b0626bd.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092801.js?cb=31070024

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.thecrimson.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 03 Oct 2022 06:27:27 GMT
expires: Tue, 03 Oct 2023 06:27:27 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame ECB1 0
0 55ms
54ms Fetch
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CrMcE0IA6Y_SYLZqD7_UPh-OAyAeQ4YGEXLaoworwAsCNtwEQASAAYJW6rYK0B4IBF2NhLXB1Yi0xMzMzODcyMzI2MDU0MTQ2oAHCrujdA8gBCakCFoTab7hxsD7gAgCoAwGqBNMCT9BBqetV0P2F6u20hUbXrhuzReuR6kzRZBF8f1G__ZijCOsg66rDc-oRCApLhJjLWAzqTpqtwknTBqYntxXJfLcTT5H4sW3q-MebmQ3g1k40G1nsqa7_NAUnr8cbjHRxnxmFkegzTBgntNwcQjLRNu5YHX-e6__ZOjxZc5iBwWpUzQyQ6emqWz913ADH2VIzEx1xYFcgWEjFZ_1iDkyKdpJYkgGDNzc6MvESzpOVEp3fl4sxMHCG3s_qa2RVCrLGCypysksw69rqlVH2GFNZ2mrk-QGictdAqrBLiI3QDOtbC156lClws-T4Quc5roGLCc3Xmb2Iz7Wcq2Vyh8SYT14-f48wJgGeSmYpncaUTIX7plwS9ByTe89b5Kp0Smb8XloQLEJDYPeAGQoPvL3Pi9L2bsNII1MhVvubo__kTIFQjdr56DxVIk0lisMWGJbJU8VE4AQBgAbxur7BzIOftfwBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQIAKA_oLAggBgAwB0BUBgBcBshccChoSFHB1Yi0xMzMzODcyMzI2MDU0MTQ2GJKnCA&sigh=GfjPdjprsYI&uach_m=[UACH]&cid=CAQSOwCsnQUx9-efNHU9QxOcOU66L1_QCbmtlxDVSkSdN-wPIrANrZR0mw8zxEFnEzBYaq6Cx6ihBzf0BUIiGAEgEw
Requested by: Host: www.thecrimson.com
URL: https://www.thecrimson.com/article/2022/6/1/draft-human-remains-report//u003e.
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6ebdd67972871d470294b21b6b0626bd.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

GET
H3 204 winResponse
prod-rtb.ad4mat.net/ Frame ECB1 0
0 35ms
18ms Fetch
image/gif 2600:1901:0:76b9::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://prod-rtb.ad4mat.net/winResponse?a=1jjm5b8hmevq9vwgzva5e9r6byxw623781srszb36c0se9a4xv1j7jjbdc05kg03fbpvr9t1rxz0rh48tz564ap8fh62rane2afmb2kp9nn37qa5n30qqesh7750ncvbr90yzr6y10ny2kcxf7revm1jh0ydt1349f9pdkh2c16ghgcxwsr2g21vjxebtwdqh4qh25e8gn0xhvnx7r6ctdc69b0gwwkbt905ttjvbw25e726fcfdkjsbz8jhsh7mt6qhaw17bvbfd03h2yfr3sfxxs3qg9zjtz3fvp9xz02c016aw1h041jw3rk9z8tmthgm5d7xt6kgfwpfr6aysxn1csfrg69gns08dhxfewy95q6rdcy9dp314gtrcf6v9h1rvhx776hb88qvdypf12g9wm&b=YzqA0AALTHQIu8GaAAAxh08Hq-JvJDcr20Bc-w
Requested by: Host: www.thecrimson.com
URL: https://www.thecrimson.com/article/2022/6/1/draft-human-remains-report//u003e.
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6ebdd67972871d470294b21b6b0626bd.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 03 Oct 2022 06:27:28 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: image/gif

GET
H3 200 dr Show response
as.ad4m.at/ad/ Frame 8A3B 2 KB
3 KB 26ms
26ms Document
text/html 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/dr?ed=1hp24tqcs53p5aqc5mynqtggd4hf5fjjtaejkkz55qhy5b2y55zwvfv3238egab6veq6wdjjgwymh49gy8ty0baczev3s555n72fvnpc3rnssdqtk6f2wrmv1rhcdm5xx3y5th487g367nja0zad5gf1eat973938x4ffwmkb97xm7ws7n6z561cghjpjk6b5kpp95jbr67her8sksazhrjx2arf9vzpdy7yncttp25yvyepe997fe3bmr16j31fhfg71yhm46ygm9147hzvftq3jx5b4g4b88rctgpvhvkg1xmp59bxwrq35wkxzzeq4z11y9c6txp710s3bfz8410ja0qdqjvsxtfh9s105rqt2bdmxn28j2gx36t9bwze5desg6285pzp31tjhxe8mjkxd1qtkvj0zw&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC_FGe0IA6Y_SYLZqD7_UPh-OAyAeQ4YGEXLaoworwAsCNtwEQASAAYJW6rYK0B4IBF2NhLXB1Yi0xMzMzODcyMzI2MDU0MTQ2oAHCrujdA8gBCakCFoTab7hxsD7gAgCoAwGqBNYCT9BBqetV0P2F6u20hUbXrhuzReuR6kzRZBF8f1G__ZijCOsg66rDc-oRCApLhJjLWAzqTpqtwknTBqYntxXJfLcTT5H4sW3q-MebmQ3g1k40G1nsqa7_NAUnr8cbjHRxnxmFkegzTBgntNwcQjLRNu5YHX-e6__ZOjxZc5iBwWpUzQyQ6emqWz913ADH2VIzEx1xYFcgWEjFZ_1iDkyKdpJYkgGDNzc6MvESzpOVEp3fl4sxMHCG3s_qa2RVCrLGCypysksw69rqlVH2GFNZ2mrk-QGictdAqrBLiI3QDOtbC156lClws-T4Quc5roGLCc3Xmb2Iz7Wcq2Vyh8SYT14-f48wJgGeSmYpncaUTIX7plwS9ByTe89b5Kp0Smb8XloQLEJDYPeAGQoPvP_NqkAhl0QI69RpwCHSMQ3dWIv9h_ThNbyXa9_dHt06AEMVzIWMjJii4AQBgAbxur7BzIOftfwBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0FF3DdNYpJEsJwUdauwlyFemV_fA%26client%3Dca-pub-1333872326054146%26adurl%3D

Requested by

Host: 6ebdd67972871d470294b21b6b0626bd.safeframe.googlesyndication.com
URL: https://6ebdd67972871d470294b21b6b0626bd.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0bcf7e9c3ef9cf80315bb2674174e4de9db9f62a02e2df09f8991d1c1a151a0e

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-ancestors * data:;frame-src ;img-src data:;manifest-src 'none';media-src 'none';navigate-to ;object-src 'none';prefetch-src 'none';script-src 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://6ebdd67972871d470294b21b6b0626bd.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 75439cb9b9809142-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Mon, 03 Oct 2022 06:27:28 GMT
expires: 0
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220928/r20110914/client/ Frame ECB1 3 KB
1 KB 25ms
24ms Script
text/javascript 2a00:1450:400d:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220928/r20110914/client/window_focus_fy2021.js

Requested by

Host: 6ebdd67972871d470294b21b6b0626bd.safeframe.googlesyndication.com
URL: https://6ebdd67972871d470294b21b6b0626bd.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6ebdd67972871d470294b21b6b0626bd.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 06:13:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 811
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 17 Oct 2022 06:13:57 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame BC77 1 KB
749 B 8ms
7ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 6ebdd67972871d470294b21b6b0626bd.safeframe.googlesyndication.com
URL: https://6ebdd67972871d470294b21b6b0626bd.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://6ebdd67972871d470294b21b6b0626bd.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 34819
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: gzip
content-length: 724
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 02 Oct 2022 20:47:09 GMT
etag: 48472445140208031
expires: Mon, 03 Oct 2022 20:47:09 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220928/r20110914/client/ Frame ECB1 17 KB
7 KB 25ms
24ms Script
text/javascript 2a00:1450:400d:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220928/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 6ebdd67972871d470294b21b6b0626bd.safeframe.googlesyndication.com
URL: https://6ebdd67972871d470294b21b6b0626bd.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

86d8e892ceacd8c8a7e7125c68dd0e1b311f8399871b6d64b8b6795f0235c1d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6ebdd67972871d470294b21b6b0626bd.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 06:19:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 501
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7559
x-xss-protection: 0
server: cafe
etag: 15289875785628835784
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 17 Oct 2022 06:19:07 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame ECB1 0
0 15ms
14ms Image
text/html 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQZ6LKRe_01QBDDIedm64fs1MtK4CFgIpleLUCVQO7YooqxfZKmG7LAlnnrCb4ifADK0sNYTzJZDpCMqwB-OK0PYEi4aQ
Requested by: Host: 6ebdd67972871d470294b21b6b0626bd.safeframe.googlesyndication.com
URL: https://6ebdd67972871d470294b21b6b0626bd.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6ebdd67972871d470294b21b6b0626bd.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame ECB1 22 KB
7 KB 25ms
25ms Script
text/javascript 2a00:1450:400d:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js

Requested by

Host: 6ebdd67972871d470294b21b6b0626bd.safeframe.googlesyndication.com
URL: https://6ebdd67972871d470294b21b6b0626bd.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6ebdd67972871d470294b21b6b0626bd.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 15:28:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 313129
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7022
x-xss-protection: 0
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 29 Sep 2023 15:28:39 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame ECB1 140 KB
44 KB 98ms
97ms Script
text/javascript 2a00:1450:400d:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 6ebdd67972871d470294b21b6b0626bd.safeframe.googlesyndication.com
URL: https://6ebdd67972871d470294b21b6b0626bd.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

da8438b81e390283f6eb8cc9cf49ccde3d00c954b4fbccdf6372c162c4b58ab2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6ebdd67972871d470294b21b6b0626bd.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 06:27:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44530
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1664365478704152"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 03 Oct 2022 06:27:28 GMT

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.23/one-ad/ Frame 8A3B 85 KB
11 KB 22ms
21ms Stylesheet
text/css 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/style/0.1.23/one-ad/default.css

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1hp24tqcs53p5aqc5mynqtggd4hf5fjjtaejkkz55qhy5b2y55zwvfv3238egab6veq6wdjjgwymh49gy8ty0baczev3s555n72fvnpc3rnssdqtk6f2wrmv1rhcdm5xx3y5th487g367nja0zad5gf1eat973938x4ffwmkb97xm7ws7n6z561cghjpjk6b5kpp95jbr67her8sksazhrjx2arf9vzpdy7yncttp25yvyepe997fe3bmr16j31fhfg71yhm46ygm9147hzvftq3jx5b4g4b88rctgpvhvkg1xmp59bxwrq35wkxzzeq4z11y9c6txp710s3bfz8410ja0qdqjvsxtfh9s105rqt2bdmxn28j2gx36t9bwze5desg6285pzp31tjhxe8mjkxd1qtkvj0zw&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC_FGe0IA6Y_SYLZqD7_UPh-OAyAeQ4YGEXLaoworwAsCNtwEQASAAYJW6rYK0B4IBF2NhLXB1Yi0xMzMzODcyMzI2MDU0MTQ2oAHCrujdA8gBCakCFoTab7hxsD7gAgCoAwGqBNYCT9BBqetV0P2F6u20hUbXrhuzReuR6kzRZBF8f1G__ZijCOsg66rDc-oRCApLhJjLWAzqTpqtwknTBqYntxXJfLcTT5H4sW3q-MebmQ3g1k40G1nsqa7_NAUnr8cbjHRxnxmFkegzTBgntNwcQjLRNu5YHX-e6__ZOjxZc5iBwWpUzQyQ6emqWz913ADH2VIzEx1xYFcgWEjFZ_1iDkyKdpJYkgGDNzc6MvESzpOVEp3fl4sxMHCG3s_qa2RVCrLGCypysksw69rqlVH2GFNZ2mrk-QGictdAqrBLiI3QDOtbC156lClws-T4Quc5roGLCc3Xmb2Iz7Wcq2Vyh8SYT14-f48wJgGeSmYpncaUTIX7plwS9ByTe89b5Kp0Smb8XloQLEJDYPeAGQoPvP_NqkAhl0QI69RpwCHSMQ3dWIv9h_ThNbyXa9_dHt06AEMVzIWMjJii4AQBgAbxur7BzIOftfwBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0FF3DdNYpJEsJwUdauwlyFemV_fA%26client%3Dca-pub-1333872326054146%26adurl%3D

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

34c3ae81cd958df09f8912557b0a7c53fea002cc24b4d6058d852da53811e414

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/dr?ed=1hp24tqcs53p5aqc5mynqtggd4hf5fjjtaejkkz55qhy5b2y55zwvfv3238egab6veq6wdjjgwymh49gy8ty0baczev3s555n72fvnpc3rnssdqtk6f2wrmv1rhcdm5xx3y5th487g367nja0zad5gf1eat973938x4ffwmkb97xm7ws7n6z561cghjpjk6b5kpp95jbr67her8sksazhrjx2arf9vzpdy7yncttp25yvyepe997fe3bmr16j31fhfg71yhm46ygm9147hzvftq3jx5b4g4b88rctgpvhvkg1xmp59bxwrq35wkxzzeq4z11y9c6txp710s3bfz8410ja0qdqjvsxtfh9s105rqt2bdmxn28j2gx36t9bwze5desg6285pzp31tjhxe8mjkxd1qtkvj0zw&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC_FGe0IA6Y_SYLZqD7_UPh-OAyAeQ4YGEXLaoworwAsCNtwEQASAAYJW6rYK0B4IBF2NhLXB1Yi0xMzMzODcyMzI2MDU0MTQ2oAHCrujdA8gBCakCFoTab7hxsD7gAgCoAwGqBNYCT9BBqetV0P2F6u20hUbXrhuzReuR6kzRZBF8f1G__ZijCOsg66rDc-oRCApLhJjLWAzqTpqtwknTBqYntxXJfLcTT5H4sW3q-MebmQ3g1k40G1nsqa7_NAUnr8cbjHRxnxmFkegzTBgntNwcQjLRNu5YHX-e6__ZOjxZc5iBwWpUzQyQ6emqWz913ADH2VIzEx1xYFcgWEjFZ_1iDkyKdpJYkgGDNzc6MvESzpOVEp3fl4sxMHCG3s_qa2RVCrLGCypysksw69rqlVH2GFNZ2mrk-QGictdAqrBLiI3QDOtbC156lClws-T4Quc5roGLCc3Xmb2Iz7Wcq2Vyh8SYT14-f48wJgGeSmYpncaUTIX7plwS9ByTe89b5Kp0Smb8XloQLEJDYPeAGQoPvP_NqkAhl0QI69RpwCHSMQ3dWIv9h_ThNbyXa9_dHt06AEMVzIWMjJii4AQBgAbxur7BzIOftfwBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0FF3DdNYpJEsJwUdauwlyFemV_fA%26client%3Dca-pub-1333872326054146%26adurl%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 06:27:28 GMT
strict-transport-security: max-age=86400; includeSubDomains; preload
via: 1.1 google
x-content-type-options: nosniff
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
cf-cache-status: HIT
age: 576611
cross-origin-embedder-policy: unsafe-none
cf-polished: origSize=86781
surrogate-control: no-store
content-encoding: br
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: same-origin
cf-bgj: minify
last-modified: Mon, 26 Sep 2022 14:17:17 GMT
cross-origin-opener-policy: unsafe-none
server: cloudflare
x-download-options: noopen
vary: accept-encoding
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
content-type: text/css; charset=utf-8
cache-control: max-age=3600, must-revalidate, proxy-revalidate
cf-ray: 75439cba1a439142-FRA
expires: 0

GET
H3 200 fxpcopuw.js Show response
ad4m.at/ Frame 8A3B 36 KB
13 KB 23ms
23ms Script
application/javascript 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/fxpcopuw.js
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1hp24tqcs53p5aqc5mynqtggd4hf5fjjtaejkkz55qhy5b2y55zwvfv3238egab6veq6wdjjgwymh49gy8ty0baczev3s555n72fvnpc3rnssdqtk6f2wrmv1rhcdm5xx3y5th487g367nja0zad5gf1eat973938x4ffwmkb97xm7ws7n6z561cghjpjk6b5kpp95jbr67her8sksazhrjx2arf9vzpdy7yncttp25yvyepe997fe3bmr16j31fhfg71yhm46ygm9147hzvftq3jx5b4g4b88rctgpvhvkg1xmp59bxwrq35wkxzzeq4z11y9c6txp710s3bfz8410ja0qdqjvsxtfh9s105rqt2bdmxn28j2gx36t9bwze5desg6285pzp31tjhxe8mjkxd1qtkvj0zw&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC_FGe0IA6Y_SYLZqD7_UPh-OAyAeQ4YGEXLaoworwAsCNtwEQASAAYJW6rYK0B4IBF2NhLXB1Yi0xMzMzODcyMzI2MDU0MTQ2oAHCrujdA8gBCakCFoTab7hxsD7gAgCoAwGqBNYCT9BBqetV0P2F6u20hUbXrhuzReuR6kzRZBF8f1G__ZijCOsg66rDc-oRCApLhJjLWAzqTpqtwknTBqYntxXJfLcTT5H4sW3q-MebmQ3g1k40G1nsqa7_NAUnr8cbjHRxnxmFkegzTBgntNwcQjLRNu5YHX-e6__ZOjxZc5iBwWpUzQyQ6emqWz913ADH2VIzEx1xYFcgWEjFZ_1iDkyKdpJYkgGDNzc6MvESzpOVEp3fl4sxMHCG3s_qa2RVCrLGCypysksw69rqlVH2GFNZ2mrk-QGictdAqrBLiI3QDOtbC156lClws-T4Quc5roGLCc3Xmb2Iz7Wcq2Vyh8SYT14-f48wJgGeSmYpncaUTIX7plwS9ByTe89b5Kp0Smb8XloQLEJDYPeAGQoPvP_NqkAhl0QI69RpwCHSMQ3dWIv9h_ThNbyXa9_dHt06AEMVzIWMjJii4AQBgAbxur7BzIOftfwBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0FF3DdNYpJEsJwUdauwlyFemV_fA%26client%3Dca-pub-1333872326054146%26adurl%3D
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 22cadce4f1aad2a4af3657f90efa02d4e3d32217fdf307ff69512771d1fb08ab

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 06:27:28 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 503226
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 27 Jul 2022 10:39:36 GMT
server: cloudflare
etag: W/"1a2552545a3303319c45b19addfd8947"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Vy7yCcsIa%2F%2FBtsnyoPBqC4A7OlyAob9255NbostgGN6%2BatUuuInu%2Bqq4hVr2yVgJcwfdCc1w%2BKjyYbQw0iXYv0D3SnGk92ED9C1ZnelZfWZYA5sCSmm51%2FkJlI4SA8YNPuu44jo%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray: 75439cba1a489142-FRA
expires: Wed, 21 Sep 2022 13:12:03 GMT

GET
H2 503 5w3jqr4k
sync-tm.everesttech.net/upi/pid/ Frame BC77 0
178 B 81ms
7ms Image
text/plain 151.101.66.49
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESECPumutiwKGM2fmXZ_J_guw&google_cver=1&google_push=AZmPxg_CVPE7VA2Fo9oeQW6e43jSO1sPDnXkm3he0Ymuw4wfilkAJ06FWavZsw0aHlnzTPUrZuPGUlF6oTN_8HmfisoBkG4JJrhA
Requested by: Host: 6ebdd67972871d470294b21b6b0626bd.safeframe.googlesyndication.com
URL: https://6ebdd67972871d470294b21b6b0626bd.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.66.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

x-cache-hits: 0
pragma: no-cache
date: Mon, 03 Oct 2022 06:27:29 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1664778449.055848,VS0,VE0
x-cache: MISS
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-served-by: cache-hhn4052-HHN

GET
H2 200 google
match.adsrvr.org/track/cmf/ Frame BC77 70 B
264 B 34ms
31ms Image
image/gif 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/google?google_gid=CAESEKvgtrdXR-Lnlf_3ODALkHc&google_cver=1&google_push=AZmPxg_9TX4zUZ1PVWeSKoRcF6nm69FNx75q-REeYLRsL77Lp8U7BDk3IqYlCbT8NCLtb5TFhDEPMeVw1eOwslpPGS7_YukfaZf3eg
Requested by: Host: 6ebdd67972871d470294b21b6b0626bd.safeframe.googlesyndication.com
URL: https://6ebdd67972871d470294b21b6b0626bd.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Mon, 03 Oct 2022 06:27:28 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame BC77
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEF2VobGcf4gtsMCTi032xXk&google_cver=1&google_push=AZmPxg96Ul_YsfmdJsbLoZr_x9pyDDqL0dLYaWrZUvpC2D0C0KnCTV6tAAmK6qcz1OVVRvZVfSW3ZBBhINVUJJ...
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzE1MDE2ODk5MzU0MjEwOTMzMw%3D%3D&google_push=AZmPxg96Ul_YsfmdJsbLoZr_x9pyDDqL0dLYaWrZUvpC2D0C0KnCTV6tAAmK6qcz1OVVRvZVfSW3ZBBhINVUJJ0X7-...

170 B
188 B

17ms
17ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzE1MDE2ODk5MzU0MjEwOTMzMw%3D%3D&google_push=AZmPxg96Ul_YsfmdJsbLoZr_x9pyDDqL0dLYaWrZUvpC2D0C0KnCTV6tAAmK6qcz1OVVRvZVfSW3ZBBhINVUJJ0X7-TCsH6DUadZ

Requested by

Host: 6ebdd67972871d470294b21b6b0626bd.safeframe.googlesyndication.com
URL: https://6ebdd67972871d470294b21b6b0626bd.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 Oct 2022 06:27:29 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzE1MDE2ODk5MzU0MjEwOTMzMw%3D%3D&google_push=AZmPxg96Ul_YsfmdJsbLoZr_x9pyDDqL0dLYaWrZUvpC2D0C0KnCTV6tAAmK6qcz1OVVRvZVfSW3ZBBhINVUJJ0X7-TCsH6DUadZ
Date: Mon, 03 Oct 2022 06:27:29 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame BC77
Redirect Chain

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEIV6LgsNk_gPX0ITr1YtgjE&google_cver=1&google_push=AZmPxg9VVS-PoU9ak5tYShwlVRm5VgLBl-gZZ3gZmsLclt2ruPrCHMzJEHPR57zKZdHDYLsjFHH3d2vFiHbVx_7Cd481...
https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEIV6LgsNk_gPX0ITr1YtgjE&google_cver=1&google_push=AZmPxg9VVS-PoU9ak5tYShwlVRm5VgLBl-gZZ3gZmsLclt2ruPrCHMzJEHPR57zKZdHDYLsjFHH3d2vFiHbVx_...
https://ads.creative-serving.com/bsw_sync?bidswitch_ssp_id=google&bsw_custom_parameter=a1725583-c012-48bf-b099-7c9b519d0ba2
https://ads.creative-serving.com/ul_cb/bsw_sync?bidswitch_ssp_id=google&bsw_custom_parameter=a1725583-c012-48bf-b099-7c9b519d0ba2
https://x.bidswitch.net/sync?dsp_id=4&user_id=8c9095ec-b813-4b8a-9223-fb2ebb875b58&ssp=google&expires=30&user_group=5&bsw_param=a1725583-c012-48bf-b099-7c9b519d0ba2
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AZmPxg9VVS-PoU9ak5tYShwlVRm5VgLBl-gZZ3gZmsLclt2ruPrCHMzJEHPR57zKZdHDYLsjFHH3d2vFiHbVx_7Cd481MK9rUnfJTg&google_hm=oXJVg8ASSL-wmXybUZ0Log==

170 B
188 B

19ms
18ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AZmPxg9VVS-PoU9ak5tYShwlVRm5VgLBl-gZZ3gZmsLclt2ruPrCHMzJEHPR57zKZdHDYLsjFHH3d2vFiHbVx_7Cd481MK9rUnfJTg&google_hm=oXJVg8ASSL-wmXybUZ0Log==

Protocol

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 Oct 2022 06:27:29 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: //cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AZmPxg9VVS-PoU9ak5tYShwlVRm5VgLBl-gZZ3gZmsLclt2ruPrCHMzJEHPR57zKZdHDYLsjFHH3d2vFiHbVx_7Cd481MK9rUnfJTg&google_hm=oXJVg8ASSL-wmXybUZ0Log==
Date: Mon, 03 Oct 2022 06:27:29 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame BC77
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEKqA4DRBCq1fRULRfRw-LCc&google_cver=1&google_push=AZmPxg__fcpfwM35CfBpb7-bJoJhyU2jPwQ-qUokM5ob2cWX9RXnOU8QH_bG1XhBZnDwLIPf23ZmGD3F...
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEKqA4DRBCq1fRULRfRw-LCc&google_cver=1&google_push=AZmPxg__fcpfwM35CfBpb7-bJoJhyU2jPwQ-qUokM5ob2cWX9RXnOU8QH_bG1XhBZnDwLIPf23Z...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODYyODEwODY2ODQ2MDY2NDMyMQ&google_push=AZmPxg__fcpfwM35CfBpb7-bJoJhyU2jPwQ-qUokM5ob2cWX9RXnOU8QH_bG1XhBZnDwLIPf23ZmGD...

170 B
188 B

19ms
19ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODYyODEwODY2ODQ2MDY2NDMyMQ&google_push=AZmPxg__fcpfwM35CfBpb7-bJoJhyU2jPwQ-qUokM5ob2cWX9RXnOU8QH_bG1XhBZnDwLIPf23ZmGD3FkNNH8NZ3T6jar92IZNfIew

Protocol

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 Oct 2022 06:27:29 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 03 Oct 2022 06:27:29 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODYyODEwODY2ODQ2MDY2NDMyMQ&google_push=AZmPxg__fcpfwM35CfBpb7-bJoJhyU2jPwQ-qUokM5ob2cWX9RXnOU8QH_bG1XhBZnDwLIPf23ZmGD3FkNNH8NZ3T6jar92IZNfIew
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame BC77
Redirect Chain

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEFj5G_OLF4O8NCoNhsUouOE&google_cver=1&google_push=AZmPxg_onaKzKofKgZyErckYJSkpsjol97KvJVBm-H92j4t5kmLZ4SYa0Rhh4zIO6CnMbDP40bZhzhESG_jjpATO9Ph8UUjMUM...
https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=AZmPxg_onaKzKofKgZyErckYJSkpsjol97KvJVBm-H92j4t5kmLZ4SYa0Rhh4zIO6CnMbDP40bZhzhESG_jjpATO9Ph8UUjMUMN...
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NDM1MjU1Mjk1MTMxNjY0OTc5ODkzNQ%3D%3D&google_push=AZmPxg_onaKzKofKgZyErckYJSkpsjol97KvJVBm-H92j4t5kmLZ4SYa...

170 B
188 B

18ms
18ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NDM1MjU1Mjk1MTMxNjY0OTc5ODkzNQ%3D%3D&google_push=AZmPxg_onaKzKofKgZyErckYJSkpsjol97KvJVBm-H92j4t5kmLZ4SYa0Rhh4zIO6CnMbDP40bZhzhESG_jjpATO9Ph8UUjMUMNpXQ

Requested by

Host: 6ebdd67972871d470294b21b6b0626bd.safeframe.googlesyndication.com
URL: https://6ebdd67972871d470294b21b6b0626bd.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 Oct 2022 06:27:29 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NDM1MjU1Mjk1MTMxNjY0OTc5ODkzNQ%3D%3D&google_push=AZmPxg_onaKzKofKgZyErckYJSkpsjol97KvJVBm-H92j4t5kmLZ4SYa0Rhh4zIO6CnMbDP40bZhzhESG_jjpATO9Ph8UUjMUMNpXQ
date: Mon, 03 Oct 2022 06:27:29 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame BC77
Redirect Chain

https://secure.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=${BASE64_UID_ENC}&google_gid=CAESEBibbsLDmExsgU9Qu9zKqdk&google_cver=1&google_push=AZmPxg_RsU3QOnHyM...
https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=ODAwOTI5MzExMjI4NzE4NzU3Ng%3D%3D&google_gid=CAESEBibbsLDmExsgU9Qu9zKqdk&google_cver=1&google_push=AZmPxg_RsU3QOnHyMukvmobiglOuAJLcvW...

170 B
188 B

21ms
21ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=ODAwOTI5MzExMjI4NzE4NzU3Ng%3D%3D&google_gid=CAESEBibbsLDmExsgU9Qu9zKqdk&google_cver=1&google_push=AZmPxg_RsU3QOnHyMukvmobiglOuAJLcvW5j3-wR7AwWL3xkR5YicAB4rW65SfMhhfrINOtWT-K5tdApNB7VtEAH-WhZZ0tXs0SbprU

Requested by

Host: 6ebdd67972871d470294b21b6b0626bd.safeframe.googlesyndication.com
URL: https://6ebdd67972871d470294b21b6b0626bd.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 Oct 2022 06:27:29 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 03 Oct 2022 06:27:28 GMT
AN-X-Request-Uuid: 3aa8b4fc-4625-4974-adce-270779a18e29
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Location: https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=ODAwOTI5MzExMjI4NzE4NzU3Ng%3D%3D&google_gid=CAESEBibbsLDmExsgU9Qu9zKqdk&google_cver=1&google_push=AZmPxg_RsU3QOnHyMukvmobiglOuAJLcvW5j3-wR7AwWL3xkR5YicAB4rW65SfMhhfrINOtWT-K5tdApNB7VtEAH-WhZZ0tXs0SbprU
Connection: keep-alive
X-Proxy-Origin: 138.199.38.132; 138.199.38.132; 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame BC77 0
12 B 18ms
17ms Image
text/html 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LAXIVd20MFbW786tuhDWeHFcXdcyH-Th848Q1evOP61UBdNoJqtANqmc1tGH90v6kjm9R_mg

Requested by

Host: 6ebdd67972871d470294b21b6b0626bd.safeframe.googlesyndication.com
URL: https://6ebdd67972871d470294b21b6b0626bd.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 06:27:28 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 rar Show response
as.ad4m.at/ad/ Frame A6ED 11 KB
5 KB 37ms
36ms Document
text/html 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/rar?a=196438%2C24673%2C188429&b=GjeTBfpfXwx9UKHeHGtPt31dHZSYTeA9tE%2C4rehEf5fRAzhGH9HdtAtmJAsbSpTr6XuK%2C3PZfpf4fXZ6Rs7HrHAtEt9REtPSWTA14ad&f=Vx7fwfmfDjJEfVHbHAtXC8j4cBSzTzQkTQ%2Cr2GcQf9fd3jTAH7HjtJCBwxuYS8TKxdhd%2CWKmcrfdfZwJeFYH5HjtDCXjeH3SETJdPC2&c=728&d=90&e=&g=bbf7eca2c79275dd37e1836a8a221a1a%2F2905473800889214588&i=25174%2C20430%2C21596&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1664778448945&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jf5fh1rb4tmhhf4jdm7bfqj2x9k72a43338k6b12q7rqmd8k8d5hxq0kr8gaz6vp2r3yvhtm5txj306zpye0q8kmn9yxz2a4xqerj6s5b2wpwtrwxbhevym5mjzry3rvjgdz9jgtechcjd66jc0ktfadzqfd9mf0wxvvdgdeeyvxyxwwh1esf6n5f2kjsderrjgz3pndn0v4qkwyj5bc7nqp2rg1y7070axeh1eyycysvpcpfzvw1vwjytk983fe2vzf03008982%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC5v9V0IA6Y6DbH7KO7_UPlPeOyAmQ4YGEXLaoworwAsCNtwEQASAAYJW6rYK0B4IBF2NhLXB1Yi0xMzMzODcyMzI2MDU0MTQ2oAHCrujdA8gBCakCFoTab7hxsD7gAgCoAwGqBNECT9B_kOCJkpZy9YQX7qulASrLXSV0ZwTiHkX6BsSpb_pblY7NTO6s8OaGvRzAT576Hc6qAbm44_7LJ-d95U36GQ3oeRBOgkxwXFS3hOLfnPmssW_Y2gF9B_AD9aX4AmHTfj3lWaXPkHpOWHdzq3bL_Hhp-_G3B5FkYKLU1g4jvpEg6pKOxa4nn6aleOtUWXd7OOYC65gYyON0y7elZbHCeZKXIWFUoGdeug_SeTS3FG2c6HilI_LNLlxUJ6lG2-aEQG7Oud_8aRRBLADRPyftA-np_PkZvrzF8NNAqmEcrcTVGzPDorLfAWeqLI4vHKn-LEBTZP0SXBSR8TehVyvVX7mc14ijAWJh81XL1S76KmxxJvgOl-ApuF8odU5FFYpAU-02tNkFPhFNxizldFKIjI_Lx3t3YJFH25PBrOzpllQVnUs3Rqk9Phu4V_h-mzNE1-AEAYAGv8uJxrfT-dFboAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3WD1hW4u_84XEFacGRbFHzrPa4uw%2526client%253Dca-pub-1333872326054146%2526adurl%253D&y=1&s=&z=0

Requested by

Host: ad4m.at
URL: https://ad4m.at/fxpcopuw.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

885191ca01c508f7bef9bae610662414b50d0ea463c2dd14f5cdd941a781dd78

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-ancestors * data:;frame-src ;img-src data:;manifest-src 'none';media-src 'none';navigate-to ;object-src 'none';prefetch-src 'none';script-src 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://as.ad4m.at/ad/dr?ed=1j486ygwx0meewd9hx4g8wykby3e24e1s5awj8r9y9hb1qj59a3r58jybpsfma685dvg17r8k1fran374817p01r8c8wa21ekf7ndd7mhd9pdbnwzchz4qxnre8s9qn6pqmhwr7jpyg7w7j4yyj2e0qey70s5s507fryg7qwnt557fz1jga50nw3pjvd54yymqqhr9ewd2jj3eh52npy36zh02dbjxkr116attc2t5a4v7bsepskpcy848htmz8gbfx4n7d74bad0n8w4n11mqmra4n2w1t598q3c8texyk6r4d6jvky66xb7qef224jsv580gf5a1say9g4ba9wmbpfybf77qfj0gyyz1938b51gn39xrcbqh3n1jfkdr5gmk7syk4y7v2ngfj6km97z19gcsj0r7k6&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC5v9V0IA6Y6DbH7KO7_UPlPeOyAmQ4YGEXLaoworwAsCNtwEQASAAYJW6rYK0B4IBF2NhLXB1Yi0xMzMzODcyMzI2MDU0MTQ2oAHCrujdA8gBCakCFoTab7hxsD7gAgCoAwGqBNECT9B_kOCJkpZy9YQX7qulASrLXSV0ZwTiHkX6BsSpb_pblY7NTO6s8OaGvRzAT576Hc6qAbm44_7LJ-d95U36GQ3oeRBOgkxwXFS3hOLfnPmssW_Y2gF9B_AD9aX4AmHTfj3lWaXPkHpOWHdzq3bL_Hhp-_G3B5FkYKLU1g4jvpEg6pKOxa4nn6aleOtUWXd7OOYC65gYyON0y7elZbHCeZKXIWFUoGdeug_SeTS3FG2c6HilI_LNLlxUJ6lG2-aEQG7Oud_8aRRBLADRPyftA-np_PkZvrzF8NNAqmEcrcTVGzPDorLfAWeqLI4vHKn-LEBTZP0SXBSR8TehVyvVX7mc14ijAWJh81XL1S76KmxxJvgOl-ApuF8odU5FFYpAU-02tNkFPhFNxizldFKIjI_Lx3t3YJFH25PBrOzpllQVnUs3Rqk9Phu4V_h-mzNE1-AEAYAGv8uJxrfT-dFboAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3WD1hW4u_84XEFacGRbFHzrPa4uw%26client%3Dca-pub-1333872326054146%26adurl%3D
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 75439cba3a729142-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Mon, 03 Oct 2022 06:27:29 GMT
expires: 0
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
DATA 200
OK truncated
/ Frame ECB1 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 670d84d462cd09b62f679048163d7a4a811c95c62e90261cfef22b8baeb891bd

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame 8A3B 3 KB
4 KB 32ms
19ms Image
image/png 2606:4700:20::681a:61b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/style/0.1.23/one-ad/default.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:61b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 06:27:29 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 21674945
x-guploader-uploadid: ADPycdvK0i-nNNMv3fNeMFP8ktxrB0s9Rxn1yHxNJcTu0YzGgL1oQ0J5-KUL8U_oIDMeEhRvKXfkGwmOw_rmBs79tac
x-goog-storage-class: STANDARD
x-goog-custom-time: 1970-01-01T00:00:00Z
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3262
x-goog-meta-
last-modified: Wed, 09 Jun 2021 12:35:14 GMT
server: cloudflare
etag: "794c84d30e213ec6a144d64215f07551"
vary: Accept-Encoding
x-goog-generation: 1623242114099744
content-type: image/png
x-goog-hash: crc32c=v7nNsg==, md5=eUyE0w4hPsahRNZCFfB1UQ==
cache-control: public, max-age=31536000, immutable
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=x5L0UTrIMggudO1PPmHx4GOG1uqevHPCVv3hfjXfCq%2BAYMt%2FKfEUbH1rFbueofZKQSQOCGEAI1lNi5WSj%2FlZF71Ivn99fRPyE5zBwUGiU01vpaymvZP4mqewvVC12wbZi0RnzaCWDnljpt1%2FZk1RA3if"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 3262
accept-ranges: bytes
cf-ray: 75439cba68b59205-FRA
expires: Wed, 25 Jan 2023 09:38:24 GMT

GET
H3 200 frame.html Show response
ad4m.at/ Frame 81DA 2 KB
1 KB 23ms
23ms Document
text/html 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/frame.html
Requested by: Host: ad4m.at
URL: https://ad4m.at/fxpcopuw.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 642137
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: public, max-age=3600
cf-cache-status: HIT
cf-ray: 75439cba6ac69142-FRA
content-encoding: br
content-language: en
content-type: text/html; charset=utf-8
date: Mon, 03 Oct 2022 06:27:29 GMT
expires: Sun, 25 Sep 2022 21:03:20 GMT
last-modified: Thu, 25 Aug 2022 14:12:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kdp%2BzGfD8XU24IZSfK9dLBFV5PVk3JgCfYBG2bMcAAxw9YFrniAvPdfjTMqxyTiGtRSD7EZEZn7sQSxa%2BxC%2FGAgo%2FC%2BJXilwpzwlF3TaLsqqbaeI%2FExdw2XZcKmfFcHW%2BPlGj7E%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.23/one-ad/ Frame A6ED 85 KB
11 KB 25ms
24ms Stylesheet
text/css 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/style/0.1.23/one-ad/default.css

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=196438%2C24673%2C188429&b=GjeTBfpfXwx9UKHeHGtPt31dHZSYTeA9tE%2C4rehEf5fRAzhGH9HdtAtmJAsbSpTr6XuK%2C3PZfpf4fXZ6Rs7HrHAtEt9REtPSWTA14ad&f=Vx7fwfmfDjJEfVHbHAtXC8j4cBSzTzQkTQ%2Cr2GcQf9fd3jTAH7HjtJCBwxuYS8TKxdhd%2CWKmcrfdfZwJeFYH5HjtDCXjeH3SETJdPC2&c=728&d=90&e=&g=bbf7eca2c79275dd37e1836a8a221a1a%2F2905473800889214588&i=25174%2C20430%2C21596&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1664778448945&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jf5fh1rb4tmhhf4jdm7bfqj2x9k72a43338k6b12q7rqmd8k8d5hxq0kr8gaz6vp2r3yvhtm5txj306zpye0q8kmn9yxz2a4xqerj6s5b2wpwtrwxbhevym5mjzry3rvjgdz9jgtechcjd66jc0ktfadzqfd9mf0wxvvdgdeeyvxyxwwh1esf6n5f2kjsderrjgz3pndn0v4qkwyj5bc7nqp2rg1y7070axeh1eyycysvpcpfzvw1vwjytk983fe2vzf03008982%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC5v9V0IA6Y6DbH7KO7_UPlPeOyAmQ4YGEXLaoworwAsCNtwEQASAAYJW6rYK0B4IBF2NhLXB1Yi0xMzMzODcyMzI2MDU0MTQ2oAHCrujdA8gBCakCFoTab7hxsD7gAgCoAwGqBNECT9B_kOCJkpZy9YQX7qulASrLXSV0ZwTiHkX6BsSpb_pblY7NTO6s8OaGvRzAT576Hc6qAbm44_7LJ-d95U36GQ3oeRBOgkxwXFS3hOLfnPmssW_Y2gF9B_AD9aX4AmHTfj3lWaXPkHpOWHdzq3bL_Hhp-_G3B5FkYKLU1g4jvpEg6pKOxa4nn6aleOtUWXd7OOYC65gYyON0y7elZbHCeZKXIWFUoGdeug_SeTS3FG2c6HilI_LNLlxUJ6lG2-aEQG7Oud_8aRRBLADRPyftA-np_PkZvrzF8NNAqmEcrcTVGzPDorLfAWeqLI4vHKn-LEBTZP0SXBSR8TehVyvVX7mc14ijAWJh81XL1S76KmxxJvgOl-ApuF8odU5FFYpAU-02tNkFPhFNxizldFKIjI_Lx3t3YJFH25PBrOzpllQVnUs3Rqk9Phu4V_h-mzNE1-AEAYAGv8uJxrfT-dFboAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3WD1hW4u_84XEFacGRbFHzrPa4uw%2526client%253Dca-pub-1333872326054146%2526adurl%253D&y=1&s=&z=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

34c3ae81cd958df09f8912557b0a7c53fea002cc24b4d6058d852da53811e414

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/rar?a=196438%2C24673%2C188429&b=GjeTBfpfXwx9UKHeHGtPt31dHZSYTeA9tE%2C4rehEf5fRAzhGH9HdtAtmJAsbSpTr6XuK%2C3PZfpf4fXZ6Rs7HrHAtEt9REtPSWTA14ad&f=Vx7fwfmfDjJEfVHbHAtXC8j4cBSzTzQkTQ%2Cr2GcQf9fd3jTAH7HjtJCBwxuYS8TKxdhd%2CWKmcrfdfZwJeFYH5HjtDCXjeH3SETJdPC2&c=728&d=90&e=&g=bbf7eca2c79275dd37e1836a8a221a1a%2F2905473800889214588&i=25174%2C20430%2C21596&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1664778448945&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jf5fh1rb4tmhhf4jdm7bfqj2x9k72a43338k6b12q7rqmd8k8d5hxq0kr8gaz6vp2r3yvhtm5txj306zpye0q8kmn9yxz2a4xqerj6s5b2wpwtrwxbhevym5mjzry3rvjgdz9jgtechcjd66jc0ktfadzqfd9mf0wxvvdgdeeyvxyxwwh1esf6n5f2kjsderrjgz3pndn0v4qkwyj5bc7nqp2rg1y7070axeh1eyycysvpcpfzvw1vwjytk983fe2vzf03008982%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC5v9V0IA6Y6DbH7KO7_UPlPeOyAmQ4YGEXLaoworwAsCNtwEQASAAYJW6rYK0B4IBF2NhLXB1Yi0xMzMzODcyMzI2MDU0MTQ2oAHCrujdA8gBCakCFoTab7hxsD7gAgCoAwGqBNECT9B_kOCJkpZy9YQX7qulASrLXSV0ZwTiHkX6BsSpb_pblY7NTO6s8OaGvRzAT576Hc6qAbm44_7LJ-d95U36GQ3oeRBOgkxwXFS3hOLfnPmssW_Y2gF9B_AD9aX4AmHTfj3lWaXPkHpOWHdzq3bL_Hhp-_G3B5FkYKLU1g4jvpEg6pKOxa4nn6aleOtUWXd7OOYC65gYyON0y7elZbHCeZKXIWFUoGdeug_SeTS3FG2c6HilI_LNLlxUJ6lG2-aEQG7Oud_8aRRBLADRPyftA-np_PkZvrzF8NNAqmEcrcTVGzPDorLfAWeqLI4vHKn-LEBTZP0SXBSR8TehVyvVX7mc14ijAWJh81XL1S76KmxxJvgOl-ApuF8odU5FFYpAU-02tNkFPhFNxizldFKIjI_Lx3t3YJFH25PBrOzpllQVnUs3Rqk9Phu4V_h-mzNE1-AEAYAGv8uJxrfT-dFboAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3WD1hW4u_84XEFacGRbFHzrPa4uw%2526client%253Dca-pub-1333872326054146%2526adurl%253D&y=1&s=&z=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 06:27:29 GMT
strict-transport-security: max-age=86400; includeSubDomains; preload
via: 1.1 google
x-content-type-options: nosniff
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
cf-cache-status: HIT
age: 576612
cross-origin-embedder-policy: unsafe-none
cf-polished: origSize=86781
surrogate-control: no-store
content-encoding: br
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: same-origin
cf-bgj: minify
last-modified: Mon, 26 Sep 2022 14:17:17 GMT
cross-origin-opener-policy: unsafe-none
server: cloudflare
x-download-options: noopen
vary: accept-encoding
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
content-type: text/css; charset=utf-8
cache-control: max-age=3600, must-revalidate, proxy-revalidate
cf-ray: 75439cba9b349142-FRA
expires: 0

GET
H2 200 188CB8AAD064EA4A8191591B373E95EFBB15091EC45B736DE282B2519499BCCBCAB6FDEDC5113C2A7BE7DE03216809B9DDF8A0A0594CFE95168D455C315D4410
assets.ad4m.at/logo/ Frame A6ED 8 KB
9 KB 39ms
30ms Image
image/webp 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/188CB8AAD064EA4A8191591B373E95EFBB15091EC45B736DE282B2519499BCCBCAB6FDEDC5113C2A7BE7DE03216809B9DDF8A0A0594CFE95168D455C315D4410
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=196438%2C24673%2C188429&b=GjeTBfpfXwx9UKHeHGtPt31dHZSYTeA9tE%2C4rehEf5fRAzhGH9HdtAtmJAsbSpTr6XuK%2C3PZfpf4fXZ6Rs7HrHAtEt9REtPSWTA14ad&f=Vx7fwfmfDjJEfVHbHAtXC8j4cBSzTzQkTQ%2Cr2GcQf9fd3jTAH7HjtJCBwxuYS8TKxdhd%2CWKmcrfdfZwJeFYH5HjtDCXjeH3SETJdPC2&c=728&d=90&e=&g=bbf7eca2c79275dd37e1836a8a221a1a%2F2905473800889214588&i=25174%2C20430%2C21596&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1664778448945&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jf5fh1rb4tmhhf4jdm7bfqj2x9k72a43338k6b12q7rqmd8k8d5hxq0kr8gaz6vp2r3yvhtm5txj306zpye0q8kmn9yxz2a4xqerj6s5b2wpwtrwxbhevym5mjzry3rvjgdz9jgtechcjd66jc0ktfadzqfd9mf0wxvvdgdeeyvxyxwwh1esf6n5f2kjsderrjgz3pndn0v4qkwyj5bc7nqp2rg1y7070axeh1eyycysvpcpfzvw1vwjytk983fe2vzf03008982%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC5v9V0IA6Y6DbH7KO7_UPlPeOyAmQ4YGEXLaoworwAsCNtwEQASAAYJW6rYK0B4IBF2NhLXB1Yi0xMzMzODcyMzI2MDU0MTQ2oAHCrujdA8gBCakCFoTab7hxsD7gAgCoAwGqBNECT9B_kOCJkpZy9YQX7qulASrLXSV0ZwTiHkX6BsSpb_pblY7NTO6s8OaGvRzAT576Hc6qAbm44_7LJ-d95U36GQ3oeRBOgkxwXFS3hOLfnPmssW_Y2gF9B_AD9aX4AmHTfj3lWaXPkHpOWHdzq3bL_Hhp-_G3B5FkYKLU1g4jvpEg6pKOxa4nn6aleOtUWXd7OOYC65gYyON0y7elZbHCeZKXIWFUoGdeug_SeTS3FG2c6HilI_LNLlxUJ6lG2-aEQG7Oud_8aRRBLADRPyftA-np_PkZvrzF8NNAqmEcrcTVGzPDorLfAWeqLI4vHKn-LEBTZP0SXBSR8TehVyvVX7mc14ijAWJh81XL1S76KmxxJvgOl-ApuF8odU5FFYpAU-02tNkFPhFNxizldFKIjI_Lx3t3YJFH25PBrOzpllQVnUs3Rqk9Phu4V_h-mzNE1-AEAYAGv8uJxrfT-dFboAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3WD1hW4u_84XEFacGRbFHzrPa4uw%2526client%253Dca-pub-1333872326054146%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8e49b984d20b3e7cb3f2c4a08805dc3f66bb8a58ec08c365d0cf955dd57c77c7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 06:27:29 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 515799
cf-polished: qual=85, origFmt=jpeg, origSize=16723
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 8354
cf-bgj: imgq:85,h2pri
last-modified: Wed, 22 Jan 2020 13:13:07 GMT
server: cloudflare
etag: "04cb7ec205cea351157aeffb998f3a85"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a42JdI30xHogq4oVlkqjpZBpf05xdwNRSe84DhGtgLVm8610LV31QhG1L%2FIqZPc2bauFQXix5DhsCR%2FlZB2Ow%2Fioze%2Bwfvu06VQvp1NJkpvOOQkaKFvvzjsAqXQVT46NrWt7HFNBn7UlDrgk"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 75439cbaaac99b77-FRA
expires: Tue, 04 Oct 2022 06:27:29 GMT

GET
H2 200 18B94174251C2CF76EA99FD460FAC2CAEA3A9035BC0DAFA1AFA37FFB175B78880F10C9B121A8ACC31AC23630DA7466A11649951F161682DA76B2C6E951030B12
assets.ad4m.at/product_image/ Frame A6ED 317 KB
318 KB 19ms
18ms Image
image/webp 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/18B94174251C2CF76EA99FD460FAC2CAEA3A9035BC0DAFA1AFA37FFB175B78880F10C9B121A8ACC31AC23630DA7466A11649951F161682DA76B2C6E951030B12
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=196438%2C24673%2C188429&b=GjeTBfpfXwx9UKHeHGtPt31dHZSYTeA9tE%2C4rehEf5fRAzhGH9HdtAtmJAsbSpTr6XuK%2C3PZfpf4fXZ6Rs7HrHAtEt9REtPSWTA14ad&f=Vx7fwfmfDjJEfVHbHAtXC8j4cBSzTzQkTQ%2Cr2GcQf9fd3jTAH7HjtJCBwxuYS8TKxdhd%2CWKmcrfdfZwJeFYH5HjtDCXjeH3SETJdPC2&c=728&d=90&e=&g=bbf7eca2c79275dd37e1836a8a221a1a%2F2905473800889214588&i=25174%2C20430%2C21596&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1664778448945&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jf5fh1rb4tmhhf4jdm7bfqj2x9k72a43338k6b12q7rqmd8k8d5hxq0kr8gaz6vp2r3yvhtm5txj306zpye0q8kmn9yxz2a4xqerj6s5b2wpwtrwxbhevym5mjzry3rvjgdz9jgtechcjd66jc0ktfadzqfd9mf0wxvvdgdeeyvxyxwwh1esf6n5f2kjsderrjgz3pndn0v4qkwyj5bc7nqp2rg1y7070axeh1eyycysvpcpfzvw1vwjytk983fe2vzf03008982%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC5v9V0IA6Y6DbH7KO7_UPlPeOyAmQ4YGEXLaoworwAsCNtwEQASAAYJW6rYK0B4IBF2NhLXB1Yi0xMzMzODcyMzI2MDU0MTQ2oAHCrujdA8gBCakCFoTab7hxsD7gAgCoAwGqBNECT9B_kOCJkpZy9YQX7qulASrLXSV0ZwTiHkX6BsSpb_pblY7NTO6s8OaGvRzAT576Hc6qAbm44_7LJ-d95U36GQ3oeRBOgkxwXFS3hOLfnPmssW_Y2gF9B_AD9aX4AmHTfj3lWaXPkHpOWHdzq3bL_Hhp-_G3B5FkYKLU1g4jvpEg6pKOxa4nn6aleOtUWXd7OOYC65gYyON0y7elZbHCeZKXIWFUoGdeug_SeTS3FG2c6HilI_LNLlxUJ6lG2-aEQG7Oud_8aRRBLADRPyftA-np_PkZvrzF8NNAqmEcrcTVGzPDorLfAWeqLI4vHKn-LEBTZP0SXBSR8TehVyvVX7mc14ijAWJh81XL1S76KmxxJvgOl-ApuF8odU5FFYpAU-02tNkFPhFNxizldFKIjI_Lx3t3YJFH25PBrOzpllQVnUs3Rqk9Phu4V_h-mzNE1-AEAYAGv8uJxrfT-dFboAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3WD1hW4u_84XEFacGRbFHzrPa4uw%2526client%253Dca-pub-1333872326054146%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2bcef052d0d99b56c7a9b9b0ce076ca020219e6ecccad2b46b0267ffc2fc8bc8

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 06:27:29 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 817321
cf-polished: origFmt=png, origSize=451997
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 324760
cf-bgj: imgq:85,h2pri
last-modified: Tue, 14 Jun 2022 08:21:28 GMT
server: cloudflare
etag: "7dada3f3f6321a7ee4badc53b11da1f3"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CDMhRqyrJI%2F35ga2Li9uiZAkgQBAouk8oM5viE%2BYiSIzfanESW0AZAB%2BCoU3fBgGFqK196eQ2wZSOnJ5u0ZPTznKxQufFkiLV37Ri6LMjIcQhQOCZqA41IB3trqGsFprFukIxKDowupJo13u"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 75439cbabacf9b77-FRA
expires: Tue, 04 Oct 2022 06:27:29 GMT

GET
H/1.1

200

/
banner.congstar.de/cookie/ Frame A6ED
Redirect Chain

https://www.awin1.com/cawshow.php?v=11938&s=2542680&q=367022&r=412871&pv=1&pref3=pv_oneidGjeTBfpfXwx9UKHeHGtPt31dHZSYTeA9tEoneid__dc_reach_suite02wkz&gdpr_consent=&gdpr=0&gdpr_pd=0
https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1664778449_74820c51-42e4-11ed-bf79-22313f494a88

0
518 B

56ms
12ms

Image
text/plain

148.251.139.77
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1664778449_74820c51-42e4-11ed-bf79-22313f494a88
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=196438%2C24673%2C188429&b=GjeTBfpfXwx9UKHeHGtPt31dHZSYTeA9tE%2C4rehEf5fRAzhGH9HdtAtmJAsbSpTr6XuK%2C3PZfpf4fXZ6Rs7HrHAtEt9REtPSWTA14ad&f=Vx7fwfmfDjJEfVHbHAtXC8j4cBSzTzQkTQ%2Cr2GcQf9fd3jTAH7HjtJCBwxuYS8TKxdhd%2CWKmcrfdfZwJeFYH5HjtDCXjeH3SETJdPC2&c=728&d=90&e=&g=bbf7eca2c79275dd37e1836a8a221a1a%2F2905473800889214588&i=25174%2C20430%2C21596&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1664778448945&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jf5fh1rb4tmhhf4jdm7bfqj2x9k72a43338k6b12q7rqmd8k8d5hxq0kr8gaz6vp2r3yvhtm5txj306zpye0q8kmn9yxz2a4xqerj6s5b2wpwtrwxbhevym5mjzry3rvjgdz9jgtechcjd66jc0ktfadzqfd9mf0wxvvdgdeeyvxyxwwh1esf6n5f2kjsderrjgz3pndn0v4qkwyj5bc7nqp2rg1y7070axeh1eyycysvpcpfzvw1vwjytk983fe2vzf03008982%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC5v9V0IA6Y6DbH7KO7_UPlPeOyAmQ4YGEXLaoworwAsCNtwEQASAAYJW6rYK0B4IBF2NhLXB1Yi0xMzMzODcyMzI2MDU0MTQ2oAHCrujdA8gBCakCFoTab7hxsD7gAgCoAwGqBNECT9B_kOCJkpZy9YQX7qulASrLXSV0ZwTiHkX6BsSpb_pblY7NTO6s8OaGvRzAT576Hc6qAbm44_7LJ-d95U36GQ3oeRBOgkxwXFS3hOLfnPmssW_Y2gF9B_AD9aX4AmHTfj3lWaXPkHpOWHdzq3bL_Hhp-_G3B5FkYKLU1g4jvpEg6pKOxa4nn6aleOtUWXd7OOYC65gYyON0y7elZbHCeZKXIWFUoGdeug_SeTS3FG2c6HilI_LNLlxUJ6lG2-aEQG7Oud_8aRRBLADRPyftA-np_PkZvrzF8NNAqmEcrcTVGzPDorLfAWeqLI4vHKn-LEBTZP0SXBSR8TehVyvVX7mc14ijAWJh81XL1S76KmxxJvgOl-ApuF8odU5FFYpAU-02tNkFPhFNxizldFKIjI_Lx3t3YJFH25PBrOzpllQVnUs3Rqk9Phu4V_h-mzNE1-AEAYAGv8uJxrfT-dFboAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3WD1hW4u_84XEFacGRbFHzrPa4uw%2526client%253Dca-pub-1333872326054146%2526adurl%253D&y=1&s=&z=0
Protocol: HTTP/1.1
Server: 148.251.139.77 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.77.139.251.148.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 03 Oct 2022 06:27:28 GMT
Server: Apache
P3P: CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
Content-Length: 0

Redirect headers

Date: Mon, 03 Oct 2022 06:27:29 GMT
Strict-Transport-Security: max-age=86400
Node: Helix
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Location: https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1664778449_74820c51-42e4-11ed-bf79-22313f494a88
Awin-Akamai-Rule-Set: default
Connection: keep-alive
Content-Length: 0

GET
H2 200 E8A0B3404CF65D67FABF74F38D2E787E97D75F650E6720B8A047EFE226A7A598DA94FFCF3CDCC52A3B206A422DD3D5082778689277BC79BF962DEE607C6331D8
assets.ad4m.at/logo/ Frame A6ED 38 KB
38 KB 26ms
25ms Image
image/webp 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/E8A0B3404CF65D67FABF74F38D2E787E97D75F650E6720B8A047EFE226A7A598DA94FFCF3CDCC52A3B206A422DD3D5082778689277BC79BF962DEE607C6331D8
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=196438%2C24673%2C188429&b=GjeTBfpfXwx9UKHeHGtPt31dHZSYTeA9tE%2C4rehEf5fRAzhGH9HdtAtmJAsbSpTr6XuK%2C3PZfpf4fXZ6Rs7HrHAtEt9REtPSWTA14ad&f=Vx7fwfmfDjJEfVHbHAtXC8j4cBSzTzQkTQ%2Cr2GcQf9fd3jTAH7HjtJCBwxuYS8TKxdhd%2CWKmcrfdfZwJeFYH5HjtDCXjeH3SETJdPC2&c=728&d=90&e=&g=bbf7eca2c79275dd37e1836a8a221a1a%2F2905473800889214588&i=25174%2C20430%2C21596&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1664778448945&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jf5fh1rb4tmhhf4jdm7bfqj2x9k72a43338k6b12q7rqmd8k8d5hxq0kr8gaz6vp2r3yvhtm5txj306zpye0q8kmn9yxz2a4xqerj6s5b2wpwtrwxbhevym5mjzry3rvjgdz9jgtechcjd66jc0ktfadzqfd9mf0wxvvdgdeeyvxyxwwh1esf6n5f2kjsderrjgz3pndn0v4qkwyj5bc7nqp2rg1y7070axeh1eyycysvpcpfzvw1vwjytk983fe2vzf03008982%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC5v9V0IA6Y6DbH7KO7_UPlPeOyAmQ4YGEXLaoworwAsCNtwEQASAAYJW6rYK0B4IBF2NhLXB1Yi0xMzMzODcyMzI2MDU0MTQ2oAHCrujdA8gBCakCFoTab7hxsD7gAgCoAwGqBNECT9B_kOCJkpZy9YQX7qulASrLXSV0ZwTiHkX6BsSpb_pblY7NTO6s8OaGvRzAT576Hc6qAbm44_7LJ-d95U36GQ3oeRBOgkxwXFS3hOLfnPmssW_Y2gF9B_AD9aX4AmHTfj3lWaXPkHpOWHdzq3bL_Hhp-_G3B5FkYKLU1g4jvpEg6pKOxa4nn6aleOtUWXd7OOYC65gYyON0y7elZbHCeZKXIWFUoGdeug_SeTS3FG2c6HilI_LNLlxUJ6lG2-aEQG7Oud_8aRRBLADRPyftA-np_PkZvrzF8NNAqmEcrcTVGzPDorLfAWeqLI4vHKn-LEBTZP0SXBSR8TehVyvVX7mc14ijAWJh81XL1S76KmxxJvgOl-ApuF8odU5FFYpAU-02tNkFPhFNxizldFKIjI_Lx3t3YJFH25PBrOzpllQVnUs3Rqk9Phu4V_h-mzNE1-AEAYAGv8uJxrfT-dFboAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3WD1hW4u_84XEFacGRbFHzrPa4uw%2526client%253Dca-pub-1333872326054146%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d997fba7832cb78b0933a9eb2ce191d53234c978e25c6c8fc50c75923ea8405e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 06:27:29 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 817489
cf-polished: origFmt=png, origSize=77267
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 38696
cf-bgj: imgq:85,h2pri
last-modified: Wed, 22 Jan 2020 13:11:48 GMT
server: cloudflare
etag: "2b0e02e9dde77e31d38d78d73dc69e4f"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lXR7oxastpe6C0vssYPr%2Bkx04iPt48fSeIufgEhSrHYtkLCBwjH7NQq0uJD0Ht%2BmBW5uvfiWV2SoabgjcK3CRDTmDWL0XKn8v04RS2JEgbX2FZRifnmy%2FIzicwo1M3CVi1CD6dPe0nFwVFup"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 75439cbabad29b77-FRA
expires: Tue, 04 Oct 2022 06:27:29 GMT

GET
H2 200 B45F893E9FFC024BF63F31BCCBD125167CBC3446F3678FC31F706A695A83CDCA7427229BCA4C5992B83E2F60A147FCD1B6148725AA0AF3ABB801A6BB7EA78390
assets.ad4m.at/ Frame A6ED 84 KB
84 KB 27ms
25ms Image
image/jpeg 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/B45F893E9FFC024BF63F31BCCBD125167CBC3446F3678FC31F706A695A83CDCA7427229BCA4C5992B83E2F60A147FCD1B6148725AA0AF3ABB801A6BB7EA78390
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=196438%2C24673%2C188429&b=GjeTBfpfXwx9UKHeHGtPt31dHZSYTeA9tE%2C4rehEf5fRAzhGH9HdtAtmJAsbSpTr6XuK%2C3PZfpf4fXZ6Rs7HrHAtEt9REtPSWTA14ad&f=Vx7fwfmfDjJEfVHbHAtXC8j4cBSzTzQkTQ%2Cr2GcQf9fd3jTAH7HjtJCBwxuYS8TKxdhd%2CWKmcrfdfZwJeFYH5HjtDCXjeH3SETJdPC2&c=728&d=90&e=&g=bbf7eca2c79275dd37e1836a8a221a1a%2F2905473800889214588&i=25174%2C20430%2C21596&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1664778448945&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jf5fh1rb4tmhhf4jdm7bfqj2x9k72a43338k6b12q7rqmd8k8d5hxq0kr8gaz6vp2r3yvhtm5txj306zpye0q8kmn9yxz2a4xqerj6s5b2wpwtrwxbhevym5mjzry3rvjgdz9jgtechcjd66jc0ktfadzqfd9mf0wxvvdgdeeyvxyxwwh1esf6n5f2kjsderrjgz3pndn0v4qkwyj5bc7nqp2rg1y7070axeh1eyycysvpcpfzvw1vwjytk983fe2vzf03008982%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC5v9V0IA6Y6DbH7KO7_UPlPeOyAmQ4YGEXLaoworwAsCNtwEQASAAYJW6rYK0B4IBF2NhLXB1Yi0xMzMzODcyMzI2MDU0MTQ2oAHCrujdA8gBCakCFoTab7hxsD7gAgCoAwGqBNECT9B_kOCJkpZy9YQX7qulASrLXSV0ZwTiHkX6BsSpb_pblY7NTO6s8OaGvRzAT576Hc6qAbm44_7LJ-d95U36GQ3oeRBOgkxwXFS3hOLfnPmssW_Y2gF9B_AD9aX4AmHTfj3lWaXPkHpOWHdzq3bL_Hhp-_G3B5FkYKLU1g4jvpEg6pKOxa4nn6aleOtUWXd7OOYC65gYyON0y7elZbHCeZKXIWFUoGdeug_SeTS3FG2c6HilI_LNLlxUJ6lG2-aEQG7Oud_8aRRBLADRPyftA-np_PkZvrzF8NNAqmEcrcTVGzPDorLfAWeqLI4vHKn-LEBTZP0SXBSR8TehVyvVX7mc14ijAWJh81XL1S76KmxxJvgOl-ApuF8odU5FFYpAU-02tNkFPhFNxizldFKIjI_Lx3t3YJFH25PBrOzpllQVnUs3Rqk9Phu4V_h-mzNE1-AEAYAGv8uJxrfT-dFboAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3WD1hW4u_84XEFacGRbFHzrPa4uw%2526client%253Dca-pub-1333872326054146%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3c3a0321547809818914bf6666db8a6b4f882b487d3e08e334566d25d5d38e55

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 06:27:29 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2634873
cf-polished: origSize=90165, status=webp_bigger
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 85727
cf-bgj: imgq:85,h2pri
last-modified: Wed, 09 Oct 2019 16:06:53 GMT
server: cloudflare
etag: "a6c89bb079950765946aeeda42e13d01"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SEaR0EVaW%2B%2FvSUF03ImJz1rTs25bcGT6cI0rb1LzUfnsLOrf7If6IJFNZeUtqAnmB6umhcKWzLOcgAgKLB7ejxPaibCbIaI5nsRKOk2Idu40700AREl4fLjIn8nj8RmsSrY%2Ft7DvZgjhTLcw"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 75439cbabad39b77-FRA
expires: Tue, 04 Oct 2022 06:27:29 GMT

GET
H2 200 CE11F4A269236C0AF074ADB7F1ADA1F8C472CD7AC3290EFBF4A7DADA0100B8792254D4F2CF871D3311E6317269487774B650CDD0B207BED389DBEA35CD2DBC8F
assets.ad4m.at/logo/ Frame A6ED 16 KB
16 KB 26ms
25ms Image
image/webp 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/CE11F4A269236C0AF074ADB7F1ADA1F8C472CD7AC3290EFBF4A7DADA0100B8792254D4F2CF871D3311E6317269487774B650CDD0B207BED389DBEA35CD2DBC8F
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=196438%2C24673%2C188429&b=GjeTBfpfXwx9UKHeHGtPt31dHZSYTeA9tE%2C4rehEf5fRAzhGH9HdtAtmJAsbSpTr6XuK%2C3PZfpf4fXZ6Rs7HrHAtEt9REtPSWTA14ad&f=Vx7fwfmfDjJEfVHbHAtXC8j4cBSzTzQkTQ%2Cr2GcQf9fd3jTAH7HjtJCBwxuYS8TKxdhd%2CWKmcrfdfZwJeFYH5HjtDCXjeH3SETJdPC2&c=728&d=90&e=&g=bbf7eca2c79275dd37e1836a8a221a1a%2F2905473800889214588&i=25174%2C20430%2C21596&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1664778448945&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jf5fh1rb4tmhhf4jdm7bfqj2x9k72a43338k6b12q7rqmd8k8d5hxq0kr8gaz6vp2r3yvhtm5txj306zpye0q8kmn9yxz2a4xqerj6s5b2wpwtrwxbhevym5mjzry3rvjgdz9jgtechcjd66jc0ktfadzqfd9mf0wxvvdgdeeyvxyxwwh1esf6n5f2kjsderrjgz3pndn0v4qkwyj5bc7nqp2rg1y7070axeh1eyycysvpcpfzvw1vwjytk983fe2vzf03008982%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC5v9V0IA6Y6DbH7KO7_UPlPeOyAmQ4YGEXLaoworwAsCNtwEQASAAYJW6rYK0B4IBF2NhLXB1Yi0xMzMzODcyMzI2MDU0MTQ2oAHCrujdA8gBCakCFoTab7hxsD7gAgCoAwGqBNECT9B_kOCJkpZy9YQX7qulASrLXSV0ZwTiHkX6BsSpb_pblY7NTO6s8OaGvRzAT576Hc6qAbm44_7LJ-d95U36GQ3oeRBOgkxwXFS3hOLfnPmssW_Y2gF9B_AD9aX4AmHTfj3lWaXPkHpOWHdzq3bL_Hhp-_G3B5FkYKLU1g4jvpEg6pKOxa4nn6aleOtUWXd7OOYC65gYyON0y7elZbHCeZKXIWFUoGdeug_SeTS3FG2c6HilI_LNLlxUJ6lG2-aEQG7Oud_8aRRBLADRPyftA-np_PkZvrzF8NNAqmEcrcTVGzPDorLfAWeqLI4vHKn-LEBTZP0SXBSR8TehVyvVX7mc14ijAWJh81XL1S76KmxxJvgOl-ApuF8odU5FFYpAU-02tNkFPhFNxizldFKIjI_Lx3t3YJFH25PBrOzpllQVnUs3Rqk9Phu4V_h-mzNE1-AEAYAGv8uJxrfT-dFboAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3WD1hW4u_84XEFacGRbFHzrPa4uw%2526client%253Dca-pub-1333872326054146%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7024493525030ecd098ce0dcb2f0aea839373775120b40580028137b1d125ac9

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 06:27:29 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 817432
cf-polished: origFmt=png, origSize=39979
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 15996
cf-bgj: imgq:85,h2pri
last-modified: Wed, 22 Jan 2020 13:07:55 GMT
server: cloudflare
etag: "ad9334664514d900a0c3b76d17ca960f"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q4teHewiuxtJ5CcRpR%2F4Mf1toICPm2yeVXFPUk6ZXunpi5Er1tQVrWB0CP5w79KthjTzGWLVEkbTk8nQPiQiBm1Wpy4XcLS0ULgxu%2FnMsmhGO1rrG6RLdEIWaXLP9F5uLSIKpH3BvM0I0tZZ"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 75439cbabad49b77-FRA
expires: Tue, 04 Oct 2022 06:27:29 GMT

GET
H2 200 EC9093D4AF3799CF781B1E590A25D192F3BFBB8EF4C33117758FB5ADF524B34A287AF80FDD08D80A46541DEAE1FFA692B6F4CA688E7C199182253AEB01A2863C
assets.ad4m.at/product_image/ Frame A6ED 222 KB
222 KB 27ms
26ms Image
image/webp 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/EC9093D4AF3799CF781B1E590A25D192F3BFBB8EF4C33117758FB5ADF524B34A287AF80FDD08D80A46541DEAE1FFA692B6F4CA688E7C199182253AEB01A2863C
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=196438%2C24673%2C188429&b=GjeTBfpfXwx9UKHeHGtPt31dHZSYTeA9tE%2C4rehEf5fRAzhGH9HdtAtmJAsbSpTr6XuK%2C3PZfpf4fXZ6Rs7HrHAtEt9REtPSWTA14ad&f=Vx7fwfmfDjJEfVHbHAtXC8j4cBSzTzQkTQ%2Cr2GcQf9fd3jTAH7HjtJCBwxuYS8TKxdhd%2CWKmcrfdfZwJeFYH5HjtDCXjeH3SETJdPC2&c=728&d=90&e=&g=bbf7eca2c79275dd37e1836a8a221a1a%2F2905473800889214588&i=25174%2C20430%2C21596&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1664778448945&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jf5fh1rb4tmhhf4jdm7bfqj2x9k72a43338k6b12q7rqmd8k8d5hxq0kr8gaz6vp2r3yvhtm5txj306zpye0q8kmn9yxz2a4xqerj6s5b2wpwtrwxbhevym5mjzry3rvjgdz9jgtechcjd66jc0ktfadzqfd9mf0wxvvdgdeeyvxyxwwh1esf6n5f2kjsderrjgz3pndn0v4qkwyj5bc7nqp2rg1y7070axeh1eyycysvpcpfzvw1vwjytk983fe2vzf03008982%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC5v9V0IA6Y6DbH7KO7_UPlPeOyAmQ4YGEXLaoworwAsCNtwEQASAAYJW6rYK0B4IBF2NhLXB1Yi0xMzMzODcyMzI2MDU0MTQ2oAHCrujdA8gBCakCFoTab7hxsD7gAgCoAwGqBNECT9B_kOCJkpZy9YQX7qulASrLXSV0ZwTiHkX6BsSpb_pblY7NTO6s8OaGvRzAT576Hc6qAbm44_7LJ-d95U36GQ3oeRBOgkxwXFS3hOLfnPmssW_Y2gF9B_AD9aX4AmHTfj3lWaXPkHpOWHdzq3bL_Hhp-_G3B5FkYKLU1g4jvpEg6pKOxa4nn6aleOtUWXd7OOYC65gYyON0y7elZbHCeZKXIWFUoGdeug_SeTS3FG2c6HilI_LNLlxUJ6lG2-aEQG7Oud_8aRRBLADRPyftA-np_PkZvrzF8NNAqmEcrcTVGzPDorLfAWeqLI4vHKn-LEBTZP0SXBSR8TehVyvVX7mc14ijAWJh81XL1S76KmxxJvgOl-ApuF8odU5FFYpAU-02tNkFPhFNxizldFKIjI_Lx3t3YJFH25PBrOzpllQVnUs3Rqk9Phu4V_h-mzNE1-AEAYAGv8uJxrfT-dFboAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3WD1hW4u_84XEFacGRbFHzrPa4uw%2526client%253Dca-pub-1333872326054146%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9bfc7d34cd8bc7df36a984d6f3da50799752e33c48bbf07a4a1ee959b51476d0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 06:27:29 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1579804
cf-polished: origFmt=png, origSize=342797
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 226950
cf-bgj: imgq:85,h2pri
last-modified: Wed, 15 Jun 2022 14:01:11 GMT
server: cloudflare
etag: "82c7de0f42ff55fdd0acc07731664031"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hTIhPkO7lADpgb7Ia6PyVq801uuO97HiRS2G0unDeDxW6jnORcb32vtjT%2FmDLh3J4eMSErw0Nr4woofej4mprCa%2Bii284jTPFaeYSs7syie7t3SCntfWOL0ve%2BeCe7BQ20dBvzSDdjNxPAht"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 75439cbabad69b77-FRA
expires: Tue, 04 Oct 2022 06:27:29 GMT

GET
H2

200

ztpv.php
www.conrad.de/ Frame A6ED
Redirect Chain

https://www.awin1.com/cshow.php?s=2470167&v=11354&q=377133&r=412871&pv=1&pref3=oneid3PZfpf4fXZ6Rs7HrHAtEt9REtPSWTA14adoneid__dc_reach_suite02wkz&gdpr_consent=&gdpr=0&gdpr_pd=0
https://www.zenaps.com/cshow.php?pvr=74828180-42e4-11ed-96b9-2237162cbb98&v=11354&r=412871&q=377133&s=2470167&viewref3=oneid3PZfpf4fXZ6Rs7HrHAtEt9REtPSWTA14adoneid__dc_reach_suite02wkz&pv=1&gdpr=0&...
https://www.conrad.de/ztpv.php?awc=11354_412871_1664778449_74828180-42e4-11ed-96b9-2237162cbb98&insert=AW&&gdpr=0&gdpr_consent=

0
653 B

78ms
43ms

Image
text/html

2606:4700::6812:7f05
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.conrad.de/ztpv.php?awc=11354_412871_1664778449_74828180-42e4-11ed-96b9-2237162cbb98&insert=AW&&gdpr=0&gdpr_consent=

Requested by

Protocol

Server

2606:4700::6812:7f05 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 06:27:29 GMT
via: 1.1 varnish (Varnish/6.6)
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
strict-transport-security: max-age=15552000
age: 0
p3p: policyref="http://www.conrad.de/w3c/p3p.xml", CP="NOI NID STP STA CUR OUR"
x-varnish: 953542922
content-type: text/html; charset=UTF-8
cache-control: no-cache
server-timing: intid;desc=a526be2993f20710
cf-ray: 75439cbd5bb19b49-FRA
expires: -1

Redirect headers

Date: Mon, 03 Oct 2022 06:27:29 GMT
Strict-Transport-Security: max-age=86400
Node: Helix
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Location: https://www.conrad.de/ztpv.php?awc=11354_412871_1664778449_74828180-42e4-11ed-96b9-2237162cbb98&insert=AW&&gdpr=0&gdpr_consent=
Awin-Akamai-Rule-Set: default
Connection: keep-alive
Content-Length: 0

POST
H3 200 rs Show response
ad4m.at/ Frame 8A3B 2 KB
2 KB 38ms
38ms XHR
text/plain 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Requested by: Host: ad4m.at
URL: https://ad4m.at/fxpcopuw.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cc8ac71c1f2bc81aeb2c6be92bbf8a50a64d7f7357f25f9dee8d75ffb5ba1655

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 03 Oct 2022 06:27:29 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bfE0a36dqJVHJvT0Ye7wzVfrXmrwr2FhLilvguBMi%2F2Mo%2Fvsx5keM%2FzsdtI88uEjr9c3vhLj5Two3G2w%2F93d%2F0GIwuQSuVlUDw3cBDgayyXviz3hu4yNX4PDCrHN6dpAVSlu1UI%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain
access-control-allow-origin: https://as.ad4m.at
access-control-allow-credentials: true
cf-ray: 75439cbaeaed6939-FRA
x-backend-server: aa-reachservice-group-europe-west1-46ds
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

OPTIONS
H3 200 rs
ad4m.at/ Frame 0
0 33ms
33ms Preflight
text/plain 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://as.ad4m.at
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin: https://as.ad4m.at
access-control-max-age: 1800
allow: HEAD,POST,GET,OPTIONS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 75439cbaba7b6939-FRA
content-length: 24
content-type: text/plain
date: Mon, 03 Oct 2022 06:27:29 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H99u%2BYohpCjIOIvkLhUqk31hm9jf3KoAsUeASFVPflmzlXqaXmkGZHLaBBWZi2ZYsRLsqvTlIWHLlmmcxIlul36Gl9njwx0eBH62g1GEZbEyWrY5Zs%2BVHF9ArFKb6XnishITBT8%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
via: 1.1 google
x-backend-server: aa-reachservice-group-europe-west1-46ds

GET
H2 200 link.html Show response
track.webgains.com/ Frame A6ED 2 KB
2 KB 151ms
78ms Script
text/html 3.11.195.34
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://track.webgains.com/link.html?wglinkid=713569&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1k8n6gv7mcyxyv3tpc0ehh86k7v7nwxheaqkvb6g2tawfh5z49qr67nr6vsb4vc04s6csw7n0bvxkfphz0jpz4ma989jf5y35fa3d39mss2ye6t8xc8nz6emy4cn30zd7yb59y78bv68j7vadwbyhcf6mk3a8fddfvhr80phym6k6sr79ahz2g7n9tqfnqtm3fqj5gcdbzpepaqssvctgnptxcska11csvps1t70r9ph22jw14nmgssvtkbr8djqqr%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1jf5fh1rb4tmhhf4jdm7bfqj2x9k72a43338k6b12q7rqmd8k8d5hxq0kr8gaz6vp2r3yvhtm5txj306zpye0q8kmn9yxz2a4xqerj6s5b2wpwtrwxbhevym5mjzry3rvjgdz9jgtechcjd66jc0ktfadzqfd9mf0wxvvdgdeeyvxyxwwh1esf6n5f2kjsderrjgz3pndn0v4qkwyj5bc7nqp2rg1y7070axeh1eyycysvpcpfzvw1vwjytk983fe2vzf03008982%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DC5v9V0IA6Y6DbH7KO7_UPlPeOyAmQ4YGEXLaoworwAsCNtwEQASAAYJW6rYK0B4IBF2NhLXB1Yi0xMzMzODcyMzI2MDU0MTQ2oAHCrujdA8gBCakCFoTab7hxsD7gAgCoAwGqBNECT9B_kOCJkpZy9YQX7qulASrLXSV0ZwTiHkX6BsSpb_pblY7NTO6s8OaGvRzAT576Hc6qAbm44_7LJ-d95U36GQ3oeRBOgkxwXFS3hOLfnPmssW_Y2gF9B_AD9aX4AmHTfj3lWaXPkHpOWHdzq3bL_Hhp-_G3B5FkYKLU1g4jvpEg6pKOxa4nn6aleOtUWXd7OOYC65gYyON0y7elZbHCeZKXIWFUoGdeug_SeTS3FG2c6HilI_LNLlxUJ6lG2-aEQG7Oud_8aRRBLADRPyftA-np_PkZvrzF8NNAqmEcrcTVGzPDorLfAWeqLI4vHKn-LEBTZP0SXBSR8TehVyvVX7mc14ijAWJh81XL1S76KmxxJvgOl-ApuF8odU5FFYpAU-02tNkFPhFNxizldFKIjI_Lx3t3YJFH25PBrOzpllQVnUs3Rqk9Phu4V_h-mzNE1-AEAYAGv8uJxrfT-dFboAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_3WD1hW4u_84XEFacGRbFHzrPa4uw%252526client%25253Dca-pub-1333872326054146%252526adurl%25253D&clickref=oneidr2GcQf9fd3jTAH7HjtJCBwxuYS8TKxdhdoneid__dc_reach_suite02wkz&viewref=oneid4rehEf5fRAzhGH9HdtAtmJAsbSpTr6XuKoneid__dc_reach_suite02wkz
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=196438%2C24673%2C188429&b=GjeTBfpfXwx9UKHeHGtPt31dHZSYTeA9tE%2C4rehEf5fRAzhGH9HdtAtmJAsbSpTr6XuK%2C3PZfpf4fXZ6Rs7HrHAtEt9REtPSWTA14ad&f=Vx7fwfmfDjJEfVHbHAtXC8j4cBSzTzQkTQ%2Cr2GcQf9fd3jTAH7HjtJCBwxuYS8TKxdhd%2CWKmcrfdfZwJeFYH5HjtDCXjeH3SETJdPC2&c=728&d=90&e=&g=bbf7eca2c79275dd37e1836a8a221a1a%2F2905473800889214588&i=25174%2C20430%2C21596&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1664778448945&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jf5fh1rb4tmhhf4jdm7bfqj2x9k72a43338k6b12q7rqmd8k8d5hxq0kr8gaz6vp2r3yvhtm5txj306zpye0q8kmn9yxz2a4xqerj6s5b2wpwtrwxbhevym5mjzry3rvjgdz9jgtechcjd66jc0ktfadzqfd9mf0wxvvdgdeeyvxyxwwh1esf6n5f2kjsderrjgz3pndn0v4qkwyj5bc7nqp2rg1y7070axeh1eyycysvpcpfzvw1vwjytk983fe2vzf03008982%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC5v9V0IA6Y6DbH7KO7_UPlPeOyAmQ4YGEXLaoworwAsCNtwEQASAAYJW6rYK0B4IBF2NhLXB1Yi0xMzMzODcyMzI2MDU0MTQ2oAHCrujdA8gBCakCFoTab7hxsD7gAgCoAwGqBNECT9B_kOCJkpZy9YQX7qulASrLXSV0ZwTiHkX6BsSpb_pblY7NTO6s8OaGvRzAT576Hc6qAbm44_7LJ-d95U36GQ3oeRBOgkxwXFS3hOLfnPmssW_Y2gF9B_AD9aX4AmHTfj3lWaXPkHpOWHdzq3bL_Hhp-_G3B5FkYKLU1g4jvpEg6pKOxa4nn6aleOtUWXd7OOYC65gYyON0y7elZbHCeZKXIWFUoGdeug_SeTS3FG2c6HilI_LNLlxUJ6lG2-aEQG7Oud_8aRRBLADRPyftA-np_PkZvrzF8NNAqmEcrcTVGzPDorLfAWeqLI4vHKn-LEBTZP0SXBSR8TehVyvVX7mc14ijAWJh81XL1S76KmxxJvgOl-ApuF8odU5FFYpAU-02tNkFPhFNxizldFKIjI_Lx3t3YJFH25PBrOzpllQVnUs3Rqk9Phu4V_h-mzNE1-AEAYAGv8uJxrfT-dFboAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3WD1hW4u_84XEFacGRbFHzrPa4uw%2526client%253Dca-pub-1333872326054146%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.11.195.34 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-11-195-34.eu-west-2.compute.amazonaws.com
Software: nginx / PHP/7.4.26
Resource Hash: 9ff43b97e69a794f85dfcf2b981443c5657fe978fb43f5bb4787793b9d3a1ab2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 06:27:29 GMT
last-modified: Mon, 03 Oct 2022 06:27:29 GMT
server: nginx
x-powered-by: PHP/7.4.26
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=60
access-control-allow-headers: Authorization
expires: Mon, 03 Oct 2022 06:28:29 GMT

GET
H3 200 container.html Show response
6ebdd67972871d470294b21b6b0626bd.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame F7E3 6 KB
3 KB 8ms
8ms Document
text/html 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://6ebdd67972871d470294b21b6b0626bd.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092801.js?cb=31070024

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.thecrimson.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 03 Oct 2022 06:27:27 GMT
expires: Tue, 03 Oct 2023 06:27:27 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame F7E3 0
0 56ms
56ms Fetch
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=C63AW0IA6Y73oO_m99u8Pzq61kAiQ4YGEXLaoworwAsCNtwEQASAAYJW6rYK0B4IBF2NhLXB1Yi0xMzMzODcyMzI2MDU0MTQ2oAHCrujdA8gBCakCFoTab7hxsD7gAgCoAwGqBNMCT9A1QzuY_39DCWK2YqW5-LhTm7Mh39oaRS1rzRa3DlI3PImCpzu3GU4fwXuHKiqKHVvPnnm0zJIwCF2QfxOlYEojf4i7i4oWFvQpo7sVARWTp1nOjowrZAHgLsYXKi_BbgQqZdHa4yRIIGaFef_K9NusA_LLU_yoT4snoDq5_G7saSrTdTwdw4Rs_H0RlRryDI3OtTBZgXoaHjXEmAZnpp38YIhs7WDfQapkziwaY7kYoR4tmbIXah7q7VkSM2Ciq59kj0LR4HtOKt5qdmzmD9HVSBR31Xtm4fv_Q-JIf0E7sMCcrpueINP5GV9AVTrTraqBk-OVL0bgB0eesCz3jZzzBFWODIwOlKc8shcPoNnRxAbLxFmysZBTh1dhF86mxZsQa9eNgBwlKrDvLM7NgYy2ScwYTm4kq-6LufklVUOHFZsmJFCUHjma1LtAtcTmKjfn4AQBgAbxur7BzIOftfwBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQIAKA_oLAggBgAwB0BUBgBcBshccChoSFHB1Yi0xMzMzODcyMzI2MDU0MTQ2GJKnCA&sigh=NUoGoV64TB4&uach_m=[UACH]&cid=CAQSOwCsnQUx_y1Ke4HnG56dHa5pK5hs3WLhDrVYvJUlQRLqdEPTzyhRLIGXqbCkWLuT4QxPfS-wGS92gSTpGAEgEw
Requested by: Host: www.thecrimson.com
URL: https://www.thecrimson.com/article/2022/6/1/draft-human-remains-report//u003e.
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6ebdd67972871d470294b21b6b0626bd.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

GET
H3 204 winResponse
prod-rtb.ad4mat.net/ Frame F7E3 0
0 17ms
17ms Fetch
image/gif 2600:1901:0:76b9::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://prod-rtb.ad4mat.net/winResponse?a=1jgryp6q2c8ryfgmqntc6nyrxz2vxbh66wt6jxmcav0tfh2x5sv6q5kcraza0sbrdv6c6cmnz4zseja9n7dgn7h520dxtyv49sbk70n859r40rz6vg0nwmsv2s31qcp6ba8tkaf0gtf4mppgdka7200eaq0nq6c62td4vffgbp054382abkvcjhz5pzg4btxfsv5d8v71w3fp4qn1pwsf56xeyw3aypndrdajb99xzhwf6h0g3vgfgevj5ytv1czmmm54ws10h7zfxxrdvnc6m22153zv2vsb6bpqtrea7dwy90tqaeryjgza99wxhf5aq8ahe83z9bespecnw11aws0bfx4tjj7e8nhgjq0m4xxa90wchhef7mgpmey2nzbz6y60avma03mpz0qer2wxfshm0&b=YzqA0AAO9D0H_Z75AA1XTsk2e_rjO6DrEDqygw
Requested by: Host: www.thecrimson.com
URL: https://www.thecrimson.com/article/2022/6/1/draft-human-remains-report//u003e.
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6ebdd67972871d470294b21b6b0626bd.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 03 Oct 2022 06:27:29 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: image/gif

GET
H3 200 dr Show response
as.ad4m.at/ad/ Frame 0D79 2 KB
3 KB 51ms
51ms Document
text/html 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/dr?ed=1h2yjr18p2202zcte99as4snjv473y0nm3d49bzmjszgmqqh337d9x87z2c7k490xe45khvysvgfqk9ykb61py5x1849drpav0aq9wzg5m2t5t9mj3h9rhhxf2jdsmsrwmmat4v7vwhgdjb7sxwwd4ss555fw6h7zbttybn9j1e99ped2rtajp2kfm552pn2zrkc8nydafmps5x0csmc83nzyvdh7je6jykmrzsv5grarav0e62q3ycapqtjwygbvqcrnkmwcm9epk6h3cjyqj3wjcnshh6gc9r0zxemmb6hd625g1pdft4a5aqkyq542k44tn81xfkxdbk8njtv22waq1rzjhks3ma44xjsqtb5jywq8mjmrrpzq3pf457beb8zm8h9mq4cdqzbe8dkfgf4s6w9v36npr&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCTPNY0IA6Y73oO_m99u8Pzq61kAiQ4YGEXLaoworwAsCNtwEQASAAYJW6rYK0B4IBF2NhLXB1Yi0xMzMzODcyMzI2MDU0MTQ2oAHCrujdA8gBCakCFoTab7hxsD7gAgCoAwGqBNYCT9A1QzuY_39DCWK2YqW5-LhTm7Mh39oaRS1rzRa3DlI3PImCpzu3GU4fwXuHKiqKHVvPnnm0zJIwCF2QfxOlYEojf4i7i4oWFvQpo7sVARWTp1nOjowrZAHgLsYXKi_BbgQqZdHa4yRIIGaFef_K9NusA_LLU_yoT4snoDq5_G7saSrTdTwdw4Rs_H0RlRryDI3OtTBZgXoaHjXEmAZnpp38YIhs7WDfQapkziwaY7kYoR4tmbIXah7q7VkSM2Ciq59kj0LR4HtOKt5qdmzmD9HVSBR31Xtm4fv_Q-JIf0E7sMCcrpueINP5GV9AVTrTraqBk-OVL0bgB0eesCz3jZzzBFWODIwOlKc8shcPoNnRxAbLxFmysZBTh1dhF86mxZsQa9eNgBwlKrDvLIzPoB5hsEtYhulsPTTCKwscQUkqH7U--dBWV6tiQKVsrRE6tXcvvCPK4AQBgAbxur7BzIOftfwBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1ABROh2ouoTmi9HSy1ePSF9LA92w%26client%3Dca-pub-1333872326054146%26adurl%3D

Requested by

Host: 6ebdd67972871d470294b21b6b0626bd.safeframe.googlesyndication.com
URL: https://6ebdd67972871d470294b21b6b0626bd.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

62fc0e5d2e33810a3356e5590beb82473348368d48e2ead41371bb7bdc7bcd68

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-ancestors * data:;frame-src ;img-src data:;manifest-src 'none';media-src 'none';navigate-to ;object-src 'none';prefetch-src 'none';script-src 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://6ebdd67972871d470294b21b6b0626bd.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 75439cbb3cc39142-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Mon, 03 Oct 2022 06:27:29 GMT
expires: 0
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220928/r20110914/client/ Frame F7E3 3 KB
1 KB 25ms
25ms Script
text/javascript 2a00:1450:400d:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220928/r20110914/client/window_focus_fy2021.js

Requested by

Host: 6ebdd67972871d470294b21b6b0626bd.safeframe.googlesyndication.com
URL: https://6ebdd67972871d470294b21b6b0626bd.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6ebdd67972871d470294b21b6b0626bd.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 06:13:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 812
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 17 Oct 2022 06:13:57 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 1E7E 1 KB
749 B 8ms
7ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 6ebdd67972871d470294b21b6b0626bd.safeframe.googlesyndication.com
URL: https://6ebdd67972871d470294b21b6b0626bd.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://6ebdd67972871d470294b21b6b0626bd.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 34820
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: gzip
content-length: 724
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 02 Oct 2022 20:47:09 GMT
etag: 48472445140208031
expires: Mon, 03 Oct 2022 20:47:09 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220928/r20110914/client/ Frame F7E3 17 KB
7 KB 25ms
25ms Script
text/javascript 2a00:1450:400d:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220928/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 6ebdd67972871d470294b21b6b0626bd.safeframe.googlesyndication.com
URL: https://6ebdd67972871d470294b21b6b0626bd.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

86d8e892ceacd8c8a7e7125c68dd0e1b311f8399871b6d64b8b6795f0235c1d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6ebdd67972871d470294b21b6b0626bd.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 06:19:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 502
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7559
x-xss-protection: 0
server: cafe
etag: 15289875785628835784
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 17 Oct 2022 06:19:07 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame F7E3 0
0 15ms
14ms Image
text/html 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaREXNZbJNVaZjX_bhkb2K3D8Uh-MMBT91rLJd5_F3r9MuVRxuXErfifJsmS-j1sZeXhLr_W1WdoL7blOSB0KMhZRdjddg
Requested by: Host: 6ebdd67972871d470294b21b6b0626bd.safeframe.googlesyndication.com
URL: https://6ebdd67972871d470294b21b6b0626bd.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6ebdd67972871d470294b21b6b0626bd.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame F7E3 22 KB
7 KB 25ms
25ms Script
text/javascript 2a00:1450:400d:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js

Requested by

Host: 6ebdd67972871d470294b21b6b0626bd.safeframe.googlesyndication.com
URL: https://6ebdd67972871d470294b21b6b0626bd.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6ebdd67972871d470294b21b6b0626bd.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 15:28:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 313130
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7022
x-xss-protection: 0
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 29 Sep 2023 15:28:39 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame F7E3 140 KB
44 KB 64ms
64ms Script
text/javascript 2a00:1450:400d:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 6ebdd67972871d470294b21b6b0626bd.safeframe.googlesyndication.com
URL: https://6ebdd67972871d470294b21b6b0626bd.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

da8438b81e390283f6eb8cc9cf49ccde3d00c954b4fbccdf6372c162c4b58ab2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6ebdd67972871d470294b21b6b0626bd.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 06:27:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44530
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1664365478704152"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 03 Oct 2022 06:27:29 GMT

GET
H3 200 rar Show response
as.ad4m.at/ad/ Frame 18BF 11 KB
5 KB 49ms
48ms Document
text/html 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/rar?a=117569%2C61651%2C14044&b=r2GcQf9f8qB2CAH7Hjtqt8DYtYS8TKxdhd%2CwA3SdfjfD5b6hEHRH2tXtxVEUzSATDzRT5%2CXxVfzfrfqw7U6H4HetqtxD7UQSkTXKPfJ&f=PxefBfbf4YMAU9HjHbtgCYqGUJS9TPM7Fp%2CgVXF8frfkpAGaPHbH8txCzDPhmSQTm7VFe%2Ce7RC3fVfxBVcjHZHet2CeW3swSQTx8Ja1&c=300&d=250&e=&g=685a12d69d9862109b8d9a1cc87ddf1e%2F17001745813211297087&i=29981%2C24905%2C25007&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1664778449133&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hk1hwyx4rt65ezhfsqvnsmq8cpmmtczvk9f29hcw3qw6ge2t5gk6pa77gg19djq4n55h2y0z31115f6vxt4hz2p317k19htx7njmz3abf7fxvq5kyxhsm8v51nx0mw6bt8w0ycyd2kje18gqnmcqcrv7j2cgynxzk53bag0vdc283zrhddh6yqw10fj2366xd5znqg6a3ss1k65524h6pd6abj5m12hsm2ysbvdjnchbbq4r08dj7vz7csk0vaj8f7gev3jy3phy%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC_FGe0IA6Y_SYLZqD7_UPh-OAyAeQ4YGEXLaoworwAsCNtwEQASAAYJW6rYK0B4IBF2NhLXB1Yi0xMzMzODcyMzI2MDU0MTQ2oAHCrujdA8gBCakCFoTab7hxsD7gAgCoAwGqBNYCT9BBqetV0P2F6u20hUbXrhuzReuR6kzRZBF8f1G__ZijCOsg66rDc-oRCApLhJjLWAzqTpqtwknTBqYntxXJfLcTT5H4sW3q-MebmQ3g1k40G1nsqa7_NAUnr8cbjHRxnxmFkegzTBgntNwcQjLRNu5YHX-e6__ZOjxZc5iBwWpUzQyQ6emqWz913ADH2VIzEx1xYFcgWEjFZ_1iDkyKdpJYkgGDNzc6MvESzpOVEp3fl4sxMHCG3s_qa2RVCrLGCypysksw69rqlVH2GFNZ2mrk-QGictdAqrBLiI3QDOtbC156lClws-T4Quc5roGLCc3Xmb2Iz7Wcq2Vyh8SYT14-f48wJgGeSmYpncaUTIX7plwS9ByTe89b5Kp0Smb8XloQLEJDYPeAGQoPvP_NqkAhl0QI69RpwCHSMQ3dWIv9h_ThNbyXa9_dHt06AEMVzIWMjJii4AQBgAbxur7BzIOftfwBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_0FF3DdNYpJEsJwUdauwlyFemV_fA%2526client%253Dca-pub-1333872326054146%2526adurl%253D&y=1&s=&z=0

Requested by

Host: ad4m.at
URL: https://ad4m.at/fxpcopuw.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f9745204b149018038eea70f8382231f701e70a6ae1f9faffc9ae80bcb8d3572

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-ancestors * data:;frame-src ;img-src data:;manifest-src 'none';media-src 'none';navigate-to ;object-src 'none';prefetch-src 'none';script-src 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://as.ad4m.at/ad/dr?ed=1hp24tqcs53p5aqc5mynqtggd4hf5fjjtaejkkz55qhy5b2y55zwvfv3238egab6veq6wdjjgwymh49gy8ty0baczev3s555n72fvnpc3rnssdqtk6f2wrmv1rhcdm5xx3y5th487g367nja0zad5gf1eat973938x4ffwmkb97xm7ws7n6z561cghjpjk6b5kpp95jbr67her8sksazhrjx2arf9vzpdy7yncttp25yvyepe997fe3bmr16j31fhfg71yhm46ygm9147hzvftq3jx5b4g4b88rctgpvhvkg1xmp59bxwrq35wkxzzeq4z11y9c6txp710s3bfz8410ja0qdqjvsxtfh9s105rqt2bdmxn28j2gx36t9bwze5desg6285pzp31tjhxe8mjkxd1qtkvj0zw&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC_FGe0IA6Y_SYLZqD7_UPh-OAyAeQ4YGEXLaoworwAsCNtwEQASAAYJW6rYK0B4IBF2NhLXB1Yi0xMzMzODcyMzI2MDU0MTQ2oAHCrujdA8gBCakCFoTab7hxsD7gAgCoAwGqBNYCT9BBqetV0P2F6u20hUbXrhuzReuR6kzRZBF8f1G__ZijCOsg66rDc-oRCApLhJjLWAzqTpqtwknTBqYntxXJfLcTT5H4sW3q-MebmQ3g1k40G1nsqa7_NAUnr8cbjHRxnxmFkegzTBgntNwcQjLRNu5YHX-e6__ZOjxZc5iBwWpUzQyQ6emqWz913ADH2VIzEx1xYFcgWEjFZ_1iDkyKdpJYkgGDNzc6MvESzpOVEp3fl4sxMHCG3s_qa2RVCrLGCypysksw69rqlVH2GFNZ2mrk-QGictdAqrBLiI3QDOtbC156lClws-T4Quc5roGLCc3Xmb2Iz7Wcq2Vyh8SYT14-f48wJgGeSmYpncaUTIX7plwS9ByTe89b5Kp0Smb8XloQLEJDYPeAGQoPvP_NqkAhl0QI69RpwCHSMQ3dWIv9h_ThNbyXa9_dHt06AEMVzIWMjJii4AQBgAbxur7BzIOftfwBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0FF3DdNYpJEsJwUdauwlyFemV_fA%26client%3Dca-pub-1333872326054146%26adurl%3D
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 75439cbb3ccc9142-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Mon, 03 Oct 2022 06:27:29 GMT
expires: 0
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H2

200

/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame 1E7E
Redirect Chain

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEFpcUXMf2DbUHFRkEDTJOfQ&google_cver=1&google_push=AZmPxg-c8fFTHOWD1hqBX7bVAU7RmJNwF_AqPAqJyBOnYahPaUq4z83Y-7gC0vKuxKTmQtutiw494Wpr1qFpkmqAJpO9MpB09659
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=ODE4NjIxOTI5MTAxMTkwMjQzOQ==&gdpr=&gdpr_consent=
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEFpcUXMf2DbUHFRkEDTJOfQ&google_cver=1

43 B
398 B

105ms
13ms

Image
image/gif

2001:678:cb4:bbbb::11
AMOBEE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEFpcUXMf2DbUHFRkEDTJOfQ&google_cver=1
Requested by: Host: 6ebdd67972871d470294b21b6b0626bd.safeframe.googlesyndication.com
URL: https://6ebdd67972871d470294b21b6b0626bd.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Server: 2001:678:cb4:bbbb::11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software: /
Resource Hash: 48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Mon, 03 Oct 2022 06:27:29 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 43
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma: no-cache
date: Mon, 03 Oct 2022 06:27:29 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEFpcUXMf2DbUHFRkEDTJOfQ&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 1E7E
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEPcRbeB2Ttn0x1rbYyV3OQQ&google_cver=1&google_push=AZmPxg9zeWXzDk51tiej7pHuGNe429dIP93WKp_2h5VRwenOHDmsUTncqy7OSZeF115r0OYakqgVENxVMzttx5Zp...
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AZmPxg9zeWXzDk51tiej7pHuGNe429dIP93WKp_2h5VRwenOHDmsUTncqy7OSZeF115r0OYakqgVENxVMzttx5ZpOdfJ0yyNWnTb

170 B
188 B

20ms
18ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AZmPxg9zeWXzDk51tiej7pHuGNe429dIP93WKp_2h5VRwenOHDmsUTncqy7OSZeF115r0OYakqgVENxVMzttx5ZpOdfJ0yyNWnTb

Requested by

Host: 6ebdd67972871d470294b21b6b0626bd.safeframe.googlesyndication.com
URL: https://6ebdd67972871d470294b21b6b0626bd.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 Oct 2022 06:27:29 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Mon, 03 Oct 2022 06:27:29 GMT
Server: MT3 4525 e1952b7 master zrh-pixel-x31 config:1.0.0
Content-Type: image/gif
Access-Control-Allow-Origin: *
location: https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AZmPxg9zeWXzDk51tiej7pHuGNe429dIP93WKp_2h5VRwenOHDmsUTncqy7OSZeF115r0OYakqgVENxVMzttx5ZpOdfJ0yyNWnTb
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 0
Expires: Mon, 03 Oct 2022 06:27:28 GMT

GET
H2

200

i.match
s.tribalfusion.com/z/ Frame 1E7E
Redirect Chain

https://a.tribalfusion.com/i.match?p=b6&u=CAESEG_zwgk6OSBmPV0FWwayxqU&google_cver=1&google_push=AZmPxg_-FSMEMCfhx_fko8PcR_5668n1hTe0eXCyqq7wjbcdBRxf7xwm30dcaepzolQaUB3A1lRoRyVFSvoxUCHiE9jmlFICxQbo&...
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEG_zwgk6OSBmPV0FWwayxqU&google_cver=1&google_push=AZmPxg_-FSMEMCfhx_fko8PcR_5668n1hTe0eXCyqq7wjbcdBRxf7xwm30dcaepzolQaUB3A1lRoRyVFSvoxUCHiE9jmlFICxQb...

43 B
415 B

201ms
193ms

Image
image/gif

2606:4700:4400::6812:230b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEG_zwgk6OSBmPV0FWwayxqU&google_cver=1&google_push=AZmPxg_-FSMEMCfhx_fko8PcR_5668n1hTe0eXCyqq7wjbcdBRxf7xwm30dcaepzolQaUB3A1lRoRyVFSvoxUCHiE9jmlFICxQbo&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAZmPxg_-FSMEMCfhx_fko8PcR_5668n1hTe0eXCyqq7wjbcdBRxf7xwm30dcaepzolQaUB3A1lRoRyVFSvoxUCHiE9jmlFICxQbo%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Protocol: H2
Server: 2606:4700:4400::6812:230b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 Oct 2022 06:27:29 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
content-type: image/gif; charset=utf-8
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 75439cbc9b805cb0-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 03 Oct 2022 06:27:29 GMT
cf-cache-status: DYNAMIC
x-function: 206
server: cloudflare
x-reuse-index: 106
content-type: text/html
location: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEG_zwgk6OSBmPV0FWwayxqU&google_cver=1&google_push=AZmPxg_-FSMEMCfhx_fko8PcR_5668n1hTe0eXCyqq7wjbcdBRxf7xwm30dcaepzolQaUB3A1lRoRyVFSvoxUCHiE9jmlFICxQbo&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAZmPxg_-FSMEMCfhx_fko8PcR_5668n1hTe0eXCyqq7wjbcdBRxf7xwm30dcaepzolQaUB3A1lRoRyVFSvoxUCHiE9jmlFICxQbo%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 75439cbb89165cb0-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 503 5w3jqr4k
sync-tm.everesttech.net/upi/pid/ Frame 1E7E 0
61 B 8ms
6ms Image
text/plain 151.101.66.49
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEIrUcn3K0RvBC04o1o07VVw&google_cver=1&google_push=AZmPxg_N4XFM9c1axmYFyVgnOmXoj_o9RXl6V0zJVJiniZC2GaRSvgE5kR6d3WqLEPdPb771A3Az0uqlA1yfhNnxnmviUscEioi3
Requested by: Host: 6ebdd67972871d470294b21b6b0626bd.safeframe.googlesyndication.com
URL: https://6ebdd67972871d470294b21b6b0626bd.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.66.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

x-cache-hits: 0
pragma: no-cache
date: Mon, 03 Oct 2022 06:27:29 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1664778449.176475,VS0,VE0
x-cache: MISS
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-served-by: cache-hhn4052-HHN

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 1E7E
Redirect Chain

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=8&google_gid=CAESEJGw7EzoO8-5fAlo2FzuU4U&google_cver=1&google_push=AZmPxg_WQJZe5BbzjleRD-_c7Jqs1aJXw_jskQd7f-oMT72j96je_6sRWcgBnXEBMro2nLfqCEvEKRq...
https://cm.g.doubleclick.net/pixel?google_nid=ssc&google_hm=-fnrf8-ATY6RLtcb_oRtRGM6gNA

170 B
188 B

20ms
20ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ssc&google_hm=-fnrf8-ATY6RLtcb_oRtRGM6gNA

Requested by

Host: 6ebdd67972871d470294b21b6b0626bd.safeframe.googlesyndication.com
URL: https://6ebdd67972871d470294b21b6b0626bd.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 Oct 2022 06:27:29 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 03 Oct 2022 06:27:28 GMT
server: AC1.1
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location: https://cm.g.doubleclick.net/pixel?google_nid=ssc&google_hm=-fnrf8-ATY6RLtcb_oRtRGM6gNA
cache-control: max-age=0,no-cache,no-store
content-length: 0
expires: Tue, 11 Oct 1977 12:34:56 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 1E7E
Redirect Chain

https://ads.travelaudience.com/google_pixel?google_gid=CAESEHwOFP3iVxW0Pn7FTAXdQu0&google_cver=1&google_push=AZmPxg9SITsiyIFsApHwfqZOO-GhV213A7vUPzfh8hK-4qvLSDr-3xKIs-pzlxQektZru0ADAs_4tNF2-Tj6sppq...
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=NhT04KlFT2WWokjICYId9g2&google_push=AZmPxg9SITsiyIFsApHwfqZOO-GhV213A7vUPzfh8hK-4qvLSDr-3xKIs-pzlxQektZru0ADAs_4tNF2-Tj6sppq1BVZQlaIkKc

170 B
188 B

18ms
18ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=NhT04KlFT2WWokjICYId9g2&google_push=AZmPxg9SITsiyIFsApHwfqZOO-GhV213A7vUPzfh8hK-4qvLSDr-3xKIs-pzlxQektZru0ADAs_4tNF2-Tj6sppq1BVZQlaIkKc

Requested by

Host: 6ebdd67972871d470294b21b6b0626bd.safeframe.googlesyndication.com
URL: https://6ebdd67972871d470294b21b6b0626bd.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 Oct 2022 06:27:29 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Mon, 03 Oct 2022 06:27:29 GMT
via: 1.1 google
x-engine-version: 0.0.0
server: nginx/1.21.6
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location: https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=NhT04KlFT2WWokjICYId9g2&google_push=AZmPxg9SITsiyIFsApHwfqZOO-GhV213A7vUPzfh8hK-4qvLSDr-3xKIs-pzlxQektZru0ADAs_4tNF2-Tj6sppq1BVZQlaIkKc
x-host: tde-deliveryengine-production-b869b47b-bhnsb
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 1E7E
Redirect Chain

https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEJ...
https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=AZmPxg8Yd2m1tTr_4Z8IEkTihxldiCUxPkcV5mkTuXUCSYmoNjXIh5EE3LxGbkcc8tB-dicB3YvNz-5deNpxPUxy08Sfpgz5Z8Mf&redir=https%3A%2F%2Fcm.g.doubl...
https://sync.targeting.unrulymedia.com/csync/RX-685fc331-9376-48bc-a315-9d296c310ba4-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAZmPxg8Yd2m1tTr_4Z8IEkTih...
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AZmPxg8Yd2m1tTr_4Z8IEkTihxldiCUxPkcV5mkTuXUCSYmoNjXIh5EE3LxGbkcc8tB-dicB3YvNz-5deNpxPUxy08Sfpgz5Z8Mf&google_hm=A2hfwzGTdki8oxWdKWwxC6Q

170 B
188 B

19ms
18ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AZmPxg8Yd2m1tTr_4Z8IEkTihxldiCUxPkcV5mkTuXUCSYmoNjXIh5EE3LxGbkcc8tB-dicB3YvNz-5deNpxPUxy08Sfpgz5Z8Mf&google_hm=A2hfwzGTdki8oxWdKWwxC6Q

Protocol

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 Oct 2022 06:27:29 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AZmPxg8Yd2m1tTr_4Z8IEkTihxldiCUxPkcV5mkTuXUCSYmoNjXIh5EE3LxGbkcc8tB-dicB3YvNz-5deNpxPUxy08Sfpgz5Z8Mf&google_hm=A2hfwzGTdki8oxWdKWwxC6Q
date: Mon, 03 Oct 2022 06:27:29 GMT
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag: RX685fc331937648bca3159d296c310ba4003
content-type: text/html

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 1E7E 0
12 B 16ms
15ms Image
text/html 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KKk1_Gh-jq_X50x-GJEIWG_kpTnlpRczyJ4eRmFWw3o2mXp6GB94rumBZpDP0Qb9XZLgPv

Requested by

Host: 6ebdd67972871d470294b21b6b0626bd.safeframe.googlesyndication.com
URL: https://6ebdd67972871d470294b21b6b0626bd.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 06:27:29 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
DATA 200
OK truncated
/ Frame F7E3 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 23c0556d3e4ee87daf59504841f94f467996496782b5e7d60da069181ccd02ad

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.23/one-ad/ Frame 0D79 85 KB
11 KB 32ms
31ms Stylesheet
text/css 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/style/0.1.23/one-ad/default.css

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1h2yjr18p2202zcte99as4snjv473y0nm3d49bzmjszgmqqh337d9x87z2c7k490xe45khvysvgfqk9ykb61py5x1849drpav0aq9wzg5m2t5t9mj3h9rhhxf2jdsmsrwmmat4v7vwhgdjb7sxwwd4ss555fw6h7zbttybn9j1e99ped2rtajp2kfm552pn2zrkc8nydafmps5x0csmc83nzyvdh7je6jykmrzsv5grarav0e62q3ycapqtjwygbvqcrnkmwcm9epk6h3cjyqj3wjcnshh6gc9r0zxemmb6hd625g1pdft4a5aqkyq542k44tn81xfkxdbk8njtv22waq1rzjhks3ma44xjsqtb5jywq8mjmrrpzq3pf457beb8zm8h9mq4cdqzbe8dkfgf4s6w9v36npr&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCTPNY0IA6Y73oO_m99u8Pzq61kAiQ4YGEXLaoworwAsCNtwEQASAAYJW6rYK0B4IBF2NhLXB1Yi0xMzMzODcyMzI2MDU0MTQ2oAHCrujdA8gBCakCFoTab7hxsD7gAgCoAwGqBNYCT9A1QzuY_39DCWK2YqW5-LhTm7Mh39oaRS1rzRa3DlI3PImCpzu3GU4fwXuHKiqKHVvPnnm0zJIwCF2QfxOlYEojf4i7i4oWFvQpo7sVARWTp1nOjowrZAHgLsYXKi_BbgQqZdHa4yRIIGaFef_K9NusA_LLU_yoT4snoDq5_G7saSrTdTwdw4Rs_H0RlRryDI3OtTBZgXoaHjXEmAZnpp38YIhs7WDfQapkziwaY7kYoR4tmbIXah7q7VkSM2Ciq59kj0LR4HtOKt5qdmzmD9HVSBR31Xtm4fv_Q-JIf0E7sMCcrpueINP5GV9AVTrTraqBk-OVL0bgB0eesCz3jZzzBFWODIwOlKc8shcPoNnRxAbLxFmysZBTh1dhF86mxZsQa9eNgBwlKrDvLIzPoB5hsEtYhulsPTTCKwscQUkqH7U--dBWV6tiQKVsrRE6tXcvvCPK4AQBgAbxur7BzIOftfwBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1ABROh2ouoTmi9HSy1ePSF9LA92w%26client%3Dca-pub-1333872326054146%26adurl%3D

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

34c3ae81cd958df09f8912557b0a7c53fea002cc24b4d6058d852da53811e414

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/dr?ed=1h2yjr18p2202zcte99as4snjv473y0nm3d49bzmjszgmqqh337d9x87z2c7k490xe45khvysvgfqk9ykb61py5x1849drpav0aq9wzg5m2t5t9mj3h9rhhxf2jdsmsrwmmat4v7vwhgdjb7sxwwd4ss555fw6h7zbttybn9j1e99ped2rtajp2kfm552pn2zrkc8nydafmps5x0csmc83nzyvdh7je6jykmrzsv5grarav0e62q3ycapqtjwygbvqcrnkmwcm9epk6h3cjyqj3wjcnshh6gc9r0zxemmb6hd625g1pdft4a5aqkyq542k44tn81xfkxdbk8njtv22waq1rzjhks3ma44xjsqtb5jywq8mjmrrpzq3pf457beb8zm8h9mq4cdqzbe8dkfgf4s6w9v36npr&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCTPNY0IA6Y73oO_m99u8Pzq61kAiQ4YGEXLaoworwAsCNtwEQASAAYJW6rYK0B4IBF2NhLXB1Yi0xMzMzODcyMzI2MDU0MTQ2oAHCrujdA8gBCakCFoTab7hxsD7gAgCoAwGqBNYCT9A1QzuY_39DCWK2YqW5-LhTm7Mh39oaRS1rzRa3DlI3PImCpzu3GU4fwXuHKiqKHVvPnnm0zJIwCF2QfxOlYEojf4i7i4oWFvQpo7sVARWTp1nOjowrZAHgLsYXKi_BbgQqZdHa4yRIIGaFef_K9NusA_LLU_yoT4snoDq5_G7saSrTdTwdw4Rs_H0RlRryDI3OtTBZgXoaHjXEmAZnpp38YIhs7WDfQapkziwaY7kYoR4tmbIXah7q7VkSM2Ciq59kj0LR4HtOKt5qdmzmD9HVSBR31Xtm4fv_Q-JIf0E7sMCcrpueINP5GV9AVTrTraqBk-OVL0bgB0eesCz3jZzzBFWODIwOlKc8shcPoNnRxAbLxFmysZBTh1dhF86mxZsQa9eNgBwlKrDvLIzPoB5hsEtYhulsPTTCKwscQUkqH7U--dBWV6tiQKVsrRE6tXcvvCPK4AQBgAbxur7BzIOftfwBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1ABROh2ouoTmi9HSy1ePSF9LA92w%26client%3Dca-pub-1333872326054146%26adurl%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 06:27:29 GMT
strict-transport-security: max-age=86400; includeSubDomains; preload
via: 1.1 google
x-content-type-options: nosniff
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
cf-cache-status: HIT
age: 576612
cross-origin-embedder-policy: unsafe-none
cf-polished: origSize=86781
surrogate-control: no-store
content-encoding: br
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: same-origin
cf-bgj: minify
last-modified: Mon, 26 Sep 2022 14:17:17 GMT
cross-origin-opener-policy: unsafe-none
server: cloudflare
x-download-options: noopen
vary: accept-encoding
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
content-type: text/css; charset=utf-8
cache-control: max-age=3600, must-revalidate, proxy-revalidate
cf-ray: 75439cbb9d7c9142-FRA
expires: 0

GET
H3 200 fxpcopuw.js Show response
ad4m.at/ Frame 0D79 36 KB
13 KB 34ms
33ms Script
application/javascript 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/fxpcopuw.js
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1h2yjr18p2202zcte99as4snjv473y0nm3d49bzmjszgmqqh337d9x87z2c7k490xe45khvysvgfqk9ykb61py5x1849drpav0aq9wzg5m2t5t9mj3h9rhhxf2jdsmsrwmmat4v7vwhgdjb7sxwwd4ss555fw6h7zbttybn9j1e99ped2rtajp2kfm552pn2zrkc8nydafmps5x0csmc83nzyvdh7je6jykmrzsv5grarav0e62q3ycapqtjwygbvqcrnkmwcm9epk6h3cjyqj3wjcnshh6gc9r0zxemmb6hd625g1pdft4a5aqkyq542k44tn81xfkxdbk8njtv22waq1rzjhks3ma44xjsqtb5jywq8mjmrrpzq3pf457beb8zm8h9mq4cdqzbe8dkfgf4s6w9v36npr&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCTPNY0IA6Y73oO_m99u8Pzq61kAiQ4YGEXLaoworwAsCNtwEQASAAYJW6rYK0B4IBF2NhLXB1Yi0xMzMzODcyMzI2MDU0MTQ2oAHCrujdA8gBCakCFoTab7hxsD7gAgCoAwGqBNYCT9A1QzuY_39DCWK2YqW5-LhTm7Mh39oaRS1rzRa3DlI3PImCpzu3GU4fwXuHKiqKHVvPnnm0zJIwCF2QfxOlYEojf4i7i4oWFvQpo7sVARWTp1nOjowrZAHgLsYXKi_BbgQqZdHa4yRIIGaFef_K9NusA_LLU_yoT4snoDq5_G7saSrTdTwdw4Rs_H0RlRryDI3OtTBZgXoaHjXEmAZnpp38YIhs7WDfQapkziwaY7kYoR4tmbIXah7q7VkSM2Ciq59kj0LR4HtOKt5qdmzmD9HVSBR31Xtm4fv_Q-JIf0E7sMCcrpueINP5GV9AVTrTraqBk-OVL0bgB0eesCz3jZzzBFWODIwOlKc8shcPoNnRxAbLxFmysZBTh1dhF86mxZsQa9eNgBwlKrDvLIzPoB5hsEtYhulsPTTCKwscQUkqH7U--dBWV6tiQKVsrRE6tXcvvCPK4AQBgAbxur7BzIOftfwBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1ABROh2ouoTmi9HSy1ePSF9LA92w%26client%3Dca-pub-1333872326054146%26adurl%3D
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 22cadce4f1aad2a4af3657f90efa02d4e3d32217fdf307ff69512771d1fb08ab

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 06:27:29 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 503227
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 27 Jul 2022 10:39:36 GMT
server: cloudflare
etag: W/"1a2552545a3303319c45b19addfd8947"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dKFECw5%2Btr6MJzOgJoD1i5Dz%2FkpCip0L5MQrPB8UCiM%2FURDcIUYKEnbXgwxcjfyBngDWNtl1lz33y4zeW3QJ05W%2B7Bcza1D1uLXSFfbwV71xCavu3JO6U3Mh0yjCAZwlugJ296I%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray: 75439cbb9d7f9142-FRA
expires: Wed, 21 Sep 2022 13:12:03 GMT

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.23/one-ad/ Frame 18BF 85 KB
11 KB 34ms
33ms Stylesheet
text/css 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/style/0.1.23/one-ad/default.css

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=117569%2C61651%2C14044&b=r2GcQf9f8qB2CAH7Hjtqt8DYtYS8TKxdhd%2CwA3SdfjfD5b6hEHRH2tXtxVEUzSATDzRT5%2CXxVfzfrfqw7U6H4HetqtxD7UQSkTXKPfJ&f=PxefBfbf4YMAU9HjHbtgCYqGUJS9TPM7Fp%2CgVXF8frfkpAGaPHbH8txCzDPhmSQTm7VFe%2Ce7RC3fVfxBVcjHZHet2CeW3swSQTx8Ja1&c=300&d=250&e=&g=685a12d69d9862109b8d9a1cc87ddf1e%2F17001745813211297087&i=29981%2C24905%2C25007&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1664778449133&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hk1hwyx4rt65ezhfsqvnsmq8cpmmtczvk9f29hcw3qw6ge2t5gk6pa77gg19djq4n55h2y0z31115f6vxt4hz2p317k19htx7njmz3abf7fxvq5kyxhsm8v51nx0mw6bt8w0ycyd2kje18gqnmcqcrv7j2cgynxzk53bag0vdc283zrhddh6yqw10fj2366xd5znqg6a3ss1k65524h6pd6abj5m12hsm2ysbvdjnchbbq4r08dj7vz7csk0vaj8f7gev3jy3phy%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC_FGe0IA6Y_SYLZqD7_UPh-OAyAeQ4YGEXLaoworwAsCNtwEQASAAYJW6rYK0B4IBF2NhLXB1Yi0xMzMzODcyMzI2MDU0MTQ2oAHCrujdA8gBCakCFoTab7hxsD7gAgCoAwGqBNYCT9BBqetV0P2F6u20hUbXrhuzReuR6kzRZBF8f1G__ZijCOsg66rDc-oRCApLhJjLWAzqTpqtwknTBqYntxXJfLcTT5H4sW3q-MebmQ3g1k40G1nsqa7_NAUnr8cbjHRxnxmFkegzTBgntNwcQjLRNu5YHX-e6__ZOjxZc5iBwWpUzQyQ6emqWz913ADH2VIzEx1xYFcgWEjFZ_1iDkyKdpJYkgGDNzc6MvESzpOVEp3fl4sxMHCG3s_qa2RVCrLGCypysksw69rqlVH2GFNZ2mrk-QGictdAqrBLiI3QDOtbC156lClws-T4Quc5roGLCc3Xmb2Iz7Wcq2Vyh8SYT14-f48wJgGeSmYpncaUTIX7plwS9ByTe89b5Kp0Smb8XloQLEJDYPeAGQoPvP_NqkAhl0QI69RpwCHSMQ3dWIv9h_ThNbyXa9_dHt06AEMVzIWMjJii4AQBgAbxur7BzIOftfwBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_0FF3DdNYpJEsJwUdauwlyFemV_fA%2526client%253Dca-pub-1333872326054146%2526adurl%253D&y=1&s=&z=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

34c3ae81cd958df09f8912557b0a7c53fea002cc24b4d6058d852da53811e414

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/rar?a=117569%2C61651%2C14044&b=r2GcQf9f8qB2CAH7Hjtqt8DYtYS8TKxdhd%2CwA3SdfjfD5b6hEHRH2tXtxVEUzSATDzRT5%2CXxVfzfrfqw7U6H4HetqtxD7UQSkTXKPfJ&f=PxefBfbf4YMAU9HjHbtgCYqGUJS9TPM7Fp%2CgVXF8frfkpAGaPHbH8txCzDPhmSQTm7VFe%2Ce7RC3fVfxBVcjHZHet2CeW3swSQTx8Ja1&c=300&d=250&e=&g=685a12d69d9862109b8d9a1cc87ddf1e%2F17001745813211297087&i=29981%2C24905%2C25007&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1664778449133&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hk1hwyx4rt65ezhfsqvnsmq8cpmmtczvk9f29hcw3qw6ge2t5gk6pa77gg19djq4n55h2y0z31115f6vxt4hz2p317k19htx7njmz3abf7fxvq5kyxhsm8v51nx0mw6bt8w0ycyd2kje18gqnmcqcrv7j2cgynxzk53bag0vdc283zrhddh6yqw10fj2366xd5znqg6a3ss1k65524h6pd6abj5m12hsm2ysbvdjnchbbq4r08dj7vz7csk0vaj8f7gev3jy3phy%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC_FGe0IA6Y_SYLZqD7_UPh-OAyAeQ4YGEXLaoworwAsCNtwEQASAAYJW6rYK0B4IBF2NhLXB1Yi0xMzMzODcyMzI2MDU0MTQ2oAHCrujdA8gBCakCFoTab7hxsD7gAgCoAwGqBNYCT9BBqetV0P2F6u20hUbXrhuzReuR6kzRZBF8f1G__ZijCOsg66rDc-oRCApLhJjLWAzqTpqtwknTBqYntxXJfLcTT5H4sW3q-MebmQ3g1k40G1nsqa7_NAUnr8cbjHRxnxmFkegzTBgntNwcQjLRNu5YHX-e6__ZOjxZc5iBwWpUzQyQ6emqWz913ADH2VIzEx1xYFcgWEjFZ_1iDkyKdpJYkgGDNzc6MvESzpOVEp3fl4sxMHCG3s_qa2RVCrLGCypysksw69rqlVH2GFNZ2mrk-QGictdAqrBLiI3QDOtbC156lClws-T4Quc5roGLCc3Xmb2Iz7Wcq2Vyh8SYT14-f48wJgGeSmYpncaUTIX7plwS9ByTe89b5Kp0Smb8XloQLEJDYPeAGQoPvP_NqkAhl0QI69RpwCHSMQ3dWIv9h_ThNbyXa9_dHt06AEMVzIWMjJii4AQBgAbxur7BzIOftfwBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_0FF3DdNYpJEsJwUdauwlyFemV_fA%2526client%253Dca-pub-1333872326054146%2526adurl%253D&y=1&s=&z=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 06:27:29 GMT
strict-transport-security: max-age=86400; includeSubDomains; preload
via: 1.1 google
x-content-type-options: nosniff
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
cf-cache-status: HIT
age: 576612
cross-origin-embedder-policy: unsafe-none
cf-polished: origSize=86781
surrogate-control: no-store
content-encoding: br
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: same-origin
cf-bgj: minify
last-modified: Mon, 26 Sep 2022 14:17:17 GMT
cross-origin-opener-policy: unsafe-none
server: cloudflare
x-download-options: noopen
vary: accept-encoding
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
content-type: text/css; charset=utf-8
cache-control: max-age=3600, must-revalidate, proxy-revalidate
cf-ray: 75439cbb9d979142-FRA
expires: 0

GET
H3 200 A0843E9156C9D7335C02FDBAB8781B4AFFEEE9E59ABD085E1EDF62037D970710A817E95DBBFD727CE4E28B26524C9A8F4A33EB1E826BD3A7B2541F094E39D266
assets.ad4m.at/logo/ Frame 18BF 2 KB
3 KB 35ms
34ms Image
image/webp 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/A0843E9156C9D7335C02FDBAB8781B4AFFEEE9E59ABD085E1EDF62037D970710A817E95DBBFD727CE4E28B26524C9A8F4A33EB1E826BD3A7B2541F094E39D266
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=117569%2C61651%2C14044&b=r2GcQf9f8qB2CAH7Hjtqt8DYtYS8TKxdhd%2CwA3SdfjfD5b6hEHRH2tXtxVEUzSATDzRT5%2CXxVfzfrfqw7U6H4HetqtxD7UQSkTXKPfJ&f=PxefBfbf4YMAU9HjHbtgCYqGUJS9TPM7Fp%2CgVXF8frfkpAGaPHbH8txCzDPhmSQTm7VFe%2Ce7RC3fVfxBVcjHZHet2CeW3swSQTx8Ja1&c=300&d=250&e=&g=685a12d69d9862109b8d9a1cc87ddf1e%2F17001745813211297087&i=29981%2C24905%2C25007&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1664778449133&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hk1hwyx4rt65ezhfsqvnsmq8cpmmtczvk9f29hcw3qw6ge2t5gk6pa77gg19djq4n55h2y0z31115f6vxt4hz2p317k19htx7njmz3abf7fxvq5kyxhsm8v51nx0mw6bt8w0ycyd2kje18gqnmcqcrv7j2cgynxzk53bag0vdc283zrhddh6yqw10fj2366xd5znqg6a3ss1k65524h6pd6abj5m12hsm2ysbvdjnchbbq4r08dj7vz7csk0vaj8f7gev3jy3phy%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC_FGe0IA6Y_SYLZqD7_UPh-OAyAeQ4YGEXLaoworwAsCNtwEQASAAYJW6rYK0B4IBF2NhLXB1Yi0xMzMzODcyMzI2MDU0MTQ2oAHCrujdA8gBCakCFoTab7hxsD7gAgCoAwGqBNYCT9BBqetV0P2F6u20hUbXrhuzReuR6kzRZBF8f1G__ZijCOsg66rDc-oRCApLhJjLWAzqTpqtwknTBqYntxXJfLcTT5H4sW3q-MebmQ3g1k40G1nsqa7_NAUnr8cbjHRxnxmFkegzTBgntNwcQjLRNu5YHX-e6__ZOjxZc5iBwWpUzQyQ6emqWz913ADH2VIzEx1xYFcgWEjFZ_1iDkyKdpJYkgGDNzc6MvESzpOVEp3fl4sxMHCG3s_qa2RVCrLGCypysksw69rqlVH2GFNZ2mrk-QGictdAqrBLiI3QDOtbC156lClws-T4Quc5roGLCc3Xmb2Iz7Wcq2Vyh8SYT14-f48wJgGeSmYpncaUTIX7plwS9ByTe89b5Kp0Smb8XloQLEJDYPeAGQoPvP_NqkAhl0QI69RpwCHSMQ3dWIv9h_ThNbyXa9_dHt06AEMVzIWMjJii4AQBgAbxur7BzIOftfwBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_0FF3DdNYpJEsJwUdauwlyFemV_fA%2526client%253Dca-pub-1333872326054146%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: af7a66542220ecfb2b8fa0286b60ffa95c1c8047df094654a90e1ff75f848ef5

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 06:27:29 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 813333
cf-polished: origFmt=png, origSize=9357
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2330
cf-bgj: imgq:85,h2pri
last-modified: Thu, 08 Apr 2021 14:26:03 GMT
server: cloudflare
etag: "8cc161b392f5744da5319a4da549b763"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NKmLMDWO0u76ScC4Qaa0OJ0dAjzTJYJLTOn2HFuft8JZQYL4CG0RH6CvtEiTQ%2BahYq71K584Hin7Hn9x0pXaPTxG4bpbU0JVUd8bKY5UxQuIDeulS%2B1XD3AKWyIjBY5KmVfS39h%2B5oY9%2BzdY"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 75439cbb9d989142-FRA
expires: Tue, 04 Oct 2022 06:27:29 GMT

GET
H3 200 B0EFBB0208E9EF8D30A7C89B72C086F1DD36F5D7A5F0A9551729DDFC67E85BCDECDB196EB4EAB3FEC6BC55A4A1442682559F8312D8959CED1C6B0F52B22CF45C
assets.ad4m.at/product_image/ Frame 18BF 339 KB
340 KB 33ms
32ms Image
image/webp 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/B0EFBB0208E9EF8D30A7C89B72C086F1DD36F5D7A5F0A9551729DDFC67E85BCDECDB196EB4EAB3FEC6BC55A4A1442682559F8312D8959CED1C6B0F52B22CF45C
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=117569%2C61651%2C14044&b=r2GcQf9f8qB2CAH7Hjtqt8DYtYS8TKxdhd%2CwA3SdfjfD5b6hEHRH2tXtxVEUzSATDzRT5%2CXxVfzfrfqw7U6H4HetqtxD7UQSkTXKPfJ&f=PxefBfbf4YMAU9HjHbtgCYqGUJS9TPM7Fp%2CgVXF8frfkpAGaPHbH8txCzDPhmSQTm7VFe%2Ce7RC3fVfxBVcjHZHet2CeW3swSQTx8Ja1&c=300&d=250&e=&g=685a12d69d9862109b8d9a1cc87ddf1e%2F17001745813211297087&i=29981%2C24905%2C25007&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1664778449133&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hk1hwyx4rt65ezhfsqvnsmq8cpmmtczvk9f29hcw3qw6ge2t5gk6pa77gg19djq4n55h2y0z31115f6vxt4hz2p317k19htx7njmz3abf7fxvq5kyxhsm8v51nx0mw6bt8w0ycyd2kje18gqnmcqcrv7j2cgynxzk53bag0vdc283zrhddh6yqw10fj2366xd5znqg6a3ss1k65524h6pd6abj5m12hsm2ysbvdjnchbbq4r08dj7vz7csk0vaj8f7gev3jy3phy%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC_FGe0IA6Y_SYLZqD7_UPh-OAyAeQ4YGEXLaoworwAsCNtwEQASAAYJW6rYK0B4IBF2NhLXB1Yi0xMzMzODcyMzI2MDU0MTQ2oAHCrujdA8gBCakCFoTab7hxsD7gAgCoAwGqBNYCT9BBqetV0P2F6u20hUbXrhuzReuR6kzRZBF8f1G__ZijCOsg66rDc-oRCApLhJjLWAzqTpqtwknTBqYntxXJfLcTT5H4sW3q-MebmQ3g1k40G1nsqa7_NAUnr8cbjHRxnxmFkegzTBgntNwcQjLRNu5YHX-e6__ZOjxZc5iBwWpUzQyQ6emqWz913ADH2VIzEx1xYFcgWEjFZ_1iDkyKdpJYkgGDNzc6MvESzpOVEp3fl4sxMHCG3s_qa2RVCrLGCypysksw69rqlVH2GFNZ2mrk-QGictdAqrBLiI3QDOtbC156lClws-T4Quc5roGLCc3Xmb2Iz7Wcq2Vyh8SYT14-f48wJgGeSmYpncaUTIX7plwS9ByTe89b5Kp0Smb8XloQLEJDYPeAGQoPvP_NqkAhl0QI69RpwCHSMQ3dWIv9h_ThNbyXa9_dHt06AEMVzIWMjJii4AQBgAbxur7BzIOftfwBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_0FF3DdNYpJEsJwUdauwlyFemV_fA%2526client%253Dca-pub-1333872326054146%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 42e8de9192dee3b3ee8a7529c5883dac20b868000168362d9f287125c95e18a8

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 06:27:29 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 807956
cf-polished: origFmt=png, origSize=563367
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 347098
cf-bgj: imgq:85,h2pri
last-modified: Fri, 09 Apr 2021 07:22:09 GMT
server: cloudflare
etag: "ff5ac113643d20bec15acfffe32cb75e"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mCLndc9Gp6X%2F6kTOQnSRiL%2BNKnx%2FaFoJ5XPDQTSvjR71oppkpnh4%2B5R3i6fToR3xKnyQXVTsdWGU8rF9R8%2FoUfrUJj2cKjBFJVWLIczb1mscxd9ass25sUotmmTStzX6Io03uh4u1zS4h3E2"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 75439cbbada99142-FRA
expires: Tue, 04 Oct 2022 06:27:29 GMT

GET
H/1.1 200
OK cshow.php
www.awin1.com/ Frame 18BF 43 B
705 B 99ms
61ms Image
image/gif 92.123.17.141
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.awin1.com/cshow.php?s=2767075&v=20044&q=402224&r=412871&pv=1&pref3=oneidr2GcQf9f8qB2CAH7Hjtqt8DYtYS8TKxdhdoneid__dc_reach_suite02wkz&gdpr_consent=&gdpr=0&gdpr_pd=0

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

92.123.17.141 Vienna, Austria, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a92-123-17-141.deploy.static.akamaitechnologies.com

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 03 Oct 2022 06:27:29 GMT
Strict-Transport-Security: max-age=86400
Node: Helix
Content-Type: image/gif
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set: default
Connection: keep-alive
Content-Length: 43
Expires: 0

GET
H3 200 28955936A185107CE60DF2585A63B3B86CCC4B7A6593F99CF47D770EC5D0A33C82C6A9B67E144703653DB452E4551C62791722409DB6346D6D48A000139D8F04
assets.ad4m.at/logo/ Frame 18BF 9 KB
10 KB 56ms
55ms Image
image/webp 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/28955936A185107CE60DF2585A63B3B86CCC4B7A6593F99CF47D770EC5D0A33C82C6A9B67E144703653DB452E4551C62791722409DB6346D6D48A000139D8F04
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=117569%2C61651%2C14044&b=r2GcQf9f8qB2CAH7Hjtqt8DYtYS8TKxdhd%2CwA3SdfjfD5b6hEHRH2tXtxVEUzSATDzRT5%2CXxVfzfrfqw7U6H4HetqtxD7UQSkTXKPfJ&f=PxefBfbf4YMAU9HjHbtgCYqGUJS9TPM7Fp%2CgVXF8frfkpAGaPHbH8txCzDPhmSQTm7VFe%2Ce7RC3fVfxBVcjHZHet2CeW3swSQTx8Ja1&c=300&d=250&e=&g=685a12d69d9862109b8d9a1cc87ddf1e%2F17001745813211297087&i=29981%2C24905%2C25007&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1664778449133&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hk1hwyx4rt65ezhfsqvnsmq8cpmmtczvk9f29hcw3qw6ge2t5gk6pa77gg19djq4n55h2y0z31115f6vxt4hz2p317k19htx7njmz3abf7fxvq5kyxhsm8v51nx0mw6bt8w0ycyd2kje18gqnmcqcrv7j2cgynxzk53bag0vdc283zrhddh6yqw10fj2366xd5znqg6a3ss1k65524h6pd6abj5m12hsm2ysbvdjnchbbq4r08dj7vz7csk0vaj8f7gev3jy3phy%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC_FGe0IA6Y_SYLZqD7_UPh-OAyAeQ4YGEXLaoworwAsCNtwEQASAAYJW6rYK0B4IBF2NhLXB1Yi0xMzMzODcyMzI2MDU0MTQ2oAHCrujdA8gBCakCFoTab7hxsD7gAgCoAwGqBNYCT9BBqetV0P2F6u20hUbXrhuzReuR6kzRZBF8f1G__ZijCOsg66rDc-oRCApLhJjLWAzqTpqtwknTBqYntxXJfLcTT5H4sW3q-MebmQ3g1k40G1nsqa7_NAUnr8cbjHRxnxmFkegzTBgntNwcQjLRNu5YHX-e6__ZOjxZc5iBwWpUzQyQ6emqWz913ADH2VIzEx1xYFcgWEjFZ_1iDkyKdpJYkgGDNzc6MvESzpOVEp3fl4sxMHCG3s_qa2RVCrLGCypysksw69rqlVH2GFNZ2mrk-QGictdAqrBLiI3QDOtbC156lClws-T4Quc5roGLCc3Xmb2Iz7Wcq2Vyh8SYT14-f48wJgGeSmYpncaUTIX7plwS9ByTe89b5Kp0Smb8XloQLEJDYPeAGQoPvP_NqkAhl0QI69RpwCHSMQ3dWIv9h_ThNbyXa9_dHt06AEMVzIWMjJii4AQBgAbxur7BzIOftfwBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_0FF3DdNYpJEsJwUdauwlyFemV_fA%2526client%253Dca-pub-1333872326054146%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5c4855666e3ecdd01da9664d8da573fab1c6eac6fdc34492d8a111754e39b902

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 06:27:29 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 815191
cf-polished: qual=85, origFmt=jpeg, origSize=27926
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 9624
cf-bgj: imgq:85,h2pri
last-modified: Fri, 04 Dec 2020 11:16:28 GMT
server: cloudflare
etag: "47002e1929641ef35481b6bce27c6dda"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5fQM9w7guvKbCsyKXSLMlL08uKzuO4%2FhyWwwo8cbgKRbdDogHD1FIlVcz3GtNHEKF0wODjmr8djP6DJazSuyelKKD9P%2Ffp3zYiZZyLk8%2Fva%2Fv%2BPRkFhCliMSDE18KMR8dAApPk5Ll4XBuYD%2F"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 75439cbbadab9142-FRA
expires: Tue, 04 Oct 2022 06:27:29 GMT

GET
H3 200 FECCE304185C1438795F6CFAE6B9B1E43CAE4BEF881C07F340D064682278609596ABCD52DD6AC9BB2F361B9C4B020BB847724EC6671823EA7A116895AD4BEA2E
assets.ad4m.at/product_image/ Frame 18BF 283 KB
284 KB 34ms
33ms Image
image/webp 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/FECCE304185C1438795F6CFAE6B9B1E43CAE4BEF881C07F340D064682278609596ABCD52DD6AC9BB2F361B9C4B020BB847724EC6671823EA7A116895AD4BEA2E
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=117569%2C61651%2C14044&b=r2GcQf9f8qB2CAH7Hjtqt8DYtYS8TKxdhd%2CwA3SdfjfD5b6hEHRH2tXtxVEUzSATDzRT5%2CXxVfzfrfqw7U6H4HetqtxD7UQSkTXKPfJ&f=PxefBfbf4YMAU9HjHbtgCYqGUJS9TPM7Fp%2CgVXF8frfkpAGaPHbH8txCzDPhmSQTm7VFe%2Ce7RC3fVfxBVcjHZHet2CeW3swSQTx8Ja1&c=300&d=250&e=&g=685a12d69d9862109b8d9a1cc87ddf1e%2F17001745813211297087&i=29981%2C24905%2C25007&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1664778449133&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hk1hwyx4rt65ezhfsqvnsmq8cpmmtczvk9f29hcw3qw6ge2t5gk6pa77gg19djq4n55h2y0z31115f6vxt4hz2p317k19htx7njmz3abf7fxvq5kyxhsm8v51nx0mw6bt8w0ycyd2kje18gqnmcqcrv7j2cgynxzk53bag0vdc283zrhddh6yqw10fj2366xd5znqg6a3ss1k65524h6pd6abj5m12hsm2ysbvdjnchbbq4r08dj7vz7csk0vaj8f7gev3jy3phy%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC_FGe0IA6Y_SYLZqD7_UPh-OAyAeQ4YGEXLaoworwAsCNtwEQASAAYJW6rYK0B4IBF2NhLXB1Yi0xMzMzODcyMzI2MDU0MTQ2oAHCrujdA8gBCakCFoTab7hxsD7gAgCoAwGqBNYCT9BBqetV0P2F6u20hUbXrhuzReuR6kzRZBF8f1G__ZijCOsg66rDc-oRCApLhJjLWAzqTpqtwknTBqYntxXJfLcTT5H4sW3q-MebmQ3g1k40G1nsqa7_NAUnr8cbjHRxnxmFkegzTBgntNwcQjLRNu5YHX-e6__ZOjxZc5iBwWpUzQyQ6emqWz913ADH2VIzEx1xYFcgWEjFZ_1iDkyKdpJYkgGDNzc6MvESzpOVEp3fl4sxMHCG3s_qa2RVCrLGCypysksw69rqlVH2GFNZ2mrk-QGictdAqrBLiI3QDOtbC156lClws-T4Quc5roGLCc3Xmb2Iz7Wcq2Vyh8SYT14-f48wJgGeSmYpncaUTIX7plwS9ByTe89b5Kp0Smb8XloQLEJDYPeAGQoPvP_NqkAhl0QI69RpwCHSMQ3dWIv9h_ThNbyXa9_dHt06AEMVzIWMjJii4AQBgAbxur7BzIOftfwBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_0FF3DdNYpJEsJwUdauwlyFemV_fA%2526client%253Dca-pub-1333872326054146%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8b06ee7322964225af9c5f879971180be48ef42bac3933c73bfe6c1ea4c0f699

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 06:27:29 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 809927
cf-polished: origFmt=png, origSize=446787
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 289896
cf-bgj: imgq:85,h2pri
last-modified: Fri, 04 Dec 2020 12:36:47 GMT
server: cloudflare
etag: "f23fb93575be392d52c9c297c7323368"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u0%2BmC54yL0lS%2FsCZ%2Fs4cRfLVTw0bFDmo58qOINjuVT4ZVfIN8U%2BbrtgqW9GNCLE55WkYYKKr9%2FccuLnumoAB6hgJCt%2FjMe0i%2BN6p3Z2LOHxr0jgNTJyMQY8dJl4T570ohfe%2FsM0WLOYYWhcF"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 75439cbbadad9142-FRA
expires: Tue, 04 Oct 2022 06:27:29 GMT

GET
H3 200 B4CB880477BA810028D7D7613EE7E9E1448DC35AF48781E4B95EC6ECB7049A9AA27B107B317198EC504A03E948F7EC5A02BC2426A27879C893669BA93941B528
assets.ad4m.at/logo/ Frame 18BF 18 KB
19 KB 58ms
57ms Image
image/webp 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/B4CB880477BA810028D7D7613EE7E9E1448DC35AF48781E4B95EC6ECB7049A9AA27B107B317198EC504A03E948F7EC5A02BC2426A27879C893669BA93941B528
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=117569%2C61651%2C14044&b=r2GcQf9f8qB2CAH7Hjtqt8DYtYS8TKxdhd%2CwA3SdfjfD5b6hEHRH2tXtxVEUzSATDzRT5%2CXxVfzfrfqw7U6H4HetqtxD7UQSkTXKPfJ&f=PxefBfbf4YMAU9HjHbtgCYqGUJS9TPM7Fp%2CgVXF8frfkpAGaPHbH8txCzDPhmSQTm7VFe%2Ce7RC3fVfxBVcjHZHet2CeW3swSQTx8Ja1&c=300&d=250&e=&g=685a12d69d9862109b8d9a1cc87ddf1e%2F17001745813211297087&i=29981%2C24905%2C25007&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1664778449133&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hk1hwyx4rt65ezhfsqvnsmq8cpmmtczvk9f29hcw3qw6ge2t5gk6pa77gg19djq4n55h2y0z31115f6vxt4hz2p317k19htx7njmz3abf7fxvq5kyxhsm8v51nx0mw6bt8w0ycyd2kje18gqnmcqcrv7j2cgynxzk53bag0vdc283zrhddh6yqw10fj2366xd5znqg6a3ss1k65524h6pd6abj5m12hsm2ysbvdjnchbbq4r08dj7vz7csk0vaj8f7gev3jy3phy%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC_FGe0IA6Y_SYLZqD7_UPh-OAyAeQ4YGEXLaoworwAsCNtwEQASAAYJW6rYK0B4IBF2NhLXB1Yi0xMzMzODcyMzI2MDU0MTQ2oAHCrujdA8gBCakCFoTab7hxsD7gAgCoAwGqBNYCT9BBqetV0P2F6u20hUbXrhuzReuR6kzRZBF8f1G__ZijCOsg66rDc-oRCApLhJjLWAzqTpqtwknTBqYntxXJfLcTT5H4sW3q-MebmQ3g1k40G1nsqa7_NAUnr8cbjHRxnxmFkegzTBgntNwcQjLRNu5YHX-e6__ZOjxZc5iBwWpUzQyQ6emqWz913ADH2VIzEx1xYFcgWEjFZ_1iDkyKdpJYkgGDNzc6MvESzpOVEp3fl4sxMHCG3s_qa2RVCrLGCypysksw69rqlVH2GFNZ2mrk-QGictdAqrBLiI3QDOtbC156lClws-T4Quc5roGLCc3Xmb2Iz7Wcq2Vyh8SYT14-f48wJgGeSmYpncaUTIX7plwS9ByTe89b5Kp0Smb8XloQLEJDYPeAGQoPvP_NqkAhl0QI69RpwCHSMQ3dWIv9h_ThNbyXa9_dHt06AEMVzIWMjJii4AQBgAbxur7BzIOftfwBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_0FF3DdNYpJEsJwUdauwlyFemV_fA%2526client%253Dca-pub-1333872326054146%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 54d35e66675f9cc2ab471d0c389573b5ab0902937b397914a177712b27678a46

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 06:27:29 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2119677
cf-polished: origFmt=png, origSize=35453
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 18872
cf-bgj: imgq:85,h2pri
last-modified: Mon, 18 May 2020 12:30:29 GMT
server: cloudflare
etag: "e18c9634cdd319e69c2765475f29cd13"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1yfF41ctdKCqTNxz65IGMEvzFQ5zc93xvO7rgKBuwsCztQsZpsmtcYmzxSEGNJT88kA9hNLW7wg4Hchyz3w%2F%2FMyAbaaquAD81Mx4PpaLBkgyvJexl43HmMbDFuY8ZgjmBsAfnjH5GEUKh6GE"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 75439cbbadaf9142-FRA
expires: Tue, 04 Oct 2022 06:27:29 GMT

GET
H3 200 285DE9FE17F697DA1B3C600D8F320A9D948FC7BBE696D077F9175DFE5ECD143923061A8E9DA395B492694AC69B9D920D397618A0BB22BBF5834FED5EDAA72A95
assets.ad4m.at/product_image/ Frame 18BF 9 KB
10 KB 59ms
58ms Image
image/webp 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/285DE9FE17F697DA1B3C600D8F320A9D948FC7BBE696D077F9175DFE5ECD143923061A8E9DA395B492694AC69B9D920D397618A0BB22BBF5834FED5EDAA72A95
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=117569%2C61651%2C14044&b=r2GcQf9f8qB2CAH7Hjtqt8DYtYS8TKxdhd%2CwA3SdfjfD5b6hEHRH2tXtxVEUzSATDzRT5%2CXxVfzfrfqw7U6H4HetqtxD7UQSkTXKPfJ&f=PxefBfbf4YMAU9HjHbtgCYqGUJS9TPM7Fp%2CgVXF8frfkpAGaPHbH8txCzDPhmSQTm7VFe%2Ce7RC3fVfxBVcjHZHet2CeW3swSQTx8Ja1&c=300&d=250&e=&g=685a12d69d9862109b8d9a1cc87ddf1e%2F17001745813211297087&i=29981%2C24905%2C25007&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1664778449133&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hk1hwyx4rt65ezhfsqvnsmq8cpmmtczvk9f29hcw3qw6ge2t5gk6pa77gg19djq4n55h2y0z31115f6vxt4hz2p317k19htx7njmz3abf7fxvq5kyxhsm8v51nx0mw6bt8w0ycyd2kje18gqnmcqcrv7j2cgynxzk53bag0vdc283zrhddh6yqw10fj2366xd5znqg6a3ss1k65524h6pd6abj5m12hsm2ysbvdjnchbbq4r08dj7vz7csk0vaj8f7gev3jy3phy%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC_FGe0IA6Y_SYLZqD7_UPh-OAyAeQ4YGEXLaoworwAsCNtwEQASAAYJW6rYK0B4IBF2NhLXB1Yi0xMzMzODcyMzI2MDU0MTQ2oAHCrujdA8gBCakCFoTab7hxsD7gAgCoAwGqBNYCT9BBqetV0P2F6u20hUbXrhuzReuR6kzRZBF8f1G__ZijCOsg66rDc-oRCApLhJjLWAzqTpqtwknTBqYntxXJfLcTT5H4sW3q-MebmQ3g1k40G1nsqa7_NAUnr8cbjHRxnxmFkegzTBgntNwcQjLRNu5YHX-e6__ZOjxZc5iBwWpUzQyQ6emqWz913ADH2VIzEx1xYFcgWEjFZ_1iDkyKdpJYkgGDNzc6MvESzpOVEp3fl4sxMHCG3s_qa2RVCrLGCypysksw69rqlVH2GFNZ2mrk-QGictdAqrBLiI3QDOtbC156lClws-T4Quc5roGLCc3Xmb2Iz7Wcq2Vyh8SYT14-f48wJgGeSmYpncaUTIX7plwS9ByTe89b5Kp0Smb8XloQLEJDYPeAGQoPvP_NqkAhl0QI69RpwCHSMQ3dWIv9h_ThNbyXa9_dHt06AEMVzIWMjJii4AQBgAbxur7BzIOftfwBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_0FF3DdNYpJEsJwUdauwlyFemV_fA%2526client%253Dca-pub-1333872326054146%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 48f67a152acf6ef2df67acd63779bee22382effa8a37b241811e04b683e312b1

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 06:27:29 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 41535
cf-polished: qual=85, origFmt=jpeg, origSize=83479
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 9260
cf-bgj: imgq:85,h2pri
last-modified: Mon, 29 Nov 2021 15:03:15 GMT
server: cloudflare
etag: "70d78c6b26d24e038cbf23832e1bb538"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sKEx6CwgFC9yH5jmd8f6043ffyBqe5GgJc%2BOh8jjT%2FbRC85svfjHOIeyn5IsugbpIE%2Bf3DEIpsY2031%2BmlDfytVO%2BFNXlShI8ATvT%2BybnwHFaffBdt32Kc6lADJydfkaqw52eed%2BUKeUfyvl"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 75439cbbadb19142-FRA
expires: Tue, 04 Oct 2022 06:27:29 GMT

GET
H/1.1 200
OK cshow.php
www.awin1.com/ Frame 18BF 43 B
702 B 92ms
55ms Image
image/gif 92.123.17.141
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.awin1.com/cshow.php?s=2519498&v=14098&q=368694&r=412871&pv=1&pref3=oneidXxVfzfrfqw7U6H4HetqtxD7UQSkTXKPfJoneid__dc_reach_suite02wkz&gdpr_consent=&gdpr=0&gdpr_pd=0

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

92.123.17.141 Vienna, Austria, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a92-123-17-141.deploy.static.akamaitechnologies.com

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 03 Oct 2022 06:27:29 GMT
Strict-Transport-Security: max-age=86400
Node: Helix
Content-Type: image/gif
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set: default
Connection: keep-alive
Content-Length: 43
Expires: 0

GET
H2 200 link.html Show response
track.webgains.com/ Frame 18BF 2 KB
2 KB 82ms
80ms Script
text/html 3.11.195.34
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://track.webgains.com/link.html?wglinkid=3354045&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1hwcxp4k0w0jn6ktpcpafv129tg54skrt3cyhhbt16fb0t2c9308w150085bh6q21estrjcwpd5kabje99s5fx7t2njbqg8nkcggmdsqjw9ey1prms51q0q55qz662d1q3yxvgqxkdx7pkdrfj6vmqphpwdvtz6gqk9aa3yzet0kf83ysek22bnnp7b81ehve1dfv3v456jdg4jsrbq44h8ppv98f1660x9dzy2fa2kgzhz0j3as5n5y641qfjvfc8cg%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1hk1hwyx4rt65ezhfsqvnsmq8cpmmtczvk9f29hcw3qw6ge2t5gk6pa77gg19djq4n55h2y0z31115f6vxt4hz2p317k19htx7njmz3abf7fxvq5kyxhsm8v51nx0mw6bt8w0ycyd2kje18gqnmcqcrv7j2cgynxzk53bag0vdc283zrhddh6yqw10fj2366xd5znqg6a3ss1k65524h6pd6abj5m12hsm2ysbvdjnchbbq4r08dj7vz7csk0vaj8f7gev3jy3phy%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DC_FGe0IA6Y_SYLZqD7_UPh-OAyAeQ4YGEXLaoworwAsCNtwEQASAAYJW6rYK0B4IBF2NhLXB1Yi0xMzMzODcyMzI2MDU0MTQ2oAHCrujdA8gBCakCFoTab7hxsD7gAgCoAwGqBNYCT9BBqetV0P2F6u20hUbXrhuzReuR6kzRZBF8f1G__ZijCOsg66rDc-oRCApLhJjLWAzqTpqtwknTBqYntxXJfLcTT5H4sW3q-MebmQ3g1k40G1nsqa7_NAUnr8cbjHRxnxmFkegzTBgntNwcQjLRNu5YHX-e6__ZOjxZc5iBwWpUzQyQ6emqWz913ADH2VIzEx1xYFcgWEjFZ_1iDkyKdpJYkgGDNzc6MvESzpOVEp3fl4sxMHCG3s_qa2RVCrLGCypysksw69rqlVH2GFNZ2mrk-QGictdAqrBLiI3QDOtbC156lClws-T4Quc5roGLCc3Xmb2Iz7Wcq2Vyh8SYT14-f48wJgGeSmYpncaUTIX7plwS9ByTe89b5Kp0Smb8XloQLEJDYPeAGQoPvP_NqkAhl0QI69RpwCHSMQ3dWIv9h_ThNbyXa9_dHt06AEMVzIWMjJii4AQBgAbxur7BzIOftfwBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_0FF3DdNYpJEsJwUdauwlyFemV_fA%252526client%25253Dca-pub-1333872326054146%252526adurl%25253D&clickref=oneidgVXF8frfkpAGaPHbH8txCzDPhmSQTm7VFeoneid__dc_reach_suite02wkz&viewref=oneidwA3SdfjfD5b6hEHRH2tXtxVEUzSATDzRT5oneid__dc_reach_suite02wkz
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=117569%2C61651%2C14044&b=r2GcQf9f8qB2CAH7Hjtqt8DYtYS8TKxdhd%2CwA3SdfjfD5b6hEHRH2tXtxVEUzSATDzRT5%2CXxVfzfrfqw7U6H4HetqtxD7UQSkTXKPfJ&f=PxefBfbf4YMAU9HjHbtgCYqGUJS9TPM7Fp%2CgVXF8frfkpAGaPHbH8txCzDPhmSQTm7VFe%2Ce7RC3fVfxBVcjHZHet2CeW3swSQTx8Ja1&c=300&d=250&e=&g=685a12d69d9862109b8d9a1cc87ddf1e%2F17001745813211297087&i=29981%2C24905%2C25007&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1664778449133&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hk1hwyx4rt65ezhfsqvnsmq8cpmmtczvk9f29hcw3qw6ge2t5gk6pa77gg19djq4n55h2y0z31115f6vxt4hz2p317k19htx7njmz3abf7fxvq5kyxhsm8v51nx0mw6bt8w0ycyd2kje18gqnmcqcrv7j2cgynxzk53bag0vdc283zrhddh6yqw10fj2366xd5znqg6a3ss1k65524h6pd6abj5m12hsm2ysbvdjnchbbq4r08dj7vz7csk0vaj8f7gev3jy3phy%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC_FGe0IA6Y_SYLZqD7_UPh-OAyAeQ4YGEXLaoworwAsCNtwEQASAAYJW6rYK0B4IBF2NhLXB1Yi0xMzMzODcyMzI2MDU0MTQ2oAHCrujdA8gBCakCFoTab7hxsD7gAgCoAwGqBNYCT9BBqetV0P2F6u20hUbXrhuzReuR6kzRZBF8f1G__ZijCOsg66rDc-oRCApLhJjLWAzqTpqtwknTBqYntxXJfLcTT5H4sW3q-MebmQ3g1k40G1nsqa7_NAUnr8cbjHRxnxmFkegzTBgntNwcQjLRNu5YHX-e6__ZOjxZc5iBwWpUzQyQ6emqWz913ADH2VIzEx1xYFcgWEjFZ_1iDkyKdpJYkgGDNzc6MvESzpOVEp3fl4sxMHCG3s_qa2RVCrLGCypysksw69rqlVH2GFNZ2mrk-QGictdAqrBLiI3QDOtbC156lClws-T4Quc5roGLCc3Xmb2Iz7Wcq2Vyh8SYT14-f48wJgGeSmYpncaUTIX7plwS9ByTe89b5Kp0Smb8XloQLEJDYPeAGQoPvP_NqkAhl0QI69RpwCHSMQ3dWIv9h_ThNbyXa9_dHt06AEMVzIWMjJii4AQBgAbxur7BzIOftfwBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_0FF3DdNYpJEsJwUdauwlyFemV_fA%2526client%253Dca-pub-1333872326054146%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.11.195.34 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-11-195-34.eu-west-2.compute.amazonaws.com
Software: nginx / PHP/7.4.26
Resource Hash: b81f086d09f3dda8a72d832ae75549fe609d965527ae3d5682aac395c7ab205e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 06:27:29 GMT
last-modified: Mon, 03 Oct 2022 06:27:29 GMT
server: nginx
x-powered-by: PHP/7.4.26
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=60
access-control-allow-headers: Authorization
expires: Mon, 03 Oct 2022 06:28:29 GMT

GET
H2 200 pvClk.min.js Show response
analytics.webgains.io/ Frame A6ED 85 KB
31 KB 71ms
8ms Script
application/javascript 13.224.189.4
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.webgains.io/pvClk.min.js
Requested by: Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=713569&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1k8n6gv7mcyxyv3tpc0ehh86k7v7nwxheaqkvb6g2tawfh5z49qr67nr6vsb4vc04s6csw7n0bvxkfphz0jpz4ma989jf5y35fa3d39mss2ye6t8xc8nz6emy4cn30zd7yb59y78bv68j7vadwbyhcf6mk3a8fddfvhr80phym6k6sr79ahz2g7n9tqfnqtm3fqj5gcdbzpepaqssvctgnptxcska11csvps1t70r9ph22jw14nmgssvtkbr8djqqr%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1jf5fh1rb4tmhhf4jdm7bfqj2x9k72a43338k6b12q7rqmd8k8d5hxq0kr8gaz6vp2r3yvhtm5txj306zpye0q8kmn9yxz2a4xqerj6s5b2wpwtrwxbhevym5mjzry3rvjgdz9jgtechcjd66jc0ktfadzqfd9mf0wxvvdgdeeyvxyxwwh1esf6n5f2kjsderrjgz3pndn0v4qkwyj5bc7nqp2rg1y7070axeh1eyycysvpcpfzvw1vwjytk983fe2vzf03008982%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DC5v9V0IA6Y6DbH7KO7_UPlPeOyAmQ4YGEXLaoworwAsCNtwEQASAAYJW6rYK0B4IBF2NhLXB1Yi0xMzMzODcyMzI2MDU0MTQ2oAHCrujdA8gBCakCFoTab7hxsD7gAgCoAwGqBNECT9B_kOCJkpZy9YQX7qulASrLXSV0ZwTiHkX6BsSpb_pblY7NTO6s8OaGvRzAT576Hc6qAbm44_7LJ-d95U36GQ3oeRBOgkxwXFS3hOLfnPmssW_Y2gF9B_AD9aX4AmHTfj3lWaXPkHpOWHdzq3bL_Hhp-_G3B5FkYKLU1g4jvpEg6pKOxa4nn6aleOtUWXd7OOYC65gYyON0y7elZbHCeZKXIWFUoGdeug_SeTS3FG2c6HilI_LNLlxUJ6lG2-aEQG7Oud_8aRRBLADRPyftA-np_PkZvrzF8NNAqmEcrcTVGzPDorLfAWeqLI4vHKn-LEBTZP0SXBSR8TehVyvVX7mc14ijAWJh81XL1S76KmxxJvgOl-ApuF8odU5FFYpAU-02tNkFPhFNxizldFKIjI_Lx3t3YJFH25PBrOzpllQVnUs3Rqk9Phu4V_h-mzNE1-AEAYAGv8uJxrfT-dFboAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_3WD1hW4u_84XEFacGRbFHzrPa4uw%252526client%25253Dca-pub-1333872326054146%252526adurl%25253D&clickref=oneidr2GcQf9fd3jTAH7HjtJCBwxuYS8TKxdhdoneid__dc_reach_suite02wkz&viewref=oneid4rehEf5fRAzhGH9HdtAtmJAsbSpTr6XuKoneid__dc_reach_suite02wkz
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.189.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-189-4.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 5f0e58e4c8d23cb8d1453aa9d362f102a4676085ab517acfd34aba74f982d3db

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sun, 02 Oct 2022 15:27:46 GMT
content-encoding: gzip
via: 1.1 d8eef512ab23f23f549b4cd25ac5328c.cloudfront.net (CloudFront)
last-modified: Thu, 29 Sep 2022 15:27:30 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C1
age: 53984
etag: W/"faa933973c404f8cfedacd4b67a60b85"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: sBYqx1U85KD6DNWXrg020ejS4uNK52K4XoyQPGQjj8i9tocOYOI_bA==

GET
H2 200 Logo%20RGB.png
cdn.track.production.webgains.team/12607/ Frame A6ED 85 KB
85 KB 40ms
8ms Image
image/png 13.225.78.118
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.track.production.webgains.team/12607/Logo%20RGB.png?Expires=1664778749&Signature=b7yVtP6seBgEXnarIRNeb4-cJy3MYUig9QVqEIGKuzfJ7bcodDERY5eCwOhsvONwgzYmvT9zgd-uFxW-1t080A7mGrND2JNEOXxOaqUiOJIhKd4kst13eWbBKIRQ9p-bPe-eFjvDGPNnZ-GiWqtRlSIAd-3F9ZHBH9ee5MoS9S5C0mPUU4DfW8gnaBDuTu6V4s3t0BmXlPZLPNt-dQGrCp1dq7ACYvXynfW9Rq7DhonlB1kKl7uaL7SxNN5QJoVBwLLWoe9NNJkM1oMytIOzDSxYP3iiGGadP~nPbfbxLXYcxYVQMuB2QAb34lSd3VlUxeuXBxt0h2jGh5rgpIxuFA__&Key-Pair-Id=K28VXAGA7VWE0O
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=196438%2C24673%2C188429&b=GjeTBfpfXwx9UKHeHGtPt31dHZSYTeA9tE%2C4rehEf5fRAzhGH9HdtAtmJAsbSpTr6XuK%2C3PZfpf4fXZ6Rs7HrHAtEt9REtPSWTA14ad&f=Vx7fwfmfDjJEfVHbHAtXC8j4cBSzTzQkTQ%2Cr2GcQf9fd3jTAH7HjtJCBwxuYS8TKxdhd%2CWKmcrfdfZwJeFYH5HjtDCXjeH3SETJdPC2&c=728&d=90&e=&g=bbf7eca2c79275dd37e1836a8a221a1a%2F2905473800889214588&i=25174%2C20430%2C21596&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1664778448945&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jf5fh1rb4tmhhf4jdm7bfqj2x9k72a43338k6b12q7rqmd8k8d5hxq0kr8gaz6vp2r3yvhtm5txj306zpye0q8kmn9yxz2a4xqerj6s5b2wpwtrwxbhevym5mjzry3rvjgdz9jgtechcjd66jc0ktfadzqfd9mf0wxvvdgdeeyvxyxwwh1esf6n5f2kjsderrjgz3pndn0v4qkwyj5bc7nqp2rg1y7070axeh1eyycysvpcpfzvw1vwjytk983fe2vzf03008982%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC5v9V0IA6Y6DbH7KO7_UPlPeOyAmQ4YGEXLaoworwAsCNtwEQASAAYJW6rYK0B4IBF2NhLXB1Yi0xMzMzODcyMzI2MDU0MTQ2oAHCrujdA8gBCakCFoTab7hxsD7gAgCoAwGqBNECT9B_kOCJkpZy9YQX7qulASrLXSV0ZwTiHkX6BsSpb_pblY7NTO6s8OaGvRzAT576Hc6qAbm44_7LJ-d95U36GQ3oeRBOgkxwXFS3hOLfnPmssW_Y2gF9B_AD9aX4AmHTfj3lWaXPkHpOWHdzq3bL_Hhp-_G3B5FkYKLU1g4jvpEg6pKOxa4nn6aleOtUWXd7OOYC65gYyON0y7elZbHCeZKXIWFUoGdeug_SeTS3FG2c6HilI_LNLlxUJ6lG2-aEQG7Oud_8aRRBLADRPyftA-np_PkZvrzF8NNAqmEcrcTVGzPDorLfAWeqLI4vHKn-LEBTZP0SXBSR8TehVyvVX7mc14ijAWJh81XL1S76KmxxJvgOl-ApuF8odU5FFYpAU-02tNkFPhFNxizldFKIjI_Lx3t3YJFH25PBrOzpllQVnUs3Rqk9Phu4V_h-mzNE1-AEAYAGv8uJxrfT-dFboAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3WD1hW4u_84XEFacGRbFHzrPa4uw%2526client%253Dca-pub-1333872326054146%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-118.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 272d25a3bc4e780b90797dc968a382dbccaa40157d7612ace2f59f2768a6bb86

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

x-amz-version-id: null
date: Mon, 03 Oct 2022 01:08:52 GMT
via: 1.1 6c9a2d99a25484f38efa27d58a726b2c.cloudfront.net (CloudFront)
last-modified: Fri, 06 May 2022 09:41:36 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C2
age: 62470
etag: "92f323c42d6018008b4cf82e90ac9639"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 86991
x-amz-cf-id: qXI75T17LOcglH088q31jh_QWYZPL4DFT-6jKvtv4zts6C9YeaZI0w==

GET
H3 200 adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame 0D79 3 KB
4 KB 25ms
24ms Image
image/png 2606:4700:20::681a:61b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/style/0.1.23/one-ad/default.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:61b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 06:27:29 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 21674945
x-guploader-uploadid: ADPycdvK0i-nNNMv3fNeMFP8ktxrB0s9Rxn1yHxNJcTu0YzGgL1oQ0J5-KUL8U_oIDMeEhRvKXfkGwmOw_rmBs79tac
x-goog-storage-class: STANDARD
x-goog-custom-time: 1970-01-01T00:00:00Z
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3262
x-goog-meta-
last-modified: Wed, 09 Jun 2021 12:35:14 GMT
server: cloudflare
etag: "794c84d30e213ec6a144d64215f07551"
vary: Accept-Encoding
x-goog-generation: 1623242114099744
content-type: image/png
x-goog-hash: crc32c=v7nNsg==, md5=eUyE0w4hPsahRNZCFfB1UQ==
cache-control: public, max-age=31536000, immutable
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XybttiVRQmmZkOGhp1ynS0UkwePZATltuP3PtNzwmp0j4DCkx%2FHsdccdqZuEoEZzKG7PsK5xq1b%2F9wsB19zcW7axrsqqwD08RPBFjpbkdjgrLHDizXiEMt6GX20J4los%2FXy5NVgfJsSV8m1Gu9e4%2BxSO"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 3262
accept-ranges: bytes
cf-ray: 75439cbbfb389205-FRA
expires: Wed, 25 Jan 2023 09:38:24 GMT

GET
H3 200 frame.html Show response
ad4m.at/ Frame 1314 2 KB
1 KB 26ms
24ms Document
text/html 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/frame.html
Requested by: Host: ad4m.at
URL: https://ad4m.at/fxpcopuw.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 642137
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: public, max-age=3600
cf-cache-status: HIT
cf-ray: 75439cbbfe4b9142-FRA
content-encoding: br
content-language: en
content-type: text/html; charset=utf-8
date: Mon, 03 Oct 2022 06:27:29 GMT
expires: Sun, 25 Sep 2022 21:03:20 GMT
last-modified: Thu, 25 Aug 2022 14:12:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0wB3g39w8ruxWt3JOEYDK%2B2UeF52w4IntbopX%2FqLWqlNrcRNBfNSZ1m94A3L4nmd7bwqLJx4GDZXsQPPjK0TAW1FVHWBP%2B41PXIdFw4WHFgFJvT5JvSoKDUIFbV1EfGvUFf2Oro%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

POST
H3 200 rs Show response
ad4m.at/ Frame 0D79 2 KB
2 KB 53ms
53ms XHR
text/plain 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Requested by: Host: ad4m.at
URL: https://ad4m.at/fxpcopuw.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 25ecc29bd894d14aefbaa397505076f2989875149d1730a8c7b014d714dd8ce2

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 03 Oct 2022 06:27:29 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vv%2FmxYhzzGEuYy0S98ycBKndx%2BNI9Jcj6FIXOnP1QxS4r1YggHMFqE8vZOTExWLv0BBcrHH0TNjDiLTXwL6FfU%2BPh9p5TA%2FKz4hTg%2FWmgF0G1Y575M0o8K5GceASnzuGAnVu4Mo%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain
access-control-allow-origin: https://as.ad4m.at
access-control-allow-credentials: true
cf-ray: 75439cbc7e496939-FRA
x-backend-server: aa-reachservice-group-europe-west1-46ds
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

OPTIONS
H3 200 rs
ad4m.at/ Frame 0
0 35ms
34ms Preflight
text/plain 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://as.ad4m.at
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin: https://as.ad4m.at
access-control-max-age: 1800
allow: HEAD,POST,GET,OPTIONS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 75439cbc3dc06939-FRA
content-length: 24
content-type: text/plain
date: Mon, 03 Oct 2022 06:27:29 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZtQjbTPB5L%2FjHIWNJJeH9fxNvNof0zxHVOEXAYoEuAZLcu3dBso%2BDT8b7Rebs5l0%2FIq75erSMlMBtUdMyjsPyiFwESiKoayntQkrCTV7XQ5PxZtAJNTdsPkI16lvcYw3aa10%2FrE%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
via: 1.1 google
x-backend-server: aa-reachservice-group-europe-west1-46ds

GET
H2 200 pvClk.min.js Show response
analytics.webgains.io/ Frame 18BF 85 KB
31 KB 8ms
7ms Script
application/javascript 13.224.189.4
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.webgains.io/pvClk.min.js
Requested by: Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=3354045&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1hwcxp4k0w0jn6ktpcpafv129tg54skrt3cyhhbt16fb0t2c9308w150085bh6q21estrjcwpd5kabje99s5fx7t2njbqg8nkcggmdsqjw9ey1prms51q0q55qz662d1q3yxvgqxkdx7pkdrfj6vmqphpwdvtz6gqk9aa3yzet0kf83ysek22bnnp7b81ehve1dfv3v456jdg4jsrbq44h8ppv98f1660x9dzy2fa2kgzhz0j3as5n5y641qfjvfc8cg%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1hk1hwyx4rt65ezhfsqvnsmq8cpmmtczvk9f29hcw3qw6ge2t5gk6pa77gg19djq4n55h2y0z31115f6vxt4hz2p317k19htx7njmz3abf7fxvq5kyxhsm8v51nx0mw6bt8w0ycyd2kje18gqnmcqcrv7j2cgynxzk53bag0vdc283zrhddh6yqw10fj2366xd5znqg6a3ss1k65524h6pd6abj5m12hsm2ysbvdjnchbbq4r08dj7vz7csk0vaj8f7gev3jy3phy%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DC_FGe0IA6Y_SYLZqD7_UPh-OAyAeQ4YGEXLaoworwAsCNtwEQASAAYJW6rYK0B4IBF2NhLXB1Yi0xMzMzODcyMzI2MDU0MTQ2oAHCrujdA8gBCakCFoTab7hxsD7gAgCoAwGqBNYCT9BBqetV0P2F6u20hUbXrhuzReuR6kzRZBF8f1G__ZijCOsg66rDc-oRCApLhJjLWAzqTpqtwknTBqYntxXJfLcTT5H4sW3q-MebmQ3g1k40G1nsqa7_NAUnr8cbjHRxnxmFkegzTBgntNwcQjLRNu5YHX-e6__ZOjxZc5iBwWpUzQyQ6emqWz913ADH2VIzEx1xYFcgWEjFZ_1iDkyKdpJYkgGDNzc6MvESzpOVEp3fl4sxMHCG3s_qa2RVCrLGCypysksw69rqlVH2GFNZ2mrk-QGictdAqrBLiI3QDOtbC156lClws-T4Quc5roGLCc3Xmb2Iz7Wcq2Vyh8SYT14-f48wJgGeSmYpncaUTIX7plwS9ByTe89b5Kp0Smb8XloQLEJDYPeAGQoPvP_NqkAhl0QI69RpwCHSMQ3dWIv9h_ThNbyXa9_dHt06AEMVzIWMjJii4AQBgAbxur7BzIOftfwBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_0FF3DdNYpJEsJwUdauwlyFemV_fA%252526client%25253Dca-pub-1333872326054146%252526adurl%25253D&clickref=oneidgVXF8frfkpAGaPHbH8txCzDPhmSQTm7VFeoneid__dc_reach_suite02wkz&viewref=oneidwA3SdfjfD5b6hEHRH2tXtxVEUzSATDzRT5oneid__dc_reach_suite02wkz
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.189.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-189-4.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 5f0e58e4c8d23cb8d1453aa9d362f102a4676085ab517acfd34aba74f982d3db

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sun, 02 Oct 2022 15:27:46 GMT
content-encoding: gzip
via: 1.1 d8eef512ab23f23f549b4cd25ac5328c.cloudfront.net (CloudFront)
last-modified: Thu, 29 Sep 2022 15:27:30 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C1
age: 53984
etag: W/"faa933973c404f8cfedacd4b67a60b85"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: XIfK-jLgfiXtufiUvhGdgIELr0TaQzXXU1m8B3ZazMPG0rTjvxTA8w==

GET
H2 200 logo_querformat_herzen_300x100.png
cdn.track.production.webgains.team/275055/ Frame 18BF 10 KB
11 KB 8ms
7ms Image
image/png 13.225.78.118
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.track.production.webgains.team/275055/logo_querformat_herzen_300x100.png?Expires=1664778749&Signature=mzpuJNrxXqiTS1KNpQcQj7zEz8rqSf8da~HPi82-5KCEwodTga-RD1dWgdK63fZq5qp7Vul6iMwnJJZKypV9tHuis0NFIG87RwszUdJVJ-7VwkEIISi7JuwFHPhjzlLif5iaHSVjhL66R9LkKhSBXcm5ubAriviWsn8i~OuDpEpjHi0Ymi0bA-psdNA-NI720l2~5BudCSo9BugtPCGEEcdilf6vUwkkKvtalhJa6O53SjgDU-7aBkYFN8vFdh30U2sUi9M~PQHU~ii0uIRG8Sz4UEBWIAgthw9r-APxTjvU633rW5QtXtsUa8ftOcoyehcirZgmeckVy7ahhuRYgw__&Key-Pair-Id=K28VXAGA7VWE0O
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=117569%2C61651%2C14044&b=r2GcQf9f8qB2CAH7Hjtqt8DYtYS8TKxdhd%2CwA3SdfjfD5b6hEHRH2tXtxVEUzSATDzRT5%2CXxVfzfrfqw7U6H4HetqtxD7UQSkTXKPfJ&f=PxefBfbf4YMAU9HjHbtgCYqGUJS9TPM7Fp%2CgVXF8frfkpAGaPHbH8txCzDPhmSQTm7VFe%2Ce7RC3fVfxBVcjHZHet2CeW3swSQTx8Ja1&c=300&d=250&e=&g=685a12d69d9862109b8d9a1cc87ddf1e%2F17001745813211297087&i=29981%2C24905%2C25007&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1664778449133&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hk1hwyx4rt65ezhfsqvnsmq8cpmmtczvk9f29hcw3qw6ge2t5gk6pa77gg19djq4n55h2y0z31115f6vxt4hz2p317k19htx7njmz3abf7fxvq5kyxhsm8v51nx0mw6bt8w0ycyd2kje18gqnmcqcrv7j2cgynxzk53bag0vdc283zrhddh6yqw10fj2366xd5znqg6a3ss1k65524h6pd6abj5m12hsm2ysbvdjnchbbq4r08dj7vz7csk0vaj8f7gev3jy3phy%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC_FGe0IA6Y_SYLZqD7_UPh-OAyAeQ4YGEXLaoworwAsCNtwEQASAAYJW6rYK0B4IBF2NhLXB1Yi0xMzMzODcyMzI2MDU0MTQ2oAHCrujdA8gBCakCFoTab7hxsD7gAgCoAwGqBNYCT9BBqetV0P2F6u20hUbXrhuzReuR6kzRZBF8f1G__ZijCOsg66rDc-oRCApLhJjLWAzqTpqtwknTBqYntxXJfLcTT5H4sW3q-MebmQ3g1k40G1nsqa7_NAUnr8cbjHRxnxmFkegzTBgntNwcQjLRNu5YHX-e6__ZOjxZc5iBwWpUzQyQ6emqWz913ADH2VIzEx1xYFcgWEjFZ_1iDkyKdpJYkgGDNzc6MvESzpOVEp3fl4sxMHCG3s_qa2RVCrLGCypysksw69rqlVH2GFNZ2mrk-QGictdAqrBLiI3QDOtbC156lClws-T4Quc5roGLCc3Xmb2Iz7Wcq2Vyh8SYT14-f48wJgGeSmYpncaUTIX7plwS9ByTe89b5Kp0Smb8XloQLEJDYPeAGQoPvP_NqkAhl0QI69RpwCHSMQ3dWIv9h_ThNbyXa9_dHt06AEMVzIWMjJii4AQBgAbxur7BzIOftfwBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_0FF3DdNYpJEsJwUdauwlyFemV_fA%2526client%253Dca-pub-1333872326054146%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-118.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 32156c8a346c5445b2068b5137c2ab4d354aa66c88de0c12f1d297f6f6a101a4

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

x-amz-version-id: null
date: Sun, 02 Oct 2022 22:45:16 GMT
via: 1.1 6c9a2d99a25484f38efa27d58a726b2c.cloudfront.net (CloudFront)
last-modified: Fri, 06 May 2022 10:27:54 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C2
age: 27734
etag: "f1ac17cc310d1d58c319caa4cec695b9"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 10517
x-amz-cf-id: _MK8RbVlSc47S83PnUpFgFsgjtFx76HrKG4Wly_HdwwUDYjq5Xv-ng==

GET
H3 200 rar Show response
as.ad4m.at/ad/ Frame 0CBD 12 KB
5 KB 35ms
35ms Document
text/html 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/rar?a=183975%2C19456%2C37798&b=e7RC3fVfrkRMajHZHet1t4jXTwSQTx8Ja1%2CdEQfEfkf2JVSEHjHwtEtbbrfeS4TGW4fj%2CEjeTDfEfzWzczHAHjt4t44bfKSVTZAGT7&f=DjeT3fwfGA3rF3HmH9twCZ3kTxSmTk8rFV%2CK1eHRfZfMPmt5HMHktzCBB4C7SATwGkFq%2CADeFYfqf5Y5CAHRH4tMCMMGsRS4TDVQT9&c=300&d=250&e=&g=f5fa9b8764c4fb9bd290769ebe7b0e5f%2F17545794819499481961&i=20597%2C20774%2C20773&j=21%2C14%2C14&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1664778449388&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1geefvmf7w9tnrnj9512sc0883yw7qp58gn9dt8qtndggn39qxz68zzqbws1fhmd9pt8pq5p4r6b20mvpakq2zmwg4vx1hmke23yney9mvwfk1awa4bxzba3960apf4seyr290z5zsr9vfcgfyt7wzzrte3f7vb289z867n0v56h8rnp1k9fxdy02kc2mwgm6a4nf1pfkzg04wxvyqjnm50vh3vr0fha5ypa7rhj3p1mpfbq5ks4vj5t53z8tfc6atxbbj905b18g%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCTPNY0IA6Y73oO_m99u8Pzq61kAiQ4YGEXLaoworwAsCNtwEQASAAYJW6rYK0B4IBF2NhLXB1Yi0xMzMzODcyMzI2MDU0MTQ2oAHCrujdA8gBCakCFoTab7hxsD7gAgCoAwGqBNYCT9A1QzuY_39DCWK2YqW5-LhTm7Mh39oaRS1rzRa3DlI3PImCpzu3GU4fwXuHKiqKHVvPnnm0zJIwCF2QfxOlYEojf4i7i4oWFvQpo7sVARWTp1nOjowrZAHgLsYXKi_BbgQqZdHa4yRIIGaFef_K9NusA_LLU_yoT4snoDq5_G7saSrTdTwdw4Rs_H0RlRryDI3OtTBZgXoaHjXEmAZnpp38YIhs7WDfQapkziwaY7kYoR4tmbIXah7q7VkSM2Ciq59kj0LR4HtOKt5qdmzmD9HVSBR31Xtm4fv_Q-JIf0E7sMCcrpueINP5GV9AVTrTraqBk-OVL0bgB0eesCz3jZzzBFWODIwOlKc8shcPoNnRxAbLxFmysZBTh1dhF86mxZsQa9eNgBwlKrDvLIzPoB5hsEtYhulsPTTCKwscQUkqH7U--dBWV6tiQKVsrRE6tXcvvCPK4AQBgAbxur7BzIOftfwBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1ABROh2ouoTmi9HSy1ePSF9LA92w%2526client%253Dca-pub-1333872326054146%2526adurl%253D&y=1&s=&z=0

Requested by

Host: ad4m.at
URL: https://ad4m.at/fxpcopuw.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cdbff30a354c2d5c9da31c99ae788988d00c4c0467de850f13da6f0016796ec9

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-ancestors * data:;frame-src ;img-src data:;manifest-src 'none';media-src 'none';navigate-to ;object-src 'none';prefetch-src 'none';script-src 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://as.ad4m.at/ad/dr?ed=1h2yjr18p2202zcte99as4snjv473y0nm3d49bzmjszgmqqh337d9x87z2c7k490xe45khvysvgfqk9ykb61py5x1849drpav0aq9wzg5m2t5t9mj3h9rhhxf2jdsmsrwmmat4v7vwhgdjb7sxwwd4ss555fw6h7zbttybn9j1e99ped2rtajp2kfm552pn2zrkc8nydafmps5x0csmc83nzyvdh7je6jykmrzsv5grarav0e62q3ycapqtjwygbvqcrnkmwcm9epk6h3cjyqj3wjcnshh6gc9r0zxemmb6hd625g1pdft4a5aqkyq542k44tn81xfkxdbk8njtv22waq1rzjhks3ma44xjsqtb5jywq8mjmrrpzq3pf457beb8zm8h9mq4cdqzbe8dkfgf4s6w9v36npr&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCTPNY0IA6Y73oO_m99u8Pzq61kAiQ4YGEXLaoworwAsCNtwEQASAAYJW6rYK0B4IBF2NhLXB1Yi0xMzMzODcyMzI2MDU0MTQ2oAHCrujdA8gBCakCFoTab7hxsD7gAgCoAwGqBNYCT9A1QzuY_39DCWK2YqW5-LhTm7Mh39oaRS1rzRa3DlI3PImCpzu3GU4fwXuHKiqKHVvPnnm0zJIwCF2QfxOlYEojf4i7i4oWFvQpo7sVARWTp1nOjowrZAHgLsYXKi_BbgQqZdHa4yRIIGaFef_K9NusA_LLU_yoT4snoDq5_G7saSrTdTwdw4Rs_H0RlRryDI3OtTBZgXoaHjXEmAZnpp38YIhs7WDfQapkziwaY7kYoR4tmbIXah7q7VkSM2Ciq59kj0LR4HtOKt5qdmzmD9HVSBR31Xtm4fv_Q-JIf0E7sMCcrpueINP5GV9AVTrTraqBk-OVL0bgB0eesCz3jZzzBFWODIwOlKc8shcPoNnRxAbLxFmysZBTh1dhF86mxZsQa9eNgBwlKrDvLIzPoB5hsEtYhulsPTTCKwscQUkqH7U--dBWV6tiQKVsrRE6tXcvvCPK4AQBgAbxur7BzIOftfwBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1ABROh2ouoTmi9HSy1ePSF9LA92w%26client%3Dca-pub-1333872326054146%26adurl%3D
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 75439cbcdfeb9142-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Mon, 03 Oct 2022 06:27:29 GMT
expires: 0
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.23/one-ad/ Frame 0CBD 85 KB
11 KB 32ms
32ms Stylesheet
text/css 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/style/0.1.23/one-ad/default.css

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=183975%2C19456%2C37798&b=e7RC3fVfrkRMajHZHet1t4jXTwSQTx8Ja1%2CdEQfEfkf2JVSEHjHwtEtbbrfeS4TGW4fj%2CEjeTDfEfzWzczHAHjt4t44bfKSVTZAGT7&f=DjeT3fwfGA3rF3HmH9twCZ3kTxSmTk8rFV%2CK1eHRfZfMPmt5HMHktzCBB4C7SATwGkFq%2CADeFYfqf5Y5CAHRH4tMCMMGsRS4TDVQT9&c=300&d=250&e=&g=f5fa9b8764c4fb9bd290769ebe7b0e5f%2F17545794819499481961&i=20597%2C20774%2C20773&j=21%2C14%2C14&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1664778449388&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1geefvmf7w9tnrnj9512sc0883yw7qp58gn9dt8qtndggn39qxz68zzqbws1fhmd9pt8pq5p4r6b20mvpakq2zmwg4vx1hmke23yney9mvwfk1awa4bxzba3960apf4seyr290z5zsr9vfcgfyt7wzzrte3f7vb289z867n0v56h8rnp1k9fxdy02kc2mwgm6a4nf1pfkzg04wxvyqjnm50vh3vr0fha5ypa7rhj3p1mpfbq5ks4vj5t53z8tfc6atxbbj905b18g%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCTPNY0IA6Y73oO_m99u8Pzq61kAiQ4YGEXLaoworwAsCNtwEQASAAYJW6rYK0B4IBF2NhLXB1Yi0xMzMzODcyMzI2MDU0MTQ2oAHCrujdA8gBCakCFoTab7hxsD7gAgCoAwGqBNYCT9A1QzuY_39DCWK2YqW5-LhTm7Mh39oaRS1rzRa3DlI3PImCpzu3GU4fwXuHKiqKHVvPnnm0zJIwCF2QfxOlYEojf4i7i4oWFvQpo7sVARWTp1nOjowrZAHgLsYXKi_BbgQqZdHa4yRIIGaFef_K9NusA_LLU_yoT4snoDq5_G7saSrTdTwdw4Rs_H0RlRryDI3OtTBZgXoaHjXEmAZnpp38YIhs7WDfQapkziwaY7kYoR4tmbIXah7q7VkSM2Ciq59kj0LR4HtOKt5qdmzmD9HVSBR31Xtm4fv_Q-JIf0E7sMCcrpueINP5GV9AVTrTraqBk-OVL0bgB0eesCz3jZzzBFWODIwOlKc8shcPoNnRxAbLxFmysZBTh1dhF86mxZsQa9eNgBwlKrDvLIzPoB5hsEtYhulsPTTCKwscQUkqH7U--dBWV6tiQKVsrRE6tXcvvCPK4AQBgAbxur7BzIOftfwBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1ABROh2ouoTmi9HSy1ePSF9LA92w%2526client%253Dca-pub-1333872326054146%2526adurl%253D&y=1&s=&z=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

34c3ae81cd958df09f8912557b0a7c53fea002cc24b4d6058d852da53811e414

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/rar?a=183975%2C19456%2C37798&b=e7RC3fVfrkRMajHZHet1t4jXTwSQTx8Ja1%2CdEQfEfkf2JVSEHjHwtEtbbrfeS4TGW4fj%2CEjeTDfEfzWzczHAHjt4t44bfKSVTZAGT7&f=DjeT3fwfGA3rF3HmH9twCZ3kTxSmTk8rFV%2CK1eHRfZfMPmt5HMHktzCBB4C7SATwGkFq%2CADeFYfqf5Y5CAHRH4tMCMMGsRS4TDVQT9&c=300&d=250&e=&g=f5fa9b8764c4fb9bd290769ebe7b0e5f%2F17545794819499481961&i=20597%2C20774%2C20773&j=21%2C14%2C14&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1664778449388&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1geefvmf7w9tnrnj9512sc0883yw7qp58gn9dt8qtndggn39qxz68zzqbws1fhmd9pt8pq5p4r6b20mvpakq2zmwg4vx1hmke23yney9mvwfk1awa4bxzba3960apf4seyr290z5zsr9vfcgfyt7wzzrte3f7vb289z867n0v56h8rnp1k9fxdy02kc2mwgm6a4nf1pfkzg04wxvyqjnm50vh3vr0fha5ypa7rhj3p1mpfbq5ks4vj5t53z8tfc6atxbbj905b18g%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCTPNY0IA6Y73oO_m99u8Pzq61kAiQ4YGEXLaoworwAsCNtwEQASAAYJW6rYK0B4IBF2NhLXB1Yi0xMzMzODcyMzI2MDU0MTQ2oAHCrujdA8gBCakCFoTab7hxsD7gAgCoAwGqBNYCT9A1QzuY_39DCWK2YqW5-LhTm7Mh39oaRS1rzRa3DlI3PImCpzu3GU4fwXuHKiqKHVvPnnm0zJIwCF2QfxOlYEojf4i7i4oWFvQpo7sVARWTp1nOjowrZAHgLsYXKi_BbgQqZdHa4yRIIGaFef_K9NusA_LLU_yoT4snoDq5_G7saSrTdTwdw4Rs_H0RlRryDI3OtTBZgXoaHjXEmAZnpp38YIhs7WDfQapkziwaY7kYoR4tmbIXah7q7VkSM2Ciq59kj0LR4HtOKt5qdmzmD9HVSBR31Xtm4fv_Q-JIf0E7sMCcrpueINP5GV9AVTrTraqBk-OVL0bgB0eesCz3jZzzBFWODIwOlKc8shcPoNnRxAbLxFmysZBTh1dhF86mxZsQa9eNgBwlKrDvLIzPoB5hsEtYhulsPTTCKwscQUkqH7U--dBWV6tiQKVsrRE6tXcvvCPK4AQBgAbxur7BzIOftfwBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1ABROh2ouoTmi9HSy1ePSF9LA92w%2526client%253Dca-pub-1333872326054146%2526adurl%253D&y=1&s=&z=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 06:27:29 GMT
strict-transport-security: max-age=86400; includeSubDomains; preload
via: 1.1 google
x-content-type-options: nosniff
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
cf-cache-status: HIT
age: 576612
cross-origin-embedder-policy: unsafe-none
cf-polished: origSize=86781
surrogate-control: no-store
content-encoding: br
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: same-origin
cf-bgj: minify
last-modified: Mon, 26 Sep 2022 14:17:17 GMT
cross-origin-opener-policy: unsafe-none
server: cloudflare
x-download-options: noopen
vary: accept-encoding
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
content-type: text/css; charset=utf-8
cache-control: max-age=3600, must-revalidate, proxy-revalidate
cf-ray: 75439cbd18719142-FRA
expires: 0

GET
H3 200 F9B39585BFA0505D63AEC15D6DB1B02D9089CB0BB1445FD9678DBB04C32C81A56DC3B966E24F60B1752A92F908AA27DE3F0994E5B1621436EB0D2328EC61055B
assets.ad4m.at/logo/ Frame 0CBD 127 KB
128 KB 23ms
22ms Image
image/webp 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/F9B39585BFA0505D63AEC15D6DB1B02D9089CB0BB1445FD9678DBB04C32C81A56DC3B966E24F60B1752A92F908AA27DE3F0994E5B1621436EB0D2328EC61055B
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=183975%2C19456%2C37798&b=e7RC3fVfrkRMajHZHet1t4jXTwSQTx8Ja1%2CdEQfEfkf2JVSEHjHwtEtbbrfeS4TGW4fj%2CEjeTDfEfzWzczHAHjt4t44bfKSVTZAGT7&f=DjeT3fwfGA3rF3HmH9twCZ3kTxSmTk8rFV%2CK1eHRfZfMPmt5HMHktzCBB4C7SATwGkFq%2CADeFYfqf5Y5CAHRH4tMCMMGsRS4TDVQT9&c=300&d=250&e=&g=f5fa9b8764c4fb9bd290769ebe7b0e5f%2F17545794819499481961&i=20597%2C20774%2C20773&j=21%2C14%2C14&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1664778449388&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1geefvmf7w9tnrnj9512sc0883yw7qp58gn9dt8qtndggn39qxz68zzqbws1fhmd9pt8pq5p4r6b20mvpakq2zmwg4vx1hmke23yney9mvwfk1awa4bxzba3960apf4seyr290z5zsr9vfcgfyt7wzzrte3f7vb289z867n0v56h8rnp1k9fxdy02kc2mwgm6a4nf1pfkzg04wxvyqjnm50vh3vr0fha5ypa7rhj3p1mpfbq5ks4vj5t53z8tfc6atxbbj905b18g%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCTPNY0IA6Y73oO_m99u8Pzq61kAiQ4YGEXLaoworwAsCNtwEQASAAYJW6rYK0B4IBF2NhLXB1Yi0xMzMzODcyMzI2MDU0MTQ2oAHCrujdA8gBCakCFoTab7hxsD7gAgCoAwGqBNYCT9A1QzuY_39DCWK2YqW5-LhTm7Mh39oaRS1rzRa3DlI3PImCpzu3GU4fwXuHKiqKHVvPnnm0zJIwCF2QfxOlYEojf4i7i4oWFvQpo7sVARWTp1nOjowrZAHgLsYXKi_BbgQqZdHa4yRIIGaFef_K9NusA_LLU_yoT4snoDq5_G7saSrTdTwdw4Rs_H0RlRryDI3OtTBZgXoaHjXEmAZnpp38YIhs7WDfQapkziwaY7kYoR4tmbIXah7q7VkSM2Ciq59kj0LR4HtOKt5qdmzmD9HVSBR31Xtm4fv_Q-JIf0E7sMCcrpueINP5GV9AVTrTraqBk-OVL0bgB0eesCz3jZzzBFWODIwOlKc8shcPoNnRxAbLxFmysZBTh1dhF86mxZsQa9eNgBwlKrDvLIzPoB5hsEtYhulsPTTCKwscQUkqH7U--dBWV6tiQKVsrRE6tXcvvCPK4AQBgAbxur7BzIOftfwBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1ABROh2ouoTmi9HSy1ePSF9LA92w%2526client%253Dca-pub-1333872326054146%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4e249aef61e2d675b41a8d764b5b9c9a8ee9ebc5e512386625516f6d2c8a4977

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 06:27:29 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 888812
cf-polished: origFmt=png, origSize=233620
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 130164
cf-bgj: imgq:85,h2pri
last-modified: Tue, 29 Mar 2022 07:10:51 GMT
server: cloudflare
etag: "d1d171dd651522f41a2fc0dba256a546"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fS9jO7lpEG17nhQ62qtTOxX%2BrEq2NlY4BfoCThPuS3CstyttOaE9Z0KAPDz%2F6xW5qkxFGBPT3wt6nbL2wJZiKWhrVtGg1F1u7896o1uwGIJXO0B%2FyXziCrF2He%2ByJKzu0CulRTjpBoQVAkND"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 75439cbd18769142-FRA
expires: Tue, 04 Oct 2022 06:27:29 GMT

GET
H3 200 1408E404D125984EC307986C30204BFB93CEF5A079A8B664A2AB24EB8E10E04B06FC2810F2A3432611FA8E4EB56D40C4CE476E3578F76162AC45AD15ADEE2CC0
assets.ad4m.at/product_image/ Frame 0CBD 461 KB
461 KB 27ms
26ms Image
image/webp 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/1408E404D125984EC307986C30204BFB93CEF5A079A8B664A2AB24EB8E10E04B06FC2810F2A3432611FA8E4EB56D40C4CE476E3578F76162AC45AD15ADEE2CC0
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=183975%2C19456%2C37798&b=e7RC3fVfrkRMajHZHet1t4jXTwSQTx8Ja1%2CdEQfEfkf2JVSEHjHwtEtbbrfeS4TGW4fj%2CEjeTDfEfzWzczHAHjt4t44bfKSVTZAGT7&f=DjeT3fwfGA3rF3HmH9twCZ3kTxSmTk8rFV%2CK1eHRfZfMPmt5HMHktzCBB4C7SATwGkFq%2CADeFYfqf5Y5CAHRH4tMCMMGsRS4TDVQT9&c=300&d=250&e=&g=f5fa9b8764c4fb9bd290769ebe7b0e5f%2F17545794819499481961&i=20597%2C20774%2C20773&j=21%2C14%2C14&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1664778449388&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1geefvmf7w9tnrnj9512sc0883yw7qp58gn9dt8qtndggn39qxz68zzqbws1fhmd9pt8pq5p4r6b20mvpakq2zmwg4vx1hmke23yney9mvwfk1awa4bxzba3960apf4seyr290z5zsr9vfcgfyt7wzzrte3f7vb289z867n0v56h8rnp1k9fxdy02kc2mwgm6a4nf1pfkzg04wxvyqjnm50vh3vr0fha5ypa7rhj3p1mpfbq5ks4vj5t53z8tfc6atxbbj905b18g%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCTPNY0IA6Y73oO_m99u8Pzq61kAiQ4YGEXLaoworwAsCNtwEQASAAYJW6rYK0B4IBF2NhLXB1Yi0xMzMzODcyMzI2MDU0MTQ2oAHCrujdA8gBCakCFoTab7hxsD7gAgCoAwGqBNYCT9A1QzuY_39DCWK2YqW5-LhTm7Mh39oaRS1rzRa3DlI3PImCpzu3GU4fwXuHKiqKHVvPnnm0zJIwCF2QfxOlYEojf4i7i4oWFvQpo7sVARWTp1nOjowrZAHgLsYXKi_BbgQqZdHa4yRIIGaFef_K9NusA_LLU_yoT4snoDq5_G7saSrTdTwdw4Rs_H0RlRryDI3OtTBZgXoaHjXEmAZnpp38YIhs7WDfQapkziwaY7kYoR4tmbIXah7q7VkSM2Ciq59kj0LR4HtOKt5qdmzmD9HVSBR31Xtm4fv_Q-JIf0E7sMCcrpueINP5GV9AVTrTraqBk-OVL0bgB0eesCz3jZzzBFWODIwOlKc8shcPoNnRxAbLxFmysZBTh1dhF86mxZsQa9eNgBwlKrDvLIzPoB5hsEtYhulsPTTCKwscQUkqH7U--dBWV6tiQKVsrRE6tXcvvCPK4AQBgAbxur7BzIOftfwBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1ABROh2ouoTmi9HSy1ePSF9LA92w%2526client%253Dca-pub-1333872326054146%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ec335cbc056796d69797fd1ef82fc0abd9159579add0bf72e3f54fc0acba786b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 06:27:29 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 816015
cf-polished: origFmt=png, origSize=731561
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 471752
cf-bgj: imgq:85,h2pri
last-modified: Tue, 29 Mar 2022 07:03:31 GMT
server: cloudflare
etag: "1b69278243c107df5b11186b1f6ca585"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2F1Sm8WLmBg7bJlWNdXofLir7o2H9veCB8O81EPJ0haSDHcIEj9XQD18aT%2FtPbGNmsPE%2B9S91tiEXAnww7maMtNJuqrYL1j6NpYX9ETDJtwHNaM6hhXERPyP573lEAcRjgNq%2FX%2FDhkIEe6DJX"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 75439cbd18849142-FRA
expires: Tue, 04 Oct 2022 06:27:29 GMT

GET
H3 200 D694B3AB12381C049B127B34DC11A792684BA8B6EE8B598D6E4045678591B7D0DC6B2CEF7528F06BB05FC11826A1D16CF24DA68FCFC2416343996FBFC05A3155
assets.ad4m.at/logo/ Frame 0CBD 53 KB
54 KB 24ms
22ms Image
image/webp 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/D694B3AB12381C049B127B34DC11A792684BA8B6EE8B598D6E4045678591B7D0DC6B2CEF7528F06BB05FC11826A1D16CF24DA68FCFC2416343996FBFC05A3155
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=183975%2C19456%2C37798&b=e7RC3fVfrkRMajHZHet1t4jXTwSQTx8Ja1%2CdEQfEfkf2JVSEHjHwtEtbbrfeS4TGW4fj%2CEjeTDfEfzWzczHAHjt4t44bfKSVTZAGT7&f=DjeT3fwfGA3rF3HmH9twCZ3kTxSmTk8rFV%2CK1eHRfZfMPmt5HMHktzCBB4C7SATwGkFq%2CADeFYfqf5Y5CAHRH4tMCMMGsRS4TDVQT9&c=300&d=250&e=&g=f5fa9b8764c4fb9bd290769ebe7b0e5f%2F17545794819499481961&i=20597%2C20774%2C20773&j=21%2C14%2C14&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1664778449388&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1geefvmf7w9tnrnj9512sc0883yw7qp58gn9dt8qtndggn39qxz68zzqbws1fhmd9pt8pq5p4r6b20mvpakq2zmwg4vx1hmke23yney9mvwfk1awa4bxzba3960apf4seyr290z5zsr9vfcgfyt7wzzrte3f7vb289z867n0v56h8rnp1k9fxdy02kc2mwgm6a4nf1pfkzg04wxvyqjnm50vh3vr0fha5ypa7rhj3p1mpfbq5ks4vj5t53z8tfc6atxbbj905b18g%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCTPNY0IA6Y73oO_m99u8Pzq61kAiQ4YGEXLaoworwAsCNtwEQASAAYJW6rYK0B4IBF2NhLXB1Yi0xMzMzODcyMzI2MDU0MTQ2oAHCrujdA8gBCakCFoTab7hxsD7gAgCoAwGqBNYCT9A1QzuY_39DCWK2YqW5-LhTm7Mh39oaRS1rzRa3DlI3PImCpzu3GU4fwXuHKiqKHVvPnnm0zJIwCF2QfxOlYEojf4i7i4oWFvQpo7sVARWTp1nOjowrZAHgLsYXKi_BbgQqZdHa4yRIIGaFef_K9NusA_LLU_yoT4snoDq5_G7saSrTdTwdw4Rs_H0RlRryDI3OtTBZgXoaHjXEmAZnpp38YIhs7WDfQapkziwaY7kYoR4tmbIXah7q7VkSM2Ciq59kj0LR4HtOKt5qdmzmD9HVSBR31Xtm4fv_Q-JIf0E7sMCcrpueINP5GV9AVTrTraqBk-OVL0bgB0eesCz3jZzzBFWODIwOlKc8shcPoNnRxAbLxFmysZBTh1dhF86mxZsQa9eNgBwlKrDvLIzPoB5hsEtYhulsPTTCKwscQUkqH7U--dBWV6tiQKVsrRE6tXcvvCPK4AQBgAbxur7BzIOftfwBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1ABROh2ouoTmi9HSy1ePSF9LA92w%2526client%253Dca-pub-1333872326054146%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f7cdf71044448cb736733f5163fff96081d51ba4101567d61d22ee5998a7a399

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 06:27:29 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 816018
cf-polished: origFmt=png, origSize=115129
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 54564
cf-bgj: imgq:85,h2pri
last-modified: Tue, 09 Feb 2021 15:11:24 GMT
server: cloudflare
etag: "0a277d59efca0369a6983645e273659e"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kG2BrZTJmm%2BD1N5kKlqDDiSGGXrN%2FmAsLWlSS73k36WgBMcYu%2BTk18pbzaDILOamHT6xW7q4dJ2wfq%2FVvQQXc80%2FSk6XWLdtqpXmeXm5HJ9iHo8nRUPOzIT8yDyUbtBOGTG6mx3vkP0wF1k8"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 75439cbd28899142-FRA
expires: Tue, 04 Oct 2022 06:27:29 GMT

GET
H3 200 94776D1EA84A2C016C3E2F4F2FF5CAFAE59DCE9271B62B383432451DCE910FAAE81B73D3436E567532B91B0BB75A1A9BC40155D0E940C698B45E520EC40D2A19
assets.ad4m.at/product_image/ Frame 0CBD 10 KB
11 KB 40ms
38ms Image
image/webp 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/94776D1EA84A2C016C3E2F4F2FF5CAFAE59DCE9271B62B383432451DCE910FAAE81B73D3436E567532B91B0BB75A1A9BC40155D0E940C698B45E520EC40D2A19
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=183975%2C19456%2C37798&b=e7RC3fVfrkRMajHZHet1t4jXTwSQTx8Ja1%2CdEQfEfkf2JVSEHjHwtEtbbrfeS4TGW4fj%2CEjeTDfEfzWzczHAHjt4t44bfKSVTZAGT7&f=DjeT3fwfGA3rF3HmH9twCZ3kTxSmTk8rFV%2CK1eHRfZfMPmt5HMHktzCBB4C7SATwGkFq%2CADeFYfqf5Y5CAHRH4tMCMMGsRS4TDVQT9&c=300&d=250&e=&g=f5fa9b8764c4fb9bd290769ebe7b0e5f%2F17545794819499481961&i=20597%2C20774%2C20773&j=21%2C14%2C14&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1664778449388&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1geefvmf7w9tnrnj9512sc0883yw7qp58gn9dt8qtndggn39qxz68zzqbws1fhmd9pt8pq5p4r6b20mvpakq2zmwg4vx1hmke23yney9mvwfk1awa4bxzba3960apf4seyr290z5zsr9vfcgfyt7wzzrte3f7vb289z867n0v56h8rnp1k9fxdy02kc2mwgm6a4nf1pfkzg04wxvyqjnm50vh3vr0fha5ypa7rhj3p1mpfbq5ks4vj5t53z8tfc6atxbbj905b18g%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCTPNY0IA6Y73oO_m99u8Pzq61kAiQ4YGEXLaoworwAsCNtwEQASAAYJW6rYK0B4IBF2NhLXB1Yi0xMzMzODcyMzI2MDU0MTQ2oAHCrujdA8gBCakCFoTab7hxsD7gAgCoAwGqBNYCT9A1QzuY_39DCWK2YqW5-LhTm7Mh39oaRS1rzRa3DlI3PImCpzu3GU4fwXuHKiqKHVvPnnm0zJIwCF2QfxOlYEojf4i7i4oWFvQpo7sVARWTp1nOjowrZAHgLsYXKi_BbgQqZdHa4yRIIGaFef_K9NusA_LLU_yoT4snoDq5_G7saSrTdTwdw4Rs_H0RlRryDI3OtTBZgXoaHjXEmAZnpp38YIhs7WDfQapkziwaY7kYoR4tmbIXah7q7VkSM2Ciq59kj0LR4HtOKt5qdmzmD9HVSBR31Xtm4fv_Q-JIf0E7sMCcrpueINP5GV9AVTrTraqBk-OVL0bgB0eesCz3jZzzBFWODIwOlKc8shcPoNnRxAbLxFmysZBTh1dhF86mxZsQa9eNgBwlKrDvLIzPoB5hsEtYhulsPTTCKwscQUkqH7U--dBWV6tiQKVsrRE6tXcvvCPK4AQBgAbxur7BzIOftfwBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1ABROh2ouoTmi9HSy1ePSF9LA92w%2526client%253Dca-pub-1333872326054146%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6aa4aec3bf9cf0b1c0b6ac8db92c9c0126c3642e0ceb730601a0d2db7083cac3

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 06:27:29 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 814631
cf-polished: qual=85, origFmt=jpeg, origSize=57873
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 10528
cf-bgj: imgq:85,h2pri
last-modified: Tue, 19 Oct 2021 12:57:42 GMT
server: cloudflare
etag: "cbdcca70875184d14fb32ad75cb24482"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7V7oGXH70fN6oDlRaGeIklcd5jUF03V95zDfpUriY6dMpX5Yq4wjE3QLGqea4pa3PSDE6DbvV5uv0rFEv2RAJXWZx9hPPGbEXpnlMG%2Bg%2BgsJN3FMewgzpbifw4jhPG%2B%2FcuAnf6f7211JL3SK"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 75439cbd288b9142-FRA
expires: Tue, 04 Oct 2022 06:27:29 GMT

GET
H/1.1

200
OK

/
partner.o2online.de/a/ Frame 0CBD
Redirect Chain

https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_t...
https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_pre=CPaM84C3w_oCFamSdwodhMIA2Q;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=...
https://www.telefonica-partner.de/tpv.php?t=117679V1226132702M&subid=viewoneiddEQfEfkf2JVSEHjHwtEtbbrfeS4TGW4fjoneid__dc_reach_suite02wkz&gdpr_consent=&gdpr=0&gdpr_pd=0
https://www.lead-alliance.net/tpv.php?t=117679V1226132702M&subid=viewoneiddEQfEfkf2JVSEHjHwtEtbbrfeS4TGW4fjoneid__dc_reach_suite02wkz&gdpr_consent=&gdpr=0&gdpr_pd=0
https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117679&s_id=2022100308272977051021527X117679V1226132702MSviewoneiddEQfEfkf2JVSEHjHwtEtbbrfeS4TGW4fjoneid__dc_reach...

49 B
1 KB

74ms
28ms

Image
image/gif

78.46.85.162
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117679&s_id=2022100308272977051021527X117679V1226132702MSviewoneiddEQfEfkf2JVSEHjHwtEtbbrfeS4TGW4fjoneid__dc_reach_suite02wkz&gdpr_consent=&gdpr=0&cons=0&spid=2022100308272977051021527X117679V1226132702MSviewoneiddEQfEfkf2JVSEHjHwtEtbbrfeS4TGW4fjoneid__dc_reach_suite02wkz&wfid=117679&partnerid=12218
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=183975%2C19456%2C37798&b=e7RC3fVfrkRMajHZHet1t4jXTwSQTx8Ja1%2CdEQfEfkf2JVSEHjHwtEtbbrfeS4TGW4fj%2CEjeTDfEfzWzczHAHjt4t44bfKSVTZAGT7&f=DjeT3fwfGA3rF3HmH9twCZ3kTxSmTk8rFV%2CK1eHRfZfMPmt5HMHktzCBB4C7SATwGkFq%2CADeFYfqf5Y5CAHRH4tMCMMGsRS4TDVQT9&c=300&d=250&e=&g=f5fa9b8764c4fb9bd290769ebe7b0e5f%2F17545794819499481961&i=20597%2C20774%2C20773&j=21%2C14%2C14&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1664778449388&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1geefvmf7w9tnrnj9512sc0883yw7qp58gn9dt8qtndggn39qxz68zzqbws1fhmd9pt8pq5p4r6b20mvpakq2zmwg4vx1hmke23yney9mvwfk1awa4bxzba3960apf4seyr290z5zsr9vfcgfyt7wzzrte3f7vb289z867n0v56h8rnp1k9fxdy02kc2mwgm6a4nf1pfkzg04wxvyqjnm50vh3vr0fha5ypa7rhj3p1mpfbq5ks4vj5t53z8tfc6atxbbj905b18g%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCTPNY0IA6Y73oO_m99u8Pzq61kAiQ4YGEXLaoworwAsCNtwEQASAAYJW6rYK0B4IBF2NhLXB1Yi0xMzMzODcyMzI2MDU0MTQ2oAHCrujdA8gBCakCFoTab7hxsD7gAgCoAwGqBNYCT9A1QzuY_39DCWK2YqW5-LhTm7Mh39oaRS1rzRa3DlI3PImCpzu3GU4fwXuHKiqKHVvPnnm0zJIwCF2QfxOlYEojf4i7i4oWFvQpo7sVARWTp1nOjowrZAHgLsYXKi_BbgQqZdHa4yRIIGaFef_K9NusA_LLU_yoT4snoDq5_G7saSrTdTwdw4Rs_H0RlRryDI3OtTBZgXoaHjXEmAZnpp38YIhs7WDfQapkziwaY7kYoR4tmbIXah7q7VkSM2Ciq59kj0LR4HtOKt5qdmzmD9HVSBR31Xtm4fv_Q-JIf0E7sMCcrpueINP5GV9AVTrTraqBk-OVL0bgB0eesCz3jZzzBFWODIwOlKc8shcPoNnRxAbLxFmysZBTh1dhF86mxZsQa9eNgBwlKrDvLIzPoB5hsEtYhulsPTTCKwscQUkqH7U--dBWV6tiQKVsrRE6tXcvvCPK4AQBgAbxur7BzIOftfwBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1ABROh2ouoTmi9HSy1ePSF9LA92w%2526client%253Dca-pub-1333872326054146%2526adurl%253D&y=1&s=&z=0
Protocol: HTTP/1.1
Server: 78.46.85.162 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: nonstopads1.sunbonet.de
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date: Mon, 03 Oct 2022 06:27:29 GMT
X-NODEIP: 78.46.85.162
Server: nginx/1.10.3 (Ubuntu)
RM-PrivacyPolicy: https://www.nonstoppartner.net/
Content-Type: image/gif
P3P: policyref="https://a.nonstoppartner.net/w3c/p3p.a.xml", CP="NOI CUR OUR STP"
Connection: keep-alive
Keep-Alive: timeout=10
Content-Length: 49

Redirect headers

location: https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117679&s_id=2022100308272977051021527X117679V1226132702MSviewoneiddEQfEfkf2JVSEHjHwtEtbbrfeS4TGW4fjoneid__dc_reach_suite02wkz&gdpr_consent=&gdpr=0&cons=0&spid=2022100308272977051021527X117679V1226132702MSviewoneiddEQfEfkf2JVSEHjHwtEtbbrfeS4TGW4fjoneid__dc_reach_suite02wkz&wfid=117679&partnerid=12218
date: Mon, 03 Oct 2022 06:27:29 GMT
x-content-type-options: nosniff
server: nginx
x-xss-protection: 1; mode=block
content-type: text/html; charset=UTF-8

GET
H3 200 DF9A32151D42BCC835EC0C9BE62CF0094313EE46FD4E5D3DC0F1217B7F8F1AD49F0F4DDF5D50AE1511A12D11F97A6BCA3DF8CE9D056CE7A3DC11AF6ED1255D71
assets.ad4m.at/logo/ Frame 0CBD 9 KB
10 KB 40ms
39ms Image
image/webp 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/DF9A32151D42BCC835EC0C9BE62CF0094313EE46FD4E5D3DC0F1217B7F8F1AD49F0F4DDF5D50AE1511A12D11F97A6BCA3DF8CE9D056CE7A3DC11AF6ED1255D71
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=183975%2C19456%2C37798&b=e7RC3fVfrkRMajHZHet1t4jXTwSQTx8Ja1%2CdEQfEfkf2JVSEHjHwtEtbbrfeS4TGW4fj%2CEjeTDfEfzWzczHAHjt4t44bfKSVTZAGT7&f=DjeT3fwfGA3rF3HmH9twCZ3kTxSmTk8rFV%2CK1eHRfZfMPmt5HMHktzCBB4C7SATwGkFq%2CADeFYfqf5Y5CAHRH4tMCMMGsRS4TDVQT9&c=300&d=250&e=&g=f5fa9b8764c4fb9bd290769ebe7b0e5f%2F17545794819499481961&i=20597%2C20774%2C20773&j=21%2C14%2C14&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1664778449388&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1geefvmf7w9tnrnj9512sc0883yw7qp58gn9dt8qtndggn39qxz68zzqbws1fhmd9pt8pq5p4r6b20mvpakq2zmwg4vx1hmke23yney9mvwfk1awa4bxzba3960apf4seyr290z5zsr9vfcgfyt7wzzrte3f7vb289z867n0v56h8rnp1k9fxdy02kc2mwgm6a4nf1pfkzg04wxvyqjnm50vh3vr0fha5ypa7rhj3p1mpfbq5ks4vj5t53z8tfc6atxbbj905b18g%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCTPNY0IA6Y73oO_m99u8Pzq61kAiQ4YGEXLaoworwAsCNtwEQASAAYJW6rYK0B4IBF2NhLXB1Yi0xMzMzODcyMzI2MDU0MTQ2oAHCrujdA8gBCakCFoTab7hxsD7gAgCoAwGqBNYCT9A1QzuY_39DCWK2YqW5-LhTm7Mh39oaRS1rzRa3DlI3PImCpzu3GU4fwXuHKiqKHVvPnnm0zJIwCF2QfxOlYEojf4i7i4oWFvQpo7sVARWTp1nOjowrZAHgLsYXKi_BbgQqZdHa4yRIIGaFef_K9NusA_LLU_yoT4snoDq5_G7saSrTdTwdw4Rs_H0RlRryDI3OtTBZgXoaHjXEmAZnpp38YIhs7WDfQapkziwaY7kYoR4tmbIXah7q7VkSM2Ciq59kj0LR4HtOKt5qdmzmD9HVSBR31Xtm4fv_Q-JIf0E7sMCcrpueINP5GV9AVTrTraqBk-OVL0bgB0eesCz3jZzzBFWODIwOlKc8shcPoNnRxAbLxFmysZBTh1dhF86mxZsQa9eNgBwlKrDvLIzPoB5hsEtYhulsPTTCKwscQUkqH7U--dBWV6tiQKVsrRE6tXcvvCPK4AQBgAbxur7BzIOftfwBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1ABROh2ouoTmi9HSy1ePSF9LA92w%2526client%253Dca-pub-1333872326054146%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5eeedf9055f9efab9127642b4c44135be9f404caa7ce08e51a5ea734dfd28828

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 06:27:29 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 807936
cf-polished: origFmt=png, origSize=24833
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 9258
cf-bgj: imgq:85,h2pri
last-modified: Tue, 09 Feb 2021 15:11:57 GMT
server: cloudflare
etag: "174bb0dc35647e204b09aa120965604a"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aNQ3J5T%2BX3L%2F3gRRBHsoYSqpQQoXxhn5Fh3QHruZ9bhZbFScEPHbVKlUgKFC0Pi8Bg8UeplS9ud%2BJBl3KDHs12Gvar9rcXsJMMuuhIR8MFk%2FCKQdybkK03mYEsAS3VdgAu1APbXehih1muqL"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 75439cbd288c9142-FRA
expires: Tue, 04 Oct 2022 06:27:29 GMT

GET
H3 200 4DE97418EB5F5BE9A71C11FD95916F9836DEEEC46AE84ACFA7D2376456F7A7C74F106F12C1A70D7E3A981D479BA3AF50577133602BE1F8B4B02B50A143BD72D1
assets.ad4m.at/product_image/ Frame 0CBD 19 KB
20 KB 24ms
23ms Image
image/webp 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/4DE97418EB5F5BE9A71C11FD95916F9836DEEEC46AE84ACFA7D2376456F7A7C74F106F12C1A70D7E3A981D479BA3AF50577133602BE1F8B4B02B50A143BD72D1
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=183975%2C19456%2C37798&b=e7RC3fVfrkRMajHZHet1t4jXTwSQTx8Ja1%2CdEQfEfkf2JVSEHjHwtEtbbrfeS4TGW4fj%2CEjeTDfEfzWzczHAHjt4t44bfKSVTZAGT7&f=DjeT3fwfGA3rF3HmH9twCZ3kTxSmTk8rFV%2CK1eHRfZfMPmt5HMHktzCBB4C7SATwGkFq%2CADeFYfqf5Y5CAHRH4tMCMMGsRS4TDVQT9&c=300&d=250&e=&g=f5fa9b8764c4fb9bd290769ebe7b0e5f%2F17545794819499481961&i=20597%2C20774%2C20773&j=21%2C14%2C14&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1664778449388&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1geefvmf7w9tnrnj9512sc0883yw7qp58gn9dt8qtndggn39qxz68zzqbws1fhmd9pt8pq5p4r6b20mvpakq2zmwg4vx1hmke23yney9mvwfk1awa4bxzba3960apf4seyr290z5zsr9vfcgfyt7wzzrte3f7vb289z867n0v56h8rnp1k9fxdy02kc2mwgm6a4nf1pfkzg04wxvyqjnm50vh3vr0fha5ypa7rhj3p1mpfbq5ks4vj5t53z8tfc6atxbbj905b18g%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCTPNY0IA6Y73oO_m99u8Pzq61kAiQ4YGEXLaoworwAsCNtwEQASAAYJW6rYK0B4IBF2NhLXB1Yi0xMzMzODcyMzI2MDU0MTQ2oAHCrujdA8gBCakCFoTab7hxsD7gAgCoAwGqBNYCT9A1QzuY_39DCWK2YqW5-LhTm7Mh39oaRS1rzRa3DlI3PImCpzu3GU4fwXuHKiqKHVvPnnm0zJIwCF2QfxOlYEojf4i7i4oWFvQpo7sVARWTp1nOjowrZAHgLsYXKi_BbgQqZdHa4yRIIGaFef_K9NusA_LLU_yoT4snoDq5_G7saSrTdTwdw4Rs_H0RlRryDI3OtTBZgXoaHjXEmAZnpp38YIhs7WDfQapkziwaY7kYoR4tmbIXah7q7VkSM2Ciq59kj0LR4HtOKt5qdmzmD9HVSBR31Xtm4fv_Q-JIf0E7sMCcrpueINP5GV9AVTrTraqBk-OVL0bgB0eesCz3jZzzBFWODIwOlKc8shcPoNnRxAbLxFmysZBTh1dhF86mxZsQa9eNgBwlKrDvLIzPoB5hsEtYhulsPTTCKwscQUkqH7U--dBWV6tiQKVsrRE6tXcvvCPK4AQBgAbxur7BzIOftfwBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1ABROh2ouoTmi9HSy1ePSF9LA92w%2526client%253Dca-pub-1333872326054146%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ff52cd6fa87197e500ac404574525aeeb1b9d184f90a74e19197f6fc159e6107

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 06:27:29 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 812747
cf-polished: qual=85, origFmt=jpeg, origSize=136162
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 19842
cf-bgj: imgq:85,h2pri
last-modified: Thu, 21 Oct 2021 09:14:42 GMT
server: cloudflare
etag: "2494eb47f8151ccbd31e6f1b1ef2fcf9"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=otZB4xSrqlYMfv3XoCTVbGdFpJlk3AEG6xsvy%2BJMdxwHxI5LeUiz268O80utPAm6Dt8iekoWeCk1hExezgOtYPcNyDss2yGbrv3FzyP1NSjTL5JOF%2FACx67SeDVlDrZ4L6%2FRHF4NNrNybQWs"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 75439cbd288f9142-FRA
expires: Tue, 04 Oct 2022 06:27:29 GMT

GET
H/1.1

200
OK

/
partner.blau.de/a/ Frame 0CBD
Redirect Chain

https://ad.doubleclick.net/ddm/trackimp/N773418.3163536BLAU_AFFILIATE/B25532621.345088000;dc_trk_aid=536454876;dc_trk_cid=177082088;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed...
https://ad.doubleclick.net/ddm/trackimp/N773418.3163536BLAU_AFFILIATE/B25532621.345088000;dc_pre=CMKN84C3w_oCFTPyuwgdbJcB9g;dc_trk_aid=536454876;dc_trk_cid=177082088;ord=%7B%7Btimestamp%7D%7D;dc_la...
https://www.telefonica-partner.de/tpv.php?t=117663V1225131106M&subid=viewoneidEjeTDfEfzWzczHAHjt4t44bfKSVTZAGT7oneid__dc_reach_suite02wkz&gdpr_consent=&gdpr=0&gdpr_pd=0
https://www.lead-alliance.net/tpv.php?t=117663V1225131106M&subid=viewoneidEjeTDfEfzWzczHAHjt4t44bfKSVTZAGT7oneid__dc_reach_suite02wkz&gdpr_consent=&gdpr=0&gdpr_pd=0
https://partner.blau.de/a/?i=pview&client=blau&camp=pview&l=de&nw=lea1&affiliate=117663&s_id=2022100308272977051021529X117663V1225131106MSviewoneidEjeTDfEfzWzczHAHjt4t44bfKSVTZAGT7oneid__dc_reach_s...

49 B
1 KB

59ms
20ms

Image
image/gif

46.4.41.145
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://partner.blau.de/a/?i=pview&client=blau&camp=pview&l=de&nw=lea1&affiliate=117663&s_id=2022100308272977051021529X117663V1225131106MSviewoneidEjeTDfEfzWzczHAHjt4t44bfKSVTZAGT7oneid__dc_reach_suite02wkz&gdpr_consent=&gdpr=0&cons=0
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=183975%2C19456%2C37798&b=e7RC3fVfrkRMajHZHet1t4jXTwSQTx8Ja1%2CdEQfEfkf2JVSEHjHwtEtbbrfeS4TGW4fj%2CEjeTDfEfzWzczHAHjt4t44bfKSVTZAGT7&f=DjeT3fwfGA3rF3HmH9twCZ3kTxSmTk8rFV%2CK1eHRfZfMPmt5HMHktzCBB4C7SATwGkFq%2CADeFYfqf5Y5CAHRH4tMCMMGsRS4TDVQT9&c=300&d=250&e=&g=f5fa9b8764c4fb9bd290769ebe7b0e5f%2F17545794819499481961&i=20597%2C20774%2C20773&j=21%2C14%2C14&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1664778449388&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1geefvmf7w9tnrnj9512sc0883yw7qp58gn9dt8qtndggn39qxz68zzqbws1fhmd9pt8pq5p4r6b20mvpakq2zmwg4vx1hmke23yney9mvwfk1awa4bxzba3960apf4seyr290z5zsr9vfcgfyt7wzzrte3f7vb289z867n0v56h8rnp1k9fxdy02kc2mwgm6a4nf1pfkzg04wxvyqjnm50vh3vr0fha5ypa7rhj3p1mpfbq5ks4vj5t53z8tfc6atxbbj905b18g%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCTPNY0IA6Y73oO_m99u8Pzq61kAiQ4YGEXLaoworwAsCNtwEQASAAYJW6rYK0B4IBF2NhLXB1Yi0xMzMzODcyMzI2MDU0MTQ2oAHCrujdA8gBCakCFoTab7hxsD7gAgCoAwGqBNYCT9A1QzuY_39DCWK2YqW5-LhTm7Mh39oaRS1rzRa3DlI3PImCpzu3GU4fwXuHKiqKHVvPnnm0zJIwCF2QfxOlYEojf4i7i4oWFvQpo7sVARWTp1nOjowrZAHgLsYXKi_BbgQqZdHa4yRIIGaFef_K9NusA_LLU_yoT4snoDq5_G7saSrTdTwdw4Rs_H0RlRryDI3OtTBZgXoaHjXEmAZnpp38YIhs7WDfQapkziwaY7kYoR4tmbIXah7q7VkSM2Ciq59kj0LR4HtOKt5qdmzmD9HVSBR31Xtm4fv_Q-JIf0E7sMCcrpueINP5GV9AVTrTraqBk-OVL0bgB0eesCz3jZzzBFWODIwOlKc8shcPoNnRxAbLxFmysZBTh1dhF86mxZsQa9eNgBwlKrDvLIzPoB5hsEtYhulsPTTCKwscQUkqH7U--dBWV6tiQKVsrRE6tXcvvCPK4AQBgAbxur7BzIOftfwBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1ABROh2ouoTmi9HSy1ePSF9LA92w%2526client%253Dca-pub-1333872326054146%2526adurl%253D&y=1&s=&z=0
Protocol: HTTP/1.1
Server: 46.4.41.145 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: nonstopads2.sunbonet.de
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date: Mon, 03 Oct 2022 06:27:29 GMT
X-NODEIP: 46.4.41.145
Server: nginx/1.10.3 (Ubuntu)
RM-PrivacyPolicy: https://www.nonstoppartner.net/
Content-Type: image/gif
P3P: policyref="https://a.nonstoppartner.net/w3c/p3p.a.xml", CP="NOI CUR OUR STP"
Connection: keep-alive
Keep-Alive: timeout=10
Content-Length: 49

Redirect headers

location: https://partner.blau.de/a/?i=pview&client=blau&camp=pview&l=de&nw=lea1&affiliate=117663&s_id=2022100308272977051021529X117663V1225131106MSviewoneidEjeTDfEfzWzczHAHjt4t44bfKSVTZAGT7oneid__dc_reach_suite02wkz&gdpr_consent=&gdpr=0&cons=0
date: Mon, 03 Oct 2022 06:27:29 GMT
x-content-type-options: nosniff
server: nginx
x-xss-protection: 1; mode=block
content-type: text/html; charset=UTF-8

GET
H2 200 link.html Show response
track.webgains.com/ Frame 0CBD 1 KB
2 KB 63ms
62ms Script
text/html 3.11.195.34
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://track.webgains.com/link.html?wglinkid=2194035&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1jpmr2kf9amp0x98jdmf7anat6kg9vxpf214ha7hjwwr4wtcagmpmzjf1mhm91b85h9td7p34bq1v9aa77s34atyppsxtxm7xz4qnq2mm9eebezsmkbqgh1s9rvs2mpfh0vzfxbsp2jp169r358qpwnrzmtttm73yj1e6yfmaax8104pz91vcy0h33cvhh3bvd1b23htw3pmap42qmnq07j3bb51knft6ndg3b7j4q1rt8thnkwzzpt9msjvax9z5c5v4%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1geefvmf7w9tnrnj9512sc0883yw7qp58gn9dt8qtndggn39qxz68zzqbws1fhmd9pt8pq5p4r6b20mvpakq2zmwg4vx1hmke23yney9mvwfk1awa4bxzba3960apf4seyr290z5zsr9vfcgfyt7wzzrte3f7vb289z867n0v56h8rnp1k9fxdy02kc2mwgm6a4nf1pfkzg04wxvyqjnm50vh3vr0fha5ypa7rhj3p1mpfbq5ks4vj5t53z8tfc6atxbbj905b18g%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCTPNY0IA6Y73oO_m99u8Pzq61kAiQ4YGEXLaoworwAsCNtwEQASAAYJW6rYK0B4IBF2NhLXB1Yi0xMzMzODcyMzI2MDU0MTQ2oAHCrujdA8gBCakCFoTab7hxsD7gAgCoAwGqBNYCT9A1QzuY_39DCWK2YqW5-LhTm7Mh39oaRS1rzRa3DlI3PImCpzu3GU4fwXuHKiqKHVvPnnm0zJIwCF2QfxOlYEojf4i7i4oWFvQpo7sVARWTp1nOjowrZAHgLsYXKi_BbgQqZdHa4yRIIGaFef_K9NusA_LLU_yoT4snoDq5_G7saSrTdTwdw4Rs_H0RlRryDI3OtTBZgXoaHjXEmAZnpp38YIhs7WDfQapkziwaY7kYoR4tmbIXah7q7VkSM2Ciq59kj0LR4HtOKt5qdmzmD9HVSBR31Xtm4fv_Q-JIf0E7sMCcrpueINP5GV9AVTrTraqBk-OVL0bgB0eesCz3jZzzBFWODIwOlKc8shcPoNnRxAbLxFmysZBTh1dhF86mxZsQa9eNgBwlKrDvLIzPoB5hsEtYhulsPTTCKwscQUkqH7U--dBWV6tiQKVsrRE6tXcvvCPK4AQBgAbxur7BzIOftfwBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_1ABROh2ouoTmi9HSy1ePSF9LA92w%252526client%25253Dca-pub-1333872326054146%252526adurl%25253D&clickref=oneidDjeT3fwfGA3rF3HmH9twCZ3kTxSmTk8rFVoneid__dc_reach_suite02wkz&viewref=oneide7RC3fVfrkRMajHZHet1t4jXTwSQTx8Ja1oneid__dc_reach_suite02wkz
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=183975%2C19456%2C37798&b=e7RC3fVfrkRMajHZHet1t4jXTwSQTx8Ja1%2CdEQfEfkf2JVSEHjHwtEtbbrfeS4TGW4fj%2CEjeTDfEfzWzczHAHjt4t44bfKSVTZAGT7&f=DjeT3fwfGA3rF3HmH9twCZ3kTxSmTk8rFV%2CK1eHRfZfMPmt5HMHktzCBB4C7SATwGkFq%2CADeFYfqf5Y5CAHRH4tMCMMGsRS4TDVQT9&c=300&d=250&e=&g=f5fa9b8764c4fb9bd290769ebe7b0e5f%2F17545794819499481961&i=20597%2C20774%2C20773&j=21%2C14%2C14&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1664778449388&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1geefvmf7w9tnrnj9512sc0883yw7qp58gn9dt8qtndggn39qxz68zzqbws1fhmd9pt8pq5p4r6b20mvpakq2zmwg4vx1hmke23yney9mvwfk1awa4bxzba3960apf4seyr290z5zsr9vfcgfyt7wzzrte3f7vb289z867n0v56h8rnp1k9fxdy02kc2mwgm6a4nf1pfkzg04wxvyqjnm50vh3vr0fha5ypa7rhj3p1mpfbq5ks4vj5t53z8tfc6atxbbj905b18g%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCTPNY0IA6Y73oO_m99u8Pzq61kAiQ4YGEXLaoworwAsCNtwEQASAAYJW6rYK0B4IBF2NhLXB1Yi0xMzMzODcyMzI2MDU0MTQ2oAHCrujdA8gBCakCFoTab7hxsD7gAgCoAwGqBNYCT9A1QzuY_39DCWK2YqW5-LhTm7Mh39oaRS1rzRa3DlI3PImCpzu3GU4fwXuHKiqKHVvPnnm0zJIwCF2QfxOlYEojf4i7i4oWFvQpo7sVARWTp1nOjowrZAHgLsYXKi_BbgQqZdHa4yRIIGaFef_K9NusA_LLU_yoT4snoDq5_G7saSrTdTwdw4Rs_H0RlRryDI3OtTBZgXoaHjXEmAZnpp38YIhs7WDfQapkziwaY7kYoR4tmbIXah7q7VkSM2Ciq59kj0LR4HtOKt5qdmzmD9HVSBR31Xtm4fv_Q-JIf0E7sMCcrpueINP5GV9AVTrTraqBk-OVL0bgB0eesCz3jZzzBFWODIwOlKc8shcPoNnRxAbLxFmysZBTh1dhF86mxZsQa9eNgBwlKrDvLIzPoB5hsEtYhulsPTTCKwscQUkqH7U--dBWV6tiQKVsrRE6tXcvvCPK4AQBgAbxur7BzIOftfwBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1ABROh2ouoTmi9HSy1ePSF9LA92w%2526client%253Dca-pub-1333872326054146%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.11.195.34 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-11-195-34.eu-west-2.compute.amazonaws.com
Software: nginx / PHP/7.4.26
Resource Hash: e5c32fc91e136dbde9fcbb1bca2981a85fdf49c6fbfb9fe133941bfb70f5b3da

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 06:27:29 GMT
last-modified: Mon, 03 Oct 2022 06:27:29 GMT
server: nginx
x-powered-by: PHP/7.4.26
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=60
access-control-allow-headers: Authorization
expires: Mon, 03 Oct 2022 06:28:29 GMT

GET
H2 200 pvClk.min.js Show response
analytics.webgains.io/ Frame 0CBD 85 KB
31 KB 8ms
8ms Script
application/javascript 13.224.189.4
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.webgains.io/pvClk.min.js
Requested by: Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=2194035&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1jpmr2kf9amp0x98jdmf7anat6kg9vxpf214ha7hjwwr4wtcagmpmzjf1mhm91b85h9td7p34bq1v9aa77s34atyppsxtxm7xz4qnq2mm9eebezsmkbqgh1s9rvs2mpfh0vzfxbsp2jp169r358qpwnrzmtttm73yj1e6yfmaax8104pz91vcy0h33cvhh3bvd1b23htw3pmap42qmnq07j3bb51knft6ndg3b7j4q1rt8thnkwzzpt9msjvax9z5c5v4%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1geefvmf7w9tnrnj9512sc0883yw7qp58gn9dt8qtndggn39qxz68zzqbws1fhmd9pt8pq5p4r6b20mvpakq2zmwg4vx1hmke23yney9mvwfk1awa4bxzba3960apf4seyr290z5zsr9vfcgfyt7wzzrte3f7vb289z867n0v56h8rnp1k9fxdy02kc2mwgm6a4nf1pfkzg04wxvyqjnm50vh3vr0fha5ypa7rhj3p1mpfbq5ks4vj5t53z8tfc6atxbbj905b18g%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCTPNY0IA6Y73oO_m99u8Pzq61kAiQ4YGEXLaoworwAsCNtwEQASAAYJW6rYK0B4IBF2NhLXB1Yi0xMzMzODcyMzI2MDU0MTQ2oAHCrujdA8gBCakCFoTab7hxsD7gAgCoAwGqBNYCT9A1QzuY_39DCWK2YqW5-LhTm7Mh39oaRS1rzRa3DlI3PImCpzu3GU4fwXuHKiqKHVvPnnm0zJIwCF2QfxOlYEojf4i7i4oWFvQpo7sVARWTp1nOjowrZAHgLsYXKi_BbgQqZdHa4yRIIGaFef_K9NusA_LLU_yoT4snoDq5_G7saSrTdTwdw4Rs_H0RlRryDI3OtTBZgXoaHjXEmAZnpp38YIhs7WDfQapkziwaY7kYoR4tmbIXah7q7VkSM2Ciq59kj0LR4HtOKt5qdmzmD9HVSBR31Xtm4fv_Q-JIf0E7sMCcrpueINP5GV9AVTrTraqBk-OVL0bgB0eesCz3jZzzBFWODIwOlKc8shcPoNnRxAbLxFmysZBTh1dhF86mxZsQa9eNgBwlKrDvLIzPoB5hsEtYhulsPTTCKwscQUkqH7U--dBWV6tiQKVsrRE6tXcvvCPK4AQBgAbxur7BzIOftfwBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_1ABROh2ouoTmi9HSy1ePSF9LA92w%252526client%25253Dca-pub-1333872326054146%252526adurl%25253D&clickref=oneidDjeT3fwfGA3rF3HmH9twCZ3kTxSmTk8rFVoneid__dc_reach_suite02wkz&viewref=oneide7RC3fVfrkRMajHZHet1t4jXTwSQTx8Ja1oneid__dc_reach_suite02wkz
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.189.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-189-4.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 5f0e58e4c8d23cb8d1453aa9d362f102a4676085ab517acfd34aba74f982d3db

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sun, 02 Oct 2022 15:27:46 GMT
content-encoding: gzip
via: 1.1 d8eef512ab23f23f549b4cd25ac5328c.cloudfront.net (CloudFront)
last-modified: Thu, 29 Sep 2022 15:27:30 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C1
age: 53984
etag: W/"faa933973c404f8cfedacd4b67a60b85"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: PFhLXK2K1VVnQr1OTiwCX8t7DNwk1veHgC6VgW3pwY1TWeMtRp9S5w==

GET
H2 200 link.html
track.webgains.com/ Frame 0CBD 48 KB
49 KB 93ms
92ms Image
image/gif 3.11.195.34
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track.webgains.com/link.html?wgdedup=1&wgcampaignid=1384975&viewref=oneide7RC3fVfrkRMajHZHet1t4jXTwSQTx8Ja1oneid__dc_reach_suite02wkz&wglinkid=2194035
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=183975%2C19456%2C37798&b=e7RC3fVfrkRMajHZHet1t4jXTwSQTx8Ja1%2CdEQfEfkf2JVSEHjHwtEtbbrfeS4TGW4fj%2CEjeTDfEfzWzczHAHjt4t44bfKSVTZAGT7&f=DjeT3fwfGA3rF3HmH9twCZ3kTxSmTk8rFV%2CK1eHRfZfMPmt5HMHktzCBB4C7SATwGkFq%2CADeFYfqf5Y5CAHRH4tMCMMGsRS4TDVQT9&c=300&d=250&e=&g=f5fa9b8764c4fb9bd290769ebe7b0e5f%2F17545794819499481961&i=20597%2C20774%2C20773&j=21%2C14%2C14&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1664778449388&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1geefvmf7w9tnrnj9512sc0883yw7qp58gn9dt8qtndggn39qxz68zzqbws1fhmd9pt8pq5p4r6b20mvpakq2zmwg4vx1hmke23yney9mvwfk1awa4bxzba3960apf4seyr290z5zsr9vfcgfyt7wzzrte3f7vb289z867n0v56h8rnp1k9fxdy02kc2mwgm6a4nf1pfkzg04wxvyqjnm50vh3vr0fha5ypa7rhj3p1mpfbq5ks4vj5t53z8tfc6atxbbj905b18g%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCTPNY0IA6Y73oO_m99u8Pzq61kAiQ4YGEXLaoworwAsCNtwEQASAAYJW6rYK0B4IBF2NhLXB1Yi0xMzMzODcyMzI2MDU0MTQ2oAHCrujdA8gBCakCFoTab7hxsD7gAgCoAwGqBNYCT9A1QzuY_39DCWK2YqW5-LhTm7Mh39oaRS1rzRa3DlI3PImCpzu3GU4fwXuHKiqKHVvPnnm0zJIwCF2QfxOlYEojf4i7i4oWFvQpo7sVARWTp1nOjowrZAHgLsYXKi_BbgQqZdHa4yRIIGaFef_K9NusA_LLU_yoT4snoDq5_G7saSrTdTwdw4Rs_H0RlRryDI3OtTBZgXoaHjXEmAZnpp38YIhs7WDfQapkziwaY7kYoR4tmbIXah7q7VkSM2Ciq59kj0LR4HtOKt5qdmzmD9HVSBR31Xtm4fv_Q-JIf0E7sMCcrpueINP5GV9AVTrTraqBk-OVL0bgB0eesCz3jZzzBFWODIwOlKc8shcPoNnRxAbLxFmysZBTh1dhF86mxZsQa9eNgBwlKrDvLIzPoB5hsEtYhulsPTTCKwscQUkqH7U--dBWV6tiQKVsrRE6tXcvvCPK4AQBgAbxur7BzIOftfwBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1ABROh2ouoTmi9HSy1ePSF9LA92w%2526client%253Dca-pub-1333872326054146%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.11.195.34 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-11-195-34.eu-west-2.compute.amazonaws.com
Software: nginx / PHP/7.4.26
Resource Hash: e634cdea6fc8a42921753f7da1799c4719b763400d8891a778bdcc519e43c919

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 06:27:29 GMT
last-modified: Mon, 03 Oct 2022 06:27:29 GMT
server: nginx
x-powered-by: PHP/7.4.26
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: private, max-age=60
access-control-allow-headers: Authorization
expires: Mon, 03 Oct 2022 06:28:29 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame F7E3 42 B
64 B 58ms
42ms Fetch
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu2x1gRAoiR7gcPMPmkF4MZIk-tR8561rVq6bJvMYglf9Sa8SZg6yd7lkZr_1WEUrUCXjiHgYWdvg2FlNbOUcfmbH32&sig=Cg0ArKJSzLZVlQhm0pUDEAE&cid=CAASF-RoWxCSaM2LdWkzcf8k2b7dXgakDsWI&id=lidar2&mcvt=1089&p=899,972,1149,1272&mtos=1089,1089,1089,1089,1089&tos=1089,0,0,0,0&v=20220928&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=2310517307&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1664778449126&rpt=120&isd=0&lsd=0&met=ie&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6ebdd67972871d470294b21b6b0626bd.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 Oct 2022 06:27:30 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 tracking-event Show response
api.webgains.io/ Frame 18BF 16 B
232 B 66ms
65ms Fetch
application/json 18.133.56.86
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.webgains.io/tracking-event

Requested by

Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.133.56.86 London, United Kingdom, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-133-56-86.eu-west-2.compute.amazonaws.com

Software

nginx / PHP/7.4.26

Resource Hash

c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 03 Oct 2022 06:27:30 GMT
x-content-type-options: nosniff
server: nginx
x-powered-by: PHP/7.4.26
x-frame-options: SAMEORIGIN
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, private
x-xss-protection: 1; mode=block

OPTIONS
H2 204 tracking-event
api.webgains.io/ Frame 0
0 238ms
19ms Preflight 18.133.56.86
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.webgains.io/tracking-event
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.133.56.86 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-133-56-86.eu-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://as.ad4m.at
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

access-control-allow-headers: Content-Type
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: *
date: Mon, 03 Oct 2022 06:27:30 GMT
server: nginx

POST
H2 200 tracking-event Show response
api.webgains.io/ Frame A6ED 16 B
232 B 71ms
70ms Fetch
application/json 18.133.56.86
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.webgains.io/tracking-event

Requested by

Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.133.56.86 London, United Kingdom, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-133-56-86.eu-west-2.compute.amazonaws.com

Software

nginx / PHP/7.4.26

Resource Hash

c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 03 Oct 2022 06:27:30 GMT
x-content-type-options: nosniff
server: nginx
x-powered-by: PHP/7.4.26
x-frame-options: SAMEORIGIN
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, private
x-xss-protection: 1; mode=block

OPTIONS
H2 204 tracking-event
api.webgains.io/ Frame 0
0 231ms
20ms Preflight 18.133.56.86
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.webgains.io/tracking-event
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.133.56.86 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-133-56-86.eu-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://as.ad4m.at
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

access-control-allow-headers: Content-Type
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: *
date: Mon, 03 Oct 2022 06:27:30 GMT
server: nginx

POST
H2 200 tracking-event Show response
api.webgains.io/ Frame 0CBD 16 B
232 B 70ms
69ms Fetch
application/json 18.133.56.86
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.webgains.io/tracking-event

Requested by

Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.133.56.86 London, United Kingdom, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-133-56-86.eu-west-2.compute.amazonaws.com

Software

nginx / PHP/7.4.26

Resource Hash

c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 03 Oct 2022 06:27:30 GMT
x-content-type-options: nosniff
server: nginx
x-powered-by: PHP/7.4.26
x-frame-options: SAMEORIGIN
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, private
x-xss-protection: 1; mode=block

OPTIONS
H2 204 tracking-event
api.webgains.io/ Frame 0
0 222ms
19ms Preflight 18.133.56.86
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.webgains.io/tracking-event
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.133.56.86 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-133-56-86.eu-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://as.ad4m.at
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

access-control-allow-headers: Content-Type
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: *
date: Mon, 03 Oct 2022 06:27:30 GMT
server: nginx

GET
H/1.1 200
OK check.html Show response
biddr.brealtime.com/ Frame 5104 926 B
1 KB 15ms
15ms Document
text/html 104.17.119.107
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://biddr.brealtime.com/check.html
Requested by: Host: biddr.brealtime.com
URL: https://biddr.brealtime.com/16203539-1164.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.17.119.107 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 868a78df4f3d0a21f89c48ccc709df44d3875f5fb33e22bf51ca8b5c28be4202

Request headers

Referer: https://www.thecrimson.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Age: 5845
CF-Cache-Status: HIT
CF-RAY: 75439cc35f40bbbc-FRA
Cache-Control: public, max-age=3600
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html
Date: Mon, 03 Oct 2022 06:27:30 GMT
Expires: Mon, 03 Oct 2022 07:27:30 GMT
Last-Modified: Tue, 08 Sep 2020 13:51:51 GMT
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding
x-amz-id-2: eFdVC5ME9w7heZqQq3vIA9nDLj8lyPtERWwWiUp8NE5UBeBpPEQob0tJ4Zjgi6FXxJVUYDWGYss=
x-amz-request-id: 36Y7SPJBNDM635FH

POST
H2 200 / Show response
emxhb.emxdgt.com/biddr/ 21 B
147 B 427ms
98ms XHR
text/plain 52.21.197.24

General

Check archive.org

Show headers Download Go to

Full URL: https://emxhb.emxdgt.com/biddr/
Requested by: Host: biddr.brealtime.com
URL: https://biddr.brealtime.com/16203539-1164.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.21.197.24 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fb97c02d6c3deaf67cb0ab53901035277ec797182845432d6e6d1ef39409c978

Request headers

Referer: https://www.thecrimson.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: *
date: Mon, 03 Oct 2022 06:27:31 GMT
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
content-length: 21
content-type: text/plain

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: static.thecrimson.com
URL: https://static.thecrimson.com/fonts/Crimson-Roman-webfont.woff?ad67aa9a2e24

Domain: s7.addthis.com
URL: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html

Domain: static.thecrimson.com
URL: https://static.thecrimson.com/fonts/Crimson-Roman-webfont.ttf?4b923a7f3b5c

Verdicts & Comments Add Verdict or Comment

79 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

55 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.thecrimson.com/article/2022/6/1/draft-human-remains-report/	1969-12-31 23:59:59	Name: dt Value: 2022-10-03T06:27:27.293Z
www.thecrimson.com/	1970-01-20 15:56:32	Name: __atuvc Value: 1%7C40
www.thecrimson.com/	1970-01-20 06:26:20	Name: __atuvs Value: 633a80cea253d6a9000
www.thecrimson.com/	1970-01-20 16:02:18	Name: crimson.interstitials Value: %7B%22version%22%3A2%2C%22disabled%22%3Afalse%2C%22lastVisited%22%3A1664778446969%2C%22interstitials%22%3A%7B%22ad_600x500%22%3A%7B%22lastShown%22%3A1664778446969%2C%22pv_elapsed%22%3A0%7D%2C%22subscribe%22%3A%7B%22lastShown%22%3A0%2C%22pv_elapsed%22%3Anull%7D%7D%7D
.thecrimson.com/	1970-01-20 16:02:18	Name: _ga Value: GA1.2.151258367.1664778447
.thecrimson.com/	1970-01-20 06:27:44	Name: _gid Value: GA1.2.1423931104.1664778447
.thecrimson.com/	1970-01-20 06:26:18	Name: _gat Value: 1
.addthis.com/	1970-01-20 15:56:32	Name: uvc Value: 1%7C40
.thecrimson.com/	1970-01-20 08:35:54	Name: _fbp Value: fb.1.1664778447275.473271883
.addthis.com/	1970-01-20 15:56:32	Name: loc Value: MDAwMDBFVURFSEUyMzAxMTg4NzAwMzAwMDBDSA==
.thecrimson.com/	1970-01-20 16:02:18	Name: optimizelyEndUserId Value: oeu1664778447344r0.7892499128399262
.thecrimson.com/	1970-01-20 16:02:18	Name: optimizelySegments Value: %7B%223526900252%22%3A%22false%22%2C%223537440211%22%3A%22direct%22%2C%223546800132%22%3A%22gc%22%7D
.thecrimson.com/	1970-01-20 16:02:18	Name: optimizelyBuckets Value: %7B%7D
.thecrimson.com/	1970-01-20 06:26:18	Name: optimizelyPendingLogEvents Value: %5B%5D
.thecrimson.com/	1970-01-20 15:47:54	Name: __gads Value: ID=04127161d9756777:T=1664778447:S=ALNI_MbniV6VzDF-h7PsyHknDPENItaymA
.adnxs.com/	1970-01-20 08:35:54	Name: uuid2 Value: 8009293112287187576
.analytics.yahoo.com/	1970-01-20 15:11:54	Name: IDSYNC Value: 18yx~27i6
.sitescout.com/	1970-01-20 15:11:54	Name: ssi Value: f9f9eb7f-cf80-4d8e-912e-d71bfe846d44#1664778448797
.sitescout.com/	1970-01-20 07:09:30	Name: _ssuma Value: e30
.yahoo.com/	1970-01-20 15:12:16	Name: A3 Value: d=AQABBNCAOmMCEKy9PE5Bu7fd9RKfC_wJFPMFEgEBAQHSO2NEYwAAAAAA_eMAAA&S=AQAAAgzaRGZovFqW1uAgQShjzHg
.3lift.com/	1970-01-20 08:35:54	Name: tluid Value: 4352552951316649798935
.adfarm1.adition.com/	1970-01-20 08:35:54	Name: UserID1 Value: 7150168993542109333
.adform.net/	1970-01-20 07:10:56	Name: C Value: 1
.adform.net/	1970-01-20 07:52:42	Name: uid Value: 8628108668460664321
.doubleclick.net/	1970-01-20 15:47:54	Name: IDE Value: AHWqTUmUQlfmz3yEjfuQ0RsQUfUk_XrNwyrd8PqGD992zzkdrP5l9ufbEcTfy_JSIQo
.bidswitch.net/	1970-01-20 15:11:54	Name: tuuid Value: a1725583-c012-48bf-b099-7c9b519d0ba2
.bidswitch.net/	1970-01-20 15:11:54	Name: c Value: 1664778449
.bidswitch.net/	1970-01-20 15:11:54	Name: tuuid_lu Value: 1664778449
.travelaudience.com/	1970-01-20 15:56:32	Name: _tracker Value: %7B%22UUID%22%3A%223614F4E0-A945-4F65-96A2-48C809821DF6%22%7D
.turn.com/	1970-01-20 10:45:30	Name: uid Value: 8186219291011902439
.mathtag.com/	1970-01-20 15:52:13	Name: uuid Value: d096633a-80d1-4d00-9c01-a52fe5f922bc
.mathtag.com/	1970-01-20 07:09:30	Name: mt_mop Value: 4:1664778449
.creative-serving.com/	1970-01-20 15:47:54	Name: tuuid Value: 8c9095ec-b813-4b8a-9223-fb2ebb875b58
.creative-serving.com/	1970-01-20 15:47:54	Name: c Value: 1664778449
.creative-serving.com/	1970-01-20 15:47:54	Name: tuuid_lu Value: 1664778449
.1rx.io/	1970-01-20 15:11:54	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-685fc331-9376-48bc-a315-9d296c310ba4-003%22%7D
.awin1.com/	1970-01-20 06:36:23	Name: awpv14098 Value: 412871\|1664778449\|747fe970-42e4-11ed-be26-2236ae636642
.awin1.com/	1970-01-20 06:29:11	Name: awpv20044 Value: 412871\|1664778449\|7480d3d0-42e4-11ed-be26-2236ae636642
.targeting.unrulymedia.com/	1970-01-20 15:11:54	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-685fc331-9376-48bc-a315-9d296c310ba4-003%22%7D
.awin1.com/	1970-01-20 06:36:23	Name: awpv11938 Value: 412871\|1664778449\|74820c51-42e4-11ed-bf79-22313f494a88
.awin1.com/	1970-01-20 06:30:37	Name: awpv11354 Value: 412871\|1664778449\|74828180-42e4-11ed-96b9-2237162cbb98
.awin1.com/	1969-12-31 23:59:59	Name: AWSESS Value: 377133:2470167
.congstar.de/	1970-01-20 06:36:30	Name: staticentry Value: %7B%22spfr%22%3A%22412871%22%2C%22awc%22%3A%2211938_412871_1664778449_74820c51-42e4-11ed-bf79-22313f494a88%22%2C%22sp%22%3A%22awin%22%7D
.zenaps.com/	1970-01-20 06:30:37	Name: awpv11354 Value: 412871\|1664778449\|74828180-42e4-11ed-96b9-2237162cbb98
.zenaps.com/	1969-12-31 23:59:59	Name: AWSESS Value: 377133:2470167
www.conrad.de/	1970-01-20 06:33:30	Name: HTLP_timestamp Value: 1664778449
www.conrad.de/	1970-01-20 06:33:30	Name: CEAffHA Value: YD
.www.conrad.de/	1970-01-20 06:26:20	Name: __cf_bm Value: 9JBBSCoSl2fRb2c2HXF7uIoH0qMxcRLm2xAt3kKtudc-1664778449-0-AaKW+0vVrZsvvguTdthlaFeprF3m7hyCJTkNpUhXPlz2B6age27s1PyieAXNGluKfTjoqGw1PfMjYm0IPek38+k=
.tribalfusion.com/	1970-01-20 08:35:54	Name: ANON_ID Value: aXnseFOZb3VhUEjUAvMijfimJZb7qxc2W59ZbpsmhgsNnqZa3GYnusYUHTGjSSQ8IdjmoHmPQ7TeMq0aABrsqX4e
.blau.de/	1970-01-20 06:36:23	Name: nscT486 Value: v01MTQyMTExMzExMTExMTExMTEwMTQyMTEzMDAwMDAwMDA2MTY2NDc3ODQ0OXZsZWExZGUyMDIyMTAwMzA4MjcyOTc3MDUxMDIxNTI5WDExNzY2M1YxMjI1MTMxMTA2TVN2aWV3b25laWRFamVURGZFZnpXemN6SEFIanQ0dDQ0YmZLU1ZUWkFHVDdvbmVpZF9fZGNfcmVhY2hfc3VpdGUwMndrejExNzY2Mw
.blau.de/	1970-01-20 06:36:23	Name: nscQ486 Value: V
.blau.de/	1970-01-20 06:36:23	Name: webShopPV Value: ?partnerId=BLU_AFF_POV_EXA_35008&mediacode=AFF_la_117663_-HTLP&utm_term=AFF_la_117663_-HTLP&utm_content=BLU_AFF_POV_EXA_35008&spid=2022100308272977051021529X117663V1225131106MSviewoneidEjeTDfEfzWzczHAHjt4t44bfKSVTZAGT7oneid__dc_reach_suite02wkz&wfid=117663
.o2online.de/	1970-01-20 06:36:23	Name: nscT485 Value: v01MTQyMTExMzExMTExMTExMTEwMTQyMTEzMDAwMDAwMDA2MTY2NDc3ODQ0OXZsZWExZGUyMDIyMTAwMzA4MjcyOTc3MDUxMDIxNTI3WDExNzY3OVYxMjI2MTMyNzAyTVN2aWV3b25laWRkRVFmRWZrZjJKVlNFSGpId3RFdGJicmZlUzRUR1c0ZmpvbmVpZF9fZGNfcmVhY2hfc3VpdGUwMndrejExNzY3OQ
.o2online.de/	1970-01-20 06:36:23	Name: nscQ485 Value: V
.o2online.de/	1970-01-20 06:36:23	Name: webShopPV Value: ?partnerId=O2_AFF_POV_EXA_15008&mediacode=AFF_la_117679_-HTLP&utm_term=AFF_la_117679_-HTLP&utm_content=O2_AFF_POV_EXA_15008&spid=2022100308272977051021527X117679V1226132702MSviewoneiddEQfEfkf2JVSEHjHwtEtbbrfeS4TGW4fjoneid__dc_reach_suite02wkz&wfid=117679&affiliateId=v01MTQyMTExMzExMTExMTExMTEwMTQyMTEzMDAwMDAwMDA2MTY2NDc3ODQ0OXZsZWExZGUyMDIyMTAwMzA4MjcyOTc3MDUxMDIxNTI3WDExNzY3OVYxMjI2MTMyNzAyT

8 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://www.thecrimson.com/article/2022/6/1/draft-human-remains-report//u003e. Message: Failed to load resource: the server responded with a status of 404 ()
javascript	error	URL: https://www.thecrimson.com/article/2022/6/1/draft-human-remains-report//u003e. Message: Access to font at 'https://static.thecrimson.com/fonts/Crimson-Roman-webfont.woff?ad67aa9a2e24' from origin 'https://www.thecrimson.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://static.thecrimson.com/fonts/Crimson-Roman-webfont.woff?ad67aa9a2e24 Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://www.thecrimson.com/article/2022/6/1/draft-human-remains-report//u003e. Message: Access to font at 'https://static.thecrimson.com/fonts/Crimson-Roman-webfont.ttf?4b923a7f3b5c' from origin 'https://www.thecrimson.com' has been blocked by CORS policy: The 'Access-Control-Allow-Origin' header has a value 'https://api.thecrimson.com' that is not equal to the supplied origin.
network	error	URL: https://static.thecrimson.com/fonts/Crimson-Roman-webfont.ttf?4b923a7f3b5c Message: Failed to load resource: net::ERR_FAILED
javascript	warning	URL: https://biddr.brealtime.com/check.js?nnn=1664778447044 Message: Failed to execute 'write' on 'Document': It isn't possible to write into a document from an asynchronously-loaded external script unless it is explicitly opened.
network	error	URL: https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESECPumutiwKGM2fmXZ_J_guw&google_cver=1&google_push=AZmPxg_CVPE7VA2Fo9oeQW6e43jSO1sPDnXkm3he0Ymuw4wfilkAJ06FWavZsw0aHlnzTPUrZuPGUlF6oTN_8HmfisoBkG4JJrhA Message: Failed to load resource: the server responded with a status of 503 ()
network	error	URL: https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEIrUcn3K0RvBC04o1o07VVw&google_cver=1&google_push=AZmPxg_N4XFM9c1axmYFyVgnOmXoj_o9RXl6V0zJVJiniZC2GaRSvgE5kR6d3WqLEPdPb771A3Az0uqlA1yfhNnxnmviUscEioi3 Message: Failed to load resource: the server responded with a status of 503 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

6ebdd67972871d470294b21b6b0626bd.safeframe.googlesyndication.com
a.tribalfusion.com
ad.doubleclick.net
ad.turn.com
ad4m.at
adblockrelief.com
ads.creative-serving.com
ads.travelaudience.com
adservice.google.com
adservice.google.de
ajax.googleapis.com
analytics.webgains.io
ap.lijit.com
api.webgains.io
as.ad4m.at
assets.ad4m.at
banner.congstar.de
biddr.brealtime.com
c1.adform.net
cdn.optimizely.com
cdn.track.production.webgains.team
cdnjs.cloudflare.com
cm.g.doubleclick.net
connect.facebook.net
dsp.adfarm1.adition.com
e1.emxdgt.com
eb2.3lift.com
emxhb.emxdgt.com
fonts.googleapis.com
fonts.gstatic.com
hb.emxdgt.com
m.addthis.com
match.adsrvr.org
pagead2.googlesyndication.com
partner.blau.de
partner.o2online.de
pixel-sync.sitescout.com
platform.twitter.com
pr-bh.ybp.yahoo.com
prod-rtb.ad4mat.net
r.turn.com
s.ad.smaato.net
s.tribalfusion.com
s3.amazonaws.com
s7.addthis.com
secure.adnxs.com
securepubads.g.doubleclick.net
static-de.ad4mat.net
static.thecrimson.com
sync-tm.everesttech.net
sync.1rx.io
sync.mathtag.com
sync.targeting.unrulymedia.com
syndication.twitter.com
tpc.googlesyndication.com
track.webgains.com
ups.analytics.yahoo.com
v1.addthisedge.com
www.awin1.com
www.conrad.de
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagservices.com
www.lead-alliance.net
www.telefonica-partner.de
www.thecrimson.com
www.zenaps.com
x.bidswitch.net
z.moatads.com
s7.addthis.com
static.thecrimson.com
104.17.119.107
104.244.42.200
104.75.88.126
13.224.189.115
13.224.189.4
13.225.78.118
142.250.185.134
142.250.186.98
148.251.139.77
15.197.193.217
151.101.66.49
18.133.56.86
185.29.132.241
185.89.210.141
2.18.69.141
2001:678:cb4:bbbb::11
213.19.147.45
216.52.2.30
2600:1901:0:76b9::
2600:9000:225e:7200:1b:5138:8a40:93a1
2606:2800:234:59:254c:406:2366:268c
2606:4700:20::681a:61b
2606:4700:20::681a:bd1
2606:4700:20::ac43:4a81
2606:4700:3034::ac43:9ef1
2606:4700:4400::6812:230b
2606:4700::6811:180e
2606:4700::6812:7f05
2a00:1450:4001:800::2003
2a00:1450:4001:802::2002
2a00:1450:4001:80f::200e
2a00:1450:4001:813::2004
2a00:1450:4001:827::200a
2a00:1450:4001:828::2001
2a00:1450:4001:828::2002
2a00:1450:400d:806::2001
2a00:1450:400d:80a::2002
2a00:1450:400d:80a::200a
2a00:1450:400d:80c::2002
2a02:26f0:3500:889::13b8
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f11c:8083:face:b00c:0:25de
2a05:d018:d29:3605:9448:e453:d99b:3ba1
3.11.195.34
3.126.56.137
3.68.42.108
3.71.169.66
35.156.85.196
35.190.0.66
37.157.5.142
46.4.41.145
52.21.197.24
52.222.214.30
52.58.8.248
54.231.198.144
66.155.71.149
76.223.111.18
78.46.85.162
84.200.5.215
85.114.159.118
92.123.17.141
009545a63301070f7daa29bbc68e2e7172a8cb251cd9b5894338d5a57199a95e
00a92494627ed8f758972b7dc47b3af186497c0637ea867a33fdb604c1548674
05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd
0784841a8a45958776decba467621a03c9144f89b5cf36fef0a8dabce2899c1d
08d8552fc147313b0d75e0cd2b74a18782a4af87171c74062011db48aa81992f
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
0bcf7e9c3ef9cf80315bb2674174e4de9db9f62a02e2df09f8991d1c1a151a0e
108fda937a42c3a8a81aae1d03965b2b7b6757544cda51de51315e81af96fb24
115f6a626ca115d4ad5581b59275327e0e860b30330a52b0f785561332dd2429
135506671d5cd0a922a6fac7eba82c56b68da0466bdcf1d4397176baf1ebcd2f
154d03f06417268a3786feb16ac77ea6b4fa6f59f0ff0cb80f67a538210c7019
159197cf71efd13e088af7cc36beeb3298011ba718eced0ef906e728ce49a4f6
15f4506b7f67640bebd5d13ed2d006f49ae13eb6891ab05bc072f3406253dfc4
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944
1d32e6efe1da352df9282e8769be7dd2c1630b30f5e168010d6824a1055dee55
1f44e9fc3fd437708cb15104fb2bf44eb493003847a0eb2862aa15bba439cf63
2285484070a3565f8f1c5657521163294178999c9bf004e774fcf7d491776657
22cadce4f1aad2a4af3657f90efa02d4e3d32217fdf307ff69512771d1fb08ab
23c0556d3e4ee87daf59504841f94f467996496782b5e7d60da069181ccd02ad
25ecc29bd894d14aefbaa397505076f2989875149d1730a8c7b014d714dd8ce2
272d25a3bc4e780b90797dc968a382dbccaa40157d7612ace2f59f2768a6bb86
288501f8b9d4de0d43d1cd85d582d0f63612cc53dbce9663e42fd039550eaf58
2babad32e124615c3cb67966dd65360024e74fc00aeb96dd2f22eb0a95211a2a
2bcef052d0d99b56c7a9b9b0ce076ca020219e6ecccad2b46b0267ffc2fc8bc8
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e
32156c8a346c5445b2068b5137c2ab4d354aa66c88de0c12f1d297f6f6a101a4
33a5c68fb1130aa7ecae696f94a5b4e31f4e6b87c369080a094556b376d694d3
34c3ae81cd958df09f8912557b0a7c53fea002cc24b4d6058d852da53811e414
369a6df3e18b8e561053fdb248d70c23ac8c3842a5f795d2a9d3292891043894
39c752717c6618d660c98c2f1aaa097ad8b7ee7bf3ce16f284a7c9b1009850fe
3c3a0321547809818914bf6666db8a6b4f882b487d3e08e334566d25d5d38e55
42e8de9192dee3b3ee8a7529c5883dac20b868000168362d9f287125c95e18a8
43e07a3c03e67f1e83d5e5bd7e476215dda917eb601f87c5f3d09b966159be41
44108a8dc7b52da438d3b1655188863a84f2d21a029719879f5899dbba6697f3
451eb7c2fc3f17fd7234a9172dcdd9b95767d98145bebded7d366c8ce8526ce6
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
48f67a152acf6ef2df67acd63779bee22382effa8a37b241811e04b683e312b1
4cf8b4da854cac70fb514c2d255e93904353bda1fcc7229de2f59d5971d83028
4e249aef61e2d675b41a8d764b5b9c9a8ee9ebc5e512386625516f6d2c8a4977
54a21333ad7aad5cd5f8c23791930d503a18e6e4ecb9297566f11e6613682559
54d35e66675f9cc2ab471d0c389573b5ab0902937b397914a177712b27678a46
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5c4855666e3ecdd01da9664d8da573fab1c6eac6fdc34492d8a111754e39b902
5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab
5eeedf9055f9efab9127642b4c44135be9f404caa7ce08e51a5ea734dfd28828
5f0e58e4c8d23cb8d1453aa9d362f102a4676085ab517acfd34aba74f982d3db
61595e7e3de6ff0c94157a7782af57f1d0d0f6ac84bd4bb53a6c219427348760
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62fc0e5d2e33810a3356e5590beb82473348368d48e2ead41371bb7bdc7bcd68
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
670d84d462cd09b62f679048163d7a4a811c95c62e90261cfef22b8baeb891bd
6aa4aec3bf9cf0b1c0b6ac8db92c9c0126c3642e0ceb730601a0d2db7083cac3
6b8bdccffc2e33e37900a181bfad479783315cf9c329eeeaad2370c4cd7c2f51
7024493525030ecd098ce0dcb2f0aea839373775120b40580028137b1d125ac9
71c9f1583a1a94b8a83d506514a0148091d90a3b03060023a86ee87503637282
772ef9a3aeccda950aa61d162e8b5c72a8586e193fd1c61454937013383fdb92
7b6bfa13f0778c40bb2a00af9819bea2f07afcb4d071e7e4f436196953a5db4d
868a78df4f3d0a21f89c48ccc709df44d3875f5fb33e22bf51ca8b5c28be4202
86d8e892ceacd8c8a7e7125c68dd0e1b311f8399871b6d64b8b6795f0235c1d4
885191ca01c508f7bef9bae610662414b50d0ea463c2dd14f5cdd941a781dd78
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8b06ee7322964225af9c5f879971180be48ef42bac3933c73bfe6c1ea4c0f699
8c0531412c543b9bd978e29acb8f5cf330db9891115d1e9924519d9a675b7b74
8d4307104e0303e34e8e9cb0d569e9b1b2f09b5d7bbfab670461f957e8c7efe3
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8e224966210917d8d56eafb234923d3c094c9176055ba209f859208376825180
8e49b984d20b3e7cb3f2c4a08805dc3f66bb8a58ec08c365d0cf955dd57c77c7
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9bd8dcc115a0e9fce94520cecad5254352b86d55bca2506833057bb52e87ee1a
9bfc7d34cd8bc7df36a984d6f3da50799752e33c48bbf07a4a1ee959b51476d0
9e25469f734732205f33dd80ff8ca12080406c18d2fa99a1f368103e51f7999f
9ee10ccd9a93c142b161a6507a9f23cfcd9e279f6b6ae77f35c2fa5ad1d32deb
9ff43b97e69a794f85dfcf2b981443c5657fe978fb43f5bb4787793b9d3a1ab2
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a18ad459290eb68105bb8d27dc3d4473883401dd85102db59a07c7ed48c5c7ec
a2db3a108b27ca0b5f0444a46e3462472dfb49e3e2a98e6a00e0e985f4817310
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a921e165669d51c0b581acdb4ab7e3887df67eef1f48809a295818648aefac9e
aa4a257ca69f8db5f5477afc2d5c8284ae8d6fa52a8bd7aebfcd7369264f159e
acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403
ae388e90d1d107bada200f4a5aed66e979bc034fa6ebe7c45aa3fbecdcde0e09
ae86e060489a4d03d69290a066dd35500dce3eac8ecd484bce815f791deefbe7
af7a66542220ecfb2b8fa0286b60ffa95c1c8047df094654a90e1ff75f848ef5
b31c49facd821a229221d04676a760badcdb8b98a1fa4acdcd0252e4b370b633
b81f086d09f3dda8a72d832ae75549fe609d965527ae3d5682aac395c7ab205e
b9e85d0c7453955051d39d63f3f0f35eccb9fcf3ca65023441c2c949466e135c
c21269b18f8c76740a71759fdd6ab0041b63857c1955ad6761d930f4a5000003
c8615e326d4c95779a3e715c06e4ca263897cbcc5c74e665dc14c82d33c2687e
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
cacbe8d075be5b96af1d81fa4753efcb5fdf25ae5acfbf8b6fe16fba1197eace
cc8ac71c1f2bc81aeb2c6be92bbf8a50a64d7f7357f25f9dee8d75ffb5ba1655
cdbff30a354c2d5c9da31c99ae788988d00c4c0467de850f13da6f0016796ec9
d74aacbaed4132cc593f2f2ab77bfc980733ad393dee2a722757d29d0eec941f
d997fba7832cb78b0933a9eb2ce191d53234c978e25c6c8fc50c75923ea8405e
da25b533b1b3565ef1463a11bcd513d1bcbecb0730317464b80761911475f81e
da664629253dbbd7a5261262a6e63f2b0108ab32eadebc8707be53622e0bb7e8
da8438b81e390283f6eb8cc9cf49ccde3d00c954b4fbccdf6372c162c4b58ab2
dcd480e56c9da9de1cadb95971265cff3320fcc900d00c3a199ff141132d757e
dd2db56f58de72cabd6c091404572b2500378bec771ee08873052fe45e615cb6
de603f0d1ad5e210f31eb70b0362301c363a312bf47391ff728c50a533e95fa4
e1fa72e38624f68bc2039aded02a054eead1fbf24646f4df60abcacc665a8690
e31335460f6af889baff20bbe814999bd158feb6dae84b21aff7952b19957b73
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e5c32fc91e136dbde9fcbb1bca2981a85fdf49c6fbfb9fe133941bfb70f5b3da
e634cdea6fc8a42921753f7da1799c4719b763400d8891a778bdcc519e43c919
eb781db79756e57eb7bc118b50bae77cbd0376cd76ded38c9f64bb6a9b278d37
ec335cbc056796d69797fd1ef82fc0abd9159579add0bf72e3f54fc0acba786b
ee91b2d0975876da0981cade689a3577c943deee498f62bada6a65a630aa703a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f7cdf71044448cb736733f5163fff96081d51ba4101567d61d22ee5998a7a399
f9745204b149018038eea70f8382231f701e70a6ae1f9faffc9ae80bcb8d3572
fb97c02d6c3deaf67cb0ab53901035277ec797182845432d6e6d1ef39409c978
fdc96ffbf256523aec8846ae56321053c7ab751c99eb766e6bb4a7d362a4f060
ff52cd6fa87197e500ac404574525aeeb1b9d184f90a74e19197f6fc159e6107

www.thecrimson.com Open in urlscan Pro 52.222.214.30 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

194 Requests

88 %HTTPS

43 %IPv6

52 Domains

70 Subdomains

47 IPs

8 Countries

3993 kBTransfer

6789 kBSize

55 Cookies

4 Outgoing links

Redirected requests

194 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.thecrimson.com Open in urlscan Pro
52.222.214.30 Public Scan

Screenshot
Live screenshot

Full Image

194
Requests

88 %
HTTPS

43 %
IPv6

52
Domains

70
Subdomains

47
IPs

8
Countries

3993 kB
Transfer

6789 kB
Size

55
Cookies

194 HTTP transactions
3 data transactions