urlscan.io logo urlscan.io
SecurityTrails logo

nets4.com Open in urlscan Pro
188.114.96.7  Public Scan

Go To Rescan Add Verdict Report
URL: https://nets4.com/domain/gdrfirm.com
Submission: On March 17 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 45 IPs in 9 countries across 36 domains to perform 282 HTTP transactions. The main IP is 188.114.96.7, located in Medellín, Colombia and belongs to CLOUDFLARENET, US. The main domain is nets4.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on April 29th 2021. Valid for: a year.
This is the only time nets4.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
30 188.114.96.7 13335 (CLOUDFLAR...)
11 104.16.18.94 13335 (CLOUDFLAR...)
3 13.32.99.54 16509 (AMAZON-02)
1 15 142.250.186.164 15169 (GOOGLE)
1 172.64.156.26 13335 (CLOUDFLAR...)
2 172.217.16.142 15169 (GOOGLE)
1 40.90.65.22 8075 (MICROSOFT...)
4 40.76.174.66 8075 (MICROSOFT...)
25 3.94.45.13 14618 (AMAZON-AES)
2 104.22.71.197 13335 (CLOUDFLAR...)
3 151.101.2.137 54113 (FASTLY)
2 151.101.130.137 54113 (FASTLY)
3 151.101.66.137 54113 (FASTLY)
1 2 52.142.114.2 8075 (MICROSOFT...)
1 1 13.107.21.200 8068 (MICROSOFT...)
5 142.250.185.99 15169 (GOOGLE)
2 104.18.47.230 13335 (CLOUDFLAR...)
1 29 142.250.184.226 15169 (GOOGLE)
1 216.58.212.130 15169 (GOOGLE)
29 142.250.185.162 15169 (GOOGLE)
7 172.217.16.129 15169 (GOOGLE)
5 142.250.185.226 15169 (GOOGLE)
34 142.250.186.129 15169 (GOOGLE)
2 104.19.136.78 13335 (CLOUDFLAR...)
1 1 104.19.134.78 13335 (CLOUDFLAR...)
2 172.217.31.3 15169 (GOOGLE)
15 142.250.186.161 15169 (GOOGLE)
4 142.250.184.202 15169 (GOOGLE)
3 37.157.2.235 198622 (ADFORM)
6 142.250.185.131 15169 (GOOGLE)
2 2.16.186.155 20940 (AKAMAI-ASN1)
7 104.26.11.209 13335 (CLOUDFLAR...)
9 89.163.211.233 24961 (MYLOC-AS ...)
1 2 46.228.164.11 56396 (AMOBEE)
2 2 18.194.22.119 16509 (AMAZON-02)
2 2 213.155.156.166 1299 (TWELVE99 ...)
1 1 37.157.4.40 198622 (ADFORM)
2 2 192.82.242.209 62713 (AS-PUBMATIC)
1 142.250.186.102 15169 (GOOGLE)
2 89.163.211.242 24961 (MYLOC-AS ...)
1 78.46.23.46 24940 (HETZNER-AS)
1 5 116.202.48.214 24940 (HETZNER-AS)
5 6 104.111.239.217 16625 (AKAMAI-AS)
1 104.18.126.5 13335 (CLOUDFLAR...)
1 145.239.193.130 16276 (OVH)
1 88.198.250.30 24940 (HETZNER-AS)
1 54.76.176.197 16509 (AMAZON-02)
2 88.99.65.215 24940 (HETZNER-AS)
1 185.85.15.31 200107 (KL-EXT)
1 178.79.242.245 22822 (LLNW)
282 45
30    188.114.96.7 (Medellín, Colombia)

ASN13335 (CLOUDFLARENET, US)
nets4.com
img.nets4.com
s0.nets4.com
11    104.16.18.94 (None, )

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
3    13.32.99.54 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-54.fra60.r.cloudfront.net
cdn.purpleads.io
15    142.250.186.164 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f4.1e100.net
www.google.com
1    172.64.156.26 (United States)

ASN13335 (CLOUDFLARENET, US)
static.cloudflareinsights.com
2    172.217.16.142 (United States)

ASN15169 (GOOGLE, US)
PTR: zrh04s06-in-f142.1e100.net
www.google-analytics.com
1    40.90.65.22 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
www.clarity.ms
4    40.76.174.66 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
d.clarity.ms
25    3.94.45.13 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-94-45-13.compute-1.amazonaws.com
api.purpleads.io
2    104.22.71.197 (None, )

ASN13335 (CLOUDFLARENET, US)
static.addtoany.com
3    151.101.2.137 (United States)

ASN54113 (FASTLY, US)
a.tile.openstreetmap.org
2    151.101.130.137 (United States)

ASN54113 (FASTLY, US)
b.tile.openstreetmap.org
3    151.101.66.137 (United States)

ASN54113 (FASTLY, US)
c.tile.openstreetmap.org
2    52.142.114.2 (Dublin, Ireland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.clarity.ms
1    13.107.21.200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.bing.com
5    142.250.185.99 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f3.1e100.net
www.gstatic.com
2    104.18.47.230 (None, )

ASN13335 (CLOUDFLARENET, US)
cloudflareinsights.com
29    142.250.184.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net
securepubads.g.doubleclick.net
www.googletagservices.com
cm.g.doubleclick.net
1    216.58.212.130 (United States)

ASN15169 (GOOGLE, US)
PTR: ams15s21-in-f2.1e100.net
adservice.google.de
29    142.250.185.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f2.1e100.net
adservice.google.com
pagead2.googlesyndication.com
7    172.217.16.129 (United States)

ASN15169 (GOOGLE, US)
PTR: zrh04s06-in-f129.1e100.net
15d2721b4356df5d408ddc6afff95263.safeframe.googlesyndication.com
1e7d6532cd7194601f9fb13674778223.safeframe.googlesyndication.com
6578c7cbbd643ec253570b8b21f7c149.safeframe.googlesyndication.com
68e54b47a04210e958fb01baedc40a87.safeframe.googlesyndication.com
6123f6b1e2260df2001dbc1ec59d498c.safeframe.googlesyndication.com
5    142.250.185.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net
adservice.google.de
googleads.g.doubleclick.net
34    142.250.186.129 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f1.1e100.net
tpc.googlesyndication.com
2    104.19.136.78 (None, )

ASN13335 (CLOUDFLARENET, US)
s-img.mgid.com
1    104.19.134.78 (None, )

ASN13335 (CLOUDFLARENET, US)
c.mgid.com
2    172.217.31.3 (United States)

ASN15169 (GOOGLE, US)
PTR: hkg12s38-in-f3.1e100.net
csi.gstatic.com
15    142.250.186.161 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f1.1e100.net
cdn.ampproject.org
4    142.250.184.202 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f10.1e100.net
fonts.googleapis.com
3    37.157.2.235 (Denmark)

ASN198622 (ADFORM, DK)
track.adform.net
6    142.250.185.131 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f3.1e100.net
fonts.gstatic.com
2    2.16.186.155 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-186-155.deploy.static.akamaitechnologies.com
s1.adform.net
7    104.26.11.209 (United States)

ASN13335 (CLOUDFLARENET, US)
ad4m.at
as.ad4m.at
assets.ad4m.at
9    89.163.211.233 (Dortmund, Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
brain.rvty.net
2    46.228.164.11 (United Kingdom)

ASN56396 (AMOBEE, GB)
ad.turn.com
r.turn.com
2    18.194.22.119 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-194-22-119.eu-central-1.compute.amazonaws.com
pm.w55c.net
2    213.155.156.166 (Uppsala, Sweden)

ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE)
PTR: 213-155-156-166.teliacarrier-cust.com
d5p.de17a.com
1    37.157.4.40 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
2    192.82.242.209 (United States)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
1    142.250.186.102 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f6.1e100.net
s0.2mdn.net
2    89.163.211.242 (Dortmund, Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
cdn.rvty.net
1    78.46.23.46 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.46.23.46.78.clients.your-server.de
ad.ad-srv.net
5    116.202.48.214 (Nuremberg, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.214.48.202.116.clients.your-server.de
ad13.ad-srv.net
6    104.111.239.217 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-239-217.deploy.static.akamaitechnologies.com
www.awin1.com
www.zenaps.com
1    104.18.126.5 (None, )

ASN13335 (CLOUDFLARENET, US)
www.conrad.de
1    145.239.193.130 (France)

ASN16276 (OVH, FR)
pv.medialead.de
1    88.198.250.30 (Hamburg, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.88-198-250-30.clients.your-server.de
pb.media01.eu
1    54.76.176.197 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-76-176-197.eu-west-1.compute.amazonaws.com
ad-server.eu
2    88.99.65.215 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.215.65.99.88.clients.your-server.de
cdn.contentspread.net
1    185.85.15.31 (Germany)

ASN200107 (KL-EXT, CH)
media.kaspersky.com
1    178.79.242.245 (United States)

ASN22822 (LLNW, US)
PTR: https-178-79-242-245.fra.llnw.net
asset.conrad.com
Apex Domain
Subdomains		 Transfer
65 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 90
15d2721b4356df5d408ddc6afff95263.safeframe.googlesyndication.com
1e7d6532cd7194601f9fb13674778223.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 122
6578c7cbbd643ec253570b8b21f7c149.safeframe.googlesyndication.com
68e54b47a04210e958fb01baedc40a87.safeframe.googlesyndication.com
6123f6b1e2260df2001dbc1ec59d498c.safeframe.googlesyndication.com
266 KB
30 nets4.com
nets4.com
img.nets4.com
s0.nets4.com
202 KB
28 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 159
googleads.g.doubleclick.net — Cisco Umbrella Rank: 38
cm.g.doubleclick.net — Cisco Umbrella Rank: 176
836 KB
28 purpleads.io
cdn.purpleads.io — Cisco Umbrella Rank: 176762
api.purpleads.io — Cisco Umbrella Rank: 157725
45 KB
20 google.com
www.google.com — Cisco Umbrella Rank: 2
adservice.google.com — Cisco Umbrella Rank: 57
28 KB
15 ampproject.org
cdn.ampproject.org — Cisco Umbrella Rank: 343
332 KB
13 gstatic.com
www.gstatic.com
csi.gstatic.com
fonts.gstatic.com
600 KB
11 rvty.net
brain.rvty.net — Cisco Umbrella Rank: 68665
cdn.rvty.net — Cisco Umbrella Rank: 260426
98 KB
11 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 194
271 KB
8 openstreetmap.org
a.tile.openstreetmap.org — Cisco Umbrella Rank: 13366
b.tile.openstreetmap.org — Cisco Umbrella Rank: 13554
c.tile.openstreetmap.org — Cisco Umbrella Rank: 13588
45 KB
7 ad4m.at
ad4m.at — Cisco Umbrella Rank: 1742
as.ad4m.at — Cisco Umbrella Rank: 2174
assets.ad4m.at — Cisco Umbrella Rank: 32740
41 KB
7 clarity.ms
www.clarity.ms — Cisco Umbrella Rank: 916
d.clarity.ms — Cisco Umbrella Rank: 1873
c.clarity.ms — Cisco Umbrella Rank: 547
25 KB
6 ad-srv.net
ad.ad-srv.net — Cisco Umbrella Rank: 33086
ad13.ad-srv.net — Cisco Umbrella Rank: 220648
16 KB
6 adform.net
track.adform.net — Cisco Umbrella Rank: 3334
s1.adform.net — Cisco Umbrella Rank: 8028
c1.adform.net — Cisco Umbrella Rank: 524
38 KB
5 google.de
adservice.google.de — Cisco Umbrella Rank: 8832
1 KB
4 awin1.com
www.awin1.com — Cisco Umbrella Rank: 13937
3 KB
4 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 35
3 KB
3 mgid.com
s-img.mgid.com — Cisco Umbrella Rank: 7801
c.mgid.com — Cisco Umbrella Rank: 6428
23 KB
3 cloudflareinsights.com
static.cloudflareinsights.com — Cisco Umbrella Rank: 1207
cloudflareinsights.com — Cisco Umbrella Rank: 1193
5 KB
2 contentspread.net
cdn.contentspread.net — Cisco Umbrella Rank: 45661
5 KB
2 zenaps.com
www.zenaps.com — Cisco Umbrella Rank: 18649
1 KB
2 pubmatic.com
image6.pubmatic.com — Cisco Umbrella Rank: 571
1 KB
2 de17a.com
d5p.de17a.com — Cisco Umbrella Rank: 4364
722 B
2 w55c.net
pm.w55c.net — Cisco Umbrella Rank: 730
2 KB
2 turn.com
ad.turn.com — Cisco Umbrella Rank: 690
r.turn.com — Cisco Umbrella Rank: 2672
869 B
2 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 147
71 KB
2 addtoany.com
static.addtoany.com — Cisco Umbrella Rank: 3666
34 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 31
20 KB
1 conrad.com
asset.conrad.com — Cisco Umbrella Rank: 66381
15 KB
1 kaspersky.com
media.kaspersky.com — Cisco Umbrella Rank: 98638
12 KB
1 ad-server.eu
ad-server.eu — Cisco Umbrella Rank: 64653
14 KB
1 media01.eu
pb.media01.eu — Cisco Umbrella Rank: 39676
627 B
1 medialead.de
pv.medialead.de — Cisco Umbrella Rank: 39406
1 KB
1 conrad.de
www.conrad.de — Cisco Umbrella Rank: 55516
728 B
1 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 246
577 B
1 bing.com
c.bing.com — Cisco Umbrella Rank: 193
553 B
282 36
Domain Requested by
34 tpc.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
nets4.com
cdn.ampproject.org
6123f6b1e2260df2001dbc1ec59d498c.safeframe.googlesyndication.com
25 api.purpleads.io cdn.purpleads.io
nets4.com
24 pagead2.googlesyndication.com securepubads.g.doubleclick.net
nets4.com
tpc.googlesyndication.com
6123f6b1e2260df2001dbc1ec59d498c.safeframe.googlesyndication.com
www.googletagservices.com
21 securepubads.g.doubleclick.net cdn.purpleads.io
securepubads.g.doubleclick.net
nets4.com
16 img.nets4.com nets4.com
15 cdn.ampproject.org securepubads.g.doubleclick.net
15 www.google.com 1 redirects nets4.com
www.gstatic.com
www.google.com
tpc.googlesyndication.com
6123f6b1e2260df2001dbc1ec59d498c.safeframe.googlesyndication.com
11 cdnjs.cloudflare.com nets4.com
cdnjs.cloudflare.com
11 nets4.com nets4.com
9 brain.rvty.net 6123f6b1e2260df2001dbc1ec59d498c.safeframe.googlesyndication.com
cdn.rvty.net
6 cm.g.doubleclick.net 1 redirects 6123f6b1e2260df2001dbc1ec59d498c.safeframe.googlesyndication.com
6 fonts.gstatic.com fonts.googleapis.com
5 ad13.ad-srv.net 1 redirects brain.rvty.net
ad13.ad-srv.net
5 adservice.google.com securepubads.g.doubleclick.net
5 adservice.google.de securepubads.g.doubleclick.net
5 www.gstatic.com www.google.com
4 www.awin1.com 3 redirects ad13.ad-srv.net
4 ad4m.at s1.adform.net
ad4m.at
4 fonts.googleapis.com securepubads.g.doubleclick.net
cdn.purpleads.io
4 d.clarity.ms www.clarity.ms
d.clarity.ms
3 track.adform.net nets4.com
s1.adform.net
3 c.tile.openstreetmap.org
3 a.tile.openstreetmap.org
3 cdn.purpleads.io nets4.com
3 s0.nets4.com nets4.com
2 cdn.contentspread.net ad13.ad-srv.net
2 www.zenaps.com 2 redirects
2 cdn.rvty.net brain.rvty.net
cdn.rvty.net
2 image6.pubmatic.com 2 redirects
2 d5p.de17a.com 2 redirects
2 pm.w55c.net 2 redirects
2 as.ad4m.at ad4m.at
as.ad4m.at
2 6123f6b1e2260df2001dbc1ec59d498c.safeframe.googlesyndication.com securepubads.g.doubleclick.net
2 s1.adform.net track.adform.net
s1.adform.net
2 www.googletagservices.com nets4.com
6123f6b1e2260df2001dbc1ec59d498c.safeframe.googlesyndication.com
2 csi.gstatic.com securepubads.g.doubleclick.net
cdn.ampproject.org
2 s-img.mgid.com nets4.com
2 1e7d6532cd7194601f9fb13674778223.safeframe.googlesyndication.com securepubads.g.doubleclick.net
2 cloudflareinsights.com static.cloudflareinsights.com
2 c.clarity.ms 1 redirects
2 b.tile.openstreetmap.org
2 static.addtoany.com nets4.com
2 www.google-analytics.com nets4.com
www.google-analytics.com
1 asset.conrad.com ad13.ad-srv.net
1 media.kaspersky.com ad13.ad-srv.net
1 ad-server.eu brain.rvty.net
1 pb.media01.eu pv.medialead.de
1 pv.medialead.de ad13.ad-srv.net
1 www.conrad.de ad13.ad-srv.net
1 ad.ad-srv.net brain.rvty.net
1 s0.2mdn.net 6123f6b1e2260df2001dbc1ec59d498c.safeframe.googlesyndication.com
1 c1.adform.net 1 redirects
1 r.turn.com 6123f6b1e2260df2001dbc1ec59d498c.safeframe.googlesyndication.com
1 ad.turn.com 1 redirects
1 assets.ad4m.at as.ad4m.at
1 googleads.g.doubleclick.net nets4.com
1 68e54b47a04210e958fb01baedc40a87.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 6578c7cbbd643ec253570b8b21f7c149.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 c.mgid.com 1 redirects
1 15d2721b4356df5d408ddc6afff95263.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 c.bing.com 1 redirects
1 www.clarity.ms nets4.com
1 static.cloudflareinsights.com nets4.com
282 63

This site contains links to these domains. Also see Links.

Domain
blog.nets4.com
link.nets4.com
gdrfirm.com
leafletjs.com
www.openstreetmap.org
www.addtoany.com
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-04-29 -
2022-04-28		 a year crt.sh
*.purpleads.io
Amazon		 2021-12-01 -
2022-12-29		 a year crt.sh
www.google.com
GTS CA 1C3		 2022-02-17 -
2022-05-12		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-02-17 -
2022-05-12		 3 months crt.sh
www.clarity.ms
DigiCert TLS RSA SHA256 2020 CA1		 2022-02-27 -
2023-02-27		 a year crt.sh
a.clarity.ms
Microsoft RSA TLS CA 01		 2021-07-27 -
2022-07-27		 a year crt.sh
*.tile.openstreetmap.org
GlobalSign Atlas R3 DV TLS CA H2 2021		 2021-11-26 -
2022-12-28		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2022-02-28 -
2022-05-23		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-02-17 -
2022-05-12		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-02-28 -
2022-05-23		 3 months crt.sh
*.google.de
GTS CA 1C3		 2022-02-17 -
2022-05-12		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2022-02-17 -
2022-05-12		 3 months crt.sh
misc-sni.google.com
GTS CA 1C3		 2022-02-17 -
2022-05-12		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2022-02-28 -
2022-05-23		 3 months crt.sh
track.adform.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-06 -
2022-10-07		 a year crt.sh
*.rvty.net
Sectigo RSA Domain Validation Secure Server CA		 2021-09-05 -
2022-10-05		 a year crt.sh
*.doubleclick.net
GTS CA 1C3		 2022-02-28 -
2022-05-23		 3 months crt.sh
ad-srv.net
R3		 2022-01-27 -
2022-04-27		 3 months crt.sh
www.awin1.com
DigiCert SHA2 Secure Server CA		 2021-06-11 -
2022-06-16		 a year crt.sh
www.conrad.de
Cloudflare Inc ECC CA-3		 2021-05-17 -
2022-05-16		 a year crt.sh
pv.medialead.de
R3		 2022-02-20 -
2022-05-21		 3 months crt.sh
*.media01.eu
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2021-05-27 -
2022-05-27		 a year crt.sh
ad-server.eu
R3		 2022-02-13 -
2022-05-14		 3 months crt.sh
contentspread.net
R3		 2022-01-27 -
2022-04-27		 3 months crt.sh

This page contains 40 frames:

Primary Page: https://nets4.com/domain/gdrfirm.com
Frame ID: 1753B43B6DA2A3C639F816A25F5D72EF
Requests: 78 HTTP requests in this frame

Frame: https://static.addtoany.com/menu/sm.22.html
Frame ID: 88CDB8B4D2CD0BDE3FBB87CA74C5820A
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdBUMUZAAAAAK9sWAfAA-Kd5C0Y4AGlWbDlHXpD&co=aHR0cHM6Ly9uZXRzNC5jb206NDQz&hl=de&v=zLD1nfkNCJC1kEswSRdSyd-p&size=normal&cb=61g14b41i3v0
Frame ID: 477250D713841C35A8D16D0AAE3D4717
Requests: 4 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=de&v=zLD1nfkNCJC1kEswSRdSyd-p&k=6LdBUMUZAAAAAK9sWAfAA-Kd5C0Y4AGlWbDlHXpD
Frame ID: FCB7C77E3B887DD65EB21C315A29C77E
Requests: 3 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Frame ID: B05D5E090D28ACDD293763EBC9AEE748
Requests: 8 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Frame ID: A56433C25E7E85B67153BFD0E20C1C23
Requests: 8 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Frame ID: 510D4643A7071C2CAA424CFDC7646C10
Requests: 8 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Frame ID: EB53599710B261FFDE1BFEEFA04CF3D2
Requests: 11 HTTP requests in this frame

Frame: https://15d2721b4356df5d408ddc6afff95263.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: 3FCC2C5FF7E0E23401174B715E49D7C9
Requests: 1 HTTP requests in this frame

Frame: https://1e7d6532cd7194601f9fb13674778223.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: E264EEA69F1E224F55731DCB621A22D0
Requests: 1 HTTP requests in this frame

Frame: https://s-img.mgid.com/g/11533297/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0xMC8xMDE5MjQvNzg5MWI1MzA3M2Q2OGUyODAzMGY1M2FhMjViNzhhOTEuanBlZw.webp?v=1647560836-gKJyjsJo9Lpg4IW4n_YaqmZecteQ-hV__VfWoCOGnGY
Frame ID: 77D2AA8B82A41A4F9CC8CECDD1715963
Requests: 3 HTTP requests in this frame

Frame: https://6578c7cbbd643ec253570b8b21f7c149.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: 7931A19AA270DC6A38A05C4471BEDDF8
Requests: 1 HTTP requests in this frame

Frame: https://68e54b47a04210e958fb01baedc40a87.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: CD521FD9DAD3E393E4EBDD16A7C04A36
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 066FBE267C08F78B2656D0162B1FF5E6
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 5F5C87DF62648AA41E08CB2FA06836B8
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 01F65892B8A7356DF1968F07F6DC2A1A
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 71D7179196C4A5C3DAE4CB9997263FA7
Requests: 2 HTTP requests in this frame

Frame: https://1e7d6532cd7194601f9fb13674778223.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: D5F26E7436F7F8C12518D8FC2A784566
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 24FD0A4124A388C4AC06B4061C90710A
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 532630E5919D81BDB194BCE19788760F
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 73AC9A9E959620A5CE0DA80217589E44
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: F7005283C26BAF8FFDEDAB4D85BD3210
Requests: 2 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/032203150226000/amp4ads-v0.mjs
Frame ID: 0AC7E5BB5F9FAB6089232D37C5A55AB3
Requests: 18 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pagead/adview?ai=ChcDZhcgzYrGrAYqs9u8Pu6Sh8Azz2KuTXMm81LOiB8CNtwEQASAAYJWCgICYB4IBF2NhLXB1Yi01NDEzMzI5NTQ0MDQwOTQ3yAEJqQLtjfzbp6OyPuACAKgDAaoEwAJP0LRqCQ6tQESdzHargpXUdGBi0zuRMffh2frEpD0ibTLAeJGpWKNuosHQGM9p-do5TKOlnODlge_Af8s3jDw2Qzh-WL8Y47yn5QzGWBeOrhp0_C7wEZHDB1n9ru_Whax9WnzdbPAMTXxP1VZlaXPHyXdWsTf5DEmVG6oWxQRXv_v0gqJ947cPOnVpUpW4QwzPerltQvX1h-k_ikzctDv1eppqa0QJ1XI_tOcBZOPZiwnYagaAhg2w_a4FgN6uXLnKzuVZQcPDDiuIYDqBeIDwH3m65lAauE91xdseRct4jHihU05vNv-QiRk1XsEJMc1W8Cye5-S5_CUb0jzsu8XvSXef53Lb7PXBrhF6DDoiOyQ84VqKr575Kj1vZA09YtxgDsWzHk57paQTPgu3CGcP5M78dKUpZbdFcdr9YBsdguAEAYAGk53h3smo1OVVoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIBwiI4YAQEAGACgP6CwIIAYAMAdAVAYAXAbIXHAoaEhRwdWItNTQxMzMyOTU0NDA0MDk0NxjBjHQ&sigh=DiFcqiKhxDU&uach_m=[UACH]&cid=CAQSLgCNIrLMT50C00XANVbiVpjALbqil-6_cSdcVOMnKARd8HgQil8eUOJsgltX8q4YAQ
Frame ID: BB0C65FEA34C1AA53BDC52A30DEF935B
Requests: 14 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012202142035000/amp4ads-v0.mjs
Frame ID: FA0BA991C63AA72651AC0524D6C5192C
Requests: 18 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012202142035000/amp4ads-v0.mjs
Frame ID: 20F7405B6AF53217D22CDF1B21C7F00E
Requests: 14 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Lato&display=swap
Frame ID: 9AA8E4561AE6A560BD9C2B88E3C17C3F
Requests: 10 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: 7A1A21306D08FE87161170DA35A90614
Requests: 1 HTTP requests in this frame

Frame: https://6123f6b1e2260df2001dbc1ec59d498c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: CE2D65678469C3D46DBF6133DECEA51D
Requests: 1 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=164567&b=m39hefx6V2FDBk3UmH8tjHzt2j8SDTwTbpFA&f=7Q4sqfJZQ1aZB47FrH6tqHECrXbcGT1TeBsM&c=300&d=50&e=OolEng4L_lusx6rDU-_eKr32sZM3OToa&g=90fffc08a3cb8bcd0a5cefd54f763700%2F8012973873249129233&i=27903&j=22&k=0&l=0&m=0&n=&p=&q=&o=adfPros&r=1647560838122&h=https%3A%2F%2Fadclick.g.doubleclick.net%2Faclk%3Fsa%3DL%26ai%3DCiGmUhcgzYrGrAYqs9u8Pu6Sh8Azz2KuTXMm81LOiB8CNtwEQASAAYJWCgICYB4IBF2NhLXB1Yi01NDEzMzI5NTQ0MDQwOTQ3yAEJqQLtjfzbp6OyPuACAKgDAaoEwwJP0LRqCQ6tQESdzHargpXUdGBi0zuRMffh2frEpD0ibTLAeJGpWKNuosHQGM9p-do5TKOlnODlge_Af8s3jDw2Qzh-WL8Y47yn5QzGWBeOrhp0_C7wEZHDB1n9ru_Whax9WnzdbPAMTXxP1VZlaXPHyXdWsTf5DEmVG6oWxQRXv_v0gqJ947cPOnVpUpW4QwzPerltQvX1h-k_ikzctDv1eppqa0QJ1XI_tOcBZOPZiwnYagaAhg2w_a4FgN6uXLnKzuVZQcPDDiuIYDqBeIDwH3m65lAauE91xdseRct4jHihU05vNv-QiRk1XsEJMc1W8Cye5-S5_CUb0jzsu8XvSXef53Lb7PXBrhF6DDoiOyQ84VqKr575Kj0tZiyv_2DfM0gMBOKpsAzpPh-9pW0h_HZGvrCBlRpbXcJi-bwgD2u1ZuAEAYAGk53h3smo1OVVoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIBwiI4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2q5YmPfFCKpCmp61BVuKha454Fgg%26client%3Dca-pub-5413329544040947%26adurl%3Dhttps%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D38516437%3Bcrtbwp%3DYjPIhQAAVbEH_ZYKAAhSOysg_DA06Xuf1YxNJQ%3Bcrtbdata%3DjMNqeDmYZHgIk9qdCCgtc9qvyE9AGVDLhDPwpeeSDH60KFzw_Ga9MgL3A9aIACnCkzVso3BR7Lo2kfoM_TuyM2JKPWuLIq4KTwRQbOu329qag0nNn_TStNUtcbwk_EEt1ze_K0M1yVMAlSmKr0WpCxzqDCQv8EFw3xnkH6EPWp0LH1JAjXHfvHLKO70OaRj3qX_8TG3jcqB_ppLmovDQxTBiUvPiwFaXzzfDXRik1uTyzrZ0YIaR6wvpS6diP-Uea0PWi1yik87JmznXDEs5eLSHwVdZtoIoJHDuC3BYyXOQ__shu12iERMmgpn_XCjFQeEimShqzcc1%3Badfibeg%3D0%3Bcdata%3D_BodCXuBvX-CnyoDaqEmOhKhCcOyBLaCmjzxfh41Hvce_12Ggyl5RYMI44uQEshf0EL03mbyTNXB81ifIhuSCY3scUm5kCP3a7iCPj1oc7rTxbyfjJ0aoxDy8biJvemqF88uCtR-ZnnHoFEk39kKgMN4iOtIBxgX0%3B%3BCREFURL%3Dhttps%253a%252f%252fnets4.com%3BC%3D1%3Bcpdir%3D&y=1&z=0
Frame ID: F48E9E76EC61D4F6FEE76BAC36B13B74
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: D1A98EE22B02D74CA1E9EDB3C3D4C513
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 16754A739FEA32A439D4951881E177EF
Requests: 2 HTTP requests in this frame

Frame: https://6123f6b1e2260df2001dbc1ec59d498c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: E299C7469201C7676ADA533904A78C4E
Requests: 9 HTTP requests in this frame

Frame: https://brain.rvty.net/RTB/ShowAd?adHeight=250&adWidth=300&adFormat=5&adslotId=&siteId=128293778&bannerId=195234&e=3&p=YjPIhgABWC0H_Ya3AA4qKzUWgLFm4naCDA0CqA&penc=&bp=76923&a=6233c886-0002-2b70-08bb-c04dcd0e909b&n=1&geo=-873437515&rawURL=https%3A%2F%2Fnets4.com%2Fdomain%2Fgdrfirm.com&rawReferrerURL=&uid=1c59ceaf-b058-4c1f-b081-aa255bc6fdbe&euid=CAESEL0HsBdmpVXFNJ9tBChdTKI&encn=N4IgXglgDiBcIE4DsBmArABhAGhAYwHsBXAOwBcAnATzhABEBRHEAQzLgEZcAbEgc04YAdACYMANhQAWDkinTxCESgAcuPBDI14AWRYQSAIwCmFEgAtjEALbMKEWgCEAmswDOZNsacsqpkszcbHBSCEJIIiIqHCKyaEiYqAC+QA&clickurl=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCPnC1hsgzYq2wBbeN9u8Pq9S4wATm_qP3XO6LrIhfwI23ARABIABglYKAgJgHggEXY2EtcHViLTU0MTMzMjk1NDQwNDA5NDfIAQmpAu2N_Nuno7I-4AIAqAMBqgTAAk_QV6fRvH3vyhiaEE1OaSOpQVV17nsOxina-HenJRecxkmi5Go2h-B_2CeQ0ykPQf2matNVYy127tWAohpcpIvzQ0G1y9MB8vuD1amJ-yJEFDzahD6CDxi8sCDOlgoYqKl3B7j3PXH7410OV0wdU2rvqRlgKmkJJ_nsGI9noaUwdg46jcsyM2CIwfn7aLl-NmhKYNP9Ysa-Ujqp8iE_Yu8v3mk00i6nRR_t0cZKVf7X6YgVA4IYgKoD3IfLDECckJ9gUK0dTd6PYLElKhno9G7hgVx7d3GOV-j3M7QLGipL920X2n64tLpN6qRswo3BgLAvrk9sH5hRG_YCkXclxWpGNmhZbRgdTc_XBwDz_hhkkQKCN0LquelG9mxtmtpaNf5boRg_HqT4dtewb-yUu0oxcZY8VXRvi8pKYktNHII24AQBgAaXnpzDyJKHrn2gBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_322DE43XN4IFwcoT51-KmGENG7uA%26client%3Dca-pub-5413329544040947%26adurl%3D&gdpr=1&gdpr_consent=
Frame ID: 5FA6E408D6F8A8EF9EDE16969C2604DD
Requests: 6 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: BC397D516234BF2431E5173DA6308F32
Requests: 9 HTTP requests in this frame

Frame: https://www.awin1.com/cshow.php?s=2548147&v=14098&q=379099&r=278235&pv=1&pref1=43017500005044800906793011902013&gdpr=&gdpr_consent=
Frame ID: D662EE4389E8CEE3C227E61DCE60944B
Requests: 1 HTTP requests in this frame

Frame: https://www.conrad.de/ztpv.php?awc=11354_278235_1647560838_94d49d91-a64c-11ec-81bc-2262d3a2196d&insert=AW
Frame ID: 004246AF3C80367137E3255DE1604417
Requests: 1 HTTP requests in this frame

Frame: https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=50149&dt_subid2=43017500005044800906793011902013&actionid=981741&produktid=&dt_url=
Frame ID: B6FA213321561445EAAB04AC3EE88FB4
Requests: 1 HTTP requests in this frame

Frame: https://ad13.ad-srv.net/request_content.php?s=43017500005044800906793011902013&a=d197e19d
Frame ID: F3A286924EBE66B96EA9B4956065C9B6
Requests: 7 HTTP requests in this frame

Frame: https://cdn.rvty.net/_files/js/jquery-1.10.2.min.js
Frame ID: 837AE564CE6360A80E35F48EF342C447
Requests: 9 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Gdrfirm domain statistics - Gdrfirm.com

Detected technologies

Overall confidence: 100%
Detected patterns
  • leaflet.{0,32}\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • static\.cloudflareinsights\.com/beacon(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • tpc\.googlesyndication\.com/safeframe
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <script [^>]*src="[^"]*/popper\.js/([0-9.]+)
  • /popper\.js/([0-9.]+)
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

282
Requests

96 %
HTTPS

0 %
IPv6

36
Domains

63
Subdomains

45
IPs

9
Countries

3045 kB
Transfer

7649 kB
Size

41
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 63
  • https://c.clarity.ms/c.gif HTTP 302
  • https://c.bing.com/c.gif?CtsSyncId=E9979E27FF2C4F5BA843D6B33BF46C62&RedC=c.clarity.ms&MXFR=1671A1470D816A491742B02D09816438 HTTP 302
  • https://c.clarity.ms/c.gif?CtsSyncId=E9979E27FF2C4F5BA843D6B33BF46C62&MUID=065D1B68752962CF0DAF0A0274426355
Request Chain 107
  • https://c.mgid.com/c?pv=2&v=0|0|0|5a-ANozBrvcw5IAqK6IFO4K9lHMIAFZuH-8rwRLxfh0uad16u1yDnBYxLOCzUKBY&cid=1221081&f=1&h2=L_VeimGmIyuuyKT7tZS8nfhiGb6CTwVO6xjKycj2N0E*&rid=93cd9879-a64c-11ec-9ac2-e4434b151356&psid=608532c2eac0e20ce6d36538&iub=aHR0cHM6Ly9zLWltZy5tZ2lkLmNvbS9nLzExNTMzMjk3LzMyOHgzMjgvLS9hSFIwY0RvdkwyTnNMbWx0WjJodmMzUnpMbU52YlM5cGJXZG9MMmx0WVdkbEwyWmxkR05vTDJGeVh6RTZNU3hqWDJacGJHd3NaVjl6YUdGeWNHVnVPakV3TUN4bVgycHdaeXhuWDJaaFkyVnpPbUYxZEc4c2QxODVOakF2YUhSMGNEb3ZMMmx0WjJodmMzUnpMbU52YlM5MEx6SXdNakV0TVRBdk1UQXhPVEkwTHpjNE9URmlOVE13TnpOa05qaGxNamd3TXpCbU5UTmhZVEkxWWpjNFlUa3hMbXB3WldjLndlYnA_dj0xNjQ3NTYwODM2LTFHN1l3d1RKM1dJdldQOFFXdHFWUlBsZ3d6UElkWEV5T1JFTFBmdlg0cVU= HTTP 301
  • https://s-img.mgid.com/g/11533297/328x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE6MSxjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8sd185NjAvaHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjEtMTAvMTAxOTI0Lzc4OTFiNTMwNzNkNjhlMjgwMzBmNTNhYTI1Yjc4YTkxLmpwZWc.webp?v=1647560836-1G7YwwTJ3WIvWP8QWtqVRPlgwzPIdXEyORELPfvX4qU
Request Chain 206
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 248
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESEA1qVv8sQYolXAl4rwKlYJM&google_cver=1&google_push=AYg5qPL-Z-7f6Jhh827D8-6kNEXHZki3e53dOQdMOZTrX437qcTnVO-lZDDD5S6HZ8iOoYxeujj6Vl-Ceb80bT7mJEecRbiqBkh7 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=NDAyMzA1MTYxNTAwODI3MTc0Ng==&gdpr=&gdpr_consent= HTTP 302
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEA1qVv8sQYolXAl4rwKlYJM&google_cver=1
Request Chain 249
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEIxpZsq9-9qEpLDAkUqipaw&google_cver=1&google_push=AYg5qPKOajbofl16mt_1i5XMzTm7c9XyW3gLta9QJJjScu82rvKSzIsR3OTIP4ke76qxmj6b1YW4Ut_Nb1KoMiKEOpz4wxuiQYY HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEIxpZsq9-9qEpLDAkUqipaw&google_cver=1&google_push=AYg5qPKOajbofl16mt_1i5XMzTm7c9XyW3gLta9QJJjScu82rvKSzIsR3OTIP4ke76qxmj6b1YW4Ut_Nb1KoMiKEOpz4wxuiQYY HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=aU1ZVkE0eXIxTnVaUFU1&google_gid=CAESEIxpZsq9-9qEpLDAkUqipaw&google_cver=1&google_push=AYg5qPKOajbofl16mt_1i5XMzTm7c9XyW3gLta9QJJjScu82rvKSzIsR3OTIP4ke76qxmj6b1YW4Ut_Nb1KoMiKEOpz4wxuiQYY
Request Chain 250
  • https://d5p.de17a.com/cookies/google?google_gid=CAESECvmQd_iuynAEeVPNlUDyB4&google_cver=1&google_push=AYg5qPJ9o8TWn2Gj3wUnY3axc2ZSTrwMozCGmwp-7LVECTxs4lxr8BkfKu_DADX6wRGNCjbqu0TiYomY8HKudIAm_K9EBbagK-G6 HTTP 302
  • https://d5p.de17a.com/cookies/google;c?google_gid=CAESECvmQd_iuynAEeVPNlUDyB4&google_cver=1&google_push=AYg5qPJ9o8TWn2Gj3wUnY3axc2ZSTrwMozCGmwp-7LVECTxs4lxr8BkfKu_DADX6wRGNCjbqu0TiYomY8HKudIAm_K9EBbagK-G6 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AYg5qPJ9o8TWn2Gj3wUnY3axc2ZSTrwMozCGmwp-7LVECTxs4lxr8BkfKu_DADX6wRGNCjbqu0TiYomY8HKudIAm_K9EBbagK-G6
Request Chain 251
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEPGRv5b04b9ziu9LeHnIJjc&google_cver=1&google_push=AYg5qPK6N-N9V2Co1PcnPsVmB0-N98VqvrvAmQeERERGD0zU3NbwWn5nkuAdrhUiYeKyV-WwHnzj-CqK1NOscdRV7JXMSN7qV-2j HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTY5MzI1NjUyOTg2NDU2ODUzMg&google_push=AYg5qPK6N-N9V2Co1PcnPsVmB0-N98VqvrvAmQeERERGD0zU3NbwWn5nkuAdrhUiYeKyV-WwHnzj-CqK1NOscdRV7JXMSN7qV-2j
Request Chain 252
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEIjZ_qdsapERpU9TKuCea0M&google_cver=1&google_push=AYg5qPJ_6uCRIbi0uv68eOzlegRYgqWFOUaXSNRDhC7hx5WIn47GnPhn_GGWNUajoOqhsqJdTFJKLtFXElAEWw3AnYQIi9zWg4OP HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEIjZ_qdsapERpU9TKuCea0M&google_cver=1&google_push=AYg5qPJ_6uCRIbi0uv68eOzlegRYgqWFOUaXSNRDhC7hx5WIn47GnPhn_GGWNUajoOqhsqJdTFJKLtFXElAEWw3AnYQIi9zWg4OP&rdf=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=CJ6qctR6T5OHYnV6j-IesA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPJ_6uCRIbi0uv68eOzlegRYgqWFOUaXSNRDhC7hx5WIn47GnPhn_GGWNUajoOqhsqJdTFJKLtFXElAEWw3AnYQIi9zWg4OP
Request Chain 253
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEDPDm7iT1uFak7j0CtFyIJ4&google_cver=1&google_push=AYg5qPKnj7Ou7NYHkMbz-Bx3bcrdQpsPKPNMqgy6VaqQrzBQ2qfTANoz3GbPZ4al-sJ3XJbUFSWX5UAOXAVQE0dayRC3sZB1yO7s HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEDPDm7iT1uFak7j0CtFyIJ4&google_push=AYg5qPKnj7Ou7NYHkMbz-Bx3bcrdQpsPKPNMqgy6VaqQrzBQ2qfTANoz3GbPZ4al-sJ3XJbUFSWX5UAOXAVQE0dayRC3sZB1yO7s&s=184023&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjPIhs3TUtudPgKnL_Dx9wAABJAAAAIB&google_push=AYg5qPKnj7Ou7NYHkMbz-Bx3bcrdQpsPKPNMqgy6VaqQrzBQ2qfTANoz3GbPZ4al-sJ3XJbUFSWX5UAOXAVQE0dayRC3sZB1yO7s&google_cver=1&google_gid=CAESEDPDm7iT1uFak7j0CtFyIJ4 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjPIhs3TUtudPgKnL_Dx9wAABJAAAAIB&google_push=AYg5qPKnj7Ou7NYHkMbz-Bx3bcrdQpsPKPNMqgy6VaqQrzBQ2qfTANoz3GbPZ4al-sJ3XJbUFSWX5UAOXAVQE0dayRC3sZB1yO7s&google_cver=1&google_gid=CAESEDPDm7iT1uFak7j0CtFyIJ4 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjPIhs3TUtudPgKnL_Dx9wAABJAAAAIB&google_push=AYg5qPKnj7Ou7NYHkMbz-Bx3bcrdQpsPKPNMqgy6VaqQrzBQ2qfTANoz3GbPZ4al-sJ3XJbUFSWX5UAOXAVQE0dayRC3sZB1yO7s&google_cver=1&google_gid=CAESEDPDm7iT1uFak7j0CtFyIJ4 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjPIhs3TUtudPgKnL_Dx9wAABJAAAAIB&google_push=AYg5qPKnj7Ou7NYHkMbz-Bx3bcrdQpsPKPNMqgy6VaqQrzBQ2qfTANoz3GbPZ4al-sJ3XJbUFSWX5UAOXAVQE0dayRC3sZB1yO7s&google_cver=1&google_gid=CAESEDPDm7iT1uFak7j0CtFyIJ4 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjPIhs3TUtudPgKnL_Dx9wAABJAAAAIB&google_push=AYg5qPKnj7Ou7NYHkMbz-Bx3bcrdQpsPKPNMqgy6VaqQrzBQ2qfTANoz3GbPZ4al-sJ3XJbUFSWX5UAOXAVQE0dayRC3sZB1yO7s&google_cver=1&google_gid=CAESEDPDm7iT1uFak7j0CtFyIJ4 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjPIhs3TUtudPgKnL_Dx9wAABJAAAAIB&google_push=AYg5qPKnj7Ou7NYHkMbz-Bx3bcrdQpsPKPNMqgy6VaqQrzBQ2qfTANoz3GbPZ4al-sJ3XJbUFSWX5UAOXAVQE0dayRC3sZB1yO7s&google_cver=1&google_gid=CAESEDPDm7iT1uFak7j0CtFyIJ4 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjPIhs3TUtudPgKnL_Dx9wAABJAAAAIB&google_push=AYg5qPKnj7Ou7NYHkMbz-Bx3bcrdQpsPKPNMqgy6VaqQrzBQ2qfTANoz3GbPZ4al-sJ3XJbUFSWX5UAOXAVQE0dayRC3sZB1yO7s&google_cver=1&google_gid=CAESEDPDm7iT1uFak7j0CtFyIJ4 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjPIhs3TUtudPgKnL_Dx9wAABJAAAAIB&google_push=AYg5qPKnj7Ou7NYHkMbz-Bx3bcrdQpsPKPNMqgy6VaqQrzBQ2qfTANoz3GbPZ4al-sJ3XJbUFSWX5UAOXAVQE0dayRC3sZB1yO7s&google_cver=1&google_gid=CAESEDPDm7iT1uFak7j0CtFyIJ4 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjPIhs3TUtudPgKnL_Dx9wAABJAAAAIB&google_push=AYg5qPKnj7Ou7NYHkMbz-Bx3bcrdQpsPKPNMqgy6VaqQrzBQ2qfTANoz3GbPZ4al-sJ3XJbUFSWX5UAOXAVQE0dayRC3sZB1yO7s&google_cver=1&google_gid=CAESEDPDm7iT1uFak7j0CtFyIJ4 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjPIhs3TUtudPgKnL_Dx9wAABJAAAAIB&google_push=AYg5qPKnj7Ou7NYHkMbz-Bx3bcrdQpsPKPNMqgy6VaqQrzBQ2qfTANoz3GbPZ4al-sJ3XJbUFSWX5UAOXAVQE0dayRC3sZB1yO7s&google_cver=1&google_gid=CAESEDPDm7iT1uFak7j0CtFyIJ4 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjPIhs3TUtudPgKnL_Dx9wAABJAAAAIB&google_push=AYg5qPKnj7Ou7NYHkMbz-Bx3bcrdQpsPKPNMqgy6VaqQrzBQ2qfTANoz3GbPZ4al-sJ3XJbUFSWX5UAOXAVQE0dayRC3sZB1yO7s&google_cver=1&google_gid=CAESEDPDm7iT1uFak7j0CtFyIJ4 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjPIhs3TUtudPgKnL_Dx9wAABJAAAAIB&google_push=AYg5qPKnj7Ou7NYHkMbz-Bx3bcrdQpsPKPNMqgy6VaqQrzBQ2qfTANoz3GbPZ4al-sJ3XJbUFSWX5UAOXAVQE0dayRC3sZB1yO7s&google_cver=1&google_gid=CAESEDPDm7iT1uFak7j0CtFyIJ4 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjPIhs3TUtudPgKnL_Dx9wAABJAAAAIB&google_push=AYg5qPKnj7Ou7NYHkMbz-Bx3bcrdQpsPKPNMqgy6VaqQrzBQ2qfTANoz3GbPZ4al-sJ3XJbUFSWX5UAOXAVQE0dayRC3sZB1yO7s&google_cver=1&google_gid=CAESEDPDm7iT1uFak7j0CtFyIJ4 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjPIhs3TUtudPgKnL_Dx9wAABJAAAAIB&google_push=AYg5qPKnj7Ou7NYHkMbz-Bx3bcrdQpsPKPNMqgy6VaqQrzBQ2qfTANoz3GbPZ4al-sJ3XJbUFSWX5UAOXAVQE0dayRC3sZB1yO7s&google_cver=1&google_gid=CAESEDPDm7iT1uFak7j0CtFyIJ4 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjPIhs3TUtudPgKnL_Dx9wAABJAAAAIB&google_push=AYg5qPKnj7Ou7NYHkMbz-Bx3bcrdQpsPKPNMqgy6VaqQrzBQ2qfTANoz3GbPZ4al-sJ3XJbUFSWX5UAOXAVQE0dayRC3sZB1yO7s&google_cver=1&google_gid=CAESEDPDm7iT1uFak7j0CtFyIJ4 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjPIhs3TUtudPgKnL_Dx9wAABJAAAAIB&google_push=AYg5qPKnj7Ou7NYHkMbz-Bx3bcrdQpsPKPNMqgy6VaqQrzBQ2qfTANoz3GbPZ4al-sJ3XJbUFSWX5UAOXAVQE0dayRC3sZB1yO7s&google_cver=1&google_gid=CAESEDPDm7iT1uFak7j0CtFyIJ4 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjPIhs3TUtudPgKnL_Dx9wAABJAAAAIB&google_push=AYg5qPKnj7Ou7NYHkMbz-Bx3bcrdQpsPKPNMqgy6VaqQrzBQ2qfTANoz3GbPZ4al-sJ3XJbUFSWX5UAOXAVQE0dayRC3sZB1yO7s&google_cver=1&google_gid=CAESEDPDm7iT1uFak7j0CtFyIJ4 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjPIhs3TUtudPgKnL_Dx9wAABJAAAAIB&google_push=AYg5qPKnj7Ou7NYHkMbz-Bx3bcrdQpsPKPNMqgy6VaqQrzBQ2qfTANoz3GbPZ4al-sJ3XJbUFSWX5UAOXAVQE0dayRC3sZB1yO7s&google_cver=1&google_gid=CAESEDPDm7iT1uFak7j0CtFyIJ4 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjPIhs3TUtudPgKnL_Dx9wAABJAAAAIB&google_push=AYg5qPKnj7Ou7NYHkMbz-Bx3bcrdQpsPKPNMqgy6VaqQrzBQ2qfTANoz3GbPZ4al-sJ3XJbUFSWX5UAOXAVQE0dayRC3sZB1yO7s&google_cver=1&google_gid=CAESEDPDm7iT1uFak7j0CtFyIJ4
Request Chain 260
  • https://ad13.ad-srv.net/request.php?zone=2mxc7hyuwk9b&nw=14&renderingType=javascript&namespace=cdc5a7ffdd&subid=&uid=31c631295af670d9&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=ANIM_AFTER_30S%3A0&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fadclick.g.doubleclick.net%2Faclk%3Fsa%3DL%26ai%3DCPnC1hsgzYq2wBbeN9u8Pq9S4wATm_qP3XO6LrIhfwI23ARABIABglYKAgJgHggEXY2EtcHViLTU0MTMzMjk1NDQwNDA5NDfIAQmpAu2N_Nuno7I-4AIAqAMBqgTAAk_QV6fRvH3vyhiaEE1OaSOpQVV17nsOxina-HenJRecxkmi5Go2h-B_2CeQ0ykPQf2matNVYy127tWAohpcpIvzQ0G1y9MB8vuD1amJ-yJEFDzahD6CDxi8sCDOlgoYqKl3B7j3PXH7410OV0wdU2rvqRlgKmkJJ_nsGI9noaUwdg46jcsyM2CIwfn7aLl-NmhKYNP9Ysa-Ujqp8iE_Yu8v3mk00i6nRR_t0cZKVf7X6YgVA4IYgKoD3IfLDECckJ9gUK0dTd6PYLElKhno9G7hgVx7d3GOV-j3M7QLGipL920X2n64tLpN6qRswo3BgLAvrk9sH5hRG_YCkXclxWpGNmhZbRgdTc_XBwDz_hhkkQKCN0LquelG9mxtmtpaNf5boRg_HqT4dtewb-yUu0oxcZY8VXRvi8pKYktNHII24AQBgAaXnpzDyJKHrn2gBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_322DE43XN4IFwcoT51-KmGENG7uA%26client%3Dca-pub-5413329544040947%26adurl%3Dhttp%253A%252F%252Fbrain.rvty.net%252FRTB%252FClick%253Fx%253DEASY-X-COORDINATE%2526y%253DEASY-Y-COORDINATE%2526s%253D128293778%2526a%253D195234%2526t%253D1647560838319%2526l%253D-873437515%2526p%253D3%2526appid%253D%2526aa%253D6233c886-0002-2b70-08bb-c04dcd0e909b%2526gdpr%253D1%2526gdpr_consent%253D%2526dest%253D&documentReferer=https%3A%2F%2F6123f6b1e2260df2001dbc1ec59d498c.safeframe.googlesyndication.com%2F&ancestorOrigins=https%3A%2F%2F6123f6b1e2260df2001dbc1ec59d498c.safeframe.googlesyndication.com%2Chttps%3A%2F%2Fnets4.com%2Chttps%3A%2F%2Fnets4.com&random=6003674062224&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 HTTP 302
  • https://ad13.ad-srv.net/request.php?zone=2mxc7hyuwk9b&nw=14&renderingType=javascript&namespace=cdc5a7ffdd&subid=&uid=31c631295af670d9&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=ANIM_AFTER_30S%3A0&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fadclick.g.doubleclick.net%2Faclk%3Fsa%3DL%26ai%3DCPnC1hsgzYq2wBbeN9u8Pq9S4wATm_qP3XO6LrIhfwI23ARABIABglYKAgJgHggEXY2EtcHViLTU0MTMzMjk1NDQwNDA5NDfIAQmpAu2N_Nuno7I-4AIAqAMBqgTAAk_QV6fRvH3vyhiaEE1OaSOpQVV17nsOxina-HenJRecxkmi5Go2h-B_2CeQ0ykPQf2matNVYy127tWAohpcpIvzQ0G1y9MB8vuD1amJ-yJEFDzahD6CDxi8sCDOlgoYqKl3B7j3PXH7410OV0wdU2rvqRlgKmkJJ_nsGI9noaUwdg46jcsyM2CIwfn7aLl-NmhKYNP9Ysa-Ujqp8iE_Yu8v3mk00i6nRR_t0cZKVf7X6YgVA4IYgKoD3IfLDECckJ9gUK0dTd6PYLElKhno9G7hgVx7d3GOV-j3M7QLGipL920X2n64tLpN6qRswo3BgLAvrk9sH5hRG_YCkXclxWpGNmhZbRgdTc_XBwDz_hhkkQKCN0LquelG9mxtmtpaNf5boRg_HqT4dtewb-yUu0oxcZY8VXRvi8pKYktNHII24AQBgAaXnpzDyJKHrn2gBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_322DE43XN4IFwcoT51-KmGENG7uA%26client%3Dca-pub-5413329544040947%26adurl%3Dhttp%253A%252F%252Fbrain.rvty.net%252FRTB%252FClick%253Fx%253DEASY-X-COORDINATE%2526y%253DEASY-Y-COORDINATE%2526s%253D128293778%2526a%253D195234%2526t%253D1647560838319%2526l%253D-873437515%2526p%253D3%2526appid%253D%2526aa%253D6233c886-0002-2b70-08bb-c04dcd0e909b%2526gdpr%253D1%2526gdpr_consent%253D%2526dest%253D&documentReferer=https%3A%2F%2F6123f6b1e2260df2001dbc1ec59d498c.safeframe.googlesyndication.com%2F&ancestorOrigins=https%3A%2F%2F6123f6b1e2260df2001dbc1ec59d498c.safeframe.googlesyndication.com%2Chttps%3A%2F%2Fnets4.com%2Chttps%3A%2F%2Fnets4.com&random=6003674062224&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Request Chain 265
  • https://www.awin1.com/cshow.php?s=2470167&v=11354&q=371933&r=278235&pv=1&pref1=43017500005044800906793011902013&gdpr=&gdpr_consent= HTTP 302
  • https://www.zenaps.com/cshow.php?pvr=94d49d91-a64c-11ec-81bc-2262d3a2196d&v=11354&r=278235&q=371933&s=2470167&viewref=43017500005044800906793011902013&pv=1&gdpr=&gdpr_consent= HTTP 302
  • https://www.conrad.de/ztpv.php?awc=11354_278235_1647560838_94d49d91-a64c-11ec-81bc-2262d3a2196d&insert=AW
Request Chain 273
  • https://www.awin1.com/cshow.php?s=2548147&v=14098&q=379099&r=278235&pv=0&pref1=43017500005044800906793011902013&gdpr=&gdpr_consent= HTTP 302
  • https://media.kaspersky.com/de/affiliates/22_Q1_B2C_DACH-DE_KTS-promo_60-OFF_Affiliates_120x60.png
Request Chain 274
  • https://www.awin1.com/cshow.php?s=2470167&v=11354&q=371933&r=278235&pref1=43017500005044800906793011902013&gdpr=&gdpr_consent= HTTP 302
  • https://www.zenaps.com/cshow.php?pvr=94e71421-a64c-11ec-81bc-2262d3a2196d&v=11354&r=278235&q=371933&s=2470167&viewref=43017500005044800906793011902013&gdpr=&gdpr_consent= HTTP 302
  • https://asset.conrad.com/media10/isa/160267/c1/-/de/easter_120x60?format=gif

282 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request gdrfirm.com
nets4.com/domain/ 		45 KB
12 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://nets4.com/domain/gdrfirm.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.114.96.7 Medellín, Colombia, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
794ee14dd1db8efdba58a0b36251f57ea388d10afbea1b33bed23f450d6caa45

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Thu, 17 Mar 2022 23:47:15 GMT
content-type
text/html; charset=UTF-8
cf-ray
6ed99cd07e429007-FRA
cache-control
public, max-age=86400, proxy-revalidate
last-modified
Thu, 17 Mar 2022 23:47:15 GMT
vary
Accept-Encoding
cf-cache-status
MISS
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8Vz3bkxnvN6JDC5jiYDmREuUPqtVj6BA7%2Ft5sUpmPzPcRcLlVVNzeztacSNDwjvH02f7GLByCVK8IoIaqAL4GPWxkvHDhvUNae0ZeYrlK4i39sMAvcOLSCCMU2U%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
awkqrI1qzYcE0gTfW6uXyLl_1bA.js
nets4.com/cdn-cgi/apps/head/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nets4.com/cdn-cgi/apps/head/awkqrI1qzYcE0gTfW6uXyLl_1bA.js
Requested by
Host: nets4.com
URL: https://nets4.com/domain/gdrfirm.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.114.96.7 Medellín, Colombia, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f70751d4b3f5d5c9f208ea16e8cbcac3c6abf1bda80357da3fcd21dde4333449

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/domain/gdrfirm.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 23:47:15 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
4466488
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
BY6CAZDM09BG4BCW
x-amz-id-2
ehIXWVY/ZUF5Ooi83TSBV1+KlYYK1I/8tpZOmWF/sUwesuxopnAJy2SIiernsJLpc1vgoFVbpXM=
last-modified
Fri, 10 Dec 2021 11:06:12 GMT
server
cloudflare
etag
W/"e951628ea64bbeadb19c6d855ca98c7a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WWWlY4nVTQBebA8ZKqx%2BjJaz0Rq%2FmiyO%2FtDdyu%2FHT4pBMK6EEIg4tOuQFIGQNPPPvzsy3bEOcbrz1jTlfpVjH5gflzhRDKIIu9hFsao97FxcdFjXIeVB1Qgpj5k%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
x-amz-version-id
7KspX51u1Msx7FcOmJWweyW7FbGqzJNg
cf-ray
6ed99cd49b209007-FRA
bootstrap.min.css
cdnjs.cloudflare.com/ajax/libs/bootstrap/4.5.3/css/ 		157 KB
18 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/bootstrap/4.5.3/css/bootstrap.min.css
Requested by
Host: nets4.com
URL: https://nets4.com/domain/gdrfirm.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.18.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f77c0d1739b618edc4a01ca3f6b2990b01a3009030af49ee8cf68e83052df194
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 23:47:15 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
1829970
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
17620
timing-allow-origin
*
last-modified
Tue, 20 Jul 2021 01:00:47 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"60f6203f-44d4"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4u1lI8MBy%2BjUlhbgJti0Mnb%2FLRvjZZEtPMbZRiwTvfu7aAXWycWQXyyokMcOrsL9dGVxP7fK6VgLnm8Sjqk0hsjBOII00ER7mmJ82sc%2BonXjd%2Bvegbqwfa2C748WygloNFHlH1KY"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6ed99cd4b8eb9042-FRA
expires
Tue, 07 Mar 2023 23:47:15 GMT
all.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.4/css/ 		58 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.4/css/all.min.css
Requested by
Host: nets4.com
URL: https://nets4.com/domain/gdrfirm.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.18.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
99464ceb71bc9bbdcc72275faefe44f98eb5cbb6b5d8ee665b87b35376f1a96e
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 23:47:15 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
265017
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
10462
timing-allow-origin
*
last-modified
Mon, 13 Sep 2021 19:10:03 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"613fa20b-28de"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aXdBCwyB4S%2B6Ju10kT8rQA%2B8IkDpfulv1fT90Y%2B261%2BD4QwF9ZIsppQxP5WzjPNxUPMEUh0sGERMyc80q9UkEsG%2B9L2TPHrHP4az%2Bdpeb%2FobwqX9fMsw4%2BU1nB0U4nMrEYdGF%2BUG"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6ed99cd4b8ed9042-FRA
expires
Tue, 07 Mar 2023 23:47:15 GMT
style.css
nets4.com/assets/css/ 		345 B
560 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://nets4.com/assets/css/style.css
Requested by
Host: nets4.com
URL: https://nets4.com/domain/gdrfirm.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.114.96.7 Medellín, Colombia, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f0f382f3320ade05dd14f969ff7dd9d894c6a6571165ab6d7fcdade2f4836dfc

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/domain/gdrfirm.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 23:47:15 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
4670
cf-polished
origSize=451
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Mon, 01 Nov 2021 12:55:19 GMT
server
cloudflare
etag
W/"617fe3b7-1c3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1CSusx1LgCaSuhDVpbOo27auuRmUEVDr4jBodqm0%2BCnt7ui3HVPdPCfP3eiqrxBve067FHEv%2FEHxD9Nny0KxK1VaKw19%2B7DqahDz6DEJ5TT0ChlDwekqiwpA1fg%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cf-ray
6ed99cd49b219007-FRA
cf-bgj
minify
invisible.js
nets4.com/cdn-cgi/challenge-platform/h/b/scripts/ 		42 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nets4.com/cdn-cgi/challenge-platform/h/b/scripts/invisible.js?ts=1647558000
Requested by
Host: nets4.com
URL: https://nets4.com/domain/gdrfirm.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.7 Medellín, Colombia, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cb04b2db485641ae128456f8d68f248f797b624e9803f32884fe1f3b7f1d5beb

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/domain/gdrfirm.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 23:47:15 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pHgq1saoULmtX073g1Z0tG0RSgoFE9DStt8XFLev0sobZJpJ3UrfKcog37mFvLTkitSj48n7V%2F%2B2g8WWU%2B3PO2Wark99bk9Ic4d8cdwCrsdmWOtfgaBBHtyZ0yk%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cache-control
max-age=604800, public
x-control-type-options
nosniff
cf-ray
6ed99cd4bae29c0d-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
Th69y9F.png
img.nets4.com/img/i.imgur.com/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.nets4.com/img/i.imgur.com/Th69y9F.png?w=120&h=20&f=auto
Requested by
Host: nets4.com
URL: https://nets4.com/domain/gdrfirm.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.114.96.7 Medellín, Colombia, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
704f6f54ae77cd5ea0a0bf47ebb70727a9bd76a311d7e54788ad3dc79b366739
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 23:47:15 GMT
via
1.1 varnish
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
4466343
cf-ray
6ed99cd4bb3d9007-FRA
x-cache
MISS, MISS
x-cache-hits
0
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
3395
x-served-by
cache-sea4480-SEA, cache-fra19175-FRA
server
cloudflare
x-timer
S1643094492.029969,VS0,VE283
etag
W/"6df89d86deba278d112332afb4bb100b1a6165842a7fdb7f78a5a70c7c7218aa"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1B1cctcamMaPwJjjOKwotD9iGub95ynIrIiVWhu1WZsjIOMOo0M%2BLpzRgayMElxT7gzgLLwZ35MiEvvs2wrUVucQGPAAeqyrYp59Hbzzc%2BMVQkMsO7BkNQmFs1O%2BwVoX"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
access-control-allow-origin
*
vary
Accept, Accept-Encoding
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
link
<https://img.nets4.com/image/Th69y9F.png>; rel="canonical"
access-control-expose-headers
*
58T3Wrl.png
img.nets4.com/img/i.imgur.com/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.nets4.com/img/i.imgur.com/58T3Wrl.png?w=20h=20&f=auto
Requested by
Host: nets4.com
URL: https://nets4.com/domain/gdrfirm.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.114.96.7 Medellín, Colombia, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2255ec4c3254a41b448889224b2cc5c32f8d6f8a6165d3c58aa6523f86c0957c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 23:47:15 GMT
via
1.1 varnish
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
4466343
cf-ray
6ed99cd4bb409007-FRA
x-cache
MISS, HIT
x-cache-hits
1
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1117
x-served-by
cache-sea4474-SEA, cache-fra19183-FRA
server
cloudflare
x-timer
S1643094492.028983,VS0,VE1
etag
W/"86d32e1b83f7c87590ac6aad5f278dca67bb9675a7a7869ed47749c6cf91763d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7IhkUVRMYBYmQYRZH9aB%2FavkYmirmeWOVC3%2FV%2FjME4W%2FJ10Ekdy4ir43jgOOmwovx5jtcKifk1nYpNJfRpkBppftD4aciQBS5sge7B%2Bmmww89zFcxBwjnTYyvuyF2JyK"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
access-control-allow-origin
*
vary
Accept, Accept-Encoding
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
link
<https://img.nets4.com/image/58T3Wrl.png>; rel="canonical"
access-control-expose-headers
*
leaflet.min.css
cdnjs.cloudflare.com/ajax/libs/leaflet/1.7.1/ 		10 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/leaflet/1.7.1/leaflet.min.css
Requested by
Host: nets4.com
URL: https://nets4.com/domain/gdrfirm.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.18.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
722c5b95144aaf980dafacd36b1df0a3a0cff78962e8eee8f56e40c423f00b6f
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://nets4.com/
Origin
https://nets4.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 23:47:15 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
3645394
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
2153
timing-allow-origin
*
last-modified
Thu, 03 Sep 2020 12:27:33 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5f50e135-298f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mGSpK522X3oB8wDc2kOSpIGMIVvNTaEsYdDddMYN3RUKKQxWFPdIi1viFRnwvz3GeT3LOlNKbH5NdqdxjZDeQHGdflzjaqkasIt3wrydGMms7FUpn2qMhlJ%2FuzCgVk9f%2FX5apbPG"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6ed99cd4ca955b44-FRA
expires
Tue, 07 Mar 2023 23:47:15 GMT
Zc4iwuj.png
img.nets4.com/img/i.imgur.com/ 		814 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.nets4.com/img/i.imgur.com/Zc4iwuj.png?w=15h=15&f=auto
Requested by
Host: nets4.com
URL: https://nets4.com/domain/gdrfirm.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.114.96.7 Medellín, Colombia, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dd1892cb87a74dac682a6207344909a96f23d342670b32063a4f4bae614805dd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 23:47:15 GMT
via
1.1 varnish
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
4466343
cf-ray
6ed99cd4bb419007-FRA
x-cache
MISS, MISS
x-cache-hits
0
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
814
x-served-by
cache-sea4422-SEA, cache-fra19147-FRA
server
cloudflare
x-timer
S1643094492.035927,VS0,VE269
etag
W/"ef5e715e8edc5303224592e859bd4f82e513e48ef6932a25dfb6f389dbaed4a9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qPczFRYfAQJnlZJSJA%2Fkzf%2BXP9V1M1XBW9FIEK64b2hRlRtjY5TQEohejN49qTA%2BZ16hbSaRlE0SwURWsv5b30Qd8Vu7fnE2GpfyHZNcMiApsPTHLoyIMS%2Fjeee%2BRe39"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
access-control-allow-origin
*
vary
Accept, Accept-Encoding
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
link
<https://img.nets4.com/image/Zc4iwuj.png>; rel="canonical"
access-control-expose-headers
*
email-decode.min.js
nets4.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nets4.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: nets4.com
URL: https://nets4.com/domain/gdrfirm.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.7 Medellín, Colombia, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/domain/gdrfirm.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 23:47:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 14 Mar 2022 18:25:01 GMT
server
cloudflare
etag
W/"622f887d-4d7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
DENY
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jV1G6d2CtLm%2BS%2BtPvbvNOkDJE6cWml4CggWZeOlus7MCkj04ZMfTmSIiXSmZwDaT%2FsonGfddplvGRPTJI053VLybuS0UIrDZ48JdaU6QyYVNs%2B8o2orAzE1jZcY%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=172800, public
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6ed99cd4badf9c0d-FRA
vary
Accept-Encoding
expires
Sat, 19 Mar 2022 23:47:15 GMT
rocket-loader.min.js
nets4.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nets4.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Requested by
Host: nets4.com
URL: https://nets4.com/domain/gdrfirm.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.7 Medellín, Colombia, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/domain/gdrfirm.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 23:47:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 14 Mar 2022 18:25:01 GMT
server
cloudflare
etag
W/"622f887d-302c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
DENY
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cS17MLgOpOUQA2jzhOmz6js8I0LQIu1ZUTipjnPAK3NLNEB1kDPSpDx1JLSej2iDZmooiiE2IFtMluGNNdrWa%2Bd6Fc9kw8ZFSaVrKhF8DCMyfXtxnBMsN2b7AII%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=172800, public
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6ed99cd4caea9c0d-FRA
vary
Accept-Encoding
expires
Sat, 19 Mar 2022 23:47:15 GMT
W25b9ht.png
img.nets4.com/img/i.imgur.com/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.nets4.com/img/i.imgur.com/W25b9ht.png?w=40&h=40&f=auto
Requested by
Host: nets4.com
URL: https://nets4.com/domain/gdrfirm.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.7 Medellín, Colombia, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
17a97981604a1fe56f8804e77655010e70cbfbbac2c66e03a303e876dfd72640
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 23:47:15 GMT
via
1.1 varnish
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
4466336
cf-ray
6ed99cd51b529c0d-FRA
x-cache
HIT, MISS
x-cache-hits
0
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1574
x-served-by
cache-sea4420-SEA, cache-fra19181-FRA
server
cloudflare
x-timer
S1643094500.716062,VS0,VE220
etag
W/"ee80457266cef4b485c3668cbdd5f67e7ed204e94a46f041afd17fa27c93c945"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BanPKT9RHA9Smt0OfAJzb5CtvBwGqj0WswEONq33J9sKtOjtZnkr8GvnWEKXvmT53022yU02FOg4HMq1yJ0Ic2Wr0oGr98y%2FM6e%2B4ygmMydvNmZGIBkPHcIwHBfMlOYs"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
access-control-allow-origin
*
vary
Accept, Accept-Encoding
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
link
<https://img.nets4.com/image/W25b9ht.png>; rel="canonical"
access-control-expose-headers
*
fa-solid-900.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.4/webfonts/ 		76 KB
77 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.4/webfonts/fa-solid-900.woff2
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.4/css/all.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.16.18.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8f52ae059ebd18fcb45ca5d2f81ab410ade2b54e096aa1284fd4b2b97bf3ddc9
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.4/css/all.min.css
Origin
https://nets4.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 23:47:15 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
1737726
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
78268
timing-allow-origin
*
last-modified
Mon, 13 Sep 2021 19:10:03 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"613fa20b-131bc"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pn1zD4SitpMtN2IRUVLp0q9lprEHILKiGfaBjMc8ezJSosGqyrXL%2F2aAu17h8%2BIOIiN5mvCCVtBnoCFsK6WPoTePbHAy7hj5tAHUe3bZBHuZSJiZoX%2BOOdv%2B8sKD5Qb6weaHIcPs"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6ed99cd53b8e920d-FRA
expires
Tue, 07 Mar 2023 23:47:15 GMT
2110edf9-d900-4c77-82ec-c8baa2642f93.png
s0.nets4.com/s/ 		41 KB
41 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.nets4.com/s/2110edf9-d900-4c77-82ec-c8baa2642f93.png?w=500
Requested by
Host: nets4.com
URL: https://nets4.com/domain/gdrfirm.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.114.96.7 Medellín, Colombia, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e415d9d0616f890ca610ffb19dc36d88549176edf8d00da5540e8670488bc013
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 23:47:17 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache
MISS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
41857
x-served-by
cache-sea4431-SEA
timing-allow-origin
*
server
cloudflare
etag
W/"678d26e09c145c7bd7683ef72256e190c5823cc78d1e787d5796a36fc8e3c938"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2SAJcwt8CF8t%2BJBa50woIB9O1BYjqd6Ms6nh0oauQoKeNaHwWdkHj2IHW4NnDV%2Fc7Zawy1ZvFxPbo8hOEvpWdRmQG4H7PistnmHnxkLbjIM9z83XAStSh1ivCVCsaTM%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
access-control-allow-origin
*
vary
Accept, Accept-Encoding
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
cf-ray
6ed99cd54bc69007-FRA
link
<https://urlscan.io/screenshots/2110edf9-d900-4c77-82ec-c8baa2642f93.png>; rel="canonical"
access-control-expose-headers
*
gdrfirm.com
img.nets4.com/favs/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.nets4.com/favs/gdrfirm.com?size=32
Requested by
Host: nets4.com
URL: https://nets4.com/domain/gdrfirm.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.7 Medellín, Colombia, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
23443ac73d1e6193f8a33c7a6162c3fb1c5b063ac7d9f00aafcdcccd940d9a58
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 23:47:16 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1578
x-xss-protection
1; mode=block
last-modified
Thu, 17 Mar 2022 23:47:16 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GBFLPIaaAo05nTu5h%2FQxkYl6vYwSRI5v6iuYZJcosipQG4EhjYL4PRWiE6wg22IfcFHaBGtUYawAk%2FkjiYpXx2wdZy4l4pYdJ2w5TLweZflSJvD8hfGNxVmMtXK%2B7NEh"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=691200
accept-ranges
bytes
cf-ray
6ed99cd54b979c0d-FRA
gdrfirm.com
img.nets4.com/favs/ 		650 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.nets4.com/favs/gdrfirm.com?size=16
Requested by
Host: nets4.com
URL: https://nets4.com/domain/gdrfirm.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.7 Medellín, Colombia, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b02392de3c75234a90f71cafd02963eb202d8ce252e266b09933feaceb636d41
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 23:47:15 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
650
x-xss-protection
1; mode=block
last-modified
Thu, 17 Mar 2022 23:47:15 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gzOsFjbfF9Ms2zkZRs5j6Xc1hcwseG6tF%2FUptnA3fIgeaH4G3mPjjyKKp6iekcwdnfCgnr%2FPEaSRsy1RR2d%2FgGk33igsP68BNcbCCrsnb%2FZIWTmQjq3NX2yokyicrJOD"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=691200
accept-ranges
bytes
cf-ray
6ed99cd54b999c0d-FRA
backlinks-discovery-chart
s0.nets4.com/charts/ 		30 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.nets4.com/charts/backlinks-discovery-chart?d=gdrfirm.com&w=400&h=200&entries=12&ctype=2
Requested by
Host: nets4.com
URL: https://nets4.com/domain/gdrfirm.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.114.96.7 Medellín, Colombia, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1c9d3eca43d5f9f485ecbd906dd1f97e63c65d80454b80205e90359e1cccc685
Security Headers
Name Value
Content-Security-Policy frame-ancestors https://docs.google.com https://*.googleusercontent.com;
X-Content-Type-Options nosniff
X-Frame-Options ALLOW-FROM https://docs.google.com
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 23:47:16 GMT
x-content-type-options
nosniff
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-security-policy-report-only
default-src 'self';script-src 'self' 'unsafe-inline' 'unsafe-eval' analytics.majesticseo.com analytics.majestic.com info.majestic.com https://www.googletagmanager.com www.google-analytics.com https://www.googleadservices.com/ https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ https://platform.twitter.com/;style-src 'self' 'unsafe-inline';img-src 'self' data: https:;font-src 'none';object-src 'none';media-src 'none';frame-src www.openstreetmap.org www.youtube.com https://www.google.com/recaptcha/ https://platform.twitter.com/ https://syndication.twitter.com/;child-src www.openstreetmap.org www.youtube.com https://www.google.com/recaptcha/ https://platform.twitter.com/ https://syndication.twitter.com/;frame-ancestors https://docs.google.com https://*.googleusercontent.com;report-uri /csp/report
content-disposition
filename=BacklinkHistoryChart.png
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
30787
x-xss-protection
1; mode=block
server
cloudflare
x-frame-options
ALLOW-FROM https://docs.google.com
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Language, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ltSHlPFqY63oGJ%2BC405Oyr96ByRZutUL%2FuzW%2FHvFWgAjuM3j%2BOW3I%2FOKuYroVqHuI5IAd%2BVrbEvqpdBaThjgyEGPnCwhUQKoPSsbS2290JLssILQ274sr4H7dGdv8%2Fg%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=604800
content-security-policy
frame-ancestors https://docs.google.com https://*.googleusercontent.com;
accept-ranges
bytes
cf-ray
6ed99cd57c009007-FRA
expires
Thu, 24 Mar 2022 23:47:15 GMT
referring-domains-discovery
s0.nets4.com/charts/ 		31 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.nets4.com/charts/referring-domains-discovery?d=gdrfirm.com&w=400&h=200&entries=12&ctype=2
Requested by
Host: nets4.com
URL: https://nets4.com/domain/gdrfirm.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.114.96.7 Medellín, Colombia, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
99c3bb6ca05861635fa2d84e489a2f20ea6f7fd4854b4b2aad2fbd17efed8ce6
Security Headers
Name Value
Content-Security-Policy frame-ancestors https://docs.google.com https://*.googleusercontent.com;
X-Content-Type-Options nosniff
X-Frame-Options ALLOW-FROM https://docs.google.com
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 23:47:16 GMT
x-content-type-options
nosniff
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-security-policy-report-only
default-src 'self';script-src 'self' 'unsafe-inline' 'unsafe-eval' analytics.majesticseo.com analytics.majestic.com info.majestic.com https://www.googletagmanager.com www.google-analytics.com https://www.googleadservices.com/ https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ https://platform.twitter.com/;style-src 'self' 'unsafe-inline';img-src 'self' data: https:;font-src 'none';object-src 'none';media-src 'none';frame-src www.openstreetmap.org www.youtube.com https://www.google.com/recaptcha/ https://platform.twitter.com/ https://syndication.twitter.com/;child-src www.openstreetmap.org www.youtube.com https://www.google.com/recaptcha/ https://platform.twitter.com/ https://syndication.twitter.com/;frame-ancestors https://docs.google.com https://*.googleusercontent.com;report-uri /csp/report
content-disposition
filename=BacklinkHistoryChart.png
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
32114
x-xss-protection
1; mode=block
server
cloudflare
x-frame-options
ALLOW-FROM https://docs.google.com
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Language, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UbC%2BgOCBJgrBbtqeT705huWOOqFAii2op8kxCUsBqVJl2W0KsB%2FTpOqgf6gqa0VyQbXGi4BFBae9VwwoLyesU4iCFBaXAVhxAsal%2BvWmLGpAb30AX0H%2BofL3rwkKM8c%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=604800
content-security-policy
frame-ancestors https://docs.google.com https://*.googleusercontent.com;
accept-ranges
bytes
cf-ray
6ed99cd57c039007-FRA
expires
Thu, 24 Mar 2022 23:47:15 GMT
ristrutturaconmade.it
img.nets4.com/favs/ 		163 B
685 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.nets4.com/favs/ristrutturaconmade.it?size=16
Requested by
Host: nets4.com
URL: https://nets4.com/domain/gdrfirm.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.7 Medellín, Colombia, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0cd48e24d2c40fbc60268830b3ec3d11a7a6c6203d2005835f378c8c2c68b2e8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 23:47:15 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
274
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
163
x-xss-protection
1; mode=block
last-modified
Thu, 17 Mar 2022 23:42:41 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J6vo3xzJFGxD4%2B6r76EmFpXzubHXbcSV7%2FpqRZdCLOLGyiI495ijXHGdqrIojzLXqTjpjN2PPJUJGg0HDHnwfiSgbR01Jp%2BynokhVDQryfbMqDLJsa9YPK1YufPayp4o"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=691200
accept-ranges
bytes
cf-ray
6ed99cd56bd09c0d-FRA
ev01.to
img.nets4.com/favs/ 		532 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.nets4.com/favs/ev01.to?size=16
Requested by
Host: nets4.com
URL: https://nets4.com/domain/gdrfirm.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.7 Medellín, Colombia, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
831638ff326e9da0d644ed8c84a9bd16237c810cd7d6d82a461ff767bcff4dcb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 23:47:15 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
364496
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
532
x-xss-protection
1; mode=block
last-modified
Sun, 13 Mar 2022 18:32:19 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2F2SxTCvR8K1jUCP8R%2F2ndtiLOfPltMtVtM2tbOKv6DLSJqpiQ2QI%2FAEkpAq8qjcrkBDZyA7rER%2B4q9A2kEdBSe2ageD1sf1B3XGUTcOGjo2JEM%2FobX%2FuBtZ1BTTN8P41"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=691200
accept-ranges
bytes
cf-ray
6ed99cd56bd19c0d-FRA
angular-university.io
img.nets4.com/favs/ 		720 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.nets4.com/favs/angular-university.io?size=16
Requested by
Host: nets4.com
URL: https://nets4.com/domain/gdrfirm.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.7 Medellín, Colombia, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a38325612f5fdaaa4dd5ca534a1d5afbf7323ad5c6f3fbca0e9ef247495cc2e2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 23:47:15 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
8997
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
720
x-xss-protection
1; mode=block
last-modified
Thu, 17 Mar 2022 21:17:18 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X4Xb7iZuyMcCv%2Bmz3y9a7b0XocUGIoxfpq7q3AFEqWXcL2DuIzWIsOrIZnzp0DAl7nzzEjEByXPtMsmlSV1qczvdnnvZD0TYIyEMsXO4S0xTMtiV7%2BVs7dPbMwqZIIra"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=691200
accept-ranges
bytes
cf-ray
6ed99cd56bd59c0d-FRA
videoclick.cn
img.nets4.com/favs/ 		70 B
590 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.nets4.com/favs/videoclick.cn?size=16
Requested by
Host: nets4.com
URL: https://nets4.com/domain/gdrfirm.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.7 Medellín, Colombia, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9681c0a0a13d8581f202bfaf62e53563ea6d0d6bd8e542b35b6d7c09b0e7b41b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 23:47:15 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
10801
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
70
x-xss-protection
1; mode=block
last-modified
Thu, 17 Mar 2022 20:47:14 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7mJ5o4E1SWgIR2xPLSGSyK9AiDZKOD5nN8Z2ywaxRlVS8%2FX7QLgm7lhQl99FqY6j34BU8qnwFtP9rqZERMAafhyduJwoIVy8jf6Ygybim7VMYdDSwWxnatnXbFR715d%2F"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=691200
accept-ranges
bytes
cf-ray
6ed99cd58bef9c0d-FRA
glader.ru
img.nets4.com/favs/ 		684 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.nets4.com/favs/glader.ru?size=16
Requested by
Host: nets4.com
URL: https://nets4.com/domain/gdrfirm.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.7 Medellín, Colombia, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5680a47c73d1d095b6efacdfc495f7a2a38f55091ed68a3a2a62a11fdce02fda
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 23:47:15 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
12962
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
684
x-xss-protection
1; mode=block
last-modified
Thu, 17 Mar 2022 20:11:13 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GQMYTbnsJup6Un9%2B7DZJijfhyWy%2BK%2BQrwiA%2FTujD72QKdvGpqgkIvvhc0nxGhsUXUL6lFV4EqHNYrXwDoau9PsHmKvbjUtdh3IVPJQGMYs%2Bl1MXcOZTapdHSWEm7%2Fmpp"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=691200
accept-ranges
bytes
cf-ray
6ed99cd58bf19c0d-FRA
moviesjoy.to
img.nets4.com/favs/ 		679 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.nets4.com/favs/moviesjoy.to?size=16
Requested by
Host: nets4.com
URL: https://nets4.com/domain/gdrfirm.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.7 Medellín, Colombia, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d05a01f1f832a89a1419f229f0ab3c8f8ae8b791f1b24f973bfb3800ae5efec8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 23:47:15 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
8461
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
679
x-xss-protection
1; mode=block
last-modified
Thu, 17 Mar 2022 21:26:14 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GllKuYRir1rLAnADpmS3HRK6ItWjXjMF6DOK%2Blvgx5W%2Fw%2Fy5CS9R4opUEDs56elBOKXiZ%2FU0S9hoJ8Hf%2BsmSA5x%2B6LJHM%2Fde892b5u3XUyTpHZu67st5FPR0roZJZbR%2B"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=691200
accept-ranges
bytes
cf-ray
6ed99cd58bf39c0d-FRA
imoe.org
img.nets4.com/favs/ 		568 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.nets4.com/favs/imoe.org?size=16
Requested by
Host: nets4.com
URL: https://nets4.com/domain/gdrfirm.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.7 Medellín, Colombia, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
33f820c33074a8332f0a72349309504670818bc9f8a3f1958ba03bc0cebd5ad2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 23:47:15 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
18572
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
568
x-xss-protection
1; mode=block
last-modified
Thu, 17 Mar 2022 18:37:43 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=53wa0u5h3TK4P8sloBvr4OQOsk9EN0WZw20uBSMGjBmqJ8RwM3Inpof3JmtPxM2z7rtZIutBTI5vE4hthP%2FjRC0OjdEFHfHpc64nlJK6e2w504uL%2FHsYO34MP%2FRpSmKU"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=691200
accept-ranges
bytes
cf-ray
6ed99cd58bf59c0d-FRA
9anime.to
img.nets4.com/favs/ 		242 B
771 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.nets4.com/favs/9anime.to?size=16
Requested by
Host: nets4.com
URL: https://nets4.com/domain/gdrfirm.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.7 Medellín, Colombia, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
50fb88e3a2d413c5c0a0294b71e0da34829b2ec9444ba55af7e1d6935a4029a3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 23:47:15 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
538904
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
242
x-xss-protection
1; mode=block
last-modified
Fri, 11 Mar 2022 18:05:31 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xOrIXXDpfIyOGShpbYfLQ1YI6Y%2BcutRH%2BvZpkhI0%2BtVX22873W%2FfXadXgYgjEIllJk9b9qKhsM0UwJnSoTYG2XCX4%2FUeVx0sQpStw7NXGWs%2Bct1wXKNBy4RBJuo%2FLxsM"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=691200
accept-ranges
bytes
cf-ray
6ed99cd58bf69c0d-FRA
brainupgrade.in
img.nets4.com/favs/ 		70 B
592 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.nets4.com/favs/brainupgrade.in?size=16
Requested by
Host: nets4.com
URL: https://nets4.com/domain/gdrfirm.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.7 Medellín, Colombia, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9681c0a0a13d8581f202bfaf62e53563ea6d0d6bd8e542b35b6d7c09b0e7b41b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 23:47:15 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
37905
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
70
x-xss-protection
1; mode=block
last-modified
Thu, 17 Mar 2022 13:15:30 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cqMDIgJSISFrXYy1IUPhEqj9hYMT5cPJKlwEYzEStb8Y4Cqiwg%2B2gqhGj%2BvLwSAiJQZ7oqZyPDT2IVIgRF88lKESf7T2e0NNKiiUUTI2G8tpKvPAtdEtNAATEuAIeRW%2B"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=691200
accept-ranges
bytes
cf-ray
6ed99cd58bf79c0d-FRA
acrypto.io
img.nets4.com/favs/ 		598 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.nets4.com/favs/acrypto.io?size=16
Requested by
Host: nets4.com
URL: https://nets4.com/domain/gdrfirm.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.7 Medellín, Colombia, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
15c9a12b774a3fd7b6193ed3bbff67e99545affb93f0127463320f977469771b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 23:47:15 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
37905
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
598
x-xss-protection
1; mode=block
last-modified
Thu, 17 Mar 2022 13:15:30 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BfFGUmKjPxEl%2FfXR1aWxq3NtK3QCScuTqlYc3usWw1MBuPJQpfPgaXjcDT%2BI8lQhee43kaegskPB3LNuWYZF%2Fyke0BF1ybUS7GEydrtgeIPMBLGBtSXNgMypC0BnT5D0"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=691200
accept-ranges
bytes
cf-ray
6ed99cd58bf89c0d-FRA
gdrfirm.com
nets4.com/domain/ 		15 B
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://nets4.com/domain/gdrfirm.com
Requested by
Host: nets4.com
URL: https://nets4.com/domain/gdrfirm.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.7 Medellín, Colombia, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://nets4.com/domain/gdrfirm.com
ts-request-embed-key
d9f356b8-dc97-48f3-b28a-f5aa0092e02d:53fb39389920be86891e0f3999ea66a36d6a4f98dada2e95b187f6e17669f06c
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 17 Mar 2022 23:47:15 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eIV53XSycSuuO76EA1wjRfaJSUF3pvJsfBlEzCMD%2FkF1FC77aaJIy2eF592KMrOPZKmsq2yxXS7g2m6yZyrsxAQm%2FsUsK%2BD1NUufXaBaOHNeODwk0nlmqiJyWxk%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=UTF-8
cache-control
no-store
cf-ray
6ed99cd58bfa9c0d-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
15
leaflet.js
cdnjs.cloudflare.com/ajax/libs/leaflet/1.7.1/ 		139 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/leaflet/1.7.1/leaflet.js
Requested by
Host: nets4.com
URL: https://nets4.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.16.18.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c837347a297c1a35852aa375392cc74950a2b868214e8b1909c4637b8b63ee24
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://nets4.com/
Origin
https://nets4.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 23:47:15 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
266016
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
35659
timing-allow-origin
*
last-modified
Thu, 03 Sep 2020 12:27:01 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5f50e115-22a75"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AhYwSh64wUVmA8mcvE4gqe82Zw2WTB7xMSOL%2Bwh52mz0urKo%2FcwfV%2FCBYlTHvwN6UJyxnbZCWG2Cz6tj1DCtX8IRvLhHZxy6FLVtJZ3IGwX30mEuHhd%2B3FklGkcNyOMLtuunyVnN"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6ed99cd58be1920d-FRA
expires
Tue, 07 Mar 2023 23:47:15 GMT
agent.js
cdn.purpleads.io/ 		35 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.purpleads.io/agent.js?publisherId=344ad2e45bc351c4ada152793585a015:8aed5d81ec539e8e6c45776fc6ee38d0aa92f5aeb356bf9114996f6476591916247996f56f76a9fe14770cd4806b54edb29d6938615ba1769d3b435fb1fcd83b
Requested by
Host: nets4.com
URL: https://nets4.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-54.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1d07bcab4c15f3ff3b56d0b5c9f44c3dd1c7266eb5788bfbc09f02822b07de0c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 09:36:56 GMT
content-encoding
gzip
last-modified
Tue, 15 Mar 2022 09:36:51 GMT
server
AmazonS3
age
51020
etag
"6b17cf687f43a8f73178a58f89d7d60e"
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 8b889e35789d2b97f2ba8771acc9a008.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P3
accept-ranges
bytes
content-length
10487
x-amz-cf-id
-LMLPOHwijObCT3Ec-dDExkXssJ31oz3kBcFD8IPn1-_33vkQi_0Cg==
sharebutton.js
nets4.com/assets/js/ 		80 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nets4.com/assets/js/sharebutton.js
Requested by
Host: nets4.com
URL: https://nets4.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.7 Medellín, Colombia, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
21af66f64bb18b1159ee363a933d5630e27419c83915d4d5ef42d8154f3921da

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/domain/gdrfirm.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 23:47:15 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1981
cf-polished
origSize=120806
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Sat, 03 Jul 2021 07:08:27 GMT
server
cloudflare
etag
W/"60e00ceb-1d7e6"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=20o%2FlT9VFee36a3ZEBIwI66NVWqtOzAkaMThlG6OSCdvBPXVmKAFRq0OQvJU1d43Krc%2F60E%2FzmR83P4p%2Bs9UyGkoOGrDcUEo5kqPuNWI3L62A0z5cJV1alWJ1KE%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cf-ray
6ed99cd58bff9c0d-FRA
cf-bgj
minify
load.js
cdn.purpleads.io/ 		24 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.purpleads.io/load.js?publisherId=344ad2e45bc351c4ada152793585a015:8aed5d81ec539e8e6c45776fc6ee38d0aa92f5aeb356bf9114996f6476591916247996f56f76a9fe14770cd4806b54edb29d6938615ba1769d3b435fb1fcd83b
Requested by
Host: nets4.com
URL: https://nets4.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-54.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
56386db6fedf5475ff6ac57939cfaac58722f519fdce666cee7494b993c84e81

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 09:37:09 GMT
content-encoding
gzip
last-modified
Mon, 21 Feb 2022 10:12:20 GMT
server
AmazonS3
age
51016
etag
"46df8e234dd4307137411d6b4887edad"
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 8b889e35789d2b97f2ba8771acc9a008.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P3
accept-ranges
bytes
content-length
6702
x-amz-cf-id
mQElmrgj_KV88EDS9GBNacwKTsjfhqCztXCPzp3DRt5h3hcMlZH-Lg==
api.js
www.google.com/recaptcha/ 		850 B
967 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js
Requested by
Host: nets4.com
URL: https://nets4.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.164 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f4.1e100.net
Software
GSE /
Resource Hash
32a97e6497cd6c3a611286892f51f127409221715c0cb3f2795f8c480bc76de4
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 23:47:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
content-security-policy
frame-ancestors 'self'
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
554
x-xss-protection
1; mode=block
expires
Thu, 17 Mar 2022 23:47:15 GMT
bootstrap.min.js
cdnjs.cloudflare.com/ajax/libs/bootstrap/4.5.3/js/ 		62 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/bootstrap/4.5.3/js/bootstrap.min.js
Requested by
Host: nets4.com
URL: https://nets4.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.16.18.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d8968086f7509df34c3278563dab87399da4f9dcdfb419818e3a309eedc70b88
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 23:47:15 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
269593
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
13102
timing-allow-origin
*
last-modified
Tue, 20 Jul 2021 01:00:47 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"60f6203f-332e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TDNd2WIGhqw7JXT9MtZBPckq7RVh4ZFk6V1oYxTkwYQpbuz06frOSyFILIHWUebcfc4S0UjQpIy%2FomfItWjzvpTG0TbvOQscuB0f3UEPwNHIvdsqLlJwGbd9ZNHzIWARozB3VWsa"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6ed99cd59a376993-FRA
expires
Tue, 07 Mar 2023 23:47:15 GMT
popper.min.js
cdnjs.cloudflare.com/ajax/libs/popper.js/2.10.0/umd/ 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/popper.js/2.10.0/umd/popper.min.js
Requested by
Host: nets4.com
URL: https://nets4.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.16.18.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
691d4bd7b9b31f9ab1b1837e7d956e0e3041ef63c1ee0edee8ca6208a4234efd
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 23:47:15 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
1840802
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
6107
timing-allow-origin
*
last-modified
Thu, 02 Sep 2021 17:01:41 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"61310375-17db"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1yyyuJF5j1teK6TOQl0sXnvUk7QEUA7kdK9zhfvet2BV4acTktJHZCTXA4C2fkIQDKWbk5wRBO0%2BK8D1rL15amJS5n%2B0WyN0C0rQ5v897KjwXwlZGrngjRQyYGId1LZRdf6jcOSG"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6ed99cd59a386993-FRA
expires
Tue, 07 Mar 2023 23:47:15 GMT
jquery.min.js
cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/ 		87 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/jquery.min.js
Requested by
Host: nets4.com
URL: https://nets4.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.16.18.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 23:47:15 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
2436485
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
27938
timing-allow-origin
*
last-modified
Tue, 02 Mar 2021 18:58:36 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"603e8adc-15d9d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KnxrMqtdrEzZC8MRHS%2FGBtNOy%2B7U7Bin5tZi437Lr5b9oDpwonK5i9iCCYqnhyoqMpdIqvfeyujkVvyDdY%2F%2Bt5Hlx9cVfN85wmsVd31NkQ6KuC1%2F5vYLiZRWsp5M6W1ACDg261bl"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6ed99cd59a356993-FRA
expires
Tue, 07 Mar 2023 23:47:15 GMT
beacon.min.js
static.cloudflareinsights.com/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cloudflareinsights.com/beacon.min.js
Requested by
Host: nets4.com
URL: https://nets4.com/cdn-cgi/apps/head/awkqrI1qzYcE0gTfW6uXyLl_1bA.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.156.26 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fd0a1ac929c11b08e819fe4b0a18c5574012c44f09de8987c6be99a0f055a505

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 23:47:15 GMT
content-encoding
gzip
last-modified
Thu, 09 Dec 2021 19:55:17 GMT
server
cloudflare
etag
W/2021.12.0
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
cf-ray
6ed99cd61b1069a3-FRA
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: nets4.com
URL: https://nets4.com/domain/gdrfirm.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.142 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f142.1e100.net
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
6149
date
Thu, 17 Mar 2022 22:04:46 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Fri, 18 Mar 2022 00:04:46 GMT
s.js
nets4.com/cdn-cgi/zaraz/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nets4.com/cdn-cgi/zaraz/s.js?z=JTdCJTIyZXhlY3V0ZWQlMjIlM0ElNUIlNUQlMkMlMjJ0cmFja3MlMjIlM0ElNUIlNUQlMkMlMjJ0JTIyJTNBJTIyR2RyZmlybSUyMGRvbWFpbiUyMHN0YXRpc3RpY3MlMjAtJTIwR2RyZmlybS5jb20lMjIlMkMlMjJ3JTIyJTNBMTYwMCUyQyUyMmglMjIlM0ExMjAwJTJDJTIyaiUyMiUzQTEyMDAlMkMlMjJlJTIyJTNBMTYwMCUyQyUyMmwlMjIlM0ElMjJodHRwcyUzQSUyRiUyRm5ldHM0LmNvbSUyRmRvbWFpbiUyRmdkcmZpcm0uY29tJTIyJTJDJTIyciUyMiUzQSUyMiUyMiUyQyUyMmslMjIlM0EyNCUyQyUyMm4lMjIlM0ElMjJVVEYtOCUyMiUyQyUyMm8lMjIlM0EwJTdE
Requested by
Host: nets4.com
URL: https://nets4.com/domain/gdrfirm.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.7 Medellín, Colombia, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d81da1c2333ea18b9649d21dd0dbb2a09141d43d18ef3e2eea1157f3e56d6277

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/domain/gdrfirm.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 23:47:15 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
access-control-allow-methods
GET, HEAD, POST, OPTIONS
content-type
text/javascript
access-control-allow-origin
https://nets4.com
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ChgMcw0yE1C1RPsenXbRXjxnwC9PPeWrzWacGqNjNKNcMHax5WAxkgrKTmSAKaSnNOycRULvTNLPhlqbDXxyUBT9dbeNTzqjleQvejJJJa7LziZKMFnfsUjJO1g%3D"}],"group":"cf-nel","max_age":604800}
access-control-max-age
600
access-control-allow-credentials
true
cf-ray
6ed99cd58c029c0d-FRA
access-control-allow-headers
Content-Type, Set-Cookie, Cache-Control
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
fa-brands-400.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.4/webfonts/ 		75 KB
76 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.4/webfonts/fa-brands-400.woff2
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.4/css/all.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.16.18.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
23cc8f32949c8b6960b1a4ca216ccaff2db4b769f6565bef2ee1fa954e072029
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.4/css/all.min.css
Origin
https://nets4.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 23:47:15 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
2739755
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
76736
timing-allow-origin
*
last-modified
Mon, 13 Sep 2021 19:10:03 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"613fa20b-12bc0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=52aRaB%2FRaTSQeefGHJZbG7KtVK%2Bkv3iBDqp0v20RWEIWnnaNH3ZoeAN3LiIafVldYP6fdiT5BW36D%2BBNIqXFnhXKdE1D8Wy%2FbjlyHMgSHUhiX5w6aWjGHIcqCyepPIOprI8kv6xc"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6ed99cd58be5920d-FRA
expires
Tue, 07 Mar 2023 23:47:15 GMT
pica.js
nets4.com/cdn-cgi/challenge-platform/h/b/scripts/ 		22 KB
8 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://nets4.com/cdn-cgi/challenge-platform/h/b/scripts/pica.js
Requested by
Host: nets4.com
URL: https://nets4.com/domain/gdrfirm.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.7 Medellín, Colombia, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a1df2f41c62ee23a01cd0fc33c0394507d195df6f06231975348005abfa4c3df

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/domain/gdrfirm.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 23:47:15 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4KXt6An9Y%2B%2BdJXC55rMdyUDtZCqVe%2FPbGe0F596sv1Mi3AwXE8lILw%2Fy82Mmhlsjwj4RoFMhxrOSkxlIQo1vosdLe5nCFgCLJoKt296nDUmjOoP7lOknlcrb4Ws%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cache-control
max-age=604800, public
x-control-type-options
nosniff
cf-ray
6ed99cd61cc39c0d-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
550j6zn5gn
www.clarity.ms/tag/ 		680 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/tag/550j6zn5gn
Requested by
Host: nets4.com
URL: https://nets4.com/domain/gdrfirm.com
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
40.90.65.22 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
002e130324d00aa25aa20fa2d9a881033632b0c754970089429de9fccf99ceb3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 23:47:15 GMT
x-powered-by
ASP.NET
x-azure-ref
0g8gzYgAAAABwl+bqXEv5QJz2STgGApThRFVTMzBFREdFMDYxMQA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
x-cache
CONFIG_NOCACHE
content-type
application/x-javascript
expires
-1
cache-control
no-cache, no-store
request-context
appId=cid-v1:238681e8-7d6b-453a-acb6-7dcad74f3111
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=835144593&t=pageview&_s=1&dl=https%3A%2F%2Fnets4.com%2Fdomain%2Fgdrfirm.com&ul=en-us&de=UTF-8&dt=Gdrfirm%20domain%20statistics%20-%20Gdrfirm.com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=898637708&gjid=1700534209&cid=1003258889.1647560836&tid=UA-123511935-10&_gid=1118825824.1647560836&_r=1&_slc=1&z=1509190851
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.142 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f142.1e100.net
Software
Golfe2 /
Resource Hash
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://nets4.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 17 Mar 2022 23:47:15 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://nets4.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
clarity.js
d.clarity.ms/s/0.6.32/ 		53 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d.clarity.ms/s/0.6.32/clarity.js
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/tag/550j6zn5gn
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
40.76.174.66 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
3701cadc5fc84e8ad639f83a87e20d82575e3cc28d479d73a0e66e5230e71c65

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 23:47:15 GMT
content-encoding
br
etag
"1d8380e6acd1d90"
last-modified
Tue, 15 Mar 2022 01:45:58 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
application/javascript;charset=utf-8
cache-control
public,max-age=86400
accept-ranges
bytes
request-context
appId=cid-v1:238681e8-7d6b-453a-acb6-7dcad74f3111
6ed99cd07e429007
nets4.com/cdn-cgi/challenge-platform/h/b/cv/result/ 		2 B
668 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://nets4.com/cdn-cgi/challenge-platform/h/b/cv/result/6ed99cd07e429007
Requested by
Host: nets4.com
URL: https://nets4.com/cdn-cgi/challenge-platform/h/b/scripts/invisible.js?ts=1647558000
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.7 Medellín, Colombia, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
https://nets4.com/domain/gdrfirm.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 17 Mar 2022 23:47:15 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6ed99cd8c8449c0d-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WdW8cRmNDHHnD9L9nt7Nxp5ke5OgIF1JKflGh4NEdUjv1P%2B9MyKlum6zucZ6Tp8AjKuShNMmaVqA6cnCALthtM9XTUM1aaggNcffPQzBT9PAXCGSAUbkp7XGdxI%3D"}],"group":"cf-nel","max_age":604800}
/
api.purpleads.io/x/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.purpleads.io/x/?ts=1647560836105
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.94.45.13 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-94-45-13.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
authorization,content-type,x-purpleads-version,x-request-url
Origin
https://nets4.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Thu, 17 Mar 2022 23:47:16 GMT
access-control-allow-origin
https://nets4.com
access-control-allow-credentials
true
access-control-allow-methods
GET, PUT, POST, DELETE, HEAD, OPTIONS
access-control-allow-headers
authorization,content-type,x-purpleads-version,x-request-url
x-request-id
f969c94c-f843-4e22-afb1-9b8e97f6af56
/
api.purpleads.io/x/ 		4 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.purpleads.io/x/?ts=1647560836105
Requested by
Host: cdn.purpleads.io
URL: https://cdn.purpleads.io/load.js?publisherId=344ad2e45bc351c4ada152793585a015:8aed5d81ec539e8e6c45776fc6ee38d0aa92f5aeb356bf9114996f6476591916247996f56f76a9fe14770cd4806b54edb29d6938615ba1769d3b435fb1fcd83b
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.94.45.13 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-94-45-13.compute-1.amazonaws.com
Software
/
Resource Hash
efc1d175cc0e9cd59e2c920419df165549a34e9e9bbd1eb5b9002567f05c8444

Request headers

Accept-Language
de-DE,de;q=0.9
Authorization
Bearer 344ad2e45bc351c4ada152793585a015:8aed5d81ec539e8e6c45776fc6ee38d0aa92f5aeb356bf9114996f6476591916247996f56f76a9fe14770cd4806b54edb29d6938615ba1769d3b435fb1fcd83b
x-request-url
aHR0cHM6Ly9uZXRzNC5jb20vZG9tYWluL2dkcmZpcm0uY29t
Accept
application/json
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
application/json
x-purpleads-version
0.4.13

Response headers

date
Thu, 17 Mar 2022 23:47:16 GMT
content-encoding
gzip
etag
W/"117e-kvh2fZEajd+7qe7jEprOmZ+n464"
vary
Accept-Encoding
access-control-allow-methods
GET, PUT, POST, DELETE, HEAD, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://nets4.com
access-control-allow-credentials
true
x-request-id
80e81e8c-20a6-4212-82cc-dbadeb3d45a5
agent.js
cdn.purpleads.io/ 		35 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.purpleads.io/agent.js?publisherId=344ad2e45bc351c4ada152793585a015:8aed5d81ec539e8e6c45776fc6ee38d0aa92f5aeb356bf9114996f6476591916247996f56f76a9fe14770cd4806b54edb29d6938615ba1769d3b435fb1fcd83b
Requested by
Host: nets4.com
URL: https://nets4.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-54.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1d07bcab4c15f3ff3b56d0b5c9f44c3dd1c7266eb5788bfbc09f02822b07de0c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 09:36:56 GMT
content-encoding
gzip
last-modified
Tue, 15 Mar 2022 09:36:51 GMT
server
AmazonS3
age
51021
etag
"6b17cf687f43a8f73178a58f89d7d60e"
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 8b889e35789d2b97f2ba8771acc9a008.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P3
accept-ranges
bytes
content-length
10487
x-amz-cf-id
hRYMeHAFPMWB3kwvrYl9jwQRiCer5wmCuvdV6gsbzSmCRCpKSa3TRw==
sm.22.html
static.addtoany.com/menu/ Frame 88CD 		278 B
650 B 		Document
General
Check archive.org
Download Go to
Full URL
https://static.addtoany.com/menu/sm.22.html
Requested by
Host: nets4.com
URL: https://nets4.com/assets/js/sharebutton.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.71.197 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4fef239ebd936e96f316dee1aca599952e7adaaba26fab72b45328871855ac4b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/

Response headers

date
Thu, 17 Mar 2022 23:47:16 GMT
content-type
text/html; charset=utf-8
via
e3s
p3p
CP="ALL DSP COR CURa ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV INT"
last-modified
Tue, 28 Sep 2021 21:02:23 GMT
etag
W/"116-5cd1487afaaea"
cache-control
max-age=315360000, immutable
vary
Accept-Encoding
cf-cache-status
HIT
age
1501680
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
server
cloudflare
cf-ray
6ed99cd9fb309101-FRA
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
truncated
/ 		34 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1e85ec81b9800b4c443d39caca0d0926089a3ac201120db1ceb45b93789480b8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/gif
init
api.purpleads.io/x/ 		68 B
358 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.purpleads.io/x/init?ts=1647560836148
Requested by
Host: cdn.purpleads.io
URL: https://cdn.purpleads.io/agent.js?publisherId=344ad2e45bc351c4ada152793585a015:8aed5d81ec539e8e6c45776fc6ee38d0aa92f5aeb356bf9114996f6476591916247996f56f76a9fe14770cd4806b54edb29d6938615ba1769d3b435fb1fcd83b
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.94.45.13 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-94-45-13.compute-1.amazonaws.com
Software
/
Resource Hash
587259314084a04755f0dfb2d0f0e9f07bdf03a575352e366e308d2e19cfc70a

Request headers

Accept-Language
de-DE,de;q=0.9
Authorization
Bearer 344ad2e45bc351c4ada152793585a015:8aed5d81ec539e8e6c45776fc6ee38d0aa92f5aeb356bf9114996f6476591916247996f56f76a9fe14770cd4806b54edb29d6938615ba1769d3b435fb1fcd83b
x-request-url
aHR0cHM6Ly9uZXRzNC5jb20vZG9tYWluL2dkcmZpcm0uY29t
Accept
application/json
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
application/json
x-purpleads-version
2.0.31

Response headers

date
Thu, 17 Mar 2022 23:47:16 GMT
etag
W/"44-Pm5SJt3t2KI5gMvsRd3GV+dxT2U"
vary
Accept-Encoding
access-control-allow-methods
GET, PUT, POST, DELETE, HEAD, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://nets4.com
access-control-allow-credentials
true
content-length
68
x-request-id
4d2e5ee3-1cc2-4093-997c-4602e4600685
init
api.purpleads.io/x/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.purpleads.io/x/init?ts=1647560836148
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.94.45.13 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-94-45-13.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
authorization,content-type,x-purpleads-version,x-request-url
Origin
https://nets4.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Thu, 17 Mar 2022 23:47:16 GMT
access-control-allow-origin
https://nets4.com
access-control-allow-credentials
true
access-control-allow-methods
GET, PUT, POST, DELETE, HEAD, OPTIONS
access-control-allow-headers
authorization,content-type,x-purpleads-version,x-request-url
x-request-id
656de350-bb61-4e97-87fc-e90e3fc80f20
marker-icon.png
cdnjs.cloudflare.com/ajax/libs/leaflet/1.7.1/images/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdnjs.cloudflare.com/ajax/libs/leaflet/1.7.1/images/marker-icon.png
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/leaflet/1.7.1/leaflet.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.16.18.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
574c3a5cca85f4114085b6841596d62f00d7c892c7b03f28cbfa301deb1dc437
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cdnjs.cloudflare.com/ajax/libs/leaflet/1.7.1/leaflet.min.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 23:47:16 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
1518030
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1470
timing-allow-origin
*
last-modified
Thu, 03 Sep 2020 12:27:01 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5f50e115-5ba"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WldfwdrQHnn95c1aTAyLEhmPK1KaLUZV9%2FUJJ2N61lKVxKLyzS%2FzbKZNHkyFZ5dx2UpbVnu3jG1WgibqfC8Dpdj%2Ftc4X%2FdkSSpl3HCdhwj0NOA7zU050TypjCJRSc7BO6yiTim7e"}],"group":"cf-nel","max_age":604800}
content-type
image/png; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6ed99cda1e396993-FRA
expires
Tue, 07 Mar 2023 23:47:16 GMT
2.png
a.tile.openstreetmap.org/3/1/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.tile.openstreetmap.org/3/1/2.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
3b322c9030883acdb559f857024b4ef3ab7574712b635b6e3db135749e32e1fe
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 varnish
etag
"cb5643e63f3bc4f3e5c38d2017293c13"
age
274001
x-cache
HIT
x-cache-hits
24
content-length
8528
x-served-by
cache-hhn4050-HHN
server
Apache/2.4.41 (Ubuntu)
x-timer
S1647560836.218467,VS0,VE0
date
Thu, 17 Mar 2022 23:47:16 GMT
expect-ct
max-age=0
content-type
image/png
access-control-allow-origin
*
x-tilerender
nidhogg.openstreetmap.org
cache-control
max-age=277523, stale-while-revalidate=604800, stale-if-error=604800
accept-ranges
bytes
expires
Fri, 18 Mar 2022 00:45:58 GMT
2.png
b.tile.openstreetmap.org/3/2/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b.tile.openstreetmap.org/3/2/2.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
3c865f9ba19b80bbab61230ac6f099d6c605af2b21615415338a9bfa471c863a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 varnish
etag
"c7b1ee252c1accd2fea964a71de354de"
age
120782
x-cache
HIT
x-cache-hits
2
content-length
11092
x-served-by
cache-hhn4051-HHN
server
Apache/2.4.41 (Ubuntu)
x-timer
S1647560836.218029,VS0,VE0
date
Thu, 17 Mar 2022 23:47:16 GMT
expect-ct
max-age=0
content-type
image/png
access-control-allow-origin
*
x-tilerender
nidhogg.openstreetmap.org
cache-control
max-age=181862, stale-while-revalidate=604800, stale-if-error=604800
accept-ranges
bytes
expires
Fri, 11 Mar 2022 02:36:05 GMT
3.png
b.tile.openstreetmap.org/3/1/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b.tile.openstreetmap.org/3/1/3.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
516fadf20aefdc9565d38ff12fd35aa4262d20408dace2f5849cd191119496c0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 varnish
etag
"bc52a0f704ebee39a8cb5a58715363ce"
age
86776
x-cache
HIT
x-cache-hits
2
content-length
3910
x-served-by
cache-hhn4051-HHN
server
Apache/2.4.41 (Ubuntu)
x-timer
S1647560836.218124,VS0,VE0
date
Thu, 17 Mar 2022 23:47:16 GMT
expect-ct
max-age=0
content-type
image/png
access-control-allow-origin
*
x-tilerender
nidhogg.openstreetmap.org
cache-control
max-age=314314, stale-while-revalidate=604800, stale-if-error=604800
accept-ranges
bytes
expires
Sun, 20 Mar 2022 14:59:34 GMT
3.png
c.tile.openstreetmap.org/3/2/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.tile.openstreetmap.org/3/2/3.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
c6cd28b8f48cd9c890723dbd16c6847083e7c322af81fc3da91b9730ac576658
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 varnish
etag
"7c25652ac6639939d717ee7de6a8d342"
age
127359
x-cache
HIT
x-cache-hits
1797
content-length
5621
x-served-by
cache-hhn4029-HHN
server
Apache/2.4.41 (Ubuntu)
x-timer
S1647560836.218426,VS0,VE0
date
Thu, 17 Mar 2022 23:47:16 GMT
expect-ct
max-age=0
content-type
image/png
access-control-allow-origin
*
x-tilerender
nidhogg.openstreetmap.org
cache-control
max-age=42212, stale-while-revalidate=604800, stale-if-error=604800
accept-ranges
bytes
expires
Tue, 01 Mar 2022 13:29:14 GMT
2.png
c.tile.openstreetmap.org/3/0/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.tile.openstreetmap.org/3/0/2.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
dea6d9b977b06e1be6dbf3fc5118a1d8bfca410f14b6c4ad64ec07c057d4783c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 varnish
etag
"a97b0ae3a1c931b59d9503c0fb773d21"
age
273423
x-cache
HIT
x-cache-hits
88
content-length
4699
x-served-by
cache-hhn4029-HHN
server
Apache/2.4.41 (Ubuntu)
x-timer
S1647560836.218484,VS0,VE0
date
Thu, 17 Mar 2022 23:47:16 GMT
expect-ct
max-age=0
content-type
image/png
access-control-allow-origin
*
x-tilerender
odin.openstreetmap.org
cache-control
max-age=164739, stale-while-revalidate=604800, stale-if-error=604800
accept-ranges
bytes
expires
Wed, 09 Mar 2022 22:22:36 GMT
2.png
c.tile.openstreetmap.org/3/3/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.tile.openstreetmap.org/3/3/2.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
c87dc7d9c212984118785676c741a202f5cac746b7b003298a930ed56316e51f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 varnish
etag
"9a69d3f3c4dff9f5588aaa850c1c6140"
age
252942
x-cache
HIT
x-cache-hits
2949
content-length
4828
x-served-by
cache-hhn4029-HHN
server
Apache/2.4.41 (Ubuntu)
x-timer
S1647560836.218528,VS0,VE0
date
Thu, 17 Mar 2022 23:47:16 GMT
expect-ct
max-age=0
content-type
image/png
access-control-allow-origin
*
x-tilerender
odin.openstreetmap.org
cache-control
max-age=280368, stale-while-revalidate=604800, stale-if-error=604800
accept-ranges
bytes
expires
Fri, 18 Mar 2022 07:24:21 GMT
3.png
a.tile.openstreetmap.org/3/0/ 		249 B
422 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.tile.openstreetmap.org/3/0/3.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
6ad584690f7fa3e788ea1df9a6a567211be5d9d627908e9339e84e99efe70126
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 varnish
etag
"07a14efdf923d78dad7320032b8d412c"
age
245780
x-cache
HIT
x-cache-hits
18
content-length
249
x-served-by
cache-hhn4050-HHN
server
Apache/2.4.41 (Ubuntu)
x-timer
S1647560836.218617,VS0,VE0
date
Thu, 17 Mar 2022 23:47:16 GMT
expect-ct
max-age=0
content-type
image/png
access-control-allow-origin
*
x-tilerender
nidhogg.openstreetmap.org
cache-control
max-age=168048, stale-while-revalidate=604800, stale-if-error=604800
accept-ranges
bytes
expires
Thu, 10 Mar 2022 02:25:44 GMT
3.png
a.tile.openstreetmap.org/3/3/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.tile.openstreetmap.org/3/3/3.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
15f97543ff4d546609111ebf1c117bbe16c5fe852fa7e826204b74566e91a8f7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 varnish
etag
"c947e22ac6e5f0475ad3445622a32d51"
age
87739
x-cache
HIT
x-cache-hits
1616
content-length
4834
x-served-by
cache-hhn4050-HHN
server
Apache/2.4.41 (Ubuntu)
x-timer
S1647560836.218659,VS0,VE0
date
Thu, 17 Mar 2022 23:47:16 GMT
expect-ct
max-age=0
content-type
image/png
access-control-allow-origin
*
x-tilerender
nidhogg.openstreetmap.org
cache-control
max-age=314802, stale-while-revalidate=604800, stale-if-error=604800
accept-ranges
bytes
expires
Sun, 20 Mar 2022 14:51:39 GMT
marker-shadow.png
cdnjs.cloudflare.com/ajax/libs/leaflet/1.7.1/images/ 		618 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdnjs.cloudflare.com/ajax/libs/leaflet/1.7.1/images/marker-shadow.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.16.18.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
264f5c640339f042dd729062cfc04c17f8ea0f29882b538e3848ed8f10edb4da
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 23:47:16 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
1382086
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
622
timing-allow-origin
*
last-modified
Thu, 03 Sep 2020 12:27:01 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5f50e115-26a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0DUih0DaVI7ysEMdM3eMQO6SbfQ0i9jJTw63qvMekHJkfeb4bAQPUlwU0Vueioht36kcKjc3FGtRT5SCqRB5xtbYNUKkkGD49dhzbcFFaB0z5Fuv6l7HqdczSk4BucoYd9GkFoxT"}],"group":"cf-nel","max_age":604800}
content-type
image/png; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6ed99cda3e516993-FRA
expires
Tue, 07 Mar 2023 23:47:16 GMT
c.gif
c.clarity.ms/
Redirect Chain
  • https://c.clarity.ms/c.gif
  • https://c.bing.com/c.gif?CtsSyncId=E9979E27FF2C4F5BA843D6B33BF46C62&RedC=c.clarity.ms&MXFR=1671A1470D816A491742B02D09816438
  • https://c.clarity.ms/c.gif?CtsSyncId=E9979E27FF2C4F5BA843D6B33BF46C62&MUID=065D1B68752962CF0DAF0A0274426355
42 B
368 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.clarity.ms/c.gif?CtsSyncId=E9979E27FF2C4F5BA843D6B33BF46C62&MUID=065D1B68752962CF0DAF0A0274426355
Protocol
H2
Server
52.142.114.2 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 17 Mar 2022 23:47:16 GMT
last-modified
Mon, 28 Feb 2022 22:29:30 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
etag
"7c5ed6a6f22cd81:0"
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-type
image/gif
content-length
42

Redirect headers

pragma
no-cache
date
Thu, 17 Mar 2022 23:47:16 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 709412898A9C4CC4BB1A331CE3DA9770 Ref B: FRAEDGE1410 Ref C: 2022-03-17T23:47:16Z
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location
https://c.clarity.ms/c.gif?CtsSyncId=E9979E27FF2C4F5BA843D6B33BF46C62&MUID=065D1B68752962CF0DAF0A0274426355
cache-control
private, no-cache, proxy-revalidate, no-store
content-length
0
icons.29.svg.js
static.addtoany.com/menu/svg/ 		78 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.addtoany.com/menu/svg/icons.29.svg.js
Requested by
Host: nets4.com
URL: https://nets4.com/assets/js/sharebutton.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.22.71.197 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e30f848c353b8ab801c18d2109527cb32a27f145262dccb3cd4db9f309cc53bb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 23:47:16 GMT
via
e1s
x-content-type-options
nosniff
cf-cache-status
HIT
age
4465110
p3p
CP="ALL DSP COR CURa ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV INT"
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Mon, 31 Dec 2018 23:29:11 GMT
server
cloudflare
etag
W/"13937-57e59c7b88bd6"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript; charset=utf-8
vary
Accept-Encoding
cache-control
max-age=315360000, immutable
cf-ray
6ed99cda58759060-FRA
cf-bgj
minify
recaptcha__de.js
www.gstatic.com/recaptcha/releases/zLD1nfkNCJC1kEswSRdSyd-p/ 		360 KB
143 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/zLD1nfkNCJC1kEswSRdSyd-p/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f3.1e100.net
Software
sffe /
Resource Hash
b7aaea908b866c1619b9bf156a002c22b717a771bf22d9a2965151f9cf969670
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://nets4.com/
Origin
https://nets4.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 21:24:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
8560
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
145350
x-xss-protection
0
last-modified
Mon, 14 Mar 2022 04:02:07 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 17 Mar 2023 21:24:36 GMT
collect
d.clarity.ms/ 		0
65 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://d.clarity.ms/collect
Requested by
Host: d.clarity.ms
URL: https://d.clarity.ms/s/0.6.32/clarity.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
40.76.174.66 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://nets4.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin
https://nets4.com
date
Thu, 17 Mar 2022 23:47:15 GMT
access-control-allow-credentials
true
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
request-context
appId=cid-v1:238681e8-7d6b-453a-acb6-7dcad74f3111
rum
cloudflareinsights.com/cdn-cgi/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://cloudflareinsights.com/cdn-cgi/rum
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.47.230 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://nets4.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Thu, 17 Mar 2022 23:47:16 GMT
content-type
text/plain
access-control-allow-origin
https://nets4.com
access-control-allow-methods
POST,OPTIONS
access-control-allow-headers
Content-Type
access-control-max-age
86400
vary
Origin
access-control-allow-credentials
true
server
cloudflare
cf-ray
6ed99cdaaaf89265-FRA
x-frame-options
DENY
x-content-type-options
nosniff
content-encoding
gzip
rum
cloudflareinsights.com/cdn-cgi/ 		0
77 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cloudflareinsights.com/cdn-cgi/rum
Requested by
Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.47.230 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://nets4.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
content-type
application/json

Response headers

date
Thu, 17 Mar 2022 23:47:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cloudflare
x-frame-options
DENY
access-control-allow-methods
POST,OPTIONS
content-type
text/plain
access-control-allow-origin
https://nets4.com
access-control-max-age
86400
access-control-allow-credentials
true
cf-ray
6ed99cdabb2d9265-FRA
vary
Origin
/
api.purpleads.io/x/b/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.purpleads.io/x/b/?idx=0&pid=ba60b2a55c6c4b50862d426c4a919082&sizes=[[728,90],[468,60],[200,200],[320,100],[320,50],[300,100]]&slotid=2003b858-7376-4e56-a183-29be529d1a98&ts=1647560836366
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.94.45.13 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-94-45-13.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
authorization,content-type,x-purpleads-version,x-request-url
Origin
https://nets4.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Thu, 17 Mar 2022 23:47:16 GMT
access-control-allow-origin
https://nets4.com
access-control-allow-credentials
true
access-control-allow-methods
GET, PUT, POST, DELETE, HEAD, OPTIONS
access-control-allow-headers
authorization,content-type,x-purpleads-version,x-request-url
x-request-id
9fb8a6b8-e23c-471f-97a5-e9ea0a592fc0
/
api.purpleads.io/x/b/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.purpleads.io/x/b/?idx=1&pid=ba60b2a55c6c4b50862d426c4a919082&sizes=[[728,90],[468,60],[200,200],[320,100],[320,50],[300,100]]&slotid=78e8d9db-1b46-409e-a6d9-d3b797231c17&ts=1647560836367
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.94.45.13 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-94-45-13.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
authorization,content-type,x-purpleads-version,x-request-url
Origin
https://nets4.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Thu, 17 Mar 2022 23:47:16 GMT
access-control-allow-origin
https://nets4.com
access-control-allow-credentials
true
access-control-allow-methods
GET, PUT, POST, DELETE, HEAD, OPTIONS
access-control-allow-headers
authorization,content-type,x-purpleads-version,x-request-url
x-request-id
b29ebae5-6594-428f-861f-799645e586af
/
api.purpleads.io/x/b/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.purpleads.io/x/b/?idx=2&pid=ba60b2a55c6c4b50862d426c4a919082&sizes=[[728,90],[468,60],[200,200],[320,100],[320,50],[300,100]]&slotid=d2c284e1-2a53-4b2d-8338-a30e7e37c182&ts=1647560836367
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.94.45.13 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-94-45-13.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
authorization,content-type,x-purpleads-version,x-request-url
Origin
https://nets4.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Thu, 17 Mar 2022 23:47:16 GMT
access-control-allow-origin
https://nets4.com
access-control-allow-credentials
true
access-control-allow-methods
GET, PUT, POST, DELETE, HEAD, OPTIONS
access-control-allow-headers
authorization,content-type,x-purpleads-version,x-request-url
x-request-id
7db7ba88-fc2e-4cf7-99f6-ed902bcbe4f0
/
api.purpleads.io/x/b/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.purpleads.io/x/b/?idx=3&pid=ba60b2a55c6c4b50862d426c4a919082&sizes=[[728,90],[468,60],[200,200],[320,100],[320,50],[300,100]]&slotid=30cc30c9-d9cb-4774-a40c-196c4ed54b65&ts=1647560836368
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.94.45.13 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-94-45-13.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
authorization,content-type,x-purpleads-version,x-request-url
Origin
https://nets4.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Thu, 17 Mar 2022 23:47:16 GMT
access-control-allow-origin
https://nets4.com
access-control-allow-credentials
true
access-control-allow-methods
GET, PUT, POST, DELETE, HEAD, OPTIONS
access-control-allow-headers
authorization,content-type,x-purpleads-version,x-request-url
x-request-id
3ef973d7-ae6b-45ac-acdc-c1978695d16e
/
api.purpleads.io/x/b/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.purpleads.io/x/b/?idx=4&pid=ba60b2a55c6c4b50862d426c4a919082&sizes=[[160,600],[120,600],[200,200],[250,250]]&slotid=75aaa10c-5080-4be7-968b-12765b3a7c3d&ts=1647560836368
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.94.45.13 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-94-45-13.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
authorization,content-type,x-purpleads-version,x-request-url
Origin
https://nets4.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Thu, 17 Mar 2022 23:47:16 GMT
access-control-allow-origin
https://nets4.com
access-control-allow-credentials
true
access-control-allow-methods
GET, PUT, POST, DELETE, HEAD, OPTIONS
access-control-allow-headers
authorization,content-type,x-purpleads-version,x-request-url
x-request-id
f0d81942-5f58-4114-bad6-97ae03e38e58
/
api.purpleads.io/x/b/ 		9 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.purpleads.io/x/b/?idx=0&pid=ba60b2a55c6c4b50862d426c4a919082&sizes=[[728,90],[468,60],[200,200],[320,100],[320,50],[300,100]]&slotid=2003b858-7376-4e56-a183-29be529d1a98&ts=1647560836366
Requested by
Host: cdn.purpleads.io
URL: https://cdn.purpleads.io/agent.js?publisherId=344ad2e45bc351c4ada152793585a015:8aed5d81ec539e8e6c45776fc6ee38d0aa92f5aeb356bf9114996f6476591916247996f56f76a9fe14770cd4806b54edb29d6938615ba1769d3b435fb1fcd83b
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.94.45.13 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-94-45-13.compute-1.amazonaws.com
Software
/
Resource Hash
2af494599a7add04b0a028eda1b1638bc100ab53c37722b5d543b804d3dc6af0

Request headers

Accept-Language
de-DE,de;q=0.9
Authorization
Bearer 344ad2e45bc351c4ada152793585a015:8aed5d81ec539e8e6c45776fc6ee38d0aa92f5aeb356bf9114996f6476591916247996f56f76a9fe14770cd4806b54edb29d6938615ba1769d3b435fb1fcd83b
x-request-url
aHR0cHM6Ly9uZXRzNC5jb20vZG9tYWluL2dkcmZpcm0uY29t
Accept
application/json
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
application/json
x-purpleads-version
2.0.31

Response headers

date
Thu, 17 Mar 2022 23:47:16 GMT
content-encoding
gzip
etag
W/"2295-wXOtzE1jAGtLTlrrFj8zeA7EgyI"
vary
Accept-Encoding
access-control-allow-methods
GET, PUT, POST, DELETE, HEAD, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://nets4.com
access-control-allow-credentials
true
x-request-id
17f84c32-aaa1-4f9c-9b0f-8619f64ed80e
/
api.purpleads.io/x/b/ 		9 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.purpleads.io/x/b/?idx=1&pid=ba60b2a55c6c4b50862d426c4a919082&sizes=[[728,90],[468,60],[200,200],[320,100],[320,50],[300,100]]&slotid=78e8d9db-1b46-409e-a6d9-d3b797231c17&ts=1647560836367
Requested by
Host: cdn.purpleads.io
URL: https://cdn.purpleads.io/agent.js?publisherId=344ad2e45bc351c4ada152793585a015:8aed5d81ec539e8e6c45776fc6ee38d0aa92f5aeb356bf9114996f6476591916247996f56f76a9fe14770cd4806b54edb29d6938615ba1769d3b435fb1fcd83b
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.94.45.13 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-94-45-13.compute-1.amazonaws.com
Software
/
Resource Hash
fa1b008b1dd2d79071ba901605ab896b6c2ff94364fa1a63da08f2ac6ce78c76

Request headers

Accept-Language
de-DE,de;q=0.9
Authorization
Bearer 344ad2e45bc351c4ada152793585a015:8aed5d81ec539e8e6c45776fc6ee38d0aa92f5aeb356bf9114996f6476591916247996f56f76a9fe14770cd4806b54edb29d6938615ba1769d3b435fb1fcd83b
x-request-url
aHR0cHM6Ly9uZXRzNC5jb20vZG9tYWluL2dkcmZpcm0uY29t
Accept
application/json
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
application/json
x-purpleads-version
2.0.31

Response headers

date
Thu, 17 Mar 2022 23:47:16 GMT
content-encoding
gzip
etag
W/"232d-vXvgwomwpqmQYGxMeOyg+ssaBq0"
vary
Accept-Encoding
access-control-allow-methods
GET, PUT, POST, DELETE, HEAD, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://nets4.com
access-control-allow-credentials
true
x-request-id
8a4055a3-1e71-489d-8a70-039e10d63e77
/
api.purpleads.io/x/b/ 		21 KB
4 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.purpleads.io/x/b/?idx=2&pid=ba60b2a55c6c4b50862d426c4a919082&sizes=[[728,90],[468,60],[200,200],[320,100],[320,50],[300,100]]&slotid=d2c284e1-2a53-4b2d-8338-a30e7e37c182&ts=1647560836367
Requested by
Host: cdn.purpleads.io
URL: https://cdn.purpleads.io/agent.js?publisherId=344ad2e45bc351c4ada152793585a015:8aed5d81ec539e8e6c45776fc6ee38d0aa92f5aeb356bf9114996f6476591916247996f56f76a9fe14770cd4806b54edb29d6938615ba1769d3b435fb1fcd83b
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.94.45.13 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-94-45-13.compute-1.amazonaws.com
Software
/
Resource Hash
69f6a4be31408bc6704d769c75693ab42eaa1922546e3f1f07d6971efdecc474

Request headers

Accept-Language
de-DE,de;q=0.9
Authorization
Bearer 344ad2e45bc351c4ada152793585a015:8aed5d81ec539e8e6c45776fc6ee38d0aa92f5aeb356bf9114996f6476591916247996f56f76a9fe14770cd4806b54edb29d6938615ba1769d3b435fb1fcd83b
x-request-url
aHR0cHM6Ly9uZXRzNC5jb20vZG9tYWluL2dkcmZpcm0uY29t
Accept
application/json
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
application/json
x-purpleads-version
2.0.31

Response headers

date
Thu, 17 Mar 2022 23:47:16 GMT
content-encoding
gzip
etag
W/"52ed-RSFQ6u53JErjJjECCQyCJeTQXsU"
vary
Accept-Encoding
access-control-allow-methods
GET, PUT, POST, DELETE, HEAD, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://nets4.com
access-control-allow-credentials
true
x-request-id
78814c16-df2f-4fdc-ae5e-26a491254c04
/
api.purpleads.io/x/b/ 		9 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.purpleads.io/x/b/?idx=3&pid=ba60b2a55c6c4b50862d426c4a919082&sizes=[[728,90],[468,60],[200,200],[320,100],[320,50],[300,100]]&slotid=30cc30c9-d9cb-4774-a40c-196c4ed54b65&ts=1647560836368
Requested by
Host: cdn.purpleads.io
URL: https://cdn.purpleads.io/agent.js?publisherId=344ad2e45bc351c4ada152793585a015:8aed5d81ec539e8e6c45776fc6ee38d0aa92f5aeb356bf9114996f6476591916247996f56f76a9fe14770cd4806b54edb29d6938615ba1769d3b435fb1fcd83b
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.94.45.13 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-94-45-13.compute-1.amazonaws.com
Software
/
Resource Hash
6c7a62e2c53ecd978b0e1f540942745faf2e11ec92b18780fe8c2f30ac0d7c9b

Request headers

Accept-Language
de-DE,de;q=0.9
Authorization
Bearer 344ad2e45bc351c4ada152793585a015:8aed5d81ec539e8e6c45776fc6ee38d0aa92f5aeb356bf9114996f6476591916247996f56f76a9fe14770cd4806b54edb29d6938615ba1769d3b435fb1fcd83b
x-request-url
aHR0cHM6Ly9uZXRzNC5jb20vZG9tYWluL2dkcmZpcm0uY29t
Accept
application/json
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
application/json
x-purpleads-version
2.0.31

Response headers

date
Thu, 17 Mar 2022 23:47:16 GMT
content-encoding
gzip
etag
W/"2295-vZkycxjNGRCm5dJlo9zW9NfaFKo"
vary
Accept-Encoding
access-control-allow-methods
GET, PUT, POST, DELETE, HEAD, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://nets4.com
access-control-allow-credentials
true
x-request-id
fc99cb55-7dbd-47d0-8ab3-303c2b33085b
/
api.purpleads.io/x/b/ 		9 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.purpleads.io/x/b/?idx=4&pid=ba60b2a55c6c4b50862d426c4a919082&sizes=[[160,600],[120,600],[200,200],[250,250]]&slotid=75aaa10c-5080-4be7-968b-12765b3a7c3d&ts=1647560836368
Requested by
Host: cdn.purpleads.io
URL: https://cdn.purpleads.io/agent.js?publisherId=344ad2e45bc351c4ada152793585a015:8aed5d81ec539e8e6c45776fc6ee38d0aa92f5aeb356bf9114996f6476591916247996f56f76a9fe14770cd4806b54edb29d6938615ba1769d3b435fb1fcd83b
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.94.45.13 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-94-45-13.compute-1.amazonaws.com
Software
/
Resource Hash
657cfd7f13fedd954dd516332ed9b81549bb199e080146111811e2ca7ee2d566

Request headers

Accept-Language
de-DE,de;q=0.9
Authorization
Bearer 344ad2e45bc351c4ada152793585a015:8aed5d81ec539e8e6c45776fc6ee38d0aa92f5aeb356bf9114996f6476591916247996f56f76a9fe14770cd4806b54edb29d6938615ba1769d3b435fb1fcd83b
x-request-url
aHR0cHM6Ly9uZXRzNC5jb20vZG9tYWluL2dkcmZpcm0uY29t
Accept
application/json
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
application/json
x-purpleads-version
2.0.31

Response headers

date
Thu, 17 Mar 2022 23:47:16 GMT
content-encoding
gzip
etag
W/"2284-VziLXO64CWI2k/4OgYEpsCr27+0"
vary
Accept-Encoding
access-control-allow-methods
GET, PUT, POST, DELETE, HEAD, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://nets4.com
access-control-allow-credentials
true
x-request-id
14540ce4-8c2a-47b6-b388-2cfd7c663b92
anchor
www.google.com/recaptcha/api2/ Frame 4772 		42 KB
22 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdBUMUZAAAAAK9sWAfAA-Kd5C0Y4AGlWbDlHXpD&co=aHR0cHM6Ly9uZXRzNC5jb206NDQz&hl=de&v=zLD1nfkNCJC1kEswSRdSyd-p&size=normal&cb=61g14b41i3v0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/zLD1nfkNCJC1kEswSRdSyd-p/recaptcha__de.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.164 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f4.1e100.net
Software
GSE /
Resource Hash
8df2471e70ec25df07eec963b45c31d8da788e8695af2ef2ec9c6208d518c1c6
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-x7LB0hyuIZV0nIvMFzabDA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Thu, 17 Mar 2022 23:47:16 GMT
content-security-policy
script-src 'report-sample' 'nonce-x7LB0hyuIZV0nIvMFzabDA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
22543
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
styles__ltr.css
www.gstatic.com/recaptcha/releases/zLD1nfkNCJC1kEswSRdSyd-p/ Frame 4772 		51 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/zLD1nfkNCJC1kEswSRdSyd-p/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdBUMUZAAAAAK9sWAfAA-Kd5C0Y4AGlWbDlHXpD&co=aHR0cHM6Ly9uZXRzNC5jb206NDQz&hl=de&v=zLD1nfkNCJC1kEswSRdSyd-p&size=normal&cb=61g14b41i3v0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f3.1e100.net
Software
sffe /
Resource Hash
f6d032132eed5aa1a417456f07864c51fe631858b190224cf7d1a50116d15f48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 14 Mar 2022 16:09:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
286696
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24237
x-xss-protection
0
last-modified
Mon, 14 Mar 2022 04:02:07 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 14 Mar 2023 16:09:00 GMT
recaptcha__de.js
www.gstatic.com/recaptcha/releases/zLD1nfkNCJC1kEswSRdSyd-p/ Frame 4772 		360 KB
142 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/zLD1nfkNCJC1kEswSRdSyd-p/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdBUMUZAAAAAK9sWAfAA-Kd5C0Y4AGlWbDlHXpD&co=aHR0cHM6Ly9uZXRzNC5jb206NDQz&hl=de&v=zLD1nfkNCJC1kEswSRdSyd-p&size=normal&cb=61g14b41i3v0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f3.1e100.net
Software
sffe /
Resource Hash
b7aaea908b866c1619b9bf156a002c22b717a771bf22d9a2965151f9cf969670
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 21:24:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
8560
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
145350
x-xss-protection
0
last-modified
Mon, 14 Mar 2022 04:02:07 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 17 Mar 2023 21:24:36 GMT
webworker.js
www.google.com/recaptcha/api2/ Frame 4772 		102 B
134 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=zLD1nfkNCJC1kEswSRdSyd-p
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdBUMUZAAAAAK9sWAfAA-Kd5C0Y4AGlWbDlHXpD&co=aHR0cHM6Ly9uZXRzNC5jb206NDQz&hl=de&v=zLD1nfkNCJC1kEswSRdSyd-p&size=normal&cb=61g14b41i3v0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.164 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f4.1e100.net
Software
GSE /
Resource Hash
5061cb0765c3ab9721b8e26bdfaba5819a1f14b27fc3d93b2809a1c83056277f
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdBUMUZAAAAAK9sWAfAA-Kd5C0Y4AGlWbDlHXpD&co=aHR0cHM6Ly9uZXRzNC5jb206NDQz&hl=de&v=zLD1nfkNCJC1kEswSRdSyd-p&size=normal&cb=61g14b41i3v0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 23:47:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
cross-origin-embedder-policy
require-corp
x-frame-options
SAMEORIGIN
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
content-security-policy
frame-ancestors 'self'
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
112
x-xss-protection
1; mode=block
expires
Thu, 17 Mar 2022 23:47:16 GMT
bframe
www.google.com/recaptcha/api2/ Frame FCB7 		7 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/bframe?hl=de&v=zLD1nfkNCJC1kEswSRdSyd-p&k=6LdBUMUZAAAAAK9sWAfAA-Kd5C0Y4AGlWbDlHXpD
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/zLD1nfkNCJC1kEswSRdSyd-p/recaptcha__de.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.164 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f4.1e100.net
Software
GSE /
Resource Hash
8b307a25384952e1557d5a2c4cc136a70fac0115abfb74977aa1c166d3098b56
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-NatpwOu6bupovi6CKqUCrA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Thu, 17 Mar 2022 23:47:16 GMT
content-security-policy
script-src 'report-sample' 'nonce-NatpwOu6bupovi6CKqUCrA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
1111
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame B05D 		82 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cdn.purpleads.io
URL: https://cdn.purpleads.io/agent.js?publisherId=344ad2e45bc351c4ada152793585a015:8aed5d81ec539e8e6c45776fc6ee38d0aa92f5aeb356bf9114996f6476591916247996f56f76a9fe14770cd4806b54edb29d6938615ba1769d3b435fb1fcd83b
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
sffe /
Resource Hash
ce7e29ddb0b537ab37acabdfd30146244d28719d58ac64cf584d779095db76cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 23:47:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27856
x-xss-protection
0
server
sffe
etag
"1161 / 420 of 1000 / last-modified: 1647554712"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 17 Mar 2022 23:47:16 GMT
styles__ltr.css
www.gstatic.com/recaptcha/releases/zLD1nfkNCJC1kEswSRdSyd-p/ Frame FCB7 		51 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/zLD1nfkNCJC1kEswSRdSyd-p/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=de&v=zLD1nfkNCJC1kEswSRdSyd-p&k=6LdBUMUZAAAAAK9sWAfAA-Kd5C0Y4AGlWbDlHXpD
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f3.1e100.net
Software
sffe /
Resource Hash
f6d032132eed5aa1a417456f07864c51fe631858b190224cf7d1a50116d15f48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 14 Mar 2022 16:09:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
286696
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24237
x-xss-protection
0
last-modified
Mon, 14 Mar 2022 04:02:07 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 14 Mar 2023 16:09:00 GMT
recaptcha__de.js
www.gstatic.com/recaptcha/releases/zLD1nfkNCJC1kEswSRdSyd-p/ Frame FCB7 		360 KB
142 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/zLD1nfkNCJC1kEswSRdSyd-p/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=de&v=zLD1nfkNCJC1kEswSRdSyd-p&k=6LdBUMUZAAAAAK9sWAfAA-Kd5C0Y4AGlWbDlHXpD
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f3.1e100.net
Software
sffe /
Resource Hash
b7aaea908b866c1619b9bf156a002c22b717a771bf22d9a2965151f9cf969670
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 21:24:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
8560
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
145350
x-xss-protection
0
last-modified
Mon, 14 Mar 2022 04:02:07 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 17 Mar 2023 21:24:36 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame A564 		82 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cdn.purpleads.io
URL: https://cdn.purpleads.io/agent.js?publisherId=344ad2e45bc351c4ada152793585a015:8aed5d81ec539e8e6c45776fc6ee38d0aa92f5aeb356bf9114996f6476591916247996f56f76a9fe14770cd4806b54edb29d6938615ba1769d3b435fb1fcd83b
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
sffe /
Resource Hash
ce7e29ddb0b537ab37acabdfd30146244d28719d58ac64cf584d779095db76cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 23:47:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27856
x-xss-protection
0
server
sffe
etag
"1161 / 331 of 1000 / last-modified: 1647554712"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 17 Mar 2022 23:47:16 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame 510D 		82 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cdn.purpleads.io
URL: https://cdn.purpleads.io/agent.js?publisherId=344ad2e45bc351c4ada152793585a015:8aed5d81ec539e8e6c45776fc6ee38d0aa92f5aeb356bf9114996f6476591916247996f56f76a9fe14770cd4806b54edb29d6938615ba1769d3b435fb1fcd83b
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
sffe /
Resource Hash
be5ea5d0875e91d34fe8909fb7fa4462cc65a081d0af724a7f37dc8a11b6506e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 23:47:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27856
x-xss-protection
0
server
sffe
etag
"1161 / 850 of 1000 / last-modified: 1647554768"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 17 Mar 2022 23:47:16 GMT
pubads_impl_2022031401.js
securepubads.g.doubleclick.net/gpt/ Frame B05D 		364 KB
124 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031401.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
sffe /
Resource Hash
4d44b03d4e4d1df9a852bf35460f5584c94b37c52d08742682a1a03d20d2f6d1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 20:03:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
13426
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
126502
x-xss-protection
0
last-modified
Mon, 14 Mar 2022 08:34:56 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 17 Mar 2023 20:03:30 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame EB53 		82 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cdn.purpleads.io
URL: https://cdn.purpleads.io/agent.js?publisherId=344ad2e45bc351c4ada152793585a015:8aed5d81ec539e8e6c45776fc6ee38d0aa92f5aeb356bf9114996f6476591916247996f56f76a9fe14770cd4806b54edb29d6938615ba1769d3b435fb1fcd83b
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
sffe /
Resource Hash
ce7e29ddb0b537ab37acabdfd30146244d28719d58ac64cf584d779095db76cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 23:47:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27856
x-xss-protection
0
server
sffe
etag
"1161 / 604 of 1000 / last-modified: 1647554712"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 17 Mar 2022 23:47:16 GMT
pubads_impl_2022031401.js
securepubads.g.doubleclick.net/gpt/ Frame 510D 		364 KB
124 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031401.js?cb=31065672
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
sffe /
Resource Hash
4d44b03d4e4d1df9a852bf35460f5584c94b37c52d08742682a1a03d20d2f6d1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 21:53:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
6828
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
126502
x-xss-protection
0
last-modified
Mon, 14 Mar 2022 08:34:56 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 17 Mar 2023 21:53:28 GMT
integrator.js
adservice.google.de/adsid/ Frame B05D 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=nets4.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031401.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f2.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 17 Mar 2022 23:47:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame B05D 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=nets4.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031401.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 17 Mar 2022 23:47:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame B05D 		52 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4370410053760033&correlator=2023871980521844&eid=31063377%2C31064150%2C31061690%2C31063246&output=ldjh&gdfp_req=1&vrg=2022031401&ptt=17&impl=fif&iu_parts=22178702878%2Cpurpleapl%2Callsizesv2&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90%7C468x60%7C200x200%7C320x100%7C320x50%7C300x100&ifi=1&adks=4203880072&sfv=1-0-38&ecs=20220317&fsapi=false&eri=4&sc=1&cookie_enabled=1&abxe=1&dt=1647560836931&dlt=1647560836743&idt=164&biw=1600&bih=1200&isw=728&ish=90&adxs=294&adys=3872&oid=2&ucis=bl9f5gie616x&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&nhd=1&url=https%3A%2F%2Fnets4.com%2Fdomain%2Fgdrfirm.com&top=nets4.com&frm=23&vis=1&scr_x=0&scr_y=0&psz=728x0&msz=728x0&fws=256&ohw=0&ea=0&ga_vid=1003258889.1647560836&ga_sid=1647560837&ga_hid=1760348486&ga_fc=true&btvi=1&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031401.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
f7a33be62eabe69ec7d77aa91e512c1ef89ebc7c81db2aedb7ab6c9b64f8f58c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 23:47:17 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12016
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://nets4.com
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame B05D 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022031401&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031401.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
736178c7c449ff13e47d41342c7fc7374da9a7dc6f5c744b8cd9ef67ec4bd7a4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 17 Mar 2022 23:47:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10512
x-xss-protection
0
container.html
15d2721b4356df5d408ddc6afff95263.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 3FCC 		6 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://15d2721b4356df5d408ddc6afff95263.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031401.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f129.1e100.net
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Thu, 17 Mar 2022 23:47:16 GMT
expires
Fri, 17 Mar 2023 23:47:16 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
pubads_impl_2022031401.js
securepubads.g.doubleclick.net/gpt/ Frame A564 		364 KB
124 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031401.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
sffe /
Resource Hash
4d44b03d4e4d1df9a852bf35460f5584c94b37c52d08742682a1a03d20d2f6d1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 20:03:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
13426
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
126502
x-xss-protection
0
last-modified
Mon, 14 Mar 2022 08:34:56 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 17 Mar 2023 20:03:30 GMT
pubads_impl_2022031401.js
securepubads.g.doubleclick.net/gpt/ Frame EB53 		364 KB
124 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031401.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
sffe /
Resource Hash
4d44b03d4e4d1df9a852bf35460f5584c94b37c52d08742682a1a03d20d2f6d1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 20:03:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
13426
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
126502
x-xss-protection
0
last-modified
Mon, 14 Mar 2022 08:34:56 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 17 Mar 2023 20:03:30 GMT
integrator.js
adservice.google.de/adsid/ Frame 510D 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=nets4.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031401.js?cb=31065672
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 17 Mar 2022 23:47:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 510D 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=nets4.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031401.js?cb=31065672
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 17 Mar 2022 23:47:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame 510D 		30 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2395145190883052&correlator=2078355446420423&eid=31065486%2C31065672%2C31065654&output=ldjh&gdfp_req=1&vrg=2022031401&ptt=17&impl=fif&iu_parts=21902364955%3A22652385948%2Ccm_pu_nets4.com_technology_and_computing_top%2Ccm_pu_nets4.com_technology_and_computing_btf_banner&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90%7C468x60%7C200x200%7C320x100%7C320x50%7C300x100&ifi=1&adks=1944610241&sfv=1-0-38&ecs=20220317&fsapi=false&eri=4&sc=1&cookie_enabled=1&abxe=1&dt=1647560836985&dlt=1647560836829&idt=135&biw=1600&bih=1200&isw=728&ish=90&adxs=294&adys=1350&oid=2&ucis=xf0u5fi0sl4o&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&nhd=1&url=https%3A%2F%2Fnets4.com%2Fdomain%2Fgdrfirm.com&top=nets4.com&frm=23&vis=1&scr_x=0&scr_y=0&psz=728x0&msz=728x0&fws=256&ohw=0&ea=0&ga_vid=1003258889.1647560836&ga_sid=1647560837&ga_hid=1774864477&ga_fc=true&btvi=1&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031401.js?cb=31065672
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
5e46c9a24b258179a1e2657d5257afe29044965606d2deb0e6d5435fac23c804
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 23:47:17 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10363
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://nets4.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 510D 		14 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022031401&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031401.js?cb=31065672
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
69c052d48c498c3fb25533d8e3d16e8852b0959d705eb6219e6174ac12f665f7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 17 Mar 2022 23:47:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10669
x-xss-protection
0
container.html
1e7d6532cd7194601f9fb13674778223.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame E264 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://1e7d6532cd7194601f9fb13674778223.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031401.js?cb=31065672
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f129.1e100.net
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Thu, 17 Mar 2022 23:47:17 GMT
expires
Fri, 17 Mar 2023 23:47:17 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
sodar2.js
tpc.googlesyndication.com/sodar/ Frame B05D 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031401.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f1.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 23:47:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 17 Mar 2022 23:47:17 GMT
aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0xMC8xMDE5MjQvNzg5MWI1MzA3M2Q2OGUyO...
s-img.mgid.com/g/11533297/492x277/-/ Frame 77D2 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/11533297/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0xMC8xMDE5MjQvNzg5MWI1MzA3M2Q2OGUyODAzMGY1M2FhMjViNzhhOTEuanBlZw.webp?v=1647560836-gKJyjsJo9Lpg4IW4n_YaqmZecteQ-hV__VfWoCOGnGY
Requested by
Host: nets4.com
URL: https://nets4.com/domain/gdrfirm.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a747c61c2762926db3f5fb6b9018e2da640cad4f7bbb89aab50ec1632c9aeb78

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 23:47:17 GMT
cf-cache-status
HIT
last-modified
Wed, 01 Dec 2021 12:24:55 GMT
x-mg-request-uuid
ca44655a-28f0-462a-a0ad-792ffe3ae3d6
age
4445733
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6ed99cdf8fd9927d-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
11970
server
cloudflare
i
api.purpleads.io/x/a/a435bf646a132064a2f0a49a55295484:ddc59cd7f1ab1f3b4a76d356fe9768afc4cc4ca55b5af63f9b8306c2615ca5b0226aa46c64bbb9a32b6e9a73a6d1795517e9d856ba07099886a4198223ea51e406f49b5b52020b6... Frame 77D2 		0
199 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://api.purpleads.io/x/a/a435bf646a132064a2f0a49a55295484:ddc59cd7f1ab1f3b4a76d356fe9768afc4cc4ca55b5af63f9b8306c2615ca5b0226aa46c64bbb9a32b6e9a73a6d1795517e9d856ba07099886a4198223ea51e406f49b5b52020b6a466b79db3a9930524623dc746a4b1870f67284016097955913b5249ca80e8219fa292ea856475922c8f26b7c0c31570b2def74e951408356ec4566023b6497f2f85bb8b69590e781/i?id=78814c16-df2f-4fdc-ae5e-26a491254c04
Requested by
Host: nets4.com
URL: https://nets4.com/domain/gdrfirm.com
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.94.45.13 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-94-45-13.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin
api.purpleads.io
date
Thu, 17 Mar 2022 23:47:17 GMT
access-control-allow-methods
GET, PUT, POST, DELETE, HEAD, OPTIONS
access-control-allow-credentials
true
x-request-id
1b6ba8da-fd67-40aa-805d-0963401a7b8e
aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE6MSxjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8sd185NjAvaHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjEtMTAvMTAxOTI0Lzc4OTFiNTMwNzNkNjhlMjgwM...
s-img.mgid.com/g/11533297/328x328/-/ Frame 77D2
Redirect Chain
  • https://c.mgid.com/c?pv=2&v=0|0|0|5a-ANozBrvcw5IAqK6IFO4K9lHMIAFZuH-8rwRLxfh0uad16u1yDnBYxLOCzUKBY&cid=1221081&f=1&h2=L_VeimGmIyuuyKT7tZS8nfhiGb6CTwVO6xjKycj2N0E*&rid=93cd9879-a64c-11ec-9ac2-e4434b...
  • https://s-img.mgid.com/g/11533297/328x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE6MSxjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8sd185NjAvaHR0cDovL2ltZ2hvc3RzLmNvbS90L...
10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/11533297/328x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE6MSxjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8sd185NjAvaHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjEtMTAvMTAxOTI0Lzc4OTFiNTMwNzNkNjhlMjgwMzBmNTNhYTI1Yjc4YTkxLmpwZWc.webp?v=1647560836-1G7YwwTJ3WIvWP8QWtqVRPlgwzPIdXEyORELPfvX4qU
Requested by
Host: nets4.com
URL: https://nets4.com/domain/gdrfirm.com
Protocol
H3
Server
104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
855e67867dbe5c7aa77b3dcfd6f514853103c73a3d7c5e407456581d2a15fc0a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 23:47:17 GMT
cf-cache-status
HIT
last-modified
Wed, 01 Dec 2021 12:26:44 GMT
x-mg-request-uuid
a658a490-cb5b-40f4-9e5a-efcab377ab84
age
4462940
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6ed99ce06fe49076-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
10214
server
cloudflare

Redirect headers

pragma
no-cache
date
Thu, 17 Mar 2022 23:47:17 GMT
cf-cache-status
DYNAMIC
x-mg-request-uuid
dc3bd0f9-6f00-4714-b635-258f3f88bece
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
location
https://s-img.mgid.com/g/11533297/328x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE6MSxjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8sd185NjAvaHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjEtMTAvMTAxOTI0Lzc4OTFiNTMwNzNkNjhlMjgwMzBmNTNhYTI1Yjc4YTkxLmpwZWc.webp?v=1647560836-1G7YwwTJ3WIvWP8QWtqVRPlgwzPIdXEyORELPfvX4qU
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
6ed99cdf8c06920b-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
server
cloudflare
integrator.js
adservice.google.de/adsid/ Frame A564 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=nets4.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031401.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 17 Mar 2022 23:47:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame A564 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=nets4.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031401.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 17 Mar 2022 23:47:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame A564 		48 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2200086145419923&correlator=4501954619070756&eid=31065654&output=ldjh&gdfp_req=1&vrg=2022031401&ptt=17&impl=fif&iu_parts=22178702878%2Cpurpleapl%2Callsizesv2&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90%7C468x60%7C200x200%7C320x100%7C320x50%7C300x100&ifi=1&adks=4203880072&sfv=1-0-38&ecs=20220317&fsapi=false&eri=4&sc=1&cookie_enabled=1&abxe=1&dt=1647560837039&dlt=1647560836817&idt=216&biw=1600&bih=1200&isw=728&ish=90&adxs=294&adys=507&oid=2&ucis=8tjqgfa9uchh&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&nhd=1&url=https%3A%2F%2Fnets4.com%2Fdomain%2Fgdrfirm.com&top=nets4.com&frm=23&vis=1&scr_x=0&scr_y=0&psz=728x0&msz=728x0&fws=256&ohw=0&ea=0&ga_vid=1003258889.1647560836&ga_sid=1647560837&ga_hid=773611784&ga_fc=true&btvi=0&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031401.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
130ef9dad6ccde3945db1284bfb0917dc4123904a50b1d29f662ff366ff42c47
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 23:47:17 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12134
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://nets4.com
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame A564 		14 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022031401&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031401.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
e25d424553c86f8d4f17b9d8392b5913fb65b858197ea5c30508c3a3acb5d394
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 17 Mar 2022 23:47:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10561
x-xss-protection
0
container.html
6578c7cbbd643ec253570b8b21f7c149.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 7931 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://6578c7cbbd643ec253570b8b21f7c149.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031401.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f129.1e100.net
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Thu, 17 Mar 2022 23:47:17 GMT
expires
Fri, 17 Mar 2023 23:47:17 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
rum.js
securepubads.g.doubleclick.net/pagead/js/ Frame EB53 		61 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/js/rum.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031401.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
3b5565f9af82a9dcef28e4039f26a672bcb37c9b46432ee8f79901d520156f47
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 23:19:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1679
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23520
x-xss-protection
0
server
cafe
etag
15582504670963740417
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=3600
timing-allow-origin
*
expires
Fri, 18 Mar 2022 00:19:18 GMT
integrator.js
adservice.google.de/adsid/ Frame EB53 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=nets4.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031401.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 17 Mar 2022 23:47:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame EB53 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=nets4.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031401.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 17 Mar 2022 23:47:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame EB53 		56 KB
13 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2715648415418653&correlator=1678502371866874&eid=31064150%2C31061691%2C31061692&output=ldjh&gdfp_req=1&vrg=2022031401&ptt=17&impl=fif&iu_parts=22178702878%2Cpurpleapl%2Callsizesv2&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=160x600%7C120x600%7C200x200%7C250x250&ifi=1&adks=113378651&sfv=1-0-38&ecs=20220317&fsapi=false&eri=4&sc=1&cookie_enabled=1&abxe=1&dt=1647560837056&dlt=1647560836856&idt=192&biw=1600&bih=1200&isw=160&ish=600&adxs=1148&adys=1298&oid=2&ucis=ihfl3goa7p2h&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&nhd=1&url=https%3A%2F%2Fnets4.com%2Fdomain%2Fgdrfirm.com&top=nets4.com&rumc=2715648415418653&rume=1&frm=23&vis=1&scr_x=0&scr_y=0&psz=160x0&msz=160x0&fws=256&ohw=0&ea=0&ga_vid=1003258889.1647560836&ga_sid=1647560837&ga_hid=136369391&ga_fc=true&btvi=1&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031401.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
e56cacd4127c6cc1b7b3cec4f7c4dc2f00c7516ab134b891d5869a7b8f8e3c2a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 23:47:17 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13128
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://nets4.com
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame EB53 		14 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022031401&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031401.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
14b9f60776b750d6e9c56a249664e6ade986ce02e511da63f9df52cceccd6e18
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 17 Mar 2022 23:47:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10628
x-xss-protection
0
container.html
68e54b47a04210e958fb01baedc40a87.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame CD52 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://68e54b47a04210e958fb01baedc40a87.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031401.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f129.1e100.net
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Thu, 17 Mar 2022 23:47:17 GMT
expires
Fri, 17 Mar 2023 23:47:17 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 510D 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031401.js?cb=31065672
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f1.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 23:47:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 17 Mar 2022 23:47:17 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame A564 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031401.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f1.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 23:47:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 17 Mar 2022 23:47:17 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 066F 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f1.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length
5046
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Thu, 17 Mar 2022 22:21:06 GMT
expires
Fri, 17 Mar 2023 22:21:06 GMT
cache-control
public, max-age=31536000
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
content-type
text/html
age
5171
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame 5F5C 		783 B
534 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.164 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f4.1e100.net
Software
GSE /
Resource Hash
fcbcd40c79f2c9aa3fb843277da99901250576e1f0f62d656ff15bb37ddeefec
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-nEsRHSYE/HEvBKJvm9RVQg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires
Thu, 17 Mar 2022 23:47:17 GMT
date
Thu, 17 Mar 2022 23:47:17 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-nEsRHSYE/HEvBKJvm9RVQg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
512
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
gen_204
pagead2.googlesyndication.com/pagead/ Frame EB53 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_stats&su=nets4.com&doc=complete&pg_h=603&pg_w=161&pg_hs=603&c=0&aa_c=0&d=0&all_d=0&ard=0&all_ard=0&dt=d
Requested by
Host: nets4.com
URL: https://nets4.com/domain/gdrfirm.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 17 Mar 2022 23:47:17 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame EB53 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031401.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f1.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 23:47:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 17 Mar 2022 23:47:17 GMT
csi
csi.gstatic.com/ Frame EB53 		0
327 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&puid=1~l0vn6lzu&c=2715648415418653&e=31064150%2C31061691%2C31061692&ctx=1&met.9=1.2u~2.5c~9.0~3_1.5n~7_1.0&met.10=1_1.INQBEAAIABiAmHUoAA&met.1=1.l0vn6ltk~14.5~15.0~16.5~17.5~18.5~19.5~20.5~21.5~22.j~23.j&met.3=113.6b_1~112.6a_2
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/js/rum.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.31.3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
hkg12s38-in-f3.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 17 Mar 2022 23:47:17 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
w5W1EixFGUzWFgZOi1zWjT-g-ai_4t-KN23ava9eLxA.js
pagead2.googlesyndication.com/bg/ Frame 066F 		35 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/w5W1EixFGUzWFgZOi1zWjT-g-ai_4t-KN23ava9eLxA.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
sffe /
Resource Hash
c395b5122c45194cd616064e8b5cd68d3fa0f9a8bfe2df8a376ddabdaf5e2f10
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 20:42:48 GMT
content-encoding
br
x-content-type-options
nosniff
age
11069
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13798
x-xss-protection
0
last-modified
Mon, 14 Mar 2022 11:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 17 Mar 2023 20:42:48 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 5F5C 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022031401&jk=4370410053760033&rc=null
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 01F6 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f1.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length
5046
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Thu, 17 Mar 2022 22:21:06 GMT
expires
Fri, 17 Mar 2023 22:21:06 GMT
cache-control
public, max-age=31536000
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
content-type
text/html
age
5171
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame 71D7 		783 B
535 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.164 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f4.1e100.net
Software
GSE /
Resource Hash
df50938ddefef776a122e59861ac743a707c6731b18a6596df3f231b689cde45
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-Y9cinGY3M87tSCaYu4z3gQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires
Thu, 17 Mar 2022 23:47:17 GMT
date
Thu, 17 Mar 2022 23:47:17 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-Y9cinGY3M87tSCaYu4z3gQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
513
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
container.html
1e7d6532cd7194601f9fb13674778223.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame D5F2 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://1e7d6532cd7194601f9fb13674778223.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031401.js?cb=31065672
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f129.1e100.net
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Thu, 17 Mar 2022 23:47:17 GMT
expires
Fri, 17 Mar 2023 23:47:17 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
content-type
text/html
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
i
api.purpleads.io/x/a/5521fc5d14925270a9abf10bddbd55ea:3ea21308d9659f6530eb127bcb0e3a2a50de5dfad91652bdf87b2f6927fb76bcf192b60256bdcf94ba3f2f9407e80db1d0c28e6a2a682544c80e4d2789837b023ab7b7c7d05dddb... Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.purpleads.io/x/a/5521fc5d14925270a9abf10bddbd55ea:3ea21308d9659f6530eb127bcb0e3a2a50de5dfad91652bdf87b2f6927fb76bcf192b60256bdcf94ba3f2f9407e80db1d0c28e6a2a682544c80e4d2789837b023ab7b7c7d05dddba1298d6a752f36bc74de249af08495f23500f4248e17897b81f1a96abebe10e274fe38bc1ec07351fcfdb768c7d73752f322eaaad491ff4f55bfbbde14dc8ad4a52748955849012ec3e2b2c8d7958a18cf29830846d925505/i?id=8a4055a3-1e71-489d-8a70-039e10d63e77&ts=1647560837156
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.94.45.13 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-94-45-13.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
authorization,content-type,x-purpleads-version,x-request-url
Origin
https://nets4.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Thu, 17 Mar 2022 23:47:17 GMT
access-control-allow-origin
https://nets4.com
access-control-allow-credentials
true
access-control-allow-methods
GET, PUT, POST, DELETE, HEAD, OPTIONS
access-control-allow-headers
authorization,content-type,x-purpleads-version,x-request-url
x-request-id
60460413-7631-44eb-9ff7-dfe174ccf731
i
api.purpleads.io/x/a/5521fc5d14925270a9abf10bddbd55ea:3ea21308d9659f6530eb127bcb0e3a2a50de5dfad91652bdf87b2f6927fb76bcf192b60256bdcf94ba3f2f9407e80db1d0c28e6a2a682544c80e4d2789837b023ab7b7c7d05dddb... 		0
200 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.purpleads.io/x/a/5521fc5d14925270a9abf10bddbd55ea:3ea21308d9659f6530eb127bcb0e3a2a50de5dfad91652bdf87b2f6927fb76bcf192b60256bdcf94ba3f2f9407e80db1d0c28e6a2a682544c80e4d2789837b023ab7b7c7d05dddba1298d6a752f36bc74de249af08495f23500f4248e17897b81f1a96abebe10e274fe38bc1ec07351fcfdb768c7d73752f322eaaad491ff4f55bfbbde14dc8ad4a52748955849012ec3e2b2c8d7958a18cf29830846d925505/i?id=8a4055a3-1e71-489d-8a70-039e10d63e77&ts=1647560837156
Requested by
Host: cdn.purpleads.io
URL: https://cdn.purpleads.io/agent.js?publisherId=344ad2e45bc351c4ada152793585a015:8aed5d81ec539e8e6c45776fc6ee38d0aa92f5aeb356bf9114996f6476591916247996f56f76a9fe14770cd4806b54edb29d6938615ba1769d3b435fb1fcd83b
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.94.45.13 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-94-45-13.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Authorization
Bearer 344ad2e45bc351c4ada152793585a015:8aed5d81ec539e8e6c45776fc6ee38d0aa92f5aeb356bf9114996f6476591916247996f56f76a9fe14770cd4806b54edb29d6938615ba1769d3b435fb1fcd83b
x-request-url
aHR0cHM6Ly9uZXRzNC5jb20vZG9tYWluL2dkcmZpcm0uY29t
Accept
application/json
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
application/json
x-purpleads-version
2.0.31

Response headers

access-control-allow-origin
https://nets4.com
date
Thu, 17 Mar 2022 23:47:17 GMT
access-control-allow-methods
GET, PUT, POST, DELETE, HEAD, OPTIONS
access-control-allow-credentials
true
x-request-id
f3294fdb-85fb-4f4d-b943-2355775ab231
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 24FD 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f1.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length
5046
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Thu, 17 Mar 2022 22:21:06 GMT
expires
Fri, 17 Mar 2023 22:21:06 GMT
cache-control
public, max-age=31536000
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
content-type
text/html
age
5171
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame 5326 		783 B
534 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.164 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f4.1e100.net
Software
GSE /
Resource Hash
ca9d8502359d5141e4b26d68d65092f1f974f057cc4f194f1dc1ddaf507bb475
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-PIktU34+dC/4WubtxpKToQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires
Thu, 17 Mar 2022 23:47:17 GMT
date
Thu, 17 Mar 2022 23:47:17 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-PIktU34+dC/4WubtxpKToQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
512
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 73AC 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f1.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length
5046
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Thu, 17 Mar 2022 22:21:06 GMT
expires
Fri, 17 Mar 2023 22:21:06 GMT
cache-control
public, max-age=31536000
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
content-type
text/html
age
5171
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame F700 		783 B
537 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.164 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f4.1e100.net
Software
GSE /
Resource Hash
d023be4abb6819a1ea6b454234480dc80a563e7757a0e4c69b8ee2130cb982a2
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-uKphxBk2oqUF1kboWTjz5Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires
Thu, 17 Mar 2022 23:47:17 GMT
date
Thu, 17 Mar 2022 23:47:17 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-uKphxBk2oqUF1kboWTjz5Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
515
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
amp4ads-v0.mjs
cdn.ampproject.org/rtv/032203150226000/ Frame 0AC7 		222 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/032203150226000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031401.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f1.1e100.net
Software
sffe /
Resource Hash
68764844bd09e53056e82e9914dcec3d70f299560eeef679e2ce78b8e43230f4
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
181435
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
62074
x-xss-protection
0
server
sffe
date
Tue, 15 Mar 2022 21:23:22 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"485b59e91ebd1f0a"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 15 Mar 2023 21:23:22 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/032203150226000/v0/ Frame 0AC7 		16 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/032203150226000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031401.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f1.1e100.net
Software
sffe /
Resource Hash
aec5ee5147fdc283bcb601dc6231c234d9bec077d32756aef2a75eeedf78038f
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
181435
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5728
x-xss-protection
0
server
sffe
date
Tue, 15 Mar 2022 21:23:22 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"d91e62368f79b48d"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 15 Mar 2023 21:23:22 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/032203150226000/v0/ Frame 0AC7 		96 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/032203150226000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031401.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f1.1e100.net
Software
sffe /
Resource Hash
213738a8de7a1e55874dcbc92825c84599256579b64f60f19c2514e61844e6bb
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
181435
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29618
x-xss-protection
0
server
sffe
date
Tue, 15 Mar 2022 21:23:22 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"9a9baa9802fa29d2"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 15 Mar 2023 21:23:22 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/032203150226000/v0/ Frame 0AC7 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/032203150226000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031401.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f1.1e100.net
Software
sffe /
Resource Hash
2eb2a641ec9143273f4f5ba4f1526364fd4b1a040b628b4be54b77dbe362690f
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
181435
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1900
x-xss-protection
0
server
sffe
date
Tue, 15 Mar 2022 21:23:22 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"3393210d007db9ca"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 15 Mar 2023 21:23:22 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/032203150226000/v0/ Frame 0AC7 		42 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/032203150226000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031401.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f1.1e100.net
Software
sffe /
Resource Hash
0b43999f77e447254a78e068f55a6cc9075071b252277337b901e095e607e474
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
181435
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13669
x-xss-protection
0
server
sffe
date
Tue, 15 Mar 2022 21:23:22 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"565eca32a909292d"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 15 Mar 2023 21:23:22 GMT
css
fonts.googleapis.com/ Frame 0AC7 		6 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031401.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.202 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f10.1e100.net
Software
ESF /
Resource Hash
2cef3a9d0606aecfe2476867e61f76535b9bb5b8e9d31957cc9504cdd1e69396
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 17 Mar 2022 23:37:25 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Thu, 17 Mar 2022 23:47:17 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 17 Mar 2022 23:47:17 GMT
i
api.purpleads.io/x/a/28ea7a5174940c932ef0d938815efb1e:9326ffea74ea0f0528eab984261472df8fc9dabb41c36eaba0d775a018bf7a0eb949725611bcc0a7b0f6e83ffdb50a19f585c75ef02ca033de348076c55341abe777722e1c59d39... Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.purpleads.io/x/a/28ea7a5174940c932ef0d938815efb1e:9326ffea74ea0f0528eab984261472df8fc9dabb41c36eaba0d775a018bf7a0eb949725611bcc0a7b0f6e83ffdb50a19f585c75ef02ca033de348076c55341abe777722e1c59d39cfd1efd6f6c6b366675f4fd21efe4593f030287bbea96d218cd2b416944682f9fa21090d7564a5b84da0fc2347aa6a682d57ac2167c0f6d0eb5dc58229247d10e5246c7d76f2c1ac1/i?id=fc99cb55-7dbd-47d0-8ab3-303c2b33085b&ts=1647560837274
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.94.45.13 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-94-45-13.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
authorization,content-type,x-purpleads-version,x-request-url
Origin
https://nets4.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Thu, 17 Mar 2022 23:47:17 GMT
access-control-allow-origin
https://nets4.com
access-control-allow-credentials
true
access-control-allow-methods
GET, PUT, POST, DELETE, HEAD, OPTIONS
access-control-allow-headers
authorization,content-type,x-purpleads-version,x-request-url
x-request-id
e5cbb103-e1d6-452e-b6ca-7407d9328bab
en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 0AC7 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en.png
Requested by
Host: nets4.com
URL: https://nets4.com/domain/gdrfirm.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f1.1e100.net
Software
cafe /
Resource Hash
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 09:41:38 GMT
x-content-type-options
nosniff
server
cafe
age
50739
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag
14819457070020093239
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2502
x-xss-protection
0
expires
Fri, 18 Mar 2022 09:41:38 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 0AC7 		295 B
319 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: nets4.com
URL: https://nets4.com/domain/gdrfirm.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f1.1e100.net
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 09:53:05 GMT
x-content-type-options
nosniff
server
cafe
age
50052
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag
426692510519060060
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 18 Mar 2022 09:53:05 GMT
l
www.google.com/ads/measurement/ Frame 0AC7 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaT0-QMHFXG_13yuUUAHMwdk96rEndT9rHN0yuNH7hMaQ_kmEBkmL6IYA5VgkVuR_w6a5z5Y
Requested by
Host: nets4.com
URL: https://nets4.com/domain/gdrfirm.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.164 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f4.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers
adview
securepubads.g.doubleclick.net/pagead/ Frame 0AC7 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CWIsFhMgzYrqeO7eH7_UPge688AbI7oriaOSg3cqEEKb11pbPLxABILnb8yZglYKAgJgHoAH5rMq6AcgBCakCx4U_ZSefsj7gAgCoAwHIAwqqBPYBT9BXGSynZKiQJiK_keu3MI224smWKvvAe-H24VQWMd4GgWcj-aHquV7vp6lH-xxkvx3kCe-XbGGAOaGxesV6670a5uQNMo1TyyjvAw6GVhOAqoKwP8sJr_AtrEle5RbYMb2DnU8cm0CyNRu4-SFVs_O8QIzjyxxK0qQrOLy03mhyWjm5TZmFCZt1aSkXWu7EF2fOgsW0FbLn5qT69mq8zbMFwTRdlwpT5Stm-csVLFjJRUK9ChPBrPSEaFJGIyIOyvmleTIj5H3kAoDp8nX-QmBC_u3bZ0148kyfEpPtR7qdDikXsDNoS1LSe2nOdFpB_uNGMcx0wATy-azT8QPgBAGSBQQIBBgBkgUECAUYBKAGLoAH79K1xQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHBBDY4gLSCAkIiOGAEBABGB3yCBthZHgtc3Vic3luLTQ4MjM5Njk5ODUwODIxMzaACgPICwHYEw2IFAHQFQGAFwGyFx4KHAgAEhRwdWItNDkwMzQ1Mzk3NDc0NTUzMBiLuXc&sigh=5ylrAlVlpdc&uach_m=[UACH]&cid=CAQSLQCNIrLMg1giwdK8NY5SSnc59F5i5eou2jbLZROg19byYFOPYQNRSQ0jtJWE8BgB&template_id=484
Requested by
Host: nets4.com
URL: https://nets4.com/domain/gdrfirm.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers
i
api.purpleads.io/x/a/28ea7a5174940c932ef0d938815efb1e:9326ffea74ea0f0528eab984261472df8fc9dabb41c36eaba0d775a018bf7a0eb949725611bcc0a7b0f6e83ffdb50a19f585c75ef02ca033de348076c55341abe777722e1c59d39... 		0
199 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.purpleads.io/x/a/28ea7a5174940c932ef0d938815efb1e:9326ffea74ea0f0528eab984261472df8fc9dabb41c36eaba0d775a018bf7a0eb949725611bcc0a7b0f6e83ffdb50a19f585c75ef02ca033de348076c55341abe777722e1c59d39cfd1efd6f6c6b366675f4fd21efe4593f030287bbea96d218cd2b416944682f9fa21090d7564a5b84da0fc2347aa6a682d57ac2167c0f6d0eb5dc58229247d10e5246c7d76f2c1ac1/i?id=fc99cb55-7dbd-47d0-8ab3-303c2b33085b&ts=1647560837274
Requested by
Host: cdn.purpleads.io
URL: https://cdn.purpleads.io/agent.js?publisherId=344ad2e45bc351c4ada152793585a015:8aed5d81ec539e8e6c45776fc6ee38d0aa92f5aeb356bf9114996f6476591916247996f56f76a9fe14770cd4806b54edb29d6938615ba1769d3b435fb1fcd83b
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.94.45.13 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-94-45-13.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Authorization
Bearer 344ad2e45bc351c4ada152793585a015:8aed5d81ec539e8e6c45776fc6ee38d0aa92f5aeb356bf9114996f6476591916247996f56f76a9fe14770cd4806b54edb29d6938615ba1769d3b435fb1fcd83b
x-request-url
aHR0cHM6Ly9uZXRzNC5jb20vZG9tYWluL2dkcmZpcm0uY29t
Accept
application/json
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
application/json
x-purpleads-version
2.0.31

Response headers

access-control-allow-origin
https://nets4.com
date
Thu, 17 Mar 2022 23:47:17 GMT
access-control-allow-methods
GET, PUT, POST, DELETE, HEAD, OPTIONS
access-control-allow-credentials
true
x-request-id
c9ff8a4f-0d6a-4250-8984-e334d704afbd
adview
securepubads.g.doubleclick.net/pagead/ Frame BB0C 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=ChcDZhcgzYrGrAYqs9u8Pu6Sh8Azz2KuTXMm81LOiB8CNtwEQASAAYJWCgICYB4IBF2NhLXB1Yi01NDEzMzI5NTQ0MDQwOTQ3yAEJqQLtjfzbp6OyPuACAKgDAaoEwAJP0LRqCQ6tQESdzHargpXUdGBi0zuRMffh2frEpD0ibTLAeJGpWKNuosHQGM9p-do5TKOlnODlge_Af8s3jDw2Qzh-WL8Y47yn5QzGWBeOrhp0_C7wEZHDB1n9ru_Whax9WnzdbPAMTXxP1VZlaXPHyXdWsTf5DEmVG6oWxQRXv_v0gqJ947cPOnVpUpW4QwzPerltQvX1h-k_ikzctDv1eppqa0QJ1XI_tOcBZOPZiwnYagaAhg2w_a4FgN6uXLnKzuVZQcPDDiuIYDqBeIDwH3m65lAauE91xdseRct4jHihU05vNv-QiRk1XsEJMc1W8Cye5-S5_CUb0jzsu8XvSXef53Lb7PXBrhF6DDoiOyQ84VqKr575Kj1vZA09YtxgDsWzHk57paQTPgu3CGcP5M78dKUpZbdFcdr9YBsdguAEAYAGk53h3smo1OVVoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIBwiI4YAQEAGACgP6CwIIAYAMAdAVAYAXAbIXHAoaEhRwdWItNTQxMzMyOTU0NDA0MDk0NxjBjHQ&sigh=DiFcqiKhxDU&uach_m=[UACH]&cid=CAQSLgCNIrLMT50C00XANVbiVpjALbqil-6_cSdcVOMnKARd8HgQil8eUOJsgltX8q4YAQ
Requested by
Host: nets4.com
URL: https://nets4.com/domain/gdrfirm.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
/
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://1e7d6532cd7194601f9fb13674778223.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers
/
track.adform.net/adfscript/ Frame BB0C 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/adfscript/?bn=38516437;rtbwp=YjPIhQAAVbEH_ZYKAAhSOysg_DA06Xuf1YxNJQ;rtbdata=jMNqeDmYZHgIk9qdCCgtc9qvyE9AGVDLhDPwpeeSDH60KFzw_Ga9MgL3A9aIACnCkzVso3BR7Lo2kfoM_TuyM2JKPWuLIq4KTwRQbOu329qag0nNn_TStNUtcbwk_EEt1ze_K0M1yVMAlSmKr0WpCxzqDCQv8EFw3xnkH6EPWp0LH1JAjXHfvHLKO70OaRj3qX_8TG3jcqB_ppLmovDQxTBiUvPiwFaXzzfDXRik1uTyzrZ0YIaR6wvpS6diP-Uea0PWi1yik87JmznXDEs5eLSHwVdZtoIoJHDuC3BYyXOQ__shu12iERMmgpn_XCjFQeEimShqzcc1;nofp=1;click=https://adclick.g.doubleclick.net/aclk?sa=L&ai=CiGmUhcgzYrGrAYqs9u8Pu6Sh8Azz2KuTXMm81LOiB8CNtwEQASAAYJWCgICYB4IBF2NhLXB1Yi01NDEzMzI5NTQ0MDQwOTQ3yAEJqQLtjfzbp6OyPuACAKgDAaoEwwJP0LRqCQ6tQESdzHargpXUdGBi0zuRMffh2frEpD0ibTLAeJGpWKNuosHQGM9p-do5TKOlnODlge_Af8s3jDw2Qzh-WL8Y47yn5QzGWBeOrhp0_C7wEZHDB1n9ru_Whax9WnzdbPAMTXxP1VZlaXPHyXdWsTf5DEmVG6oWxQRXv_v0gqJ947cPOnVpUpW4QwzPerltQvX1h-k_ikzctDv1eppqa0QJ1XI_tOcBZOPZiwnYagaAhg2w_a4FgN6uXLnKzuVZQcPDDiuIYDqBeIDwH3m65lAauE91xdseRct4jHihU05vNv-QiRk1XsEJMc1W8Cye5-S5_CUb0jzsu8XvSXef53Lb7PXBrhF6DDoiOyQ84VqKr575Kj0tZiyv_2DfM0gMBOKpsAzpPh-9pW0h_HZGvrCBlRpbXcJi-bwgD2u1ZuAEAYAGk53h3smo1OVVoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIBwiI4YAQEAH6CwIIAYAMAdAVAYAXAQ&num=1&sig=AOD64_2q5YmPfFCKpCmp61BVuKha454Fgg&client=ca-pub-5413329544040947&adurl=
Requested by
Host: nets4.com
URL: https://nets4.com/domain/gdrfirm.com
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.235 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
59d49b7aa8f1df8a56b7d4620ae2f1a9c5d8341c2f63d0fa8b09c33b74f3a0a0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://1e7d6532cd7194601f9fb13674778223.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 17 Mar 2022 23:47:17 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
strict-transport-security
max-age=31536000; includeSubDomains
content-type
text/javascript; charset=utf-8
content-length
1829
expires
-1
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220316/r20110914/client/ Frame BB0C 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220316/r20110914/client/window_focus_fy2019.js
Requested by
Host: nets4.com
URL: https://nets4.com/domain/gdrfirm.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f1.1e100.net
Software
cafe /
Resource Hash
68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://1e7d6532cd7194601f9fb13674778223.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 23:39:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
448
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1233
x-xss-protection
0
server
cafe
etag
16517525077337815633
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 31 Mar 2022 23:39:49 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame BB0C 		117 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: nets4.com
URL: https://nets4.com/domain/gdrfirm.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
sffe /
Resource Hash
bc68a3e6e6f0074ff46c18beea2033fc4e8c6ee513dc0617758f45e2bdd8b88a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://1e7d6532cd7194601f9fb13674778223.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 23:47:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36344
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1647431472276194"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 17 Mar 2022 23:47:17 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220316/r20110914/client/ Frame BB0C 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220316/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: nets4.com
URL: https://nets4.com/domain/gdrfirm.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f1.1e100.net
Software
cafe /
Resource Hash
ecc2e585ea072abb205881f3aad6f36e92d556537e7100a8a128ddbc75edb436
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://1e7d6532cd7194601f9fb13674778223.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 23:38:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
517
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6407
x-xss-protection
0
server
cafe
etag
6055885685211612390
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 31 Mar 2022 23:38:40 GMT
l
www.google.com/ads/measurement/ Frame BB0C 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaT1vra0d0aehtj2Gyi9azJGT7SuKbC0DiRW9E761_eythtTv-cNQDdMI8e0_dkCT4OLFfgO
Requested by
Host: nets4.com
URL: https://nets4.com/domain/gdrfirm.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.164 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f4.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://1e7d6532cd7194601f9fb13674778223.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers
ext.js
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame BB0C 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js
Requested by
Host: nets4.com
URL: https://nets4.com/domain/gdrfirm.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f1.1e100.net
Software
sffe /
Resource Hash
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://1e7d6532cd7194601f9fb13674778223.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 07:28:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
58729
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7022
x-xss-protection
0
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 17 Mar 2023 07:28:28 GMT
collect
d.clarity.ms/ 		0
48 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://d.clarity.ms/collect
Requested by
Host: d.clarity.ms
URL: https://d.clarity.ms/s/0.6.32/clarity.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
40.76.174.66 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://nets4.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin
https://nets4.com
date
Thu, 17 Mar 2022 23:47:17 GMT
access-control-allow-credentials
true
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
request-context
appId=cid-v1:238681e8-7d6b-453a-acb6-7dcad74f3111
sodar
pagead2.googlesyndication.com/pagead/ Frame 71D7 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022031401&jk=2395145190883052&rc=null
Requested by
Host: nets4.com
URL: https://nets4.com/domain/gdrfirm.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers
w5W1EixFGUzWFgZOi1zWjT-g-ai_4t-KN23ava9eLxA.js
pagead2.googlesyndication.com/bg/ Frame 01F6 		35 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/w5W1EixFGUzWFgZOi1zWjT-g-ai_4t-KN23ava9eLxA.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
sffe /
Resource Hash
c395b5122c45194cd616064e8b5cd68d3fa0f9a8bfe2df8a376ddabdaf5e2f10
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 20:42:48 GMT
content-encoding
br
x-content-type-options
nosniff
age
11069
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13798
x-xss-protection
0
last-modified
Mon, 14 Mar 2022 11:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 17 Mar 2023 20:42:48 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 5326 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022031401&jk=2200086145419923&rc=null
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/pagead/ Frame F700 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022031401&jk=2715648415418653&rc=null
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012202142035000/ Frame FA0B 		220 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012202142035000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031401.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f1.1e100.net
Software
sffe /
Resource Hash
ed7385b2ca535f7f90bb14266ddd68d64393f41d1559cbb4af01ece4dd36b8fb
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
58792
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
61563
x-xss-protection
0
server
sffe
date
Thu, 17 Mar 2022 07:27:25 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"74cdf3878bfbef53"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Fri, 17 Mar 2023 07:27:25 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012202142035000/v0/ Frame FA0B 		16 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012202142035000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031401.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f1.1e100.net
Software
sffe /
Resource Hash
32b8fae56a7edbfe89e7f7fd22aa7df75546183f81660692c9cf03d3c8d914ba
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
58792
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5733
x-xss-protection
0
server
sffe
date
Thu, 17 Mar 2022 07:27:25 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"42a91727bcc93df1"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Fri, 17 Mar 2023 07:27:25 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012202142035000/v0/ Frame FA0B 		96 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012202142035000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031401.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f1.1e100.net
Software
sffe /
Resource Hash
1e02189b6990b38c43207a8c0c206a2fda1833e7b7401fa42af72671e62f43a5
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
58792
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29577
x-xss-protection
0
server
sffe
date
Thu, 17 Mar 2022 07:27:25 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"42f1ed997a28c2a2"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Fri, 17 Mar 2023 07:27:25 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012202142035000/v0/ Frame FA0B 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012202142035000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031401.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f1.1e100.net
Software
sffe /
Resource Hash
3110966fa73dac64901ac2cec67656155bb9717286b7b0da0544cdd8ae7c888d
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
58792
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1873
x-xss-protection
0
server
sffe
date
Thu, 17 Mar 2022 07:27:25 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"8e63b195883091b5"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Fri, 17 Mar 2023 07:27:25 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012202142035000/v0/ Frame FA0B 		42 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012202142035000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031401.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f1.1e100.net
Software
sffe /
Resource Hash
ac2a6bdf3640e1213ba9a0a900ea6864a0274b080ba3bcf05ff245bfabb5eba0
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
58792
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13633
x-xss-protection
0
server
sffe
date
Thu, 17 Mar 2022 07:27:25 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"d3c67c66f710e82a"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Fri, 17 Mar 2023 07:27:25 GMT
css
fonts.googleapis.com/ Frame FA0B 		8 KB
892 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031401.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.202 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f10.1e100.net
Software
ESF /
Resource Hash
1e046a89bb90f44dadb24f5fdfbe412b5f6d320b790f7317fad956b193234726
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 17 Mar 2022 22:04:23 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Thu, 17 Mar 2022 23:47:17 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 17 Mar 2022 23:47:17 GMT
en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame FA0B 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en.png
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031401.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f1.1e100.net
Software
cafe /
Resource Hash
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 09:41:38 GMT
x-content-type-options
nosniff
server
cafe
age
50739
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag
14819457070020093239
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2502
x-xss-protection
0
expires
Fri, 18 Mar 2022 09:41:38 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame FA0B 		295 B
319 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031401.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f1.1e100.net
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 09:53:05 GMT
x-content-type-options
nosniff
server
cafe
age
50052
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag
426692510519060060
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 18 Mar 2022 09:53:05 GMT
i
api.purpleads.io/x/a/cb87d51c659e20df6bcecaa663efc5e5:32320b82ed2eddea06e9d795bf89a22f13d22d05bf7a538ab24f3e388a8cde1edea40e14148f88ae075d919b8f7fddda76df3c741c6eb6994643483a49be5986155dbeac9703441... Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.purpleads.io/x/a/cb87d51c659e20df6bcecaa663efc5e5:32320b82ed2eddea06e9d795bf89a22f13d22d05bf7a538ab24f3e388a8cde1edea40e14148f88ae075d919b8f7fddda76df3c741c6eb6994643483a49be5986155dbeac970344119df7d426ee5c037261e8f39df382129a00326aa3a8b030d575fd6a872996c6c873becb637b147a3db0efe99aa8562e30fd1a3edba830d5851ba1fa17d4170269adf04999a0df44c4/i?id=14540ce4-8c2a-47b6-b388-2cfd7c663b92&ts=1647560837355
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.94.45.13 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-94-45-13.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
authorization,content-type,x-purpleads-version,x-request-url
Origin
https://nets4.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Thu, 17 Mar 2022 23:47:17 GMT
access-control-allow-origin
https://nets4.com
access-control-allow-credentials
true
access-control-allow-methods
GET, PUT, POST, DELETE, HEAD, OPTIONS
access-control-allow-headers
authorization,content-type,x-purpleads-version,x-request-url
x-request-id
6320d056-32c4-40aa-82d0-d8f16c84cc23
l
www.google.com/ads/measurement/ Frame FA0B 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQKM5hePt6H9R052hV5BUaECVJP_E0U7tLGpdy_bEJbsdFP3lYHLFjCTwP_UtxEp-GqNTgOVWBwCSdLJFnsNORxXmdVGA
Requested by
Host: nets4.com
URL: https://nets4.com/domain/gdrfirm.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.164 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f4.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers
adview
securepubads.g.doubleclick.net/pagead/ Frame FA0B 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CJ55thcgzYv_gBc-T7_UPrfKjmA2fqK-MaaDgiMfyD5PZldSqCRABILnb8yZglYKAgJgHoAHyypy4A8gBCakCx4U_ZSefsj7gAgCoAwHIAwqqBOIBT9BSiivBruqx5pAEnDBytZIH6byw4EBpCvNh7vaF_wWIhneHmdsJ0PI6mndNkW-hrbPvDT4pV5j_E8DIadpThrA7D_oKM7mi_YnkECxjUTLVGR1FP-3z16BuKbDHwSJqHsoBzH7YQrE76vQJrN9_vVo877IavTk24rnrw21W4AzTDKj1_ZR5inIvsx07eCQR2apnoinipkGcytHFyva_nuqyIJTAJSw1Su0EFy6tUacLo3lVuB0frYkVMIYATdTcBp2CY4FOfcqhKjasGxc_GpqP9wKRtXOiaCioXcG3ApiuFcAE04WQgfMD4AQBoAYugAf2tONHqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwQQlaUE0ggJCIjhgBAQARgd8ggbYWR4LXN1YnN5bi00ODIzOTY5OTg1MDgyMTM2gAoDyAsBuBOIJ9gTA4gUA9AVAZgWAYAXAbIXHgocCAASFHB1Yi00OTAzNDUzOTc0NzQ1NTMwGIu5dw&sigh=BfOn9DRXhuw&uach_m=[UACH]&template_id=5000
Requested by
Host: nets4.com
URL: https://nets4.com/domain/gdrfirm.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers
i
api.purpleads.io/x/a/cb87d51c659e20df6bcecaa663efc5e5:32320b82ed2eddea06e9d795bf89a22f13d22d05bf7a538ab24f3e388a8cde1edea40e14148f88ae075d919b8f7fddda76df3c741c6eb6994643483a49be5986155dbeac9703441... 		0
199 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.purpleads.io/x/a/cb87d51c659e20df6bcecaa663efc5e5:32320b82ed2eddea06e9d795bf89a22f13d22d05bf7a538ab24f3e388a8cde1edea40e14148f88ae075d919b8f7fddda76df3c741c6eb6994643483a49be5986155dbeac970344119df7d426ee5c037261e8f39df382129a00326aa3a8b030d575fd6a872996c6c873becb637b147a3db0efe99aa8562e30fd1a3edba830d5851ba1fa17d4170269adf04999a0df44c4/i?id=14540ce4-8c2a-47b6-b388-2cfd7c663b92&ts=1647560837355
Requested by
Host: cdn.purpleads.io
URL: https://cdn.purpleads.io/agent.js?publisherId=344ad2e45bc351c4ada152793585a015:8aed5d81ec539e8e6c45776fc6ee38d0aa92f5aeb356bf9114996f6476591916247996f56f76a9fe14770cd4806b54edb29d6938615ba1769d3b435fb1fcd83b
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.94.45.13 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-94-45-13.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Authorization
Bearer 344ad2e45bc351c4ada152793585a015:8aed5d81ec539e8e6c45776fc6ee38d0aa92f5aeb356bf9114996f6476591916247996f56f76a9fe14770cd4806b54edb29d6938615ba1769d3b435fb1fcd83b
x-request-url
aHR0cHM6Ly9uZXRzNC5jb20vZG9tYWluL2dkcmZpcm0uY29t
Accept
application/json
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
application/json
x-purpleads-version
2.0.31

Response headers

access-control-allow-origin
https://nets4.com
date
Thu, 17 Mar 2022 23:47:17 GMT
access-control-allow-methods
GET, PUT, POST, DELETE, HEAD, OPTIONS
access-control-allow-credentials
true
x-request-id
7f74646c-06c4-462a-8e85-2d19459bd452
downsize_200k_v1
tpc.googlesyndication.com/simgad/8981671011151806953/ Frame 0AC7 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/8981671011151806953/downsize_200k_v1?w=400&h=209
Requested by
Host: nets4.com
URL: https://nets4.com/domain/gdrfirm.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f1.1e100.net
Software
sffe /
Resource Hash
529a91132e134f7c9c20383bbc6a32621e827289d3f4d6797b42968fa0ba6db1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 14 Mar 2022 16:31:28 GMT
x-content-type-options
nosniff
age
285349
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11384
x-xss-protection
0
last-modified
Wed, 26 May 2021 05:03:56 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Tue, 14 Mar 2023 16:31:28 GMT
downsize_200k_v1
tpc.googlesyndication.com/simgad/7717981031005371476/ Frame 0AC7 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/7717981031005371476/downsize_200k_v1?w=100&h=100
Requested by
Host: nets4.com
URL: https://nets4.com/domain/gdrfirm.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f1.1e100.net
Software
sffe /
Resource Hash
e9dce55c3680655b291f228f6920d2d475a83f0d33dcd875e8ea0f641b37e935
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 15 Mar 2022 03:09:50 GMT
x-content-type-options
nosniff
age
247047
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1777
x-xss-protection
0
last-modified
Fri, 17 Sep 2021 05:06:34 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Wed, 15 Mar 2023 03:09:50 GMT
truncated
/ Frame 0AC7 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
62321eb5358cbf8b66eba26b56144c3eec1262ea6923d3e28b8ced86da0bcdb0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/png
KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ Frame 0AC7 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.131 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f3.1e100.net
Software
sffe /
Resource Hash
33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://nets4.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 16 Mar 2022 11:22:37 GMT
x-content-type-options
nosniff
age
131080
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15732
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:20 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 16 Mar 2023 11:22:37 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ Frame 0AC7 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.131 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f3.1e100.net
Software
sffe /
Resource Hash
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://nets4.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 15 Mar 2022 20:07:55 GMT
x-content-type-options
nosniff
age
185962
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15828
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:28 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 15 Mar 2023 20:07:55 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/ Frame 0AC7 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.131 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f3.1e100.net
Software
sffe /
Resource Hash
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://nets4.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 15 Mar 2022 18:59:49 GMT
x-content-type-options
nosniff
age
190048
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15688
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:19 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 15 Mar 2023 18:59:49 GMT
w5W1EixFGUzWFgZOi1zWjT-g-ai_4t-KN23ava9eLxA.js
pagead2.googlesyndication.com/bg/ Frame 24FD 		35 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/w5W1EixFGUzWFgZOi1zWjT-g-ai_4t-KN23ava9eLxA.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
sffe /
Resource Hash
c395b5122c45194cd616064e8b5cd68d3fa0f9a8bfe2df8a376ddabdaf5e2f10
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 20:42:48 GMT
content-encoding
br
x-content-type-options
nosniff
age
11069
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13798
x-xss-protection
0
last-modified
Mon, 14 Mar 2022 11:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 17 Mar 2023 20:42:48 GMT
w5W1EixFGUzWFgZOi1zWjT-g-ai_4t-KN23ava9eLxA.js
pagead2.googlesyndication.com/bg/ Frame 73AC 		35 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/w5W1EixFGUzWFgZOi1zWjT-g-ai_4t-KN23ava9eLxA.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
sffe /
Resource Hash
c395b5122c45194cd616064e8b5cd68d3fa0f9a8bfe2df8a376ddabdaf5e2f10
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 20:42:48 GMT
content-encoding
br
x-content-type-options
nosniff
age
11069
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13798
x-xss-protection
0
last-modified
Mon, 14 Mar 2022 11:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 17 Mar 2023 20:42:48 GMT
bootstrap.js
s1.adform.net/stoat/626/s1.adform.net/ Frame BB0C 		33 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Requested by
Host: track.adform.net
URL: https://track.adform.net/adfscript/?bn=38516437;rtbwp=YjPIhQAAVbEH_ZYKAAhSOysg_DA06Xuf1YxNJQ;rtbdata=jMNqeDmYZHgIk9qdCCgtc9qvyE9AGVDLhDPwpeeSDH60KFzw_Ga9MgL3A9aIACnCkzVso3BR7Lo2kfoM_TuyM2JKPWuLIq4KTwRQbOu329qag0nNn_TStNUtcbwk_EEt1ze_K0M1yVMAlSmKr0WpCxzqDCQv8EFw3xnkH6EPWp0LH1JAjXHfvHLKO70OaRj3qX_8TG3jcqB_ppLmovDQxTBiUvPiwFaXzzfDXRik1uTyzrZ0YIaR6wvpS6diP-Uea0PWi1yik87JmznXDEs5eLSHwVdZtoIoJHDuC3BYyXOQ__shu12iERMmgpn_XCjFQeEimShqzcc1;nofp=1;click=https://adclick.g.doubleclick.net/aclk?sa=L&ai=CiGmUhcgzYrGrAYqs9u8Pu6Sh8Azz2KuTXMm81LOiB8CNtwEQASAAYJWCgICYB4IBF2NhLXB1Yi01NDEzMzI5NTQ0MDQwOTQ3yAEJqQLtjfzbp6OyPuACAKgDAaoEwwJP0LRqCQ6tQESdzHargpXUdGBi0zuRMffh2frEpD0ibTLAeJGpWKNuosHQGM9p-do5TKOlnODlge_Af8s3jDw2Qzh-WL8Y47yn5QzGWBeOrhp0_C7wEZHDB1n9ru_Whax9WnzdbPAMTXxP1VZlaXPHyXdWsTf5DEmVG6oWxQRXv_v0gqJ947cPOnVpUpW4QwzPerltQvX1h-k_ikzctDv1eppqa0QJ1XI_tOcBZOPZiwnYagaAhg2w_a4FgN6uXLnKzuVZQcPDDiuIYDqBeIDwH3m65lAauE91xdseRct4jHihU05vNv-QiRk1XsEJMc1W8Cye5-S5_CUb0jzsu8XvSXef53Lb7PXBrhF6DDoiOyQ84VqKr575Kj0tZiyv_2DfM0gMBOKpsAzpPh-9pW0h_HZGvrCBlRpbXcJi-bwgD2u1ZuAEAYAGk53h3smo1OVVoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIBwiI4YAQEAH6CwIIAYAMAdAVAYAXAQ&num=1&sig=AOD64_2q5YmPfFCKpCmp61BVuKha454Fgg&client=ca-pub-5413329544040947&adurl=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.155 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-155.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
3d0bf782b47dcd079eedf6bb34ecb0742c114a4e4b90e37a58a412482101b475

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://1e7d6532cd7194601f9fb13674778223.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Thu, 17 Mar 2022 23:47:17 GMT
Content-Encoding
gzip
Last-Modified
Thu, 10 Feb 2022 15:16:56 GMT
Server
nginx
X-Cache-Status
HIT
Vary
Accept-Encoding
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=53461
Connection
keep-alive
Content-Length
16076
Expires
Fri, 18 Mar 2022 14:38:18 GMT
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012202142035000/ Frame 20F7 		220 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012202142035000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031401.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f1.1e100.net
Software
sffe /
Resource Hash
ed7385b2ca535f7f90bb14266ddd68d64393f41d1559cbb4af01ece4dd36b8fb
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
58792
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
61563
x-xss-protection
0
server
sffe
date
Thu, 17 Mar 2022 07:27:25 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"74cdf3878bfbef53"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Fri, 17 Mar 2023 07:27:25 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012202142035000/v0/ Frame 20F7 		16 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012202142035000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031401.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f1.1e100.net
Software
sffe /
Resource Hash
32b8fae56a7edbfe89e7f7fd22aa7df75546183f81660692c9cf03d3c8d914ba
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
58792
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5733
x-xss-protection
0
server
sffe
date
Thu, 17 Mar 2022 07:27:25 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"42a91727bcc93df1"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Fri, 17 Mar 2023 07:27:25 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012202142035000/v0/ Frame 20F7 		96 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012202142035000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031401.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f1.1e100.net
Software
sffe /
Resource Hash
1e02189b6990b38c43207a8c0c206a2fda1833e7b7401fa42af72671e62f43a5
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
58792
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29577
x-xss-protection
0
server
sffe
date
Thu, 17 Mar 2022 07:27:25 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"42f1ed997a28c2a2"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Fri, 17 Mar 2023 07:27:25 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012202142035000/v0/ Frame 20F7 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012202142035000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031401.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f1.1e100.net
Software
sffe /
Resource Hash
3110966fa73dac64901ac2cec67656155bb9717286b7b0da0544cdd8ae7c888d
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
58792
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1873
x-xss-protection
0
server
sffe
date
Thu, 17 Mar 2022 07:27:25 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"8e63b195883091b5"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Fri, 17 Mar 2023 07:27:25 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012202142035000/v0/ Frame 20F7 		42 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012202142035000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031401.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f1.1e100.net
Software
sffe /
Resource Hash
ac2a6bdf3640e1213ba9a0a900ea6864a0274b080ba3bcf05ff245bfabb5eba0
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
58792
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13633
x-xss-protection
0
server
sffe
date
Thu, 17 Mar 2022 07:27:25 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"d3c67c66f710e82a"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Fri, 17 Mar 2023 07:27:25 GMT
css
fonts.googleapis.com/ Frame 20F7 		8 KB
892 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031401.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.202 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f10.1e100.net
Software
ESF /
Resource Hash
1e046a89bb90f44dadb24f5fdfbe412b5f6d320b790f7317fad956b193234726
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 17 Mar 2022 22:39:02 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Thu, 17 Mar 2022 23:47:17 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 17 Mar 2022 23:47:17 GMT
en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 20F7 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en.png
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031401.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f1.1e100.net
Software
cafe /
Resource Hash
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 09:41:38 GMT
x-content-type-options
nosniff
server
cafe
age
50739
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag
14819457070020093239
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2502
x-xss-protection
0
expires
Fri, 18 Mar 2022 09:41:38 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 20F7 		295 B
319 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031401.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f1.1e100.net
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 09:53:05 GMT
x-content-type-options
nosniff
server
cafe
age
50052
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag
426692510519060060
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 18 Mar 2022 09:53:05 GMT
l
www.google.com/ads/measurement/ Frame 20F7 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRu3WizAXd3woXQBfseHZYUYh4EhuYH3Zwr2YpsL4ZTcpzJExoYfasJ39W4sMrRijJMIdxAa3U4DHOgfMdLF6I3uw_eKQ
Requested by
Host: nets4.com
URL: https://nets4.com/domain/gdrfirm.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.164 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f4.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers
i
api.purpleads.io/x/a/7da2c4e1df5fab41badd6cc970df4455:e05b94549f572f7ecd6ea21f682f9c91f67cfc0648103a7a96611080317f3a540796e3d75cc6d6a7112bff5050e5ee650b9dd12cfe978deccda645d6842f16244d997d4ac57d2fa... 		0
199 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.purpleads.io/x/a/7da2c4e1df5fab41badd6cc970df4455:e05b94549f572f7ecd6ea21f682f9c91f67cfc0648103a7a96611080317f3a540796e3d75cc6d6a7112bff5050e5ee650b9dd12cfe978deccda645d6842f16244d997d4ac57d2fa1127e5d7170158f5f14dfe2648525217f3354bb28904a183a5ce491ea492832db0cf3c19c9206de666ef12f2e4f0316db9429a30a559c63bdcbdac9358d87def8ba7a548656a034f1/i?id=17f84c32-aaa1-4f9c-9b0f-8619f64ed80e&ts=1647560837433
Requested by
Host: cdn.purpleads.io
URL: https://cdn.purpleads.io/agent.js?publisherId=344ad2e45bc351c4ada152793585a015:8aed5d81ec539e8e6c45776fc6ee38d0aa92f5aeb356bf9114996f6476591916247996f56f76a9fe14770cd4806b54edb29d6938615ba1769d3b435fb1fcd83b
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.94.45.13 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-94-45-13.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Authorization
Bearer 344ad2e45bc351c4ada152793585a015:8aed5d81ec539e8e6c45776fc6ee38d0aa92f5aeb356bf9114996f6476591916247996f56f76a9fe14770cd4806b54edb29d6938615ba1769d3b435fb1fcd83b
x-request-url
aHR0cHM6Ly9uZXRzNC5jb20vZG9tYWluL2dkcmZpcm0uY29t
Accept
application/json
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
application/json
x-purpleads-version
2.0.31

Response headers

access-control-allow-origin
https://nets4.com
date
Thu, 17 Mar 2022 23:47:17 GMT
access-control-allow-methods
GET, PUT, POST, DELETE, HEAD, OPTIONS
access-control-allow-credentials
true
x-request-id
6a8be458-8d4a-4dc5-bccb-4c2cec320b79
i
api.purpleads.io/x/a/7da2c4e1df5fab41badd6cc970df4455:e05b94549f572f7ecd6ea21f682f9c91f67cfc0648103a7a96611080317f3a540796e3d75cc6d6a7112bff5050e5ee650b9dd12cfe978deccda645d6842f16244d997d4ac57d2fa... Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.purpleads.io/x/a/7da2c4e1df5fab41badd6cc970df4455:e05b94549f572f7ecd6ea21f682f9c91f67cfc0648103a7a96611080317f3a540796e3d75cc6d6a7112bff5050e5ee650b9dd12cfe978deccda645d6842f16244d997d4ac57d2fa1127e5d7170158f5f14dfe2648525217f3354bb28904a183a5ce491ea492832db0cf3c19c9206de666ef12f2e4f0316db9429a30a559c63bdcbdac9358d87def8ba7a548656a034f1/i?id=17f84c32-aaa1-4f9c-9b0f-8619f64ed80e&ts=1647560837433
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.94.45.13 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-94-45-13.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
authorization,content-type,x-purpleads-version,x-request-url
Origin
https://nets4.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Thu, 17 Mar 2022 23:47:17 GMT
access-control-allow-origin
https://nets4.com
access-control-allow-credentials
true
access-control-allow-methods
GET, PUT, POST, DELETE, HEAD, OPTIONS
access-control-allow-headers
authorization,content-type,x-purpleads-version,x-request-url
x-request-id
c500dca1-79d8-4b45-ab81-8bf38ab5ab77
generate_204
tpc.googlesyndication.com/ Frame 066F 		0
9 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?Hdqc_Q
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f1.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 23:47:17 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 0AC7 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/032203150226000/amp4ads-v0.mjs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f1.1e100.net
Software
cafe /
Resource Hash
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 09:41:38 GMT
x-content-type-options
nosniff
server
cafe
age
50739
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag
14819457070020093239
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2502
x-xss-protection
0
expires
Fri, 18 Mar 2022 09:41:38 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 0AC7 		295 B
319 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/032203150226000/amp4ads-v0.mjs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f1.1e100.net
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 09:53:05 GMT
x-content-type-options
nosniff
server
cafe
age
50052
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag
426692510519060060
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 18 Mar 2022 09:53:05 GMT
downsize_200k_v1
tpc.googlesyndication.com/simgad/1301329936670063946/ Frame FA0B 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/1301329936670063946/downsize_200k_v1?w=400&h=209
Requested by
Host: nets4.com
URL: https://nets4.com/domain/gdrfirm.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f1.1e100.net
Software
sffe /
Resource Hash
36b76d1541f43059fdcf991474b553ea86fdc4dd43c0a5b4f66467b4707319ed
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 17:00:28 GMT
x-content-type-options
nosniff
age
24409
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10718
x-xss-protection
0
last-modified
Wed, 16 Mar 2022 09:49:18 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Fri, 17 Mar 2023 17:00:28 GMT
truncated
/ Frame FA0B 		206 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame FA0B 		209 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame FA0B 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
19c2d633b058bc1c770012984372e99f9d7e4c6c8186f05187a53fbf278f0104

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/png
4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v42/ Frame FA0B 		28 KB
28 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesans/v42/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.131 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f3.1e100.net
Software
sffe /
Resource Hash
a67d07f733785876b3192826e76f537e2b9dc0be172ce52c773d30d65f712a07
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://nets4.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 15 Mar 2022 22:47:37 GMT
x-content-type-options
nosniff
age
176380
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28328
x-xss-protection
0
last-modified
Tue, 01 Mar 2022 21:57:43 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 15 Mar 2023 22:47:37 GMT
truncated
/ Frame 20F7 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ec0f7b818a546afa5cf7b53e72770a9a0c92cde352f2c2c9a9b7dc5026e05705

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/png
4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v42/ Frame 20F7 		28 KB
28 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesans/v42/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.131 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f3.1e100.net
Software
sffe /
Resource Hash
a67d07f733785876b3192826e76f537e2b9dc0be172ce52c773d30d65f712a07
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://nets4.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 15 Mar 2022 22:47:37 GMT
x-content-type-options
nosniff
age
176380
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28328
x-xss-protection
0
last-modified
Tue, 01 Mar 2022 21:57:43 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 15 Mar 2023 22:47:37 GMT
en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame FA0B 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012202142035000/amp4ads-v0.mjs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f1.1e100.net
Software
cafe /
Resource Hash
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 09:41:38 GMT
x-content-type-options
nosniff
server
cafe
age
50739
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag
14819457070020093239
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2502
x-xss-protection
0
expires
Fri, 18 Mar 2022 09:41:38 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame FA0B 		295 B
319 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012202142035000/amp4ads-v0.mjs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f1.1e100.net
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 09:53:05 GMT
x-content-type-options
nosniff
server
cafe
age
50052
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag
426692510519060060
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 18 Mar 2022 09:53:05 GMT
/
track.adform.net/adfserve/ Frame BB0C 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/adfserve/?CC=1&bn=38516437;rtbwp=YjPIhQAAVbEH_ZYKAAhSOysg_DA06Xuf1YxNJQ;rtbdata=jMNqeDmYZHgIk9qdCCgtc9qvyE9AGVDLhDPwpeeSDH60KFzw_Ga9MgL3A9aIACnCkzVso3BR7Lo2kfoM_TuyM2JKPWuLIq4KTwRQbOu329qag0nNn_TStNUtcbwk_EEt1ze_K0M1yVMAlSmKr0WpCxzqDCQv8EFw3xnkH6EPWp0LH1JAjXHfvHLKO70OaRj3qX_8TG3jcqB_ppLmovDQxTBiUvPiwFaXzzfDXRik1uTyzrZ0YIaR6wvpS6diP-Uea0PWi1yik87JmznXDEs5eLSHwVdZtoIoJHDuC3BYyXOQ__shu12iERMmgpn_XCjFQeEimShqzcc1;nofp=1;click=https://adclick.g.doubleclick.net/aclk?sa=L&ai=CiGmUhcgzYrGrAYqs9u8Pu6Sh8Azz2KuTXMm81LOiB8CNtwEQASAAYJWCgICYB4IBF2NhLXB1Yi01NDEzMzI5NTQ0MDQwOTQ3yAEJqQLtjfzbp6OyPuACAKgDAaoEwwJP0LRqCQ6tQESdzHargpXUdGBi0zuRMffh2frEpD0ibTLAeJGpWKNuosHQGM9p-do5TKOlnODlge_Af8s3jDw2Qzh-WL8Y47yn5QzGWBeOrhp0_C7wEZHDB1n9ru_Whax9WnzdbPAMTXxP1VZlaXPHyXdWsTf5DEmVG6oWxQRXv_v0gqJ947cPOnVpUpW4QwzPerltQvX1h-k_ikzctDv1eppqa0QJ1XI_tOcBZOPZiwnYagaAhg2w_a4FgN6uXLnKzuVZQcPDDiuIYDqBeIDwH3m65lAauE91xdseRct4jHihU05vNv-QiRk1XsEJMc1W8Cye5-S5_CUb0jzsu8XvSXef53Lb7PXBrhF6DDoiOyQ84VqKr575Kj0tZiyv_2DfM0gMBOKpsAzpPh-9pW0h_HZGvrCBlRpbXcJi-bwgD2u1ZuAEAYAGk53h3smo1OVVoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIBwiI4YAQEAH6CwIIAYAMAdAVAYAXAQ&num=1&sig=AOD64_2q5YmPfFCKpCmp61BVuKha454Fgg&client=ca-pub-5413329544040947&adurl=;js=1;adfxid=1x;2168;set=en-US|en-US|1600X1200|0|300|50|24|8|3|7|1|;fd=0|0&CREFURL=https%3A%2F%2Fnets4.com
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.235 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
b5815d21981d5959835dc06be6b58df4f3bd7189652093d08bbdaddc40a5c00d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://1e7d6532cd7194601f9fb13674778223.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 17 Mar 2022 23:47:17 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
strict-transport-security
max-age=31536000; includeSubDomains
content-type
text/javascript; charset=utf-8
content-length
3497
expires
-1
si
googleads.g.doubleclick.net/pagead/drt/ Frame 20F7
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: nets4.com
URL: https://nets4.com/domain/gdrfirm.com
Protocol
H2
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Redirect headers

date
Thu, 17 Mar 2022 23:47:17 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control
private
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
adview
securepubads.g.doubleclick.net/pagead/ Frame 20F7 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=C3N0FhcgzYozxBK-A9u8P7_mKiAzxz_uLaZSNseHoD9nZHhABILnb8yZglYKAgJgHoAHrwbq7AsgBAeACAKgDAcgDCqoE6wFP0A-VUGse0bJ2oQAtcLXrQc51wcnvFaSPF8ebjLaLfli7jTjbhZaC8q9DXpXV0unRciVQup8v2tt07zj269JobLU-vPIwBgbAH-cTkWfjiFfDVG9_x-6ipUXrGm-qJ-ODDz-bC_eokJXx_Ef5o6rjQePLP8zMi84Y1eSB8UySPNUf58AdLq5Ph8z3FuPFQm4A1jmQgCK6gJm8xhJ-0cp9nAoybX7XAuiBvoUVkW-ydMp670UqVdPxvMsSQ_AkN0BjVjHaBE6a0LBpJsP7J9LViFxB2py0fb2KBmFkRxYwj1umETuXlxrV48RCwASvw7HJ7wPgBAGSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAYAHw7S_ywGoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBDP1ATSCAkIiOGAEBABGB3yCBthZHgtc3Vic3luLTQ4MjM5Njk5ODUwODIxMzaACgPICwHYEwzQFQGYFgGAFwGyFx4KHAgAEhRwdWItNDkwMzQ1Mzk3NDc0NTUzMBiLuXc&sigh=5sQvFFIctQQ&uach_m=[]&uap=&uapv=&uaa=&uam=&uafv=&uab=
Requested by
Host: nets4.com
URL: https://nets4.com/domain/gdrfirm.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers
r62eglto.js
ad4m.at/ Frame BB0C 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/r62eglto.js
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.11.209 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7ddcdb425051dbc349b91079fe450031f1c28e182aa24974ddfa20a92b4facbd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://1e7d6532cd7194601f9fb13674778223.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-goog-hash
crc32c=i40RNw==, md5=nlnmslSy2ZaL7/XdQ+Tixw==
date
Thu, 17 Mar 2022 23:47:17 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
29890
x-guploader-uploadid
ADPycdud40uO2Mf_WWaUQzp9I1nh9IXeGBItqXtMCs0VcfCRXQz1OChOrnOKdaxujHYAlenXrW_xURgYSHENuQAL-YN_EnuFLw
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
cf-bgj
minify
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Tue, 15 Mar 2022 15:28:50 GMT
server
cloudflare
etag
W/"9e59e6b254b2d9968beff5dd43e4e2c7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MXnzLuYQ7tZxHdOgcFqQGS5AkkYo1P%2Bd%2BlO976MdCBZpMy8GEiBZMww2pbphy%2BgW%2F%2BkrfjoSMDcHarmDIWUyJKJtfB2dLIqbHP1NqtoWbRzdu6egEDwJ9C8%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1647358130172556
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=3600, must-revalidate, stale-while-revalidate=300
x-goog-stored-content-length
11881
cf-ray
6ed99ce44b0d9b58-FRA
expires
Thu, 17 Mar 2022 15:29:07 GMT
/
track.adform.net/csimpr/ Frame BB0C 		35 B
503 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/csimpr/?bn=38516437&csi=_BDk6UoszL6G9vgpHMbzS9H0RnBVOuATnKRWaOGiMrDrygPkIxxfkzjCeS0FJ35tp1HRtoZuH3a-zoYi0VjZLmQBbo50IEXs0
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.235 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://1e7d6532cd7194601f9fb13674778223.safeframe.googlesyndication.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Thu, 17 Mar 2022 23:47:17 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://1e7d6532cd7194601f9fb13674778223.safeframe.googlesyndication.com
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
ThirdParty
s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.219/e/2gSBggDQ/i/vCAv.IAAAAAoAA/r:types/ Frame BB0C 		34 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.219/e/2gSBggDQ/i/vCAv.IAAAAAoAA/r:types/ThirdParty
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.155 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-155.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
a2abcde87c812822c1d61a1f153960d7e7394cb98577b4afbcf6c078214b34c9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://1e7d6532cd7194601f9fb13674778223.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Thu, 17 Mar 2022 23:47:17 GMT
Content-Encoding
gzip
Last-Modified
Thu, 10 Feb 2022 15:16:56 GMT
Server
nginx
X-Cache-Status
HIT
Vary
Accept-Encoding
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=212
Connection
keep-alive
Content-Length
14724
Expires
Thu, 17 Mar 2022 23:50:49 GMT
csi
csi.gstatic.com/ Frame FA0B 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?s=ampad&ctx=2&puid=1~1647560837770&c=2715648415418653&qqid=CL-3w7OqzvYCFc_JuwgdLfkI0w&rt=any.link.2.11.d.9.0.0.1bqf.1bi3~any.script.2.12.4.k.e.0.4nl.4f9~any.script.3.12.f.8.0.0.n1x.mtl~any.script.3.12.3.k.0.0.1od.1g1~any.script.3.12.3.k.0.0.ar1.aip~any.link.3.11.4.h.f.0.wc.o0~any.img.4.8.1.6.0.0.25u.1xi~any.img.4.9.2.7.0.0.gj.87~any.img.5.g.m.0.0.0.0.0~any.img.5.k.p.0.0.0.0.0~any.css.3l.8.1.7.0.0.8i2.89q~any.css.3n.q.4.8.e.0.m38.luw~any.img.85.8.1.6.0.0.25u.1xi~any.img.85.8.1.6.0.0.gj.87&met.a4a=dcl.1~ol.242~nvs.1647560837349~ini.1647560837771
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012202142035000/v0/amp-analytics-0.1.mjs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.31.3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
hkg12s38-in-f3.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://nets4.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Thu, 17 Mar 2022 23:47:17 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
generate_204
tpc.googlesyndication.com/ Frame 24FD 		0
9 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?BYNm6A
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f1.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 23:47:17 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
generate_204
tpc.googlesyndication.com/ Frame 01F6 		0
9 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?H2DwFg
Requested by
Host: nets4.com
URL: https://nets4.com/domain/gdrfirm.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f1.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 23:47:17 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
truncated
/ Frame BB0C 		217 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0246ba4e653f0b3a8594a606043c985275c5e447293fcb096b3add67fca67d6e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/png
css
fonts.googleapis.com/ Frame 9AA8 		708 B
367 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Lato&display=swap
Requested by
Host: cdn.purpleads.io
URL: https://cdn.purpleads.io/load.js?publisherId=344ad2e45bc351c4ada152793585a015:8aed5d81ec539e8e6c45776fc6ee38d0aa92f5aeb356bf9114996f6476591916247996f56f76a9fe14770cd4806b54edb29d6938615ba1769d3b435fb1fcd83b
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.202 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f10.1e100.net
Software
ESF /
Resource Hash
230f27646f2460a7e13106d06ec50cb822acf254ae08fba4058aa06ca57b9dab
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 17 Mar 2022 23:05:35 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Thu, 17 Mar 2022 23:47:17 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 17 Mar 2022 23:47:17 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame 9AA8 		82 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cdn.purpleads.io
URL: https://cdn.purpleads.io/load.js?publisherId=344ad2e45bc351c4ada152793585a015:8aed5d81ec539e8e6c45776fc6ee38d0aa92f5aeb356bf9114996f6476591916247996f56f76a9fe14770cd4806b54edb29d6938615ba1769d3b435fb1fcd83b
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
sffe /
Resource Hash
ce7e29ddb0b537ab37acabdfd30146244d28719d58ac64cf584d779095db76cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 23:47:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27856
x-xss-protection
0
server
sffe
etag
"1161 / 675 of 1000 / last-modified: 1647554712"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 17 Mar 2022 23:47:17 GMT
frame.html
ad4m.at/ Frame 7A1A 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/frame.html
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.11.209 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d12a71cd626ac8f0fc91e6f1b98280cfb49fd724f2dcc118d192adff9a0154b4

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://1e7d6532cd7194601f9fb13674778223.safeframe.googlesyndication.com/

Response headers

date
Thu, 17 Mar 2022 23:47:17 GMT
content-type
text/html; charset=utf-8
x-guploader-uploadid
ADPycdtpjC_BIP2JYJZvmIEVoowNNyTqNe6BE0JRdKJ1uhQ6k3Yfe6DPCN0GjBPS_zYil04QuBTjwG5dQACzvgbqPw78EHDYzg
x-goog-generation
1588777770164783
x-goog-metageneration
3
x-goog-stored-content-encoding
identity
x-goog-stored-content-length
1681
x-goog-meta-
x-goog-custom-time
1970-01-01T00:00:00Z
content-language
en
x-goog-hash
crc32c=iTDHew== md5=c2ZaqCqAXxKd4MgeeQDU8g==
x-goog-storage-class
MULTI_REGIONAL
expires
Fri, 18 Mar 2022 00:47:17 GMT
cache-control
public, max-age=3600
age
2010482
last-modified
Wed, 06 May 2020 15:09:30 GMT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
HIT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fmnQpc1Kd2S0Hb0D6HfWyz%2BlPZSgIRkEAH1XPzdTU5ZXZ0uozH8kVjUKKTJ4d9qHyVgdQ2ZgFQtclT1XpdndkobYwqPEJcChkdsZ8OqIoHhSqu3fpmkOJWA%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary
Accept-Encoding
server
cloudflare
cf-ray
6ed99ce548a05cb0-FRA
content-encoding
br
generate_204
tpc.googlesyndication.com/ Frame 73AC 		0
9 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?N5jlAg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f1.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 23:47:17 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v22/ Frame 9AA8 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v22/S6uyw4BMUTPHjx4wXg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.131 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f3.1e100.net
Software
sffe /
Resource Hash
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://nets4.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 16 Mar 2022 19:30:55 GMT
x-content-type-options
nosniff
age
101782
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23580
x-xss-protection
0
last-modified
Wed, 26 Jan 2022 19:14:03 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 16 Mar 2023 19:30:55 GMT
pubads_impl_2022031401.js
securepubads.g.doubleclick.net/gpt/ Frame 9AA8 		364 KB
124 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031401.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
sffe /
Resource Hash
4d44b03d4e4d1df9a852bf35460f5584c94b37c52d08742682a1a03d20d2f6d1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 20:03:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
13427
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
126502
x-xss-protection
0
last-modified
Mon, 14 Mar 2022 08:34:56 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 17 Mar 2023 20:03:30 GMT
integrator.js
adservice.google.de/adsid/ Frame 9AA8 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=nets4.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031401.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 17 Mar 2022 23:47:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 9AA8 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=nets4.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031401.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 17 Mar 2022 23:47:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame 9AA8 		25 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1104500039895085&correlator=3301493206695530&eid=31063247&output=ldjh&gdfp_req=1&vrg=2022031401&ptt=17&impl=fif&iu_parts=21902364955%3A22652385948%2Ccm_pu_nets4.com_technology_and_computing_top%2Ccm_pu_nets4.com_technology_and_computing_btf_2&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=320x50%7C320x100%7C300x250&ifi=1&adks=882885121&sfv=1-0-38&ecs=20220317&fsapi=false&eri=4&sc=1&cookie=ID%3Db1fca8d19217d8c8-22779edb60cd006c%3AT%3D1647560837%3AS%3DALNI_MZpQ5J-L4qQCOdeKBsTztxyTUQqHw&abxe=1&dt=1647560838048&dlt=1647560837903&idt=135&biw=1600&bih=1200&isw=345&ish=85&adxs=1244&adys=1121&oid=2&ucis=myfex0okfnde&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&nhd=1&url=https%3A%2F%2Fnets4.com%2Fdomain%2Fgdrfirm.com&top=nets4.com&frm=23&vis=1&scr_x=0&scr_y=0&psz=345x0&msz=345x0&fws=256&ohw=0&ea=0&ga_vid=1003258889.1647560836&ga_sid=1647560838&ga_hid=360048562&ga_fc=true&btvi=0&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031401.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
78e337650847b61cc315a30f739483508ee400d63b10dae7ad8423dc8d25a092
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 23:47:18 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11235
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://nets4.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
6123f6b1e2260df2001dbc1ec59d498c.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame CE2D 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://6123f6b1e2260df2001dbc1ec59d498c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031401.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f129.1e100.net
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Thu, 17 Mar 2022 23:47:18 GMT
expires
Fri, 17 Mar 2023 23:47:18 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
rs
ad4m.at/ Frame BB0C 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/rs
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.11.209 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bd3cedcd8ba11bc1819253dc1229bf5c0cbd7ace95a566d4d70958dfb5ce7f87

Request headers

Referer
https://1e7d6532cd7194601f9fb13674778223.safeframe.googlesyndication.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
application/json

Response headers

cf-ray
6ed99ce62d0b9b95-FRA
date
Thu, 17 Mar 2022 23:47:18 GMT
via
1.1 google
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SSJgS7yJtzRop9Jm34Ere%2F9Ob1r%2FyQfr0A2MHs0OEhAvbsW5tKfZLmJ0p7cPJom2AN4xugOu9KvW7EAeMK1PVTppVhGqwuDRcwWwoWqsMJYSMR6CniT%2ByTU%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain
access-control-allow-origin
https://1e7d6532cd7194601f9fb13674778223.safeframe.googlesyndication.com
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
access-control-allow-credentials
true
content-encoding
br
x-backend-server
aa-reachservice-group-europe-west1-bjhb
rs
ad4m.at/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/rs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.11.209 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://1e7d6532cd7194601f9fb13674778223.safeframe.googlesyndication.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Thu, 17 Mar 2022 23:47:18 GMT
content-type
text/plain
content-length
24
access-control-allow-origin
https://1e7d6532cd7194601f9fb13674778223.safeframe.googlesyndication.com
access-control-allow-credentials
true
access-control-max-age
1800
access-control-allow-methods
GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-headers
content-type
allow
HEAD,POST,GET,OPTIONS
x-backend-server
aa-reachservice-group-europe-west1-bjhb
via
1.1 google
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zDVQJyT3glUcWajDn8hNYvN9ACk6mVIn7r2yAaOztfXHrwUZJxlcWUwBTZ55tssBAkzJdCGy70hy5H5Kzca5c6IyEwG8luc1iJnIyKbdyZWklofliL7xMX8%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6ed99ce5fcd59b95-FRA
sodar
pagead2.googlesyndication.com/getconfig/ Frame 9AA8 		14 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022031401&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031401.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
42d4f40591d67ed16b413ec6e8ed5ec49e4a26d3841322ea4e7c038d891f1687
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 17 Mar 2022 23:47:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10587
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 9AA8 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031401.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f1.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 23:47:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 17 Mar 2022 23:47:18 GMT
rar
as.ad4m.at/ad/ Frame F48E 		3 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/rar?a=164567&b=m39hefx6V2FDBk3UmH8tjHzt2j8SDTwTbpFA&f=7Q4sqfJZQ1aZB47FrH6tqHECrXbcGT1TeBsM&c=300&d=50&e=OolEng4L_lusx6rDU-_eKr32sZM3OToa&g=90fffc08a3cb8bcd0a5cefd54f763700%2F8012973873249129233&i=27903&j=22&k=0&l=0&m=0&n=&p=&q=&o=adfPros&r=1647560838122&h=https%3A%2F%2Fadclick.g.doubleclick.net%2Faclk%3Fsa%3DL%26ai%3DCiGmUhcgzYrGrAYqs9u8Pu6Sh8Azz2KuTXMm81LOiB8CNtwEQASAAYJWCgICYB4IBF2NhLXB1Yi01NDEzMzI5NTQ0MDQwOTQ3yAEJqQLtjfzbp6OyPuACAKgDAaoEwwJP0LRqCQ6tQESdzHargpXUdGBi0zuRMffh2frEpD0ibTLAeJGpWKNuosHQGM9p-do5TKOlnODlge_Af8s3jDw2Qzh-WL8Y47yn5QzGWBeOrhp0_C7wEZHDB1n9ru_Whax9WnzdbPAMTXxP1VZlaXPHyXdWsTf5DEmVG6oWxQRXv_v0gqJ947cPOnVpUpW4QwzPerltQvX1h-k_ikzctDv1eppqa0QJ1XI_tOcBZOPZiwnYagaAhg2w_a4FgN6uXLnKzuVZQcPDDiuIYDqBeIDwH3m65lAauE91xdseRct4jHihU05vNv-QiRk1XsEJMc1W8Cye5-S5_CUb0jzsu8XvSXef53Lb7PXBrhF6DDoiOyQ84VqKr575Kj0tZiyv_2DfM0gMBOKpsAzpPh-9pW0h_HZGvrCBlRpbXcJi-bwgD2u1ZuAEAYAGk53h3smo1OVVoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIBwiI4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2q5YmPfFCKpCmp61BVuKha454Fgg%26client%3Dca-pub-5413329544040947%26adurl%3Dhttps%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D38516437%3Bcrtbwp%3DYjPIhQAAVbEH_ZYKAAhSOysg_DA06Xuf1YxNJQ%3Bcrtbdata%3DjMNqeDmYZHgIk9qdCCgtc9qvyE9AGVDLhDPwpeeSDH60KFzw_Ga9MgL3A9aIACnCkzVso3BR7Lo2kfoM_TuyM2JKPWuLIq4KTwRQbOu329qag0nNn_TStNUtcbwk_EEt1ze_K0M1yVMAlSmKr0WpCxzqDCQv8EFw3xnkH6EPWp0LH1JAjXHfvHLKO70OaRj3qX_8TG3jcqB_ppLmovDQxTBiUvPiwFaXzzfDXRik1uTyzrZ0YIaR6wvpS6diP-Uea0PWi1yik87JmznXDEs5eLSHwVdZtoIoJHDuC3BYyXOQ__shu12iERMmgpn_XCjFQeEimShqzcc1%3Badfibeg%3D0%3Bcdata%3D_BodCXuBvX-CnyoDaqEmOhKhCcOyBLaCmjzxfh41Hvce_12Ggyl5RYMI44uQEshf0EL03mbyTNXB81ifIhuSCY3scUm5kCP3a7iCPj1oc7rTxbyfjJ0aoxDy8biJvemqF88uCtR-ZnnHoFEk39kKgMN4iOtIBxgX0%3B%3BCREFURL%3Dhttps%253a%252f%252fnets4.com%3BC%3D1%3Bcpdir%3D&y=1&z=0
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.11.209 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f412a8a3886bdd1eb0ef84f81f3dc05c74ee0a25db828f09824bee7f370a7bb3
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://1e7d6532cd7194601f9fb13674778223.safeframe.googlesyndication.com/

Response headers

date
Thu, 17 Mar 2022 23:47:18 GMT
content-type
text/html; charset=utf-8
strict-transport-security
max-age=86400; includeSubDomains; preload
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
x-download-options
noopen
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
x-xss-protection
1; mode=block
cross-origin-embedder-policy
unsafe-none
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
referrer-policy
same-origin
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
expires
0
surrogate-control
no-store
pragma
no-cache
cross-origin-opener-policy
unsafe-none
via
1.1 google
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6ed99ce66d8f9b58-FRA
content-encoding
br
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame D1A9 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f1.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length
5046
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Thu, 17 Mar 2022 22:21:06 GMT
expires
Fri, 17 Mar 2023 22:21:06 GMT
cache-control
public, max-age=31536000
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
content-type
text/html
age
5172
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame 1675 		783 B
535 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.164 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f4.1e100.net
Software
GSE /
Resource Hash
73706d5b0fa330b58b4ce7d098db061df4fd43eb9ff7a2961666059016f540f6
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-0EAME8dSQBHTlJbmoBGh7Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires
Thu, 17 Mar 2022 23:47:18 GMT
date
Thu, 17 Mar 2022 23:47:18 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-0EAME8dSQBHTlJbmoBGh7Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
513
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
gen_204
pagead2.googlesyndication.com/pagead/ Frame B05D 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gpt_2022031401&jk=4370410053760033&bg=!oaKloubNAAba2mK92to7ACkAdvg8WkA8SC1_zYMNSldUfhL1QA6IHWjTYcWO22uMyAGmV0uwoCoK-gIAAAGKUgAAAAJoAQeZAvR2Y7Nni3Vmrk8vf7KDWnn3ZR1NUrh0jJiFbMG0Fr2LOCFNVjE1XRaytQLc28RzESuL4TsrrYbcqk1FkKhs7OtQ3sjWnC3VQ0VL9qp6iLaRkSE2YalRDbIDwmzFFGx7bkMvUNakz9_RwSPOB0pQY6S8kh-MBk-2vqvv67oMitnZHZaZjXtf9uWWn5U0WHkwrH6vHhrbFZGppwNzaX3IK1kEl9iUSZg6bsFzyDp9N1STWq_zkxZEhFzTW4P6XeDd7dxvNaleOxiCWOaX8Di34fFFRelosvbZhzXDcZmoY1-OJo5IVc3wIHtBLLfA1Iha_HH0JHHJUW6DE90hcEqA3ZX18X-7Y1NdoRQiLWJzPV-EJtkn2qzSdyttf1DzWmztT-SXJLWH9a7T9US2M_SbkgO4hHIYMmIxzZFzRWbMGxY3ERQpOCA1G8d5l7egCF3rLVtlHJY9eP4NzGy-SCrcPsqwR_7rp_QEVHgpB9RwBovR0mJacgCW2oK8b6wJ0mD0ciGbpCVoCfOiBQWQoIAHiFkiRYFuPqxogbMLa_XksT-sLgz4SRBBDrH3HTw70ZNT5c_XEe_SQOc01lplKJls1CEVQR2rx4haidzMIb_BzXnLaVW_FskrUVnQEzbyviA92bzasTQ1Vzr2XJB24CImPznqx0N9CB0FtroerOXBnQ7N2rbPC_qgFMxb_BlR8uS6STq_u_iOhWEKUHa0Cm2y0aIsqOZ0kS_pe1iJ8aM435aXPl85lrVoiazJolFD8t6Jh4PzHdOZr9CzT5QeYO8nWkPUPd-djQ_PzGUKBVVgiuwnYmkUe9DRxeFR9ehZmxVA5xmNjM4UCgi8Iwbc9JyBUBEvf775HuX0pBQbK4CxTD3HdqOcJTMiYzUZwmw654BG1WvHgilLr43CpRD5LeUnPH3ylR7nGyDQBymDq_e7DcNW3TJSwYcWe907tmTgcHRQb8tTGrNuEqV7F8XrGNd2QXp63Agk4wCFitBgT60dUnOCsjCcdX4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 17 Mar 2022 23:47:18 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
default.css
as.ad4m.at/ad/style/0.1.18/one-ad/ Frame F48E 		81 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/style/0.1.18/one-ad/default.css
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=164567&b=m39hefx6V2FDBk3UmH8tjHzt2j8SDTwTbpFA&f=7Q4sqfJZQ1aZB47FrH6tqHECrXbcGT1TeBsM&c=300&d=50&e=OolEng4L_lusx6rDU-_eKr32sZM3OToa&g=90fffc08a3cb8bcd0a5cefd54f763700%2F8012973873249129233&i=27903&j=22&k=0&l=0&m=0&n=&p=&q=&o=adfPros&r=1647560838122&h=https%3A%2F%2Fadclick.g.doubleclick.net%2Faclk%3Fsa%3DL%26ai%3DCiGmUhcgzYrGrAYqs9u8Pu6Sh8Azz2KuTXMm81LOiB8CNtwEQASAAYJWCgICYB4IBF2NhLXB1Yi01NDEzMzI5NTQ0MDQwOTQ3yAEJqQLtjfzbp6OyPuACAKgDAaoEwwJP0LRqCQ6tQESdzHargpXUdGBi0zuRMffh2frEpD0ibTLAeJGpWKNuosHQGM9p-do5TKOlnODlge_Af8s3jDw2Qzh-WL8Y47yn5QzGWBeOrhp0_C7wEZHDB1n9ru_Whax9WnzdbPAMTXxP1VZlaXPHyXdWsTf5DEmVG6oWxQRXv_v0gqJ947cPOnVpUpW4QwzPerltQvX1h-k_ikzctDv1eppqa0QJ1XI_tOcBZOPZiwnYagaAhg2w_a4FgN6uXLnKzuVZQcPDDiuIYDqBeIDwH3m65lAauE91xdseRct4jHihU05vNv-QiRk1XsEJMc1W8Cye5-S5_CUb0jzsu8XvSXef53Lb7PXBrhF6DDoiOyQ84VqKr575Kj0tZiyv_2DfM0gMBOKpsAzpPh-9pW0h_HZGvrCBlRpbXcJi-bwgD2u1ZuAEAYAGk53h3smo1OVVoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIBwiI4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2q5YmPfFCKpCmp61BVuKha454Fgg%26client%3Dca-pub-5413329544040947%26adurl%3Dhttps%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D38516437%3Bcrtbwp%3DYjPIhQAAVbEH_ZYKAAhSOysg_DA06Xuf1YxNJQ%3Bcrtbdata%3DjMNqeDmYZHgIk9qdCCgtc9qvyE9AGVDLhDPwpeeSDH60KFzw_Ga9MgL3A9aIACnCkzVso3BR7Lo2kfoM_TuyM2JKPWuLIq4KTwRQbOu329qag0nNn_TStNUtcbwk_EEt1ze_K0M1yVMAlSmKr0WpCxzqDCQv8EFw3xnkH6EPWp0LH1JAjXHfvHLKO70OaRj3qX_8TG3jcqB_ppLmovDQxTBiUvPiwFaXzzfDXRik1uTyzrZ0YIaR6wvpS6diP-Uea0PWi1yik87JmznXDEs5eLSHwVdZtoIoJHDuC3BYyXOQ__shu12iERMmgpn_XCjFQeEimShqzcc1%3Badfibeg%3D0%3Bcdata%3D_BodCXuBvX-CnyoDaqEmOhKhCcOyBLaCmjzxfh41Hvce_12Ggyl5RYMI44uQEshf0EL03mbyTNXB81ifIhuSCY3scUm5kCP3a7iCPj1oc7rTxbyfjJ0aoxDy8biJvemqF88uCtR-ZnnHoFEk39kKgMN4iOtIBxgX0%3B%3BCREFURL%3Dhttps%253a%252f%252fnets4.com%3BC%3D1%3Bcpdir%3D&y=1&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.11.209 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0442de55e3838ce2b8cfca9a7ad2a6bcecfd94844453c13b38d7a9f1d31944b9
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/ad/rar?a=164567&b=m39hefx6V2FDBk3UmH8tjHzt2j8SDTwTbpFA&f=7Q4sqfJZQ1aZB47FrH6tqHECrXbcGT1TeBsM&c=300&d=50&e=OolEng4L_lusx6rDU-_eKr32sZM3OToa&g=90fffc08a3cb8bcd0a5cefd54f763700%2F8012973873249129233&i=27903&j=22&k=0&l=0&m=0&n=&p=&q=&o=adfPros&r=1647560838122&h=https%3A%2F%2Fadclick.g.doubleclick.net%2Faclk%3Fsa%3DL%26ai%3DCiGmUhcgzYrGrAYqs9u8Pu6Sh8Azz2KuTXMm81LOiB8CNtwEQASAAYJWCgICYB4IBF2NhLXB1Yi01NDEzMzI5NTQ0MDQwOTQ3yAEJqQLtjfzbp6OyPuACAKgDAaoEwwJP0LRqCQ6tQESdzHargpXUdGBi0zuRMffh2frEpD0ibTLAeJGpWKNuosHQGM9p-do5TKOlnODlge_Af8s3jDw2Qzh-WL8Y47yn5QzGWBeOrhp0_C7wEZHDB1n9ru_Whax9WnzdbPAMTXxP1VZlaXPHyXdWsTf5DEmVG6oWxQRXv_v0gqJ947cPOnVpUpW4QwzPerltQvX1h-k_ikzctDv1eppqa0QJ1XI_tOcBZOPZiwnYagaAhg2w_a4FgN6uXLnKzuVZQcPDDiuIYDqBeIDwH3m65lAauE91xdseRct4jHihU05vNv-QiRk1XsEJMc1W8Cye5-S5_CUb0jzsu8XvSXef53Lb7PXBrhF6DDoiOyQ84VqKr575Kj0tZiyv_2DfM0gMBOKpsAzpPh-9pW0h_HZGvrCBlRpbXcJi-bwgD2u1ZuAEAYAGk53h3smo1OVVoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIBwiI4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2q5YmPfFCKpCmp61BVuKha454Fgg%26client%3Dca-pub-5413329544040947%26adurl%3Dhttps%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D38516437%3Bcrtbwp%3DYjPIhQAAVbEH_ZYKAAhSOysg_DA06Xuf1YxNJQ%3Bcrtbdata%3DjMNqeDmYZHgIk9qdCCgtc9qvyE9AGVDLhDPwpeeSDH60KFzw_Ga9MgL3A9aIACnCkzVso3BR7Lo2kfoM_TuyM2JKPWuLIq4KTwRQbOu329qag0nNn_TStNUtcbwk_EEt1ze_K0M1yVMAlSmKr0WpCxzqDCQv8EFw3xnkH6EPWp0LH1JAjXHfvHLKO70OaRj3qX_8TG3jcqB_ppLmovDQxTBiUvPiwFaXzzfDXRik1uTyzrZ0YIaR6wvpS6diP-Uea0PWi1yik87JmznXDEs5eLSHwVdZtoIoJHDuC3BYyXOQ__shu12iERMmgpn_XCjFQeEimShqzcc1%3Badfibeg%3D0%3Bcdata%3D_BodCXuBvX-CnyoDaqEmOhKhCcOyBLaCmjzxfh41Hvce_12Ggyl5RYMI44uQEshf0EL03mbyTNXB81ifIhuSCY3scUm5kCP3a7iCPj1oc7rTxbyfjJ0aoxDy8biJvemqF88uCtR-ZnnHoFEk39kKgMN4iOtIBxgX0%3B%3BCREFURL%3Dhttps%253a%252f%252fnets4.com%3BC%3D1%3Bcpdir%3D&y=1&z=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 23:47:18 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
age
274577
cross-origin-embedder-policy
unsafe-none
cf-polished
origSize=83581
surrogate-control
no-store
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=86400; includeSubDomains; preload
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
same-origin
expires
0
last-modified
Mon, 14 Mar 2022 19:31:01 GMT
server
cloudflare
cross-origin-opener-policy
unsafe-none
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-download-options
noopen
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
content-type
text/css; charset=utf-8
vary
Accept-Encoding
cache-control
max-age=3600, must-revalidate, proxy-revalidate
cf-ray
6ed99ce6c9ef5cb0-FRA
cf-bgj
minify
3BEAA4BEC8C68B4DBCB39C60D3C91CDA9CFD36F8CD48173A1A38842CF7827896E7A05D6B2E1C8A48F7867FE837024BCA616ACB4CDD47C2F63C1A9C709B28E99C
assets.ad4m.at/product_image/ Frame F48E 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/product_image/3BEAA4BEC8C68B4DBCB39C60D3C91CDA9CFD36F8CD48173A1A38842CF7827896E7A05D6B2E1C8A48F7867FE837024BCA616ACB4CDD47C2F63C1A9C709B28E99C
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=164567&b=m39hefx6V2FDBk3UmH8tjHzt2j8SDTwTbpFA&f=7Q4sqfJZQ1aZB47FrH6tqHECrXbcGT1TeBsM&c=300&d=50&e=OolEng4L_lusx6rDU-_eKr32sZM3OToa&g=90fffc08a3cb8bcd0a5cefd54f763700%2F8012973873249129233&i=27903&j=22&k=0&l=0&m=0&n=&p=&q=&o=adfPros&r=1647560838122&h=https%3A%2F%2Fadclick.g.doubleclick.net%2Faclk%3Fsa%3DL%26ai%3DCiGmUhcgzYrGrAYqs9u8Pu6Sh8Azz2KuTXMm81LOiB8CNtwEQASAAYJWCgICYB4IBF2NhLXB1Yi01NDEzMzI5NTQ0MDQwOTQ3yAEJqQLtjfzbp6OyPuACAKgDAaoEwwJP0LRqCQ6tQESdzHargpXUdGBi0zuRMffh2frEpD0ibTLAeJGpWKNuosHQGM9p-do5TKOlnODlge_Af8s3jDw2Qzh-WL8Y47yn5QzGWBeOrhp0_C7wEZHDB1n9ru_Whax9WnzdbPAMTXxP1VZlaXPHyXdWsTf5DEmVG6oWxQRXv_v0gqJ947cPOnVpUpW4QwzPerltQvX1h-k_ikzctDv1eppqa0QJ1XI_tOcBZOPZiwnYagaAhg2w_a4FgN6uXLnKzuVZQcPDDiuIYDqBeIDwH3m65lAauE91xdseRct4jHihU05vNv-QiRk1XsEJMc1W8Cye5-S5_CUb0jzsu8XvSXef53Lb7PXBrhF6DDoiOyQ84VqKr575Kj0tZiyv_2DfM0gMBOKpsAzpPh-9pW0h_HZGvrCBlRpbXcJi-bwgD2u1ZuAEAYAGk53h3smo1OVVoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIBwiI4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2q5YmPfFCKpCmp61BVuKha454Fgg%26client%3Dca-pub-5413329544040947%26adurl%3Dhttps%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D38516437%3Bcrtbwp%3DYjPIhQAAVbEH_ZYKAAhSOysg_DA06Xuf1YxNJQ%3Bcrtbdata%3DjMNqeDmYZHgIk9qdCCgtc9qvyE9AGVDLhDPwpeeSDH60KFzw_Ga9MgL3A9aIACnCkzVso3BR7Lo2kfoM_TuyM2JKPWuLIq4KTwRQbOu329qag0nNn_TStNUtcbwk_EEt1ze_K0M1yVMAlSmKr0WpCxzqDCQv8EFw3xnkH6EPWp0LH1JAjXHfvHLKO70OaRj3qX_8TG3jcqB_ppLmovDQxTBiUvPiwFaXzzfDXRik1uTyzrZ0YIaR6wvpS6diP-Uea0PWi1yik87JmznXDEs5eLSHwVdZtoIoJHDuC3BYyXOQ__shu12iERMmgpn_XCjFQeEimShqzcc1%3Badfibeg%3D0%3Bcdata%3D_BodCXuBvX-CnyoDaqEmOhKhCcOyBLaCmjzxfh41Hvce_12Ggyl5RYMI44uQEshf0EL03mbyTNXB81ifIhuSCY3scUm5kCP3a7iCPj1oc7rTxbyfjJ0aoxDy8biJvemqF88uCtR-ZnnHoFEk39kKgMN4iOtIBxgX0%3B%3BCREFURL%3Dhttps%253a%252f%252fnets4.com%3BC%3D1%3Bcpdir%3D&y=1&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.11.209 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
878632016def33489e208a16bff0c9133546ca3582fc3629bd40b224b3800240

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-goog-hash
crc32c=joRARA==, md5=li1x0TqEVQfZ/1ck+tRhZA==
date
Thu, 17 Mar 2022 23:47:18 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
13180
cf-polished
origFmt=gif, origSize=13216
x-guploader-uploadid
ADPycduWs1yqqEnvoqfPPHjXeUhIL1YQUU6y8Iut2RgXC4BsKnWYXPf_cFD24EwOJxX60-h19_3nFuaMxbQ1JleO8xsCkXNURA
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
9928
last-modified
Tue, 01 Mar 2022 17:03:45 GMT
server
cloudflare
etag
"962d71d13a845507d9ff5724fad46164"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=clYN6Lhst50VhGurVsqgyEX8Y6JWynLPYLpI9S7WVeFB5nFybFWmdqloGts6QAlEnvokmBsKFcDZBDQyb1YOl%2BC88hZhuzbnr0d0uYTJPZn4zJYWdE%2FGfkrlm%2Fahe4AH"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1646154225478742
content-type
image/webp
expires
Fri, 18 Mar 2022 23:47:18 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
13216
accept-ranges
bytes
cf-ray
6ed99ce6cdf59b58-FRA
cf-bgj
imgq:85,h2pri
sodar
pagead2.googlesyndication.com/pagead/ Frame 1675 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022031401&jk=1104500039895085&rc=null
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers
w5W1EixFGUzWFgZOi1zWjT-g-ai_4t-KN23ava9eLxA.js
pagead2.googlesyndication.com/bg/ Frame D1A9 		35 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/w5W1EixFGUzWFgZOi1zWjT-g-ai_4t-KN23ava9eLxA.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
sffe /
Resource Hash
c395b5122c45194cd616064e8b5cd68d3fa0f9a8bfe2df8a376ddabdaf5e2f10
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 20:42:48 GMT
content-encoding
br
x-content-type-options
nosniff
age
11070
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13798
x-xss-protection
0
last-modified
Mon, 14 Mar 2022 11:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 17 Mar 2023 20:42:48 GMT
container.html
6123f6b1e2260df2001dbc1ec59d498c.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame E299 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://6123f6b1e2260df2001dbc1ec59d498c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031401.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f129.1e100.net
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Thu, 17 Mar 2022 23:47:18 GMT
expires
Fri, 17 Mar 2023 23:47:18 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
content-type
text/html
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
i
api.purpleads.io/x/a/287fcc7395d82c1d12b6fa69cd571f6f:d04a63faeba2f32447dda01da78a60b5de75561ea445869beb6dae87ad247914d09731a3e95947a38b9cfdffb91f884f1f0a29ffd7e9f545658934b7a8db4f206a2b731372bde45... Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.purpleads.io/x/a/287fcc7395d82c1d12b6fa69cd571f6f:d04a63faeba2f32447dda01da78a60b5de75561ea445869beb6dae87ad247914d09731a3e95947a38b9cfdffb91f884f1f0a29ffd7e9f545658934b7a8db4f206a2b731372bde45f2a4bacafc774c6b19d7db21dcbcac1cf7ca6e71bdc7b68ec/i?id=80e81e8c-20a6-4212-82cc-dbadeb3d45a5&ts=1647560838223
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.94.45.13 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-94-45-13.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
authorization,content-type,x-purpleads-version,x-request-url
Origin
https://nets4.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Thu, 17 Mar 2022 23:47:18 GMT
access-control-allow-origin
https://nets4.com
access-control-allow-credentials
true
access-control-allow-methods
GET, PUT, POST, DELETE, HEAD, OPTIONS
access-control-allow-headers
authorization,content-type,x-purpleads-version,x-request-url
x-request-id
ec110eef-3547-4e66-8a5c-d1ad6dbba822
i
api.purpleads.io/x/a/287fcc7395d82c1d12b6fa69cd571f6f:d04a63faeba2f32447dda01da78a60b5de75561ea445869beb6dae87ad247914d09731a3e95947a38b9cfdffb91f884f1f0a29ffd7e9f545658934b7a8db4f206a2b731372bde45... 		0
200 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.purpleads.io/x/a/287fcc7395d82c1d12b6fa69cd571f6f:d04a63faeba2f32447dda01da78a60b5de75561ea445869beb6dae87ad247914d09731a3e95947a38b9cfdffb91f884f1f0a29ffd7e9f545658934b7a8db4f206a2b731372bde45f2a4bacafc774c6b19d7db21dcbcac1cf7ca6e71bdc7b68ec/i?id=80e81e8c-20a6-4212-82cc-dbadeb3d45a5&ts=1647560838223
Requested by
Host: cdn.purpleads.io
URL: https://cdn.purpleads.io/load.js?publisherId=344ad2e45bc351c4ada152793585a015:8aed5d81ec539e8e6c45776fc6ee38d0aa92f5aeb356bf9114996f6476591916247996f56f76a9fe14770cd4806b54edb29d6938615ba1769d3b435fb1fcd83b
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.94.45.13 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-94-45-13.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Authorization
Bearer 344ad2e45bc351c4ada152793585a015:8aed5d81ec539e8e6c45776fc6ee38d0aa92f5aeb356bf9114996f6476591916247996f56f76a9fe14770cd4806b54edb29d6938615ba1769d3b435fb1fcd83b
x-request-url
aHR0cHM6Ly9uZXRzNC5jb20vZG9tYWluL2dkcmZpcm0uY29t
Accept
application/json
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
application/json
x-purpleads-version
0.4.13

Response headers

access-control-allow-origin
https://nets4.com
date
Thu, 17 Mar 2022 23:47:18 GMT
access-control-allow-methods
GET, PUT, POST, DELETE, HEAD, OPTIONS
access-control-allow-credentials
true
x-request-id
7b909620-d76b-4934-9583-e98f53e4d887
adview
securepubads.g.doubleclick.net/pagead/ Frame E299 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=C994FhsgzYq2wBbeN9u8Pq9S4wATm_qP3XO6LrIhfwI23ARABIABglYKAgJgHggEXY2EtcHViLTU0MTMzMjk1NDQwNDA5NDfIAQmpAu2N_Nuno7I-4AIAqAMBqgS9Ak_QV6fRvH3vyhiaEE1OaSOpQVV17nsOxina-HenJRecxkmi5Go2h-B_2CeQ0ykPQf2matNVYy127tWAohpcpIvzQ0G1y9MB8vuD1amJ-yJEFDzahD6CDxi8sCDOlgoYqKl3B7j3PXH7410OV0wdU2rvqRlgKmkJJ_nsGI9noaUwdg46jcsyM2CIwfn7aLl-NmhKYNP9Ysa-Ujqp8iE_Yu8v3mk00i6nRR_t0cZKVf7X6YgVA4IYgKoD3IfLDECckJ9gUK0dTd6PYLElKhno9G7hgVx7d3GOV-j3M7QLGipL920X2n64tLpN6qRswo3BgLAvrk9sH5hRG_YCkXclxWpGNmhZbRgdTc_XBwDz_hhkkQKCN0LquatE1_7nVxxiyTgSKsYRkVKCYt0dZcKMQtf3XxnAgmpDk0KivHOx4AQBgAaXnpzDyJKHrn2gBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAYAKA_oLAggBgAwB0BUBgBcBshccChoSFHB1Yi01NDEzMzI5NTQ0MDQwOTQ3GMGMdA&sigh=uS0ghbF9jK8&uach_m=[UACH]&cid=CAQSPACNIrLMRm2LOTfzv5hK0ukFi1czY8l5-3nUvJv8TYE9EL92_mvl4BeHTB1EvmF-FG5cUXD0o8EEKRR1BhgB
Requested by
Host: nets4.com
URL: https://nets4.com/domain/gdrfirm.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
/
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://6123f6b1e2260df2001dbc1ec59d498c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers
ShowAd
brain.rvty.net/RTB/ Frame 5FA6 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://brain.rvty.net/RTB/ShowAd?adHeight=250&adWidth=300&adFormat=5&adslotId=&siteId=128293778&bannerId=195234&e=3&p=YjPIhgABWC0H_Ya3AA4qKzUWgLFm4naCDA0CqA&penc=&bp=76923&a=6233c886-0002-2b70-08bb-c04dcd0e909b&n=1&geo=-873437515&rawURL=https%3A%2F%2Fnets4.com%2Fdomain%2Fgdrfirm.com&rawReferrerURL=&uid=1c59ceaf-b058-4c1f-b081-aa255bc6fdbe&euid=CAESEL0HsBdmpVXFNJ9tBChdTKI&encn=N4IgXglgDiBcIE4DsBmArABhAGhAYwHsBXAOwBcAnATzhABEBRHEAQzLgEZcAbEgc04YAdACYMANhQAWDkinTxCESgAcuPBDI14AWRYQSAIwCmFEgAtjEALbMKEWgCEAmswDOZNsacsqpkszcbHBSCEJIIiIqHCKyaEiYqAC+QA&clickurl=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCPnC1hsgzYq2wBbeN9u8Pq9S4wATm_qP3XO6LrIhfwI23ARABIABglYKAgJgHggEXY2EtcHViLTU0MTMzMjk1NDQwNDA5NDfIAQmpAu2N_Nuno7I-4AIAqAMBqgTAAk_QV6fRvH3vyhiaEE1OaSOpQVV17nsOxina-HenJRecxkmi5Go2h-B_2CeQ0ykPQf2matNVYy127tWAohpcpIvzQ0G1y9MB8vuD1amJ-yJEFDzahD6CDxi8sCDOlgoYqKl3B7j3PXH7410OV0wdU2rvqRlgKmkJJ_nsGI9noaUwdg46jcsyM2CIwfn7aLl-NmhKYNP9Ysa-Ujqp8iE_Yu8v3mk00i6nRR_t0cZKVf7X6YgVA4IYgKoD3IfLDECckJ9gUK0dTd6PYLElKhno9G7hgVx7d3GOV-j3M7QLGipL920X2n64tLpN6qRswo3BgLAvrk9sH5hRG_YCkXclxWpGNmhZbRgdTc_XBwDz_hhkkQKCN0LquelG9mxtmtpaNf5boRg_HqT4dtewb-yUu0oxcZY8VXRvi8pKYktNHII24AQBgAaXnpzDyJKHrn2gBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_322DE43XN4IFwcoT51-KmGENG7uA%26client%3Dca-pub-5413329544040947%26adurl%3D&gdpr=1&gdpr_consent=
Requested by
Host: 6123f6b1e2260df2001dbc1ec59d498c.safeframe.googlesyndication.com
URL: https://6123f6b1e2260df2001dbc1ec59d498c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
89.163.211.233 Dortmund, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
Software
nginx/1.13.4 /
Resource Hash
d97b44cbd5f371d1b1627c3ca414f9c1bd49e74294fc4407fc81f2176851c67a

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://6123f6b1e2260df2001dbc1ec59d498c.safeframe.googlesyndication.com/

Response headers

Server
nginx/1.13.4
Date
Thu, 17 Mar 2022 23:47:18 GMT
Content-Type
text/html;charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Encoding
gzip
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220316/r20110914/client/ Frame E299 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220316/r20110914/client/window_focus_fy2021.js
Requested by
Host: 6123f6b1e2260df2001dbc1ec59d498c.safeframe.googlesyndication.com
URL: https://6123f6b1e2260df2001dbc1ec59d498c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f1.1e100.net
Software
cafe /
Resource Hash
68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://6123f6b1e2260df2001dbc1ec59d498c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 21:16:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
9024
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1233
x-xss-protection
0
server
cafe
etag
16517525077337815633
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 31 Mar 2022 21:16:54 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame BC39 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 6123f6b1e2260df2001dbc1ec59d498c.safeframe.googlesyndication.com
URL: https://6123f6b1e2260df2001dbc1ec59d498c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://6123f6b1e2260df2001dbc1ec59d498c.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
724
x-xss-protection
0
date
Thu, 17 Mar 2022 05:53:44 GMT
expires
Fri, 18 Mar 2022 05:53:44 GMT
cache-control
public, max-age=86400
age
64414
etag
48472445140208031
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame E299 		117 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 6123f6b1e2260df2001dbc1ec59d498c.safeframe.googlesyndication.com
URL: https://6123f6b1e2260df2001dbc1ec59d498c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
sffe /
Resource Hash
bc68a3e6e6f0074ff46c18beea2033fc4e8c6ee513dc0617758f45e2bdd8b88a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://6123f6b1e2260df2001dbc1ec59d498c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 23:47:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36344
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1647431472276194"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 17 Mar 2022 23:47:18 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220316/r20110914/client/ Frame E299 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220316/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 6123f6b1e2260df2001dbc1ec59d498c.safeframe.googlesyndication.com
URL: https://6123f6b1e2260df2001dbc1ec59d498c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f1.1e100.net
Software
cafe /
Resource Hash
c82a58123e9f042fb6f68695578cff668b16b22915e0a8cb8acca14741df2bac
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://6123f6b1e2260df2001dbc1ec59d498c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 22:54:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3159
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6367
x-xss-protection
0
server
cafe
etag
1939740185073438140
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 31 Mar 2022 22:54:39 GMT
l
www.google.com/ads/measurement/ Frame E299 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTLiyscr0m15W_KWZBflOS-wrY92axR_0QdtPqWK01XEVWHreYgW68R3sBAbTdyfXYSNWgtT8vNzJV_cXs4tG_b-HftAw
Requested by
Host: 6123f6b1e2260df2001dbc1ec59d498c.safeframe.googlesyndication.com
URL: https://6123f6b1e2260df2001dbc1ec59d498c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.164 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f4.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://6123f6b1e2260df2001dbc1ec59d498c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers
ext.js
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame E299 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js
Requested by
Host: 6123f6b1e2260df2001dbc1ec59d498c.safeframe.googlesyndication.com
URL: https://6123f6b1e2260df2001dbc1ec59d498c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f1.1e100.net
Software
sffe /
Resource Hash
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://6123f6b1e2260df2001dbc1ec59d498c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 07:28:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
58730
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7022
x-xss-protection
0
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 17 Mar 2023 07:28:28 GMT
/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame BC39
Redirect Chain
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESEA1qVv8sQYolXAl4rwKlYJM&google_cver=1&google_push=AYg5qPL-Z-7f6Jhh827D8-6kNEXHZki3e53dOQdMOZTrX437qcTnVO-lZDDD5S6HZ8iOoYxeujj6Vl-Ceb80bT7mJEecRbiqBkh7
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=NDAyMzA1MTYxNTAwODI3MTc0Ng==&gdpr=&gdpr_consent=
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEA1qVv8sQYolXAl4rwKlYJM&google_cver=1
43 B
398 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEA1qVv8sQYolXAl4rwKlYJM&google_cver=1
Requested by
Host: 6123f6b1e2260df2001dbc1ec59d498c.safeframe.googlesyndication.com
URL: https://6123f6b1e2260df2001dbc1ec59d498c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H2
Server
46.228.164.11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 17 Mar 2022 23:47:17 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-type
image/gif
content-length
43
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma
no-cache
date
Thu, 17 Mar 2022 23:47:18 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEA1qVv8sQYolXAl4rwKlYJM&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame BC39
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEIxpZsq9-9qEpLDAkUqipaw&google_cve...
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEIxpZsq9-9qEpLDAkUqipaw&goog...
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=aU1ZVkE0eXIxTnVaUFU1&google_gid=CAESEIxpZsq9-9qEpLDAkUqipaw&google_cver=1&google_push=AYg5qPKOajbofl16mt_1i5XMzTm7c9XyW3gLta9QJJjScu8...
170 B
189 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=aU1ZVkE0eXIxTnVaUFU1&google_gid=CAESEIxpZsq9-9qEpLDAkUqipaw&google_cver=1&google_push=AYg5qPKOajbofl16mt_1i5XMzTm7c9XyW3gLta9QJJjScu82rvKSzIsR3OTIP4ke76qxmj6b1YW4Ut_Nb1KoMiKEOpz4wxuiQYY
Requested by
Host: 6123f6b1e2260df2001dbc1ec59d498c.safeframe.googlesyndication.com
URL: https://6123f6b1e2260df2001dbc1ec59d498c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 17 Mar 2022 23:47:18 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 17 Mar 2022 23:47:17 GMT
Server
PingMatch/v2.0.30-713-gdae83a2#rel-ec2-master i-04fd973f611872bb0@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Strict-Transport-Security
max-age=2592000; includeSubDomains
Location
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=aU1ZVkE0eXIxTnVaUFU1&google_gid=CAESEIxpZsq9-9qEpLDAkUqipaw&google_cver=1&google_push=AYg5qPKOajbofl16mt_1i5XMzTm7c9XyW3gLta9QJJjScu82rvKSzIsR3OTIP4ke76qxmj6b1YW4Ut_Nb1KoMiKEOpz4wxuiQYY
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame BC39
Redirect Chain
  • https://d5p.de17a.com/cookies/google?google_gid=CAESECvmQd_iuynAEeVPNlUDyB4&google_cver=1&google_push=AYg5qPJ9o8TWn2Gj3wUnY3axc2ZSTrwMozCGmwp-7LVECTxs4lxr8BkfKu_DADX6wRGNCjbqu0TiYomY8HKudIAm_K9EBba...
  • https://d5p.de17a.com/cookies/google;c?google_gid=CAESECvmQd_iuynAEeVPNlUDyB4&google_cver=1&google_push=AYg5qPJ9o8TWn2Gj3wUnY3axc2ZSTrwMozCGmwp-7LVECTxs4lxr8BkfKu_DADX6wRGNCjbqu0TiYomY8HKudIAm_K9EB...
  • https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AYg5qPJ9o8TWn2Gj3wUnY3axc2ZSTrwMozCGmwp-7LVECTxs4lxr8BkfKu_DADX6wRGNCjbqu0TiYomY8HKudIAm_K9EBbagK-G6
170 B
189 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AYg5qPJ9o8TWn2Gj3wUnY3axc2ZSTrwMozCGmwp-7LVECTxs4lxr8BkfKu_DADX6wRGNCjbqu0TiYomY8HKudIAm_K9EBbagK-G6
Requested by
Host: 6123f6b1e2260df2001dbc1ec59d498c.safeframe.googlesyndication.com
URL: https://6123f6b1e2260df2001dbc1ec59d498c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 17 Mar 2022 23:47:18 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AYg5qPJ9o8TWn2Gj3wUnY3axc2ZSTrwMozCGmwp-7LVECTxs4lxr8BkfKu_DADX6wRGNCjbqu0TiYomY8HKudIAm_K9EBbagK-G6
content-length
0
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
pixel
cm.g.doubleclick.net/ Frame BC39
Redirect Chain
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEPGRv5b04b9ziu9LeHnIJjc&google_cver=1&google_push=AYg5qPK6N-N9V2Co1PcnPsVmB0-N98VqvrvAmQeERERGD0zU3NbwWn5nkuAdrhUiYeKyV-WwHnzj-CqK...
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTY5MzI1NjUyOTg2NDU2ODUzMg&google_push=AYg5qPK6N-N9V2Co1PcnPsVmB0-N98VqvrvAmQeERERGD0zU3NbwWn5nkuAdrhUiYeKyV-WwHnzj-C...
170 B
189 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTY5MzI1NjUyOTg2NDU2ODUzMg&google_push=AYg5qPK6N-N9V2Co1PcnPsVmB0-N98VqvrvAmQeERERGD0zU3NbwWn5nkuAdrhUiYeKyV-WwHnzj-CqK1NOscdRV7JXMSN7qV-2j
Requested by
Host: 6123f6b1e2260df2001dbc1ec59d498c.safeframe.googlesyndication.com
URL: https://6123f6b1e2260df2001dbc1ec59d498c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 17 Mar 2022 23:47:18 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 17 Mar 2022 23:47:18 GMT
server
nginx
location
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTY5MzI1NjUyOTg2NDU2ODUzMg&google_push=AYg5qPK6N-N9V2Co1PcnPsVmB0-N98VqvrvAmQeERERGD0zU3NbwWn5nkuAdrhUiYeKyV-WwHnzj-CqK1NOscdRV7JXMSN7qV-2j
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
pixel
cm.g.doubleclick.net/ Frame BC39
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=CJ6qctR6T5OHYnV6j-IesA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...
170 B
189 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=CJ6qctR6T5OHYnV6j-IesA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPJ_6uCRIbi0uv68eOzlegRYgqWFOUaXSNRDhC7hx5WIn47GnPhn_GGWNUajoOqhsqJdTFJKLtFXElAEWw3AnYQIi9zWg4OP
Protocol
H3
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 17 Mar 2022 23:47:18 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=CJ6qctR6T5OHYnV6j-IesA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPJ_6uCRIbi0uv68eOzlegRYgqWFOUaXSNRDhC7hx5WIn47GnPhn_GGWNUajoOqhsqJdTFJKLtFXElAEWw3AnYQIi9zWg4OP
date
Thu, 17 Mar 2022 23:47:18 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
pixel
cm.g.doubleclick.net/ Frame BC39
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEDPDm7iT1uFak7j0CtFyIJ4&google_cver=1&googl...
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEDPDm7iT1uFak7j0CtFyIJ4&google_push=AY...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjPIhs3TUtudPgKnL_Dx9wAABJAAAAIB&google_push=AYg5qPKnj7Ou7NYHkMbz-Bx3bcrdQpsPKPNMqgy6VaqQrzBQ2qfTANoz3GbPZ4al-sJ3XJbUFSWX5UAOXAVQE0dayR...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjPIhs3TUtudPgKnL_Dx9wAABJAAAAIB&google_push=AYg5qPKnj7Ou7NYHkMbz-Bx3bcrdQpsPKPNMqgy6VaqQrzBQ2qfTANoz3GbPZ4al-sJ3XJbUFSWX5UAOXAVQE0dayR...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjPIhs3TUtudPgKnL_Dx9wAABJAAAAIB&google_push=AYg5qPKnj7Ou7NYHkMbz-Bx3bcrdQpsPKPNMqgy6VaqQrzBQ2qfTANoz3GbPZ4al-sJ3XJbUFSWX5UAOXAVQE0dayR...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjPIhs3TUtudPgKnL_Dx9wAABJAAAAIB&google_push=AYg5qPKnj7Ou7NYHkMbz-Bx3bcrdQpsPKPNMqgy6VaqQrzBQ2qfTANoz3GbPZ4al-sJ3XJbUFSWX5UAOXAVQE0dayR...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjPIhs3TUtudPgKnL_Dx9wAABJAAAAIB&google_push=AYg5qPKnj7Ou7NYHkMbz-Bx3bcrdQpsPKPNMqgy6VaqQrzBQ2qfTANoz3GbPZ4al-sJ3XJbUFSWX5UAOXAVQE0dayR...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjPIhs3TUtudPgKnL_Dx9wAABJAAAAIB&google_push=AYg5qPKnj7Ou7NYHkMbz-Bx3bcrdQpsPKPNMqgy6VaqQrzBQ2qfTANoz3GbPZ4al-sJ3XJbUFSWX5UAOXAVQE0dayR...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjPIhs3TUtudPgKnL_Dx9wAABJAAAAIB&google_push=AYg5qPKnj7Ou7NYHkMbz-Bx3bcrdQpsPKPNMqgy6VaqQrzBQ2qfTANoz3GbPZ4al-sJ3XJbUFSWX5UAOXAVQE0dayR...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjPIhs3TUtudPgKnL_Dx9wAABJAAAAIB&google_push=AYg5qPKnj7Ou7NYHkMbz-Bx3bcrdQpsPKPNMqgy6VaqQrzBQ2qfTANoz3GbPZ4al-sJ3XJbUFSWX5UAOXAVQE0dayR...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjPIhs3TUtudPgKnL_Dx9wAABJAAAAIB&google_push=AYg5qPKnj7Ou7NYHkMbz-Bx3bcrdQpsPKPNMqgy6VaqQrzBQ2qfTANoz3GbPZ4al-sJ3XJbUFSWX5UAOXAVQE0dayR...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjPIhs3TUtudPgKnL_Dx9wAABJAAAAIB&google_push=AYg5qPKnj7Ou7NYHkMbz-Bx3bcrdQpsPKPNMqgy6VaqQrzBQ2qfTANoz3GbPZ4al-sJ3XJbUFSWX5UAOXAVQE0dayR...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjPIhs3TUtudPgKnL_Dx9wAABJAAAAIB&google_push=AYg5qPKnj7Ou7NYHkMbz-Bx3bcrdQpsPKPNMqgy6VaqQrzBQ2qfTANoz3GbPZ4al-sJ3XJbUFSWX5UAOXAVQE0dayR...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjPIhs3TUtudPgKnL_Dx9wAABJAAAAIB&google_push=AYg5qPKnj7Ou7NYHkMbz-Bx3bcrdQpsPKPNMqgy6VaqQrzBQ2qfTANoz3GbPZ4al-sJ3XJbUFSWX5UAOXAVQE0dayR...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjPIhs3TUtudPgKnL_Dx9wAABJAAAAIB&google_push=AYg5qPKnj7Ou7NYHkMbz-Bx3bcrdQpsPKPNMqgy6VaqQrzBQ2qfTANoz3GbPZ4al-sJ3XJbUFSWX5UAOXAVQE0dayR...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjPIhs3TUtudPgKnL_Dx9wAABJAAAAIB&google_push=AYg5qPKnj7Ou7NYHkMbz-Bx3bcrdQpsPKPNMqgy6VaqQrzBQ2qfTANoz3GbPZ4al-sJ3XJbUFSWX5UAOXAVQE0dayR...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjPIhs3TUtudPgKnL_Dx9wAABJAAAAIB&google_push=AYg5qPKnj7Ou7NYHkMbz-Bx3bcrdQpsPKPNMqgy6VaqQrzBQ2qfTANoz3GbPZ4al-sJ3XJbUFSWX5UAOXAVQE0dayR...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjPIhs3TUtudPgKnL_Dx9wAABJAAAAIB&google_push=AYg5qPKnj7Ou7NYHkMbz-Bx3bcrdQpsPKPNMqgy6VaqQrzBQ2qfTANoz3GbPZ4al-sJ3XJbUFSWX5UAOXAVQE0dayR...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjPIhs3TUtudPgKnL_Dx9wAABJAAAAIB&google_push=AYg5qPKnj7Ou7NYHkMbz-Bx3bcrdQpsPKPNMqgy6VaqQrzBQ2qfTANoz3GbPZ4al-sJ3XJbUFSWX5UAOXAVQE0dayR...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjPIhs3TUtudPgKnL_Dx9wAABJAAAAIB&google_push=AYg5qPKnj7Ou7NYHkMbz-Bx3bcrdQpsPKPNMqgy6VaqQrzBQ2qfTANoz3GbPZ4al-sJ3XJbUFSWX5UAOXAVQE0dayR...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjPIhs3TUtudPgKnL_Dx9wAABJAAAAIB&google_push=AYg5qPKnj7Ou7NYHkMbz-Bx3bcrdQpsPKPNMqgy6VaqQrzBQ2qfTANoz3GbPZ4al-sJ3XJbUFSWX5UAOXAVQE0dayR...
0
0
dot.gif
s0.2mdn.net/ Frame BC39 		43 B
577 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dot.gif?google_gid=CAESEOEOASWzvNyRpl2BwwsPYX0&google_cver=1&google_push=AYg5qPIWRSi-NPfydxlnlq_snlXbpM2qxgrG09LC7X5SyhI9M0Gl-Tog2aQvBENzeDagRt94mJf7xSf0auW2n_La51jU7BwgsBuj
Requested by
Host: 6123f6b1e2260df2001dbc1ec59d498c.safeframe.googlesyndication.com
URL: https://6123f6b1e2260df2001dbc1ec59d498c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f6.1e100.net
Software
sffe /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 23:47:18 GMT
x-content-type-options
nosniff
last-modified
Sun, 01 Feb 2009 08:00:00 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 18 Mar 2022 23:47:18 GMT
attr
cm.g.doubleclick.net/pixel/ Frame BC39 		0
69 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LLMoUWZysVy9mBEY4TVMVJXVnHcIBPnz9rBJCtiQ0Dbog2yMor_LQF-GpVBn9P7-Ko5T59Sw
Requested by
Host: 6123f6b1e2260df2001dbc1ec59d498c.safeframe.googlesyndication.com
URL: https://6123f6b1e2260df2001dbc1ec59d498c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 23:47:18 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
ads_view.js
cdn.rvty.net/view/ Frame 5FA6 		3 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.rvty.net/view/ads_view.js
Requested by
Host: brain.rvty.net
URL: https://brain.rvty.net/RTB/ShowAd?adHeight=250&adWidth=300&adFormat=5&adslotId=&siteId=128293778&bannerId=195234&e=3&p=YjPIhgABWC0H_Ya3AA4qKzUWgLFm4naCDA0CqA&penc=&bp=76923&a=6233c886-0002-2b70-08bb-c04dcd0e909b&n=1&geo=-873437515&rawURL=https%3A%2F%2Fnets4.com%2Fdomain%2Fgdrfirm.com&rawReferrerURL=&uid=1c59ceaf-b058-4c1f-b081-aa255bc6fdbe&euid=CAESEL0HsBdmpVXFNJ9tBChdTKI&encn=N4IgXglgDiBcIE4DsBmArABhAGhAYwHsBXAOwBcAnATzhABEBRHEAQzLgEZcAbEgc04YAdACYMANhQAWDkinTxCESgAcuPBDI14AWRYQSAIwCmFEgAtjEALbMKEWgCEAmswDOZNsacsqpkszcbHBSCEJIIiIqHCKyaEiYqAC+QA&clickurl=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCPnC1hsgzYq2wBbeN9u8Pq9S4wATm_qP3XO6LrIhfwI23ARABIABglYKAgJgHggEXY2EtcHViLTU0MTMzMjk1NDQwNDA5NDfIAQmpAu2N_Nuno7I-4AIAqAMBqgTAAk_QV6fRvH3vyhiaEE1OaSOpQVV17nsOxina-HenJRecxkmi5Go2h-B_2CeQ0ykPQf2matNVYy127tWAohpcpIvzQ0G1y9MB8vuD1amJ-yJEFDzahD6CDxi8sCDOlgoYqKl3B7j3PXH7410OV0wdU2rvqRlgKmkJJ_nsGI9noaUwdg46jcsyM2CIwfn7aLl-NmhKYNP9Ysa-Ujqp8iE_Yu8v3mk00i6nRR_t0cZKVf7X6YgVA4IYgKoD3IfLDECckJ9gUK0dTd6PYLElKhno9G7hgVx7d3GOV-j3M7QLGipL920X2n64tLpN6qRswo3BgLAvrk9sH5hRG_YCkXclxWpGNmhZbRgdTc_XBwDz_hhkkQKCN0LquelG9mxtmtpaNf5boRg_HqT4dtewb-yUu0oxcZY8VXRvi8pKYktNHII24AQBgAaXnpzDyJKHrn2gBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_322DE43XN4IFwcoT51-KmGENG7uA%26client%3Dca-pub-5413329544040947%26adurl%3D&gdpr=1&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
89.163.211.242 Dortmund, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
Software
nginx/1.13.4 /
Resource Hash
00bb2f69ab06efff6555f6ccae10902e87bb6aea861e83de082a45a07e525054

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://brain.rvty.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Thu, 17 Mar 2022 23:47:18 GMT
Last-Modified
Fri, 20 Dec 2019 09:27:25 GMT
Server
nginx/1.13.4
ETag
"5dfc93fd-d40"
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3392
generate_204
tpc.googlesyndication.com/ Frame D1A9 		0
9 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?kh8pKQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f1.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 23:47:18 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
truncated
/ Frame E299 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4383d72fd6ad435e144ced5b6f56393eebd4c321ea168114eeb2d7fe5cb4ac3a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/png
2mxc7hyuwk9b
ad.ad-srv.net/zone/ Frame 5FA6 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.ad-srv.net/zone/2mxc7hyuwk9b?subid=&extVar[]=DOUBLEBORDER:1&extVar[]=ANIM_AFTER_30S:0&redirectClick=https%3A%2F%2Fadclick.g.doubleclick.net%2Faclk%3Fsa%3DL%26ai%3DCPnC1hsgzYq2wBbeN9u8Pq9S4wATm_qP3XO6LrIhfwI23ARABIABglYKAgJgHggEXY2EtcHViLTU0MTMzMjk1NDQwNDA5NDfIAQmpAu2N_Nuno7I-4AIAqAMBqgTAAk_QV6fRvH3vyhiaEE1OaSOpQVV17nsOxina-HenJRecxkmi5Go2h-B_2CeQ0ykPQf2matNVYy127tWAohpcpIvzQ0G1y9MB8vuD1amJ-yJEFDzahD6CDxi8sCDOlgoYqKl3B7j3PXH7410OV0wdU2rvqRlgKmkJJ_nsGI9noaUwdg46jcsyM2CIwfn7aLl-NmhKYNP9Ysa-Ujqp8iE_Yu8v3mk00i6nRR_t0cZKVf7X6YgVA4IYgKoD3IfLDECckJ9gUK0dTd6PYLElKhno9G7hgVx7d3GOV-j3M7QLGipL920X2n64tLpN6qRswo3BgLAvrk9sH5hRG_YCkXclxWpGNmhZbRgdTc_XBwDz_hhkkQKCN0LquelG9mxtmtpaNf5boRg_HqT4dtewb-yUu0oxcZY8VXRvi8pKYktNHII24AQBgAaXnpzDyJKHrn2gBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_322DE43XN4IFwcoT51-KmGENG7uA%26client%3Dca-pub-5413329544040947%26adurl%3Dhttp%253A%252F%252Fbrain.rvty.net%252FRTB%252FClick%253Fx%253DEASY-X-COORDINATE%2526y%253DEASY-Y-COORDINATE%2526s%253D128293778%2526a%253D195234%2526t%253D1647560838319%2526l%253D-873437515%2526p%253D3%2526appid%253D%2526aa%253D6233c886-0002-2b70-08bb-c04dcd0e909b%2526gdpr%253D1%2526gdpr_consent%253D%2526dest%253D
Requested by
Host: brain.rvty.net
URL: https://brain.rvty.net/RTB/ShowAd?adHeight=250&adWidth=300&adFormat=5&adslotId=&siteId=128293778&bannerId=195234&e=3&p=YjPIhgABWC0H_Ya3AA4qKzUWgLFm4naCDA0CqA&penc=&bp=76923&a=6233c886-0002-2b70-08bb-c04dcd0e909b&n=1&geo=-873437515&rawURL=https%3A%2F%2Fnets4.com%2Fdomain%2Fgdrfirm.com&rawReferrerURL=&uid=1c59ceaf-b058-4c1f-b081-aa255bc6fdbe&euid=CAESEL0HsBdmpVXFNJ9tBChdTKI&encn=N4IgXglgDiBcIE4DsBmArABhAGhAYwHsBXAOwBcAnATzhABEBRHEAQzLgEZcAbEgc04YAdACYMANhQAWDkinTxCESgAcuPBDI14AWRYQSAIwCmFEgAtjEALbMKEWgCEAmswDOZNsacsqpkszcbHBSCEJIIiIqHCKyaEiYqAC+QA&clickurl=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCPnC1hsgzYq2wBbeN9u8Pq9S4wATm_qP3XO6LrIhfwI23ARABIABglYKAgJgHggEXY2EtcHViLTU0MTMzMjk1NDQwNDA5NDfIAQmpAu2N_Nuno7I-4AIAqAMBqgTAAk_QV6fRvH3vyhiaEE1OaSOpQVV17nsOxina-HenJRecxkmi5Go2h-B_2CeQ0ykPQf2matNVYy127tWAohpcpIvzQ0G1y9MB8vuD1amJ-yJEFDzahD6CDxi8sCDOlgoYqKl3B7j3PXH7410OV0wdU2rvqRlgKmkJJ_nsGI9noaUwdg46jcsyM2CIwfn7aLl-NmhKYNP9Ysa-Ujqp8iE_Yu8v3mk00i6nRR_t0cZKVf7X6YgVA4IYgKoD3IfLDECckJ9gUK0dTd6PYLElKhno9G7hgVx7d3GOV-j3M7QLGipL920X2n64tLpN6qRswo3BgLAvrk9sH5hRG_YCkXclxWpGNmhZbRgdTc_XBwDz_hhkkQKCN0LquelG9mxtmtpaNf5boRg_HqT4dtewb-yUu0oxcZY8VXRvi8pKYktNHII24AQBgAaXnpzDyJKHrn2gBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_322DE43XN4IFwcoT51-KmGENG7uA%26client%3Dca-pub-5413329544040947%26adurl%3D&gdpr=1&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
78.46.23.46 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.46.23.46.78.clients.your-server.de
Software
Apache /
Resource Hash
91f027887307865b67fca7f39a5a7c3bb9606576dd5a874809baf21bd3fb5400

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://brain.rvty.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Thu, 17 Mar 2022 23:47:18 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
3569
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
request.php
ad13.ad-srv.net/ Frame 5FA6
Redirect Chain
  • https://ad13.ad-srv.net/request.php?zone=2mxc7hyuwk9b&nw=14&renderingType=javascript&namespace=cdc5a7ffdd&subid=&uid=31c631295af670d9&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x2...
  • https://ad13.ad-srv.net/request.php?zone=2mxc7hyuwk9b&nw=14&renderingType=javascript&namespace=cdc5a7ffdd&subid=&uid=31c631295af670d9&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x2...
2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad13.ad-srv.net/request.php?zone=2mxc7hyuwk9b&nw=14&renderingType=javascript&namespace=cdc5a7ffdd&subid=&uid=31c631295af670d9&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=ANIM_AFTER_30S%3A0&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fadclick.g.doubleclick.net%2Faclk%3Fsa%3DL%26ai%3DCPnC1hsgzYq2wBbeN9u8Pq9S4wATm_qP3XO6LrIhfwI23ARABIABglYKAgJgHggEXY2EtcHViLTU0MTMzMjk1NDQwNDA5NDfIAQmpAu2N_Nuno7I-4AIAqAMBqgTAAk_QV6fRvH3vyhiaEE1OaSOpQVV17nsOxina-HenJRecxkmi5Go2h-B_2CeQ0ykPQf2matNVYy127tWAohpcpIvzQ0G1y9MB8vuD1amJ-yJEFDzahD6CDxi8sCDOlgoYqKl3B7j3PXH7410OV0wdU2rvqRlgKmkJJ_nsGI9noaUwdg46jcsyM2CIwfn7aLl-NmhKYNP9Ysa-Ujqp8iE_Yu8v3mk00i6nRR_t0cZKVf7X6YgVA4IYgKoD3IfLDECckJ9gUK0dTd6PYLElKhno9G7hgVx7d3GOV-j3M7QLGipL920X2n64tLpN6qRswo3BgLAvrk9sH5hRG_YCkXclxWpGNmhZbRgdTc_XBwDz_hhkkQKCN0LquelG9mxtmtpaNf5boRg_HqT4dtewb-yUu0oxcZY8VXRvi8pKYktNHII24AQBgAaXnpzDyJKHrn2gBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_322DE43XN4IFwcoT51-KmGENG7uA%26client%3Dca-pub-5413329544040947%26adurl%3Dhttp%253A%252F%252Fbrain.rvty.net%252FRTB%252FClick%253Fx%253DEASY-X-COORDINATE%2526y%253DEASY-Y-COORDINATE%2526s%253D128293778%2526a%253D195234%2526t%253D1647560838319%2526l%253D-873437515%2526p%253D3%2526appid%253D%2526aa%253D6233c886-0002-2b70-08bb-c04dcd0e909b%2526gdpr%253D1%2526gdpr_consent%253D%2526dest%253D&documentReferer=https%3A%2F%2F6123f6b1e2260df2001dbc1ec59d498c.safeframe.googlesyndication.com%2F&ancestorOrigins=https%3A%2F%2F6123f6b1e2260df2001dbc1ec59d498c.safeframe.googlesyndication.com%2Chttps%3A%2F%2Fnets4.com%2Chttps%3A%2F%2Fnets4.com&random=6003674062224&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Requested by
Host: brain.rvty.net
URL: https://brain.rvty.net/RTB/ShowAd?adHeight=250&adWidth=300&adFormat=5&adslotId=&siteId=128293778&bannerId=195234&e=3&p=YjPIhgABWC0H_Ya3AA4qKzUWgLFm4naCDA0CqA&penc=&bp=76923&a=6233c886-0002-2b70-08bb-c04dcd0e909b&n=1&geo=-873437515&rawURL=https%3A%2F%2Fnets4.com%2Fdomain%2Fgdrfirm.com&rawReferrerURL=&uid=1c59ceaf-b058-4c1f-b081-aa255bc6fdbe&euid=CAESEL0HsBdmpVXFNJ9tBChdTKI&encn=N4IgXglgDiBcIE4DsBmArABhAGhAYwHsBXAOwBcAnATzhABEBRHEAQzLgEZcAbEgc04YAdACYMANhQAWDkinTxCESgAcuPBDI14AWRYQSAIwCmFEgAtjEALbMKEWgCEAmswDOZNsacsqpkszcbHBSCEJIIiIqHCKyaEiYqAC+QA&clickurl=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCPnC1hsgzYq2wBbeN9u8Pq9S4wATm_qP3XO6LrIhfwI23ARABIABglYKAgJgHggEXY2EtcHViLTU0MTMzMjk1NDQwNDA5NDfIAQmpAu2N_Nuno7I-4AIAqAMBqgTAAk_QV6fRvH3vyhiaEE1OaSOpQVV17nsOxina-HenJRecxkmi5Go2h-B_2CeQ0ykPQf2matNVYy127tWAohpcpIvzQ0G1y9MB8vuD1amJ-yJEFDzahD6CDxi8sCDOlgoYqKl3B7j3PXH7410OV0wdU2rvqRlgKmkJJ_nsGI9noaUwdg46jcsyM2CIwfn7aLl-NmhKYNP9Ysa-Ujqp8iE_Yu8v3mk00i6nRR_t0cZKVf7X6YgVA4IYgKoD3IfLDECckJ9gUK0dTd6PYLElKhno9G7hgVx7d3GOV-j3M7QLGipL920X2n64tLpN6qRswo3BgLAvrk9sH5hRG_YCkXclxWpGNmhZbRgdTc_XBwDz_hhkkQKCN0LquelG9mxtmtpaNf5boRg_HqT4dtewb-yUu0oxcZY8VXRvi8pKYktNHII24AQBgAaXnpzDyJKHrn2gBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_322DE43XN4IFwcoT51-KmGENG7uA%26client%3Dca-pub-5413329544040947%26adurl%3D&gdpr=1&gdpr_consent=
Protocol
HTTP/1.1
Server
116.202.48.214 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.214.48.202.116.clients.your-server.de
Software
Apache /
Resource Hash
5d15bc2a140397dbe6b9a06a75b0bcc2ce6a1e385aaeedd8115dfa03f59b3199

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://brain.rvty.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 17 Mar 2022 23:47:18 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId
43017500005044800906793011902013
Connection
close
Content-Type
application/x-javascript; charset=utf-8
Content-Length
886
Expires
Thu, 17 Mar 2022 23:47:18 +0100

Redirect headers

Pragma
no-cache
Date
Thu, 17 Mar 2022 23:47:18 GMT
Server
Apache
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location
request.php?zone=2mxc7hyuwk9b&nw=14&renderingType=javascript&namespace=cdc5a7ffdd&subid=&uid=31c631295af670d9&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=ANIM_AFTER_30S%3A0&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fadclick.g.doubleclick.net%2Faclk%3Fsa%3DL%26ai%3DCPnC1hsgzYq2wBbeN9u8Pq9S4wATm_qP3XO6LrIhfwI23ARABIABglYKAgJgHggEXY2EtcHViLTU0MTMzMjk1NDQwNDA5NDfIAQmpAu2N_Nuno7I-4AIAqAMBqgTAAk_QV6fRvH3vyhiaEE1OaSOpQVV17nsOxina-HenJRecxkmi5Go2h-B_2CeQ0ykPQf2matNVYy127tWAohpcpIvzQ0G1y9MB8vuD1amJ-yJEFDzahD6CDxi8sCDOlgoYqKl3B7j3PXH7410OV0wdU2rvqRlgKmkJJ_nsGI9noaUwdg46jcsyM2CIwfn7aLl-NmhKYNP9Ysa-Ujqp8iE_Yu8v3mk00i6nRR_t0cZKVf7X6YgVA4IYgKoD3IfLDECckJ9gUK0dTd6PYLElKhno9G7hgVx7d3GOV-j3M7QLGipL920X2n64tLpN6qRswo3BgLAvrk9sH5hRG_YCkXclxWpGNmhZbRgdTc_XBwDz_hhkkQKCN0LquelG9mxtmtpaNf5boRg_HqT4dtewb-yUu0oxcZY8VXRvi8pKYktNHII24AQBgAaXnpzDyJKHrn2gBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_322DE43XN4IFwcoT51-KmGENG7uA%26client%3Dca-pub-5413329544040947%26adurl%3Dhttp%253A%252F%252Fbrain.rvty.net%252FRTB%252FClick%253Fx%253DEASY-X-COORDINATE%2526y%253DEASY-Y-COORDINATE%2526s%253D128293778%2526a%253D195234%2526t%253D1647560838319%2526l%253D-873437515%2526p%253D3%2526appid%253D%2526aa%253D6233c886-0002-2b70-08bb-c04dcd0e909b%2526gdpr%253D1%2526gdpr_consent%253D%2526dest%253D&documentReferer=https%3A%2F%2F6123f6b1e2260df2001dbc1ec59d498c.safeframe.googlesyndication.com%2F&ancestorOrigins=https%3A%2F%2F6123f6b1e2260df2001dbc1ec59d498c.safeframe.googlesyndication.com%2Chttps%3A%2F%2Fnets4.com%2Chttps%3A%2F%2Fnets4.com&random=6003674062224&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
close
Content-Type
text/html; charset=UTF-8
Content-Length
0
Expires
Thu, 17 Mar 2022 23:47:18 +0100
gen_204
pagead2.googlesyndication.com/pagead/ Frame A564 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gpt_2022031401&jk=2200086145419923&bg=!DQ6lDkrNAAba2mK92to7ACkAdvg8WpTJaw3S6WgIhmzHouUTlUiEzMiYXFWl_dlbf1mVCUwOEHETngIAAAGsUgAAAApoAQeZAvkdcRD3ZROky5d7wl21UqNC2UPWwSdTaxQ3RYAtaHTjRueZauNE9zXU0jWcclS_rjwBBHsyBJ3lXG4Vq02jYKs_4lwhzXrn9rlOm3_RV7U76IfnuiyNbymy_Uq2D8N6vN4m10CMZbtdPYx_VYOivDSTrKtRQ0yNIlzauu4lslUsfjqu3mBoHuBm7CJerodkUM_0aPv7VER0ekobG1K-bqU0qmUeHcwmA_pSc-12DMXJcWVCQ3v09HxURnA_EQEHaVDaKLxq_lGDxs-b8WN7RPH88V9CehaTLf9NMrjJ4mcmlXM9S5UnGJ8POI8Tnoen6O-WgsdmZFZjgxUVfW2gGCpXFenaj4xx87-cL2OtzPPBneCTIYaU9llWqfXXAs05-NiXIAfBh2Nj5upqeyIVmRBWgt78cIZDEpquttu_dgOkpMvLPexWiIeaLUg7jrmF1gjR1iFtzXpFeU_A1ijqqjn_u1OwwF6T-oJyIqgiPtQ3q4pkQMQJTrwa6gegQY42_bn5xAF5TJ0anPXpz8N_IIf_XiJiHP4g_lBCnK2BeIeTtWp9wr1j3ATI3qtdaxory_Rpf35BlzfgNAPQZNBuEnV6UabdmwM4615yzWKg8J6cs_iLsXTM8yDOV9bGWv8Bcs2fvyDAqM5gzhYqrG55vvWwaVuVLBQIwz8pfZfSoAWIWQkxGnFJBBQIzLdyQTiUwX7kkdkOx-Qk2E6KPbxiwPQUS1nYoOUHkDQHYWmM9wdtuAz8Mkzjwi5OqsKAQ87Nq3u2OduGya7YUHYNH879CZ53O-_riwrzFuXpRKK8ddQx8scES_Qz-0NGCGn15FzjkiO8OQWYILnIZpxJ56iCZcPwiT7KnVsObEjLQu3xBEtiVSZmPG-kN7d-GLB4bot1bV5iNbwA6XU4BASlU8l7MF-qwHGRMOsXVSE1sO4HQaS42FQnQZWzJhmNYcwoXyUpq_LvmSmVsem9dLaMORKYqsZy-UpTKLy9DfyVKdlCLXAH5LrpShSIZClQsw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 17 Mar 2022 23:47:18 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 510D 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022031401&jk=2395145190883052&bg=!OzilOHzNAAba2mK92to7ACkAdvg8WhUOjWuiLiCH8tZCgpGABfPNO3su5_M_3jjcYev_fJSGll7e_QIAAAHvUgAAAAJoAQeZAut3Ww4LckV_GY1DuU_fEHTrGtpLnJV55ibTws_ABjO5moEnyBHsDo2t3mP54nSNpEJ31z1h-qecOFa5N2t3Zc6i74H6XvGSOxQPDHHKTbLWHRp5Waqz9YhYzPRFceGZG3VEYvZW5dgtI2BZdRzLSFgE6wYgAXQDSrpuImgGBMWK2fgKP_RyxHpUOTc0uG6ipvWmmnRiXyoZQA2cAXjg77-WbYnKJsy3UEAW5lHRUKizopIZfDjnaRHDrBJgBWCMEkezlXyWD2bk4CrRgheO38pp_vJPuUObkguRKOCVrgMDN5hgmnI7jBGmjOxx7FvsDg3WbviGzDOLxRhlVVwMk4Sg0bA05Q0PHJ5S14aPuA0oZe_UXhfzPPURP2HGhi1gX7bhAM-ehDvBAmMJnpGmWz3LUxYlRvu_hJRl85CAI2SwQlx4ijnAz0NcGjWwvgRi6llgrQwu3MwVUzPNjWv7oeqNgevmygsjKZjPYM3rr58k0awLPCY2APGxCp_XcI19bnpL9oehFzcDNa4hZ4ClPsKGaWQCdI2Cl2Lihk2JVxvTQ9E0pQNU4m0BxnBcwxanEb6eeqd7BqveGPKV50hJ3Di9425sclJyJcs_QSA-UcgC_x_Y4uPojSlXzyUyEzYSI8i3hbDlOPhZonmrGFEJD05VAjmxPUHqLABArdbM9zcRbC88f0JHDgOnzXvGBE0iTAil449UsA4jIHp5paj1TIQ4kcRLxCVYdobcx6x_N033fjl5G3eSso789EnfaGX3FPWhXNQFnkLSMEERvwJ1hHFvIzl2zt4wo5E_lYyIKgVaRN_-lmzFeM1eA2_W7BN1beg92Qk81Vq6LG-jORUyuGUJg-3fg4CUG7XTF1JuEXGdoNioqjhwHTXcS8qqz4QIGnZKPDUZ0NiPfivApVTVahug4RuIQCAQUR_wz6y1qCfsBPB1770h96je145BfWZSbz1dtMpakcEaoOGiK9Vg3ECB7I4sciENgJQTWPo
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers
gen_204
pagead2.googlesyndication.com/pagead/ Frame EB53 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gpt_2022031401&jk=2715648415418653&bg=!q6ilqOzNAAba2mK92to7ACkAdvg8WiJX5vUi3ZXoYx1sb7nlS8_xhLpYi4cN76kfD8hs_Y9IeZ4u1QIAAAF9UgAAAAFoAQcKACmO4r0LBBFfuJYbpcN4nIrbiPr6cDUMML6HEc98HAqnd9nSMbzgF_fK3ZkC2XxjQnueSfywleozA0W9tTVg3LjZKvTZD3ctGxbnyVF5-z8MubKPPpqEUYVA8muldH0liME2FTpDO_iTbCErCteFconJPjWKhF-BCybnnCED5dtDrJY9yUMp0aYMsUL4efpbN5_jjtWq_8RpxOobSxmG4rPEiRnE74XMVa76VF6rxcrJc_4YpxvbI0eyJGEglFR4gqh6-9GJiM-Jq-smWObc6KgEqAXeLfCSpZzrjr_Zod7j3wWUZZzoQv1mvlADzwHWyCP4cnzHPVQuoxvOJpse64bttMkg0EDO0IvBnWsaxr7mGb2i0f3CGHvIuDQDJR4VTL1QcjslLmYZjnVmZYMT4GTZKl5uQC53OReFfnfcuoWC8CmL-j96HtkM_pWlZ-wi1I6U958oNoCQmoEncOmB1KsrCR_WRbyl9wt-DgorAptNi5yvTctTzJa_uVPGD8XQ9yK3uM9Cq2_n9PmrS8-Oe8w-MkUq6_SK3fsX82hr_ANwx3QDzhiSp4tJytKBsXmFDCw30Zxniu82WgtWi_oMKpAdiQN48OsVZpNyoCio1NssDI-a6HLdAA7XMpGxnV0OxU4unSniDWpEzqItWOYhGCNEhjLDVn2-z0llvafSkAzhJZkgz6VFCGkWbYU4y9mT9EZvHC2zG1USRXyxaehgjlZ8YFZcIfPU8HDFQxuXnxZGdXGE9EsWqvEnVPVCOhg-ZMldV1DBip9tncNc592-ICv3Cg1aYY5R8ITrABMNQOp0VPwXJMqZcwbPlfc5FGEw8ZnygA34mgz5HRtDf9lgK_A4cL6X-CX6TbfOfGpF_ClGJYRO7emJq-MTNaDPgthEjQ-IPXCfU107qTbXzmKz-8wkdQykmknLcTDir1YUcWpwKq2hXIGfQC67cjtVJaGF0pfSNIIfTTiZ3H7CuY7QL2l3J_4V8-g7TAbBduNZAVFG_kxVYBDOuCOPYCwwaC6H_E_azLHi-g
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 17 Mar 2022 23:47:18 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cshow.php
www.awin1.com/ Frame D662 		43 B
704 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.awin1.com/cshow.php?s=2548147&v=14098&q=379099&r=278235&pv=1&pref1=43017500005044800906793011902013&gdpr=&gdpr_consent=
Requested by
Host: ad13.ad-srv.net
URL: https://ad13.ad-srv.net/request.php?zone=2mxc7hyuwk9b&nw=14&renderingType=javascript&namespace=cdc5a7ffdd&subid=&uid=31c631295af670d9&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=ANIM_AFTER_30S%3A0&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fadclick.g.doubleclick.net%2Faclk%3Fsa%3DL%26ai%3DCPnC1hsgzYq2wBbeN9u8Pq9S4wATm_qP3XO6LrIhfwI23ARABIABglYKAgJgHggEXY2EtcHViLTU0MTMzMjk1NDQwNDA5NDfIAQmpAu2N_Nuno7I-4AIAqAMBqgTAAk_QV6fRvH3vyhiaEE1OaSOpQVV17nsOxina-HenJRecxkmi5Go2h-B_2CeQ0ykPQf2matNVYy127tWAohpcpIvzQ0G1y9MB8vuD1amJ-yJEFDzahD6CDxi8sCDOlgoYqKl3B7j3PXH7410OV0wdU2rvqRlgKmkJJ_nsGI9noaUwdg46jcsyM2CIwfn7aLl-NmhKYNP9Ysa-Ujqp8iE_Yu8v3mk00i6nRR_t0cZKVf7X6YgVA4IYgKoD3IfLDECckJ9gUK0dTd6PYLElKhno9G7hgVx7d3GOV-j3M7QLGipL920X2n64tLpN6qRswo3BgLAvrk9sH5hRG_YCkXclxWpGNmhZbRgdTc_XBwDz_hhkkQKCN0LquelG9mxtmtpaNf5boRg_HqT4dtewb-yUu0oxcZY8VXRvi8pKYktNHII24AQBgAaXnpzDyJKHrn2gBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_322DE43XN4IFwcoT51-KmGENG7uA%26client%3Dca-pub-5413329544040947%26adurl%3Dhttp%253A%252F%252Fbrain.rvty.net%252FRTB%252FClick%253Fx%253DEASY-X-COORDINATE%2526y%253DEASY-Y-COORDINATE%2526s%253D128293778%2526a%253D195234%2526t%253D1647560838319%2526l%253D-873437515%2526p%253D3%2526appid%253D%2526aa%253D6233c886-0002-2b70-08bb-c04dcd0e909b%2526gdpr%253D1%2526gdpr_consent%253D%2526dest%253D&documentReferer=https%3A%2F%2F6123f6b1e2260df2001dbc1ec59d498c.safeframe.googlesyndication.com%2F&ancestorOrigins=https%3A%2F%2F6123f6b1e2260df2001dbc1ec59d498c.safeframe.googlesyndication.com%2Chttps%3A%2F%2Fnets4.com%2Chttps%3A%2F%2Fnets4.com&random=6003674062224&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.239.217 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-239-217.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://brain.rvty.net/

Response headers

Content-Type
image/gif
Content-Length
43
Expires
0
Pragma
no-cache
Cache-Control
no-store, no-cache, max-age=0, must-revalidate
Node
Helix
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Date
Thu, 17 Mar 2022 23:47:18 GMT
Connection
keep-alive
Strict-Transport-Security
max-age=86400
Awin-Akamai-Rule-Set
default
ztpv.php
www.conrad.de/ Frame 0042
Redirect Chain
  • https://www.awin1.com/cshow.php?s=2470167&v=11354&q=371933&r=278235&pv=1&pref1=43017500005044800906793011902013&gdpr=&gdpr_consent=
  • https://www.zenaps.com/cshow.php?pvr=94d49d91-a64c-11ec-81bc-2262d3a2196d&v=11354&r=278235&q=371933&s=2470167&viewref=43017500005044800906793011902013&pv=1&gdpr=&gdpr_consent=
  • https://www.conrad.de/ztpv.php?awc=11354_278235_1647560838_94d49d91-a64c-11ec-81bc-2262d3a2196d&insert=AW
0
728 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.conrad.de/ztpv.php?awc=11354_278235_1647560838_94d49d91-a64c-11ec-81bc-2262d3a2196d&insert=AW
Requested by
Host: ad13.ad-srv.net
URL: https://ad13.ad-srv.net/request.php?zone=2mxc7hyuwk9b&nw=14&renderingType=javascript&namespace=cdc5a7ffdd&subid=&uid=31c631295af670d9&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=ANIM_AFTER_30S%3A0&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fadclick.g.doubleclick.net%2Faclk%3Fsa%3DL%26ai%3DCPnC1hsgzYq2wBbeN9u8Pq9S4wATm_qP3XO6LrIhfwI23ARABIABglYKAgJgHggEXY2EtcHViLTU0MTMzMjk1NDQwNDA5NDfIAQmpAu2N_Nuno7I-4AIAqAMBqgTAAk_QV6fRvH3vyhiaEE1OaSOpQVV17nsOxina-HenJRecxkmi5Go2h-B_2CeQ0ykPQf2matNVYy127tWAohpcpIvzQ0G1y9MB8vuD1amJ-yJEFDzahD6CDxi8sCDOlgoYqKl3B7j3PXH7410OV0wdU2rvqRlgKmkJJ_nsGI9noaUwdg46jcsyM2CIwfn7aLl-NmhKYNP9Ysa-Ujqp8iE_Yu8v3mk00i6nRR_t0cZKVf7X6YgVA4IYgKoD3IfLDECckJ9gUK0dTd6PYLElKhno9G7hgVx7d3GOV-j3M7QLGipL920X2n64tLpN6qRswo3BgLAvrk9sH5hRG_YCkXclxWpGNmhZbRgdTc_XBwDz_hhkkQKCN0LquelG9mxtmtpaNf5boRg_HqT4dtewb-yUu0oxcZY8VXRvi8pKYktNHII24AQBgAaXnpzDyJKHrn2gBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_322DE43XN4IFwcoT51-KmGENG7uA%26client%3Dca-pub-5413329544040947%26adurl%3Dhttp%253A%252F%252Fbrain.rvty.net%252FRTB%252FClick%253Fx%253DEASY-X-COORDINATE%2526y%253DEASY-Y-COORDINATE%2526s%253D128293778%2526a%253D195234%2526t%253D1647560838319%2526l%253D-873437515%2526p%253D3%2526appid%253D%2526aa%253D6233c886-0002-2b70-08bb-c04dcd0e909b%2526gdpr%253D1%2526gdpr_consent%253D%2526dest%253D&documentReferer=https%3A%2F%2F6123f6b1e2260df2001dbc1ec59d498c.safeframe.googlesyndication.com%2F&ancestorOrigins=https%3A%2F%2F6123f6b1e2260df2001dbc1ec59d498c.safeframe.googlesyndication.com%2Chttps%3A%2F%2Fnets4.com%2Chttps%3A%2F%2Fnets4.com&random=6003674062224&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.126.5 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://brain.rvty.net/

Response headers

date
Thu, 17 Mar 2022 23:47:18 GMT
content-type
text/html; charset=UTF-8
server-timing
intid;desc=e12d43f5d53cfd30
cache-control
no-cache
expires
-1
p3p
policyref="http://www.conrad.de/w3c/p3p.xml", CP="NOI NID STP STA CUR OUR"
x-varnish
638534585
age
0
via
1.1 varnish (Varnish/6.6)
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000
server
cloudflare
cf-ray
6ed99cea1a539018-FRA
content-encoding
br

Redirect headers

Content-Length
0
Location
https://www.conrad.de/ztpv.php?awc=11354_278235_1647560838_94d49d91-a64c-11ec-81bc-2262d3a2196d&insert=AW
Node
Helix
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Date
Thu, 17 Mar 2022 23:47:18 GMT
Connection
keep-alive
Strict-Transport-Security
max-age=86400
Awin-Akamai-Rule-Set
default
777bd5a420f1e98f2e63f2d600b0d120
pv.medialead.de/trck/epv/ Frame 5FA6 		931 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pv.medialead.de/trck/epv/777bd5a420f1e98f2e63f2d600b0d120?subid=43017500005044800906793011902013&ctrack=[RD_ENC_CLICK_ENC]
Requested by
Host: ad13.ad-srv.net
URL: https://ad13.ad-srv.net/request.php?zone=2mxc7hyuwk9b&nw=14&renderingType=javascript&namespace=cdc5a7ffdd&subid=&uid=31c631295af670d9&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=ANIM_AFTER_30S%3A0&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fadclick.g.doubleclick.net%2Faclk%3Fsa%3DL%26ai%3DCPnC1hsgzYq2wBbeN9u8Pq9S4wATm_qP3XO6LrIhfwI23ARABIABglYKAgJgHggEXY2EtcHViLTU0MTMzMjk1NDQwNDA5NDfIAQmpAu2N_Nuno7I-4AIAqAMBqgTAAk_QV6fRvH3vyhiaEE1OaSOpQVV17nsOxina-HenJRecxkmi5Go2h-B_2CeQ0ykPQf2matNVYy127tWAohpcpIvzQ0G1y9MB8vuD1amJ-yJEFDzahD6CDxi8sCDOlgoYqKl3B7j3PXH7410OV0wdU2rvqRlgKmkJJ_nsGI9noaUwdg46jcsyM2CIwfn7aLl-NmhKYNP9Ysa-Ujqp8iE_Yu8v3mk00i6nRR_t0cZKVf7X6YgVA4IYgKoD3IfLDECckJ9gUK0dTd6PYLElKhno9G7hgVx7d3GOV-j3M7QLGipL920X2n64tLpN6qRswo3BgLAvrk9sH5hRG_YCkXclxWpGNmhZbRgdTc_XBwDz_hhkkQKCN0LquelG9mxtmtpaNf5boRg_HqT4dtewb-yUu0oxcZY8VXRvi8pKYktNHII24AQBgAaXnpzDyJKHrn2gBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_322DE43XN4IFwcoT51-KmGENG7uA%26client%3Dca-pub-5413329544040947%26adurl%3Dhttp%253A%252F%252Fbrain.rvty.net%252FRTB%252FClick%253Fx%253DEASY-X-COORDINATE%2526y%253DEASY-Y-COORDINATE%2526s%253D128293778%2526a%253D195234%2526t%253D1647560838319%2526l%253D-873437515%2526p%253D3%2526appid%253D%2526aa%253D6233c886-0002-2b70-08bb-c04dcd0e909b%2526gdpr%253D1%2526gdpr_consent%253D%2526dest%253D&documentReferer=https%3A%2F%2F6123f6b1e2260df2001dbc1ec59d498c.safeframe.googlesyndication.com%2F&ancestorOrigins=https%3A%2F%2F6123f6b1e2260df2001dbc1ec59d498c.safeframe.googlesyndication.com%2Chttps%3A%2F%2Fnets4.com%2Chttps%3A%2F%2Fnets4.com&random=6003674062224&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
145.239.193.130 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx/1.17.5 /
Resource Hash
20e9059774ce4fb51f6fc6cb6a685df978a661144feb964bc86b428cef709320
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://brain.rvty.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Thu, 17 Mar 2022 23:47:18 GMT
Server
nginx/1.17.5
Host
pv.medialead.de
X-IPLB-Request-ID
D9409706:807C_91EFC182:01BB_6233C886_EB0C989:F724
X-IPLB-Instance
40027
Strict-Transport-Security
max-age=15768000
Content-Type
application/javascript; charset=utf-8
Cache-control
private
Keep-Alive
timeout=20
Content-Length
931
Proxy-Host
pv.medialead.de
view.aspx
pb.media01.eu/ Frame B6FA 		0
627 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=50149&dt_subid2=43017500005044800906793011902013&actionid=981741&produktid=&dt_url=
Requested by
Host: pv.medialead.de
URL: https://pv.medialead.de/trck/epv/777bd5a420f1e98f2e63f2d600b0d120?subid=43017500005044800906793011902013&ctrack=[RD_ENC_CLICK_ENC]
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
88.198.250.30 Hamburg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.88-198-250-30.clients.your-server.de
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://brain.rvty.net/

Response headers

cache-control
no-cache, must-revalidate
pragma
no-cache
content-type
text/html; charset=UTF-8
expires
Mon, 26 Jul 1997 05:00:00 GMT
last-modified
Fri, 18 Mar 2022 12:47:18 GMT
server
Microsoft-IIS/10.0
p3p
policyref="https://pb.media01.eu/pb.media01.eu/p3p.xml", CP="NOI NID PSA OUR BUS NAV STA"
access-control-allow-origin
*
access-control-allow-credentials
true
x-xss-protection
1; mode=block
access-control-allow-methods
GET,POST
access-control-allow-headers
Content-Type, Content-Range, Content-Disposition, Content-Description, X-XSRF-TOKEN, X-Location
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
date
Thu, 17 Mar 2022 23:47:18 GMT
content-length
0
pb_ratenkredit_160x600.jpg
ad-server.eu/wm/pb/rate/aktion/ Frame 5FA6 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad-server.eu/wm/pb/rate/aktion/pb_ratenkredit_160x600.jpg
Requested by
Host: brain.rvty.net
URL: https://brain.rvty.net/RTB/ShowAd?adHeight=250&adWidth=300&adFormat=5&adslotId=&siteId=128293778&bannerId=195234&e=3&p=YjPIhgABWC0H_Ya3AA4qKzUWgLFm4naCDA0CqA&penc=&bp=76923&a=6233c886-0002-2b70-08bb-c04dcd0e909b&n=1&geo=-873437515&rawURL=https%3A%2F%2Fnets4.com%2Fdomain%2Fgdrfirm.com&rawReferrerURL=&uid=1c59ceaf-b058-4c1f-b081-aa255bc6fdbe&euid=CAESEL0HsBdmpVXFNJ9tBChdTKI&encn=N4IgXglgDiBcIE4DsBmArABhAGhAYwHsBXAOwBcAnATzhABEBRHEAQzLgEZcAbEgc04YAdACYMANhQAWDkinTxCESgAcuPBDI14AWRYQSAIwCmFEgAtjEALbMKEWgCEAmswDOZNsacsqpkszcbHBSCEJIIiIqHCKyaEiYqAC+QA&clickurl=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCPnC1hsgzYq2wBbeN9u8Pq9S4wATm_qP3XO6LrIhfwI23ARABIABglYKAgJgHggEXY2EtcHViLTU0MTMzMjk1NDQwNDA5NDfIAQmpAu2N_Nuno7I-4AIAqAMBqgTAAk_QV6fRvH3vyhiaEE1OaSOpQVV17nsOxina-HenJRecxkmi5Go2h-B_2CeQ0ykPQf2matNVYy127tWAohpcpIvzQ0G1y9MB8vuD1amJ-yJEFDzahD6CDxi8sCDOlgoYqKl3B7j3PXH7410OV0wdU2rvqRlgKmkJJ_nsGI9noaUwdg46jcsyM2CIwfn7aLl-NmhKYNP9Ysa-Ujqp8iE_Yu8v3mk00i6nRR_t0cZKVf7X6YgVA4IYgKoD3IfLDECckJ9gUK0dTd6PYLElKhno9G7hgVx7d3GOV-j3M7QLGipL920X2n64tLpN6qRswo3BgLAvrk9sH5hRG_YCkXclxWpGNmhZbRgdTc_XBwDz_hhkkQKCN0LquelG9mxtmtpaNf5boRg_HqT4dtewb-yUu0oxcZY8VXRvi8pKYktNHII24AQBgAaXnpzDyJKHrn2gBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_322DE43XN4IFwcoT51-KmGENG7uA%26client%3Dca-pub-5413329544040947%26adurl%3D&gdpr=1&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.76.176.197 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-76-176-197.eu-west-1.compute.amazonaws.com
Software
nginx/1.4.6 (Ubuntu) /
Resource Hash
15a725aba814e5482334099de61998b00bee38c8c24b42f34563ada600b877b0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://brain.rvty.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Thu, 17 Mar 2022 23:52:51 GMT
Last-Modified
Wed, 02 Feb 2022 09:48:01 GMT
Server
nginx/1.4.6 (Ubuntu)
ETag
"61fa5351-37c8"
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
14280
request_content.php
ad13.ad-srv.net/ Frame F3A2 		42 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad13.ad-srv.net/request_content.php?s=43017500005044800906793011902013&a=d197e19d
Requested by
Host: brain.rvty.net
URL: https://brain.rvty.net/RTB/ShowAd?adHeight=250&adWidth=300&adFormat=5&adslotId=&siteId=128293778&bannerId=195234&e=3&p=YjPIhgABWC0H_Ya3AA4qKzUWgLFm4naCDA0CqA&penc=&bp=76923&a=6233c886-0002-2b70-08bb-c04dcd0e909b&n=1&geo=-873437515&rawURL=https%3A%2F%2Fnets4.com%2Fdomain%2Fgdrfirm.com&rawReferrerURL=&uid=1c59ceaf-b058-4c1f-b081-aa255bc6fdbe&euid=CAESEL0HsBdmpVXFNJ9tBChdTKI&encn=N4IgXglgDiBcIE4DsBmArABhAGhAYwHsBXAOwBcAnATzhABEBRHEAQzLgEZcAbEgc04YAdACYMANhQAWDkinTxCESgAcuPBDI14AWRYQSAIwCmFEgAtjEALbMKEWgCEAmswDOZNsacsqpkszcbHBSCEJIIiIqHCKyaEiYqAC+QA&clickurl=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCPnC1hsgzYq2wBbeN9u8Pq9S4wATm_qP3XO6LrIhfwI23ARABIABglYKAgJgHggEXY2EtcHViLTU0MTMzMjk1NDQwNDA5NDfIAQmpAu2N_Nuno7I-4AIAqAMBqgTAAk_QV6fRvH3vyhiaEE1OaSOpQVV17nsOxina-HenJRecxkmi5Go2h-B_2CeQ0ykPQf2matNVYy127tWAohpcpIvzQ0G1y9MB8vuD1amJ-yJEFDzahD6CDxi8sCDOlgoYqKl3B7j3PXH7410OV0wdU2rvqRlgKmkJJ_nsGI9noaUwdg46jcsyM2CIwfn7aLl-NmhKYNP9Ysa-Ujqp8iE_Yu8v3mk00i6nRR_t0cZKVf7X6YgVA4IYgKoD3IfLDECckJ9gUK0dTd6PYLElKhno9G7hgVx7d3GOV-j3M7QLGipL920X2n64tLpN6qRswo3BgLAvrk9sH5hRG_YCkXclxWpGNmhZbRgdTc_XBwDz_hhkkQKCN0LquelG9mxtmtpaNf5boRg_HqT4dtewb-yUu0oxcZY8VXRvi8pKYktNHII24AQBgAaXnpzDyJKHrn2gBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_322DE43XN4IFwcoT51-KmGENG7uA%26client%3Dca-pub-5413329544040947%26adurl%3D&gdpr=1&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
116.202.48.214 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.214.48.202.116.clients.your-server.de
Software
Apache /
Resource Hash
caedde1e9c3337a0db41760cac318f03b2f620cc86f958f3b7051693e6d8427e

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://brain.rvty.net/

Response headers

Date
Thu, 17 Mar 2022 23:47:18 GMT
Server
Apache
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Expires
Thu, 17 Mar 2022 23:47:18 +0100
Pragma
no-cache
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
7930
Connection
close
Content-Type
text/html; charset=utf-8
jquery-1.10.2.min.js
cdn.rvty.net/_files/js/ Frame 837A 		91 KB
91 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.rvty.net/_files/js/jquery-1.10.2.min.js
Requested by
Host: cdn.rvty.net
URL: https://cdn.rvty.net/view/ads_view.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
89.163.211.242 Dortmund, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
Software
nginx/1.13.4 /
Resource Hash
0ba081f546084bd5097aa8a73c75931d5aa1fc4d6e846e53c21f98e6a1509988

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://brain.rvty.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Thu, 17 Mar 2022 23:47:18 GMT
Last-Modified
Wed, 08 Jan 2020 08:13:37 GMT
Server
nginx/1.13.4
ETag
"5e158f31-16bb3"
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
93107
viewability
ad13.ad-srv.net/ Frame F3A2 		0
150 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ad13.ad-srv.net/viewability?s=43017500005044800906793011902013&a=d611930b&vb=m
Requested by
Host: ad13.ad-srv.net
URL: https://ad13.ad-srv.net/request_content.php?s=43017500005044800906793011902013&a=d197e19d
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
116.202.48.214 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.214.48.202.116.clients.your-server.de
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad13.ad-srv.net/request_content.php?s=43017500005044800906793011902013&a=d197e19d
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Thu, 17 Mar 2022 23:47:18 GMT
Server
Apache
Connection
close
Content-Length
0
Content-Type
text/html; charset=UTF-8
postbank_234x60.gif
cdn.contentspread.net/oliro/advertiser/44034/creativesup/ Frame F3A2 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.contentspread.net/oliro/advertiser/44034/creativesup/postbank_234x60.gif
Requested by
Host: ad13.ad-srv.net
URL: https://ad13.ad-srv.net/request_content.php?s=43017500005044800906793011902013&a=d197e19d
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
88.99.65.215 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.215.65.99.88.clients.your-server.de
Software
nginx /
Resource Hash
f4eb55c4e5fa4a98232581c0bd2aba039df9d418239ef87489d3af0388d19c55

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad13.ad-srv.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Thu, 17 Mar 2022 23:47:18 GMT
Last-Modified
Fri, 20 Dec 2019 09:30:13 GMT
Server
nginx
ETag
"5dfc94a5-695"
Content-Type
image/gif
Connection
close
Accept-Ranges
bytes
Content-Length
1685
22_Q1_B2C_DACH-DE_KTS-promo_60-OFF_Affiliates_120x60.png
media.kaspersky.com/de/affiliates/ Frame F3A2
Redirect Chain
  • https://www.awin1.com/cshow.php?s=2548147&v=14098&q=379099&r=278235&pv=0&pref1=43017500005044800906793011902013&gdpr=&gdpr_consent=
  • https://media.kaspersky.com/de/affiliates/22_Q1_B2C_DACH-DE_KTS-promo_60-OFF_Affiliates_120x60.png
12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.kaspersky.com/de/affiliates/22_Q1_B2C_DACH-DE_KTS-promo_60-OFF_Affiliates_120x60.png
Requested by
Host: ad13.ad-srv.net
URL: https://ad13.ad-srv.net/request_content.php?s=43017500005044800906793011902013&a=d197e19d
Protocol
H2
Server
185.85.15.31 , Germany, ASN200107 (KL-EXT, CH),
Reverse DNS
Software
/ Kaspersky Labs, Kaspersky Labs
Resource Hash
d1e8b86755b94e3d65d8411538bc4415ab4be5c76a40aee11856fd0585ea4247
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad13.ad-srv.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
last-modified
Fri, 14 Jan 2022 13:27:39 GMT
server
x-powered-by
Kaspersky Labs, Kaspersky Labs
etag
"c684b7804a9d81:0"
x-frame-options
SAMEORIGIN
content-type
image/png
x-xss-protection
1; mode=block
x-server
fr2/KLM7
accept-ranges
bytes
content-length
12116
date
Thu, 17 Mar 2022 23:47:17 GMT

Redirect headers

Date
Thu, 17 Mar 2022 23:47:18 GMT
Strict-Transport-Security
max-age=86400
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Location
https://media.kaspersky.com/de/affiliates/22_Q1_B2C_DACH-DE_KTS-promo_60-OFF_Affiliates_120x60.png
Awin-Akamai-Rule-Set
default
Node
Helix
Connection
keep-alive
Content-Length
0
easter_120x60
asset.conrad.com/media10/isa/160267/c1/-/de/ Frame F3A2
Redirect Chain
  • https://www.awin1.com/cshow.php?s=2470167&v=11354&q=371933&r=278235&pref1=43017500005044800906793011902013&gdpr=&gdpr_consent=
  • https://www.zenaps.com/cshow.php?pvr=94e71421-a64c-11ec-81bc-2262d3a2196d&v=11354&r=278235&q=371933&s=2470167&viewref=43017500005044800906793011902013&gdpr=&gdpr_consent=
  • https://asset.conrad.com/media10/isa/160267/c1/-/de/easter_120x60?format=gif
15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://asset.conrad.com/media10/isa/160267/c1/-/de/easter_120x60?format=gif
Requested by
Host: ad13.ad-srv.net
URL: https://ad13.ad-srv.net/request_content.php?s=43017500005044800906793011902013&a=d197e19d
Protocol
H2
Server
178.79.242.245 , United States, ASN22822 (LLNW, US),
Reverse DNS
https-178-79-242-245.fra.llnw.net
Software
Cliplister GmbH /
Resource Hash
fd69041cd34fd4720f2c8b5537d10bc66a2f9c2400bd1ced969eb47b84827f88
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad13.ad-srv.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=15768000
etag
"622f390c-3a23"
last-modified
Mon, 14 Mar 2022 12:46:04 GMT
server
Cliplister GmbH
age
126420
date
Thu, 17 Mar 2022 23:47:18 GMT
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=172800
x-server
c06
reporting
eyJjb25zdW1lcmlkIjoxNjAyNjcsIm93bmVyaWQiOjE2MDI2NywidW5pcXVlaWQiOiIxNjAyNjc4S19QQnp6M05xQjdEeTBzUEhMb0xnQVQiLCJ1dWlkIjoiMjE3ZmNhYWNjZTdhNDFkMzkwZjNjZjNhM2U3OWY0YmEiLCJhc3NldHR5cGUiOiJwaWN0dXJlIn0=
x-llid
73309ef0e5ab2657995dffcc59cb5017
content-length
14883
accept-ranges
bytes
expires
Fri, 18 Mar 2022 12:40:18 GMT

Redirect headers

Date
Thu, 17 Mar 2022 23:47:18 GMT
Strict-Transport-Security
max-age=86400
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Location
https://asset.conrad.com/media10/isa/160267/c1/-/de/easter_120x60?format=gif
Awin-Akamai-Rule-Set
default
Node
Helix
Connection
keep-alive
Content-Length
0
Visibility
brain.rvty.net/RTB/ Frame 837A 		0
119 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://brain.rvty.net/RTB/Visibility
Requested by
Host: cdn.rvty.net
URL: https://cdn.rvty.net/_files/js/jquery-1.10.2.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
89.163.211.233 Dortmund, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
Software
nginx/1.13.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
*/*
Referer
https://brain.rvty.net/RTB/ShowAd?adHeight=250&adWidth=300&adFormat=5&adslotId=&siteId=128293778&bannerId=195234&e=3&p=YjPIhgABWC0H_Ya3AA4qKzUWgLFm4naCDA0CqA&penc=&bp=76923&a=6233c886-0002-2b70-08bb-c04dcd0e909b&n=1&geo=-873437515&rawURL=https%3A%2F%2Fnets4.com%2Fdomain%2Fgdrfirm.com&rawReferrerURL=&uid=1c59ceaf-b058-4c1f-b081-aa255bc6fdbe&euid=CAESEL0HsBdmpVXFNJ9tBChdTKI&encn=N4IgXglgDiBcIE4DsBmArABhAGhAYwHsBXAOwBcAnATzhABEBRHEAQzLgEZcAbEgc04YAdACYMANhQAWDkinTxCESgAcuPBDI14AWRYQSAIwCmFEgAtjEALbMKEWgCEAmswDOZNsacsqpkszcbHBSCEJIIiIqHCKyaEiYqAC+QA&clickurl=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCPnC1hsgzYq2wBbeN9u8Pq9S4wATm_qP3XO6LrIhfwI23ARABIABglYKAgJgHggEXY2EtcHViLTU0MTMzMjk1NDQwNDA5NDfIAQmpAu2N_Nuno7I-4AIAqAMBqgTAAk_QV6fRvH3vyhiaEE1OaSOpQVV17nsOxina-HenJRecxkmi5Go2h-B_2CeQ0ykPQf2matNVYy127tWAohpcpIvzQ0G1y9MB8vuD1amJ-yJEFDzahD6CDxi8sCDOlgoYqKl3B7j3PXH7410OV0wdU2rvqRlgKmkJJ_nsGI9noaUwdg46jcsyM2CIwfn7aLl-NmhKYNP9Ysa-Ujqp8iE_Yu8v3mk00i6nRR_t0cZKVf7X6YgVA4IYgKoD3IfLDECckJ9gUK0dTd6PYLElKhno9G7hgVx7d3GOV-j3M7QLGipL920X2n64tLpN6qRswo3BgLAvrk9sH5hRG_YCkXclxWpGNmhZbRgdTc_XBwDz_hhkkQKCN0LquelG9mxtmtpaNf5boRg_HqT4dtewb-yUu0oxcZY8VXRvi8pKYktNHII24AQBgAaXnpzDyJKHrn2gBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_322DE43XN4IFwcoT51-KmGENG7uA%26client%3Dca-pub-5413329544040947%26adurl%3D&gdpr=1&gdpr_consent=
X-Requested-With
XMLHttpRequest
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date
Thu, 17 Mar 2022 23:47:18 GMT
Server
nginx/1.13.4
Connection
keep-alive
Content-Length
0
oba_icon.png
cdn.contentspread.net/oliro/oba/ Frame F3A2 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.contentspread.net/oliro/oba/oba_icon.png
Requested by
Host: ad13.ad-srv.net
URL: https://ad13.ad-srv.net/request_content.php?s=43017500005044800906793011902013&a=d197e19d
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
88.99.65.215 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.215.65.99.88.clients.your-server.de
Software
nginx /
Resource Hash
2fd4c3ae6afc2b4026d9f0b64b8ff1110ecfcf47b90bc988c06e844b3921cbf6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad13.ad-srv.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Thu, 17 Mar 2022 23:47:18 GMT
Last-Modified
Fri, 05 Aug 2016 12:57:49 GMT
Server
nginx
ETag
"57a48d4d-c35"
Content-Type
image/png
Connection
close
Accept-Ranges
bytes
Content-Length
3125
activeview
pagead2.googlesyndication.com/pcs/ Frame 20F7 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssFdMwnwdyl4B_cHgCgowY64qkuv1qZQwebatxSyzXA4_uIx1OQ1FRZKVOr1la6WLiXPA2jZOm8ASkTZvf4YeXpO3PV5RcgSuGxbEfThom4uMGWdpxyCA&sai=AMfl-YQCWg5aaeG3YH_jl7xgHH9mAhxHywDkdpO5Wc6Ha3CmzXFPggD7kgHNTC3Mary-ZwX68bb-jBE54SMMPmXsRqbL0QCagkcqxNPbmEKerGFFJIsH9USLhm__Y1oObh23&sig=Cg0ArKJSzPYl_y70R2PrEAE&id=ampim&o=294,507&d=728,200&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=419&tls=1419&g=100&h=100&tt=1419&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&adk=4203880072
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 17 Mar 2022 23:47:18 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 9AA8 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gpt_2022031401&jk=1104500039895085&bg=!t7SltPDNAAba2mK92to7ACkAdvg8WpwdLQUVrnT9-fzuE3L85X1LfGS5c5MsQHScrcyHgzyYXDEsegIAAACAUgAAAAloAQcKADblEypNjh---9BT9UYDjgrwWKk6hUrnlHRi77-C6SpUX0KTLKr3e5qsgwpFcIbUjBGn1qsOs6WZAt-cLiZk2yX2IJD5YACf-EEhl1dvM95ZI97Ad6AIMtt7tzSf1mIO80YzV7QMBzCj39-1X8T46EQ7IBqEldx7H79R-Ngzwy1K5BaaA3zEMD9c2xdofAMCixIWdCBRXopw-vbuCdTpwPXZ0UkYjShAyWYRUx43e1SCg4aJF8uD_XvOKIPLv6o7pb3JNfsERanYdPwHpJP2vmO9Wc0sDW0gQM12h1KoAPsuz2MacUKwswECcSk6ziFvJXccIcHDo598vp10mJ86PJfsNBqdqE7VMAqil6f0Vo86U0qgqpHY6XxRsMb0hpGDzfzk30AY7T3-mISdWR4H6XszK36tnNjA71mtNRIVvKt8uF_otX6QMSUB9oXnG6g3rPgE1FRE4J-QVaOqIVOVYsYkaN_QCNJ2AMbVOLNpBU7SAWvIV8rz2vQI4T6BSTFUVr1XhQVznAS7EqieXcS622MWY_1ac2aIMupiWItNAFNIAo3zcs9hgV6A90ImWYJwQaonbM2FS4l4FV7OJSF6diKzAZOT0iyjGYTqdgTRIYvdDDE_dX5WagPTrQefFC9Vy16gUjNEq2nRh6THZXqvX5Tuz7IJuUu2nvY1Utd9JJ2c-y1yux_9tgKaiBgPXr1njb5VJLOsGBDw8mri9mc6GOZ06FXxR933EyFW4HVWysrzFsKZyeW-BFAiNOGD_kx_M7SeGkhy2xzH9h4eMnU-ygsbVBIvUfP18zXqk6aa-feQtS8-DCQuEM8A6CE_Ya_hpnu2Ktk6sEPqRqwCEILtB-HgV9m5PUO-S005UuE3Y-fKXdTte98G_MczMXFZdKA8BCP609nf7VEZ9pMAkyaFqD4WAC6VaYKXuLxuZeF_Q0p-ABV0lmz-YR_qzNutQmNfPlKl58SvCggPDoVqRJZ1s7sgxl6lxpEV6G6ZW-dRlQT43c5niCp4ZG7gj7GvnSDZ1oAXYFSBxqNWsD2sU4C3y_0PF2DCdC1SsLY
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 17 Mar 2022 23:47:18 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Visibility
brain.rvty.net/RTB/ Frame 837A 		0
119 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://brain.rvty.net/RTB/Visibility
Requested by
Host: cdn.rvty.net
URL: https://cdn.rvty.net/_files/js/jquery-1.10.2.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
89.163.211.233 Dortmund, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
Software
nginx/1.13.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
*/*
Referer
https://brain.rvty.net/RTB/ShowAd?adHeight=250&adWidth=300&adFormat=5&adslotId=&siteId=128293778&bannerId=195234&e=3&p=YjPIhgABWC0H_Ya3AA4qKzUWgLFm4naCDA0CqA&penc=&bp=76923&a=6233c886-0002-2b70-08bb-c04dcd0e909b&n=1&geo=-873437515&rawURL=https%3A%2F%2Fnets4.com%2Fdomain%2Fgdrfirm.com&rawReferrerURL=&uid=1c59ceaf-b058-4c1f-b081-aa255bc6fdbe&euid=CAESEL0HsBdmpVXFNJ9tBChdTKI&encn=N4IgXglgDiBcIE4DsBmArABhAGhAYwHsBXAOwBcAnATzhABEBRHEAQzLgEZcAbEgc04YAdACYMANhQAWDkinTxCESgAcuPBDI14AWRYQSAIwCmFEgAtjEALbMKEWgCEAmswDOZNsacsqpkszcbHBSCEJIIiIqHCKyaEiYqAC+QA&clickurl=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCPnC1hsgzYq2wBbeN9u8Pq9S4wATm_qP3XO6LrIhfwI23ARABIABglYKAgJgHggEXY2EtcHViLTU0MTMzMjk1NDQwNDA5NDfIAQmpAu2N_Nuno7I-4AIAqAMBqgTAAk_QV6fRvH3vyhiaEE1OaSOpQVV17nsOxina-HenJRecxkmi5Go2h-B_2CeQ0ykPQf2matNVYy127tWAohpcpIvzQ0G1y9MB8vuD1amJ-yJEFDzahD6CDxi8sCDOlgoYqKl3B7j3PXH7410OV0wdU2rvqRlgKmkJJ_nsGI9noaUwdg46jcsyM2CIwfn7aLl-NmhKYNP9Ysa-Ujqp8iE_Yu8v3mk00i6nRR_t0cZKVf7X6YgVA4IYgKoD3IfLDECckJ9gUK0dTd6PYLElKhno9G7hgVx7d3GOV-j3M7QLGipL920X2n64tLpN6qRswo3BgLAvrk9sH5hRG_YCkXclxWpGNmhZbRgdTc_XBwDz_hhkkQKCN0LquelG9mxtmtpaNf5boRg_HqT4dtewb-yUu0oxcZY8VXRvi8pKYktNHII24AQBgAaXnpzDyJKHrn2gBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_322DE43XN4IFwcoT51-KmGENG7uA%26client%3Dca-pub-5413329544040947%26adurl%3D&gdpr=1&gdpr_consent=
X-Requested-With
XMLHttpRequest
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date
Thu, 17 Mar 2022 23:47:19 GMT
Server
nginx/1.13.4
Connection
keep-alive
Content-Length
0
collect
d.clarity.ms/ 		0
48 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://d.clarity.ms/collect
Requested by
Host: d.clarity.ms
URL: https://d.clarity.ms/s/0.6.32/clarity.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
40.76.174.66 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://nets4.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin
https://nets4.com
date
Thu, 17 Mar 2022 23:47:19 GMT
access-control-allow-credentials
true
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
request-context
appId=cid-v1:238681e8-7d6b-453a-acb6-7dcad74f3111
activeview
pagead2.googlesyndication.com/pcs/ Frame E299 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstqDseeko4IhK-Qy1g2uSjFHcaLRtydFAz_R-GX8gstphJ6q9M082dX5hxTeKcM0nkf8v4RHBzIE2YakhelJsIb&sig=Cg0ArKJSzFIdjzkU0D8dEAE&cid=CAASF-RokdWhBb-D41wsugf6JMiEvvZYMkZW&id=lidar2&mcvt=1001&p=939,1289,1189,1589&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20220316&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=882885121&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D&vs=4&r=v&rst=1647560838220&rpt=167&isd=0&lsd=0&met=ie&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://6123f6b1e2260df2001dbc1ec59d498c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 17 Mar 2022 23:47:19 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Visibility
brain.rvty.net/RTB/ Frame 837A 		0
119 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://brain.rvty.net/RTB/Visibility
Requested by
Host: cdn.rvty.net
URL: https://cdn.rvty.net/_files/js/jquery-1.10.2.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
89.163.211.233 Dortmund, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
Software
nginx/1.13.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
*/*
Referer
https://brain.rvty.net/RTB/ShowAd?adHeight=250&adWidth=300&adFormat=5&adslotId=&siteId=128293778&bannerId=195234&e=3&p=YjPIhgABWC0H_Ya3AA4qKzUWgLFm4naCDA0CqA&penc=&bp=76923&a=6233c886-0002-2b70-08bb-c04dcd0e909b&n=1&geo=-873437515&rawURL=https%3A%2F%2Fnets4.com%2Fdomain%2Fgdrfirm.com&rawReferrerURL=&uid=1c59ceaf-b058-4c1f-b081-aa255bc6fdbe&euid=CAESEL0HsBdmpVXFNJ9tBChdTKI&encn=N4IgXglgDiBcIE4DsBmArABhAGhAYwHsBXAOwBcAnATzhABEBRHEAQzLgEZcAbEgc04YAdACYMANhQAWDkinTxCESgAcuPBDI14AWRYQSAIwCmFEgAtjEALbMKEWgCEAmswDOZNsacsqpkszcbHBSCEJIIiIqHCKyaEiYqAC+QA&clickurl=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCPnC1hsgzYq2wBbeN9u8Pq9S4wATm_qP3XO6LrIhfwI23ARABIABglYKAgJgHggEXY2EtcHViLTU0MTMzMjk1NDQwNDA5NDfIAQmpAu2N_Nuno7I-4AIAqAMBqgTAAk_QV6fRvH3vyhiaEE1OaSOpQVV17nsOxina-HenJRecxkmi5Go2h-B_2CeQ0ykPQf2matNVYy127tWAohpcpIvzQ0G1y9MB8vuD1amJ-yJEFDzahD6CDxi8sCDOlgoYqKl3B7j3PXH7410OV0wdU2rvqRlgKmkJJ_nsGI9noaUwdg46jcsyM2CIwfn7aLl-NmhKYNP9Ysa-Ujqp8iE_Yu8v3mk00i6nRR_t0cZKVf7X6YgVA4IYgKoD3IfLDECckJ9gUK0dTd6PYLElKhno9G7hgVx7d3GOV-j3M7QLGipL920X2n64tLpN6qRswo3BgLAvrk9sH5hRG_YCkXclxWpGNmhZbRgdTc_XBwDz_hhkkQKCN0LquelG9mxtmtpaNf5boRg_HqT4dtewb-yUu0oxcZY8VXRvi8pKYktNHII24AQBgAaXnpzDyJKHrn2gBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_322DE43XN4IFwcoT51-KmGENG7uA%26client%3Dca-pub-5413329544040947%26adurl%3D&gdpr=1&gdpr_consent=
X-Requested-With
XMLHttpRequest
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date
Thu, 17 Mar 2022 23:47:19 GMT
Server
nginx/1.13.4
Connection
keep-alive
Content-Length
0
viewability
ad13.ad-srv.net/ Frame F3A2 		0
150 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ad13.ad-srv.net/viewability?s=43017500005044800906793011902013&a=d611930b&vb=v
Requested by
Host: ad13.ad-srv.net
URL: https://ad13.ad-srv.net/request_content.php?s=43017500005044800906793011902013&a=d197e19d
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
116.202.48.214 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.214.48.202.116.clients.your-server.de
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad13.ad-srv.net/request_content.php?s=43017500005044800906793011902013&a=d197e19d
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Thu, 17 Mar 2022 23:47:19 GMT
Server
Apache
Connection
close
Content-Length
0
Content-Type
text/html; charset=UTF-8
Visibility
brain.rvty.net/RTB/ Frame 837A 		0
119 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://brain.rvty.net/RTB/Visibility
Requested by
Host: cdn.rvty.net
URL: https://cdn.rvty.net/_files/js/jquery-1.10.2.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
89.163.211.233 Dortmund, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
Software
nginx/1.13.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
*/*
Referer
https://brain.rvty.net/RTB/ShowAd?adHeight=250&adWidth=300&adFormat=5&adslotId=&siteId=128293778&bannerId=195234&e=3&p=YjPIhgABWC0H_Ya3AA4qKzUWgLFm4naCDA0CqA&penc=&bp=76923&a=6233c886-0002-2b70-08bb-c04dcd0e909b&n=1&geo=-873437515&rawURL=https%3A%2F%2Fnets4.com%2Fdomain%2Fgdrfirm.com&rawReferrerURL=&uid=1c59ceaf-b058-4c1f-b081-aa255bc6fdbe&euid=CAESEL0HsBdmpVXFNJ9tBChdTKI&encn=N4IgXglgDiBcIE4DsBmArABhAGhAYwHsBXAOwBcAnATzhABEBRHEAQzLgEZcAbEgc04YAdACYMANhQAWDkinTxCESgAcuPBDI14AWRYQSAIwCmFEgAtjEALbMKEWgCEAmswDOZNsacsqpkszcbHBSCEJIIiIqHCKyaEiYqAC+QA&clickurl=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCPnC1hsgzYq2wBbeN9u8Pq9S4wATm_qP3XO6LrIhfwI23ARABIABglYKAgJgHggEXY2EtcHViLTU0MTMzMjk1NDQwNDA5NDfIAQmpAu2N_Nuno7I-4AIAqAMBqgTAAk_QV6fRvH3vyhiaEE1OaSOpQVV17nsOxina-HenJRecxkmi5Go2h-B_2CeQ0ykPQf2matNVYy127tWAohpcpIvzQ0G1y9MB8vuD1amJ-yJEFDzahD6CDxi8sCDOlgoYqKl3B7j3PXH7410OV0wdU2rvqRlgKmkJJ_nsGI9noaUwdg46jcsyM2CIwfn7aLl-NmhKYNP9Ysa-Ujqp8iE_Yu8v3mk00i6nRR_t0cZKVf7X6YgVA4IYgKoD3IfLDECckJ9gUK0dTd6PYLElKhno9G7hgVx7d3GOV-j3M7QLGipL920X2n64tLpN6qRswo3BgLAvrk9sH5hRG_YCkXclxWpGNmhZbRgdTc_XBwDz_hhkkQKCN0LquelG9mxtmtpaNf5boRg_HqT4dtewb-yUu0oxcZY8VXRvi8pKYktNHII24AQBgAaXnpzDyJKHrn2gBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_322DE43XN4IFwcoT51-KmGENG7uA%26client%3Dca-pub-5413329544040947%26adurl%3D&gdpr=1&gdpr_consent=
X-Requested-With
XMLHttpRequest
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date
Thu, 17 Mar 2022 23:47:20 GMT
Server
nginx/1.13.4
Connection
keep-alive
Content-Length
0
Visibility
brain.rvty.net/RTB/ Frame 837A 		0
119 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://brain.rvty.net/RTB/Visibility
Requested by
Host: cdn.rvty.net
URL: https://cdn.rvty.net/_files/js/jquery-1.10.2.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
89.163.211.233 Dortmund, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
Software
nginx/1.13.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
*/*
Referer
https://brain.rvty.net/RTB/ShowAd?adHeight=250&adWidth=300&adFormat=5&adslotId=&siteId=128293778&bannerId=195234&e=3&p=YjPIhgABWC0H_Ya3AA4qKzUWgLFm4naCDA0CqA&penc=&bp=76923&a=6233c886-0002-2b70-08bb-c04dcd0e909b&n=1&geo=-873437515&rawURL=https%3A%2F%2Fnets4.com%2Fdomain%2Fgdrfirm.com&rawReferrerURL=&uid=1c59ceaf-b058-4c1f-b081-aa255bc6fdbe&euid=CAESEL0HsBdmpVXFNJ9tBChdTKI&encn=N4IgXglgDiBcIE4DsBmArABhAGhAYwHsBXAOwBcAnATzhABEBRHEAQzLgEZcAbEgc04YAdACYMANhQAWDkinTxCESgAcuPBDI14AWRYQSAIwCmFEgAtjEALbMKEWgCEAmswDOZNsacsqpkszcbHBSCEJIIiIqHCKyaEiYqAC+QA&clickurl=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCPnC1hsgzYq2wBbeN9u8Pq9S4wATm_qP3XO6LrIhfwI23ARABIABglYKAgJgHggEXY2EtcHViLTU0MTMzMjk1NDQwNDA5NDfIAQmpAu2N_Nuno7I-4AIAqAMBqgTAAk_QV6fRvH3vyhiaEE1OaSOpQVV17nsOxina-HenJRecxkmi5Go2h-B_2CeQ0ykPQf2matNVYy127tWAohpcpIvzQ0G1y9MB8vuD1amJ-yJEFDzahD6CDxi8sCDOlgoYqKl3B7j3PXH7410OV0wdU2rvqRlgKmkJJ_nsGI9noaUwdg46jcsyM2CIwfn7aLl-NmhKYNP9Ysa-Ujqp8iE_Yu8v3mk00i6nRR_t0cZKVf7X6YgVA4IYgKoD3IfLDECckJ9gUK0dTd6PYLElKhno9G7hgVx7d3GOV-j3M7QLGipL920X2n64tLpN6qRswo3BgLAvrk9sH5hRG_YCkXclxWpGNmhZbRgdTc_XBwDz_hhkkQKCN0LquelG9mxtmtpaNf5boRg_HqT4dtewb-yUu0oxcZY8VXRvi8pKYktNHII24AQBgAaXnpzDyJKHrn2gBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_322DE43XN4IFwcoT51-KmGENG7uA%26client%3Dca-pub-5413329544040947%26adurl%3D&gdpr=1&gdpr_consent=
X-Requested-With
XMLHttpRequest
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date
Thu, 17 Mar 2022 23:47:20 GMT
Server
nginx/1.13.4
Connection
keep-alive
Content-Length
0
Visibility
brain.rvty.net/RTB/ Frame 837A 		0
119 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://brain.rvty.net/RTB/Visibility
Requested by
Host: cdn.rvty.net
URL: https://cdn.rvty.net/_files/js/jquery-1.10.2.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
89.163.211.233 Dortmund, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
Software
nginx/1.13.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
*/*
Referer
https://brain.rvty.net/RTB/ShowAd?adHeight=250&adWidth=300&adFormat=5&adslotId=&siteId=128293778&bannerId=195234&e=3&p=YjPIhgABWC0H_Ya3AA4qKzUWgLFm4naCDA0CqA&penc=&bp=76923&a=6233c886-0002-2b70-08bb-c04dcd0e909b&n=1&geo=-873437515&rawURL=https%3A%2F%2Fnets4.com%2Fdomain%2Fgdrfirm.com&rawReferrerURL=&uid=1c59ceaf-b058-4c1f-b081-aa255bc6fdbe&euid=CAESEL0HsBdmpVXFNJ9tBChdTKI&encn=N4IgXglgDiBcIE4DsBmArABhAGhAYwHsBXAOwBcAnATzhABEBRHEAQzLgEZcAbEgc04YAdACYMANhQAWDkinTxCESgAcuPBDI14AWRYQSAIwCmFEgAtjEALbMKEWgCEAmswDOZNsacsqpkszcbHBSCEJIIiIqHCKyaEiYqAC+QA&clickurl=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCPnC1hsgzYq2wBbeN9u8Pq9S4wATm_qP3XO6LrIhfwI23ARABIABglYKAgJgHggEXY2EtcHViLTU0MTMzMjk1NDQwNDA5NDfIAQmpAu2N_Nuno7I-4AIAqAMBqgTAAk_QV6fRvH3vyhiaEE1OaSOpQVV17nsOxina-HenJRecxkmi5Go2h-B_2CeQ0ykPQf2matNVYy127tWAohpcpIvzQ0G1y9MB8vuD1amJ-yJEFDzahD6CDxi8sCDOlgoYqKl3B7j3PXH7410OV0wdU2rvqRlgKmkJJ_nsGI9noaUwdg46jcsyM2CIwfn7aLl-NmhKYNP9Ysa-Ujqp8iE_Yu8v3mk00i6nRR_t0cZKVf7X6YgVA4IYgKoD3IfLDECckJ9gUK0dTd6PYLElKhno9G7hgVx7d3GOV-j3M7QLGipL920X2n64tLpN6qRswo3BgLAvrk9sH5hRG_YCkXclxWpGNmhZbRgdTc_XBwDz_hhkkQKCN0LquelG9mxtmtpaNf5boRg_HqT4dtewb-yUu0oxcZY8VXRvi8pKYktNHII24AQBgAaXnpzDyJKHrn2gBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_322DE43XN4IFwcoT51-KmGENG7uA%26client%3Dca-pub-5413329544040947%26adurl%3D&gdpr=1&gdpr_consent=
X-Requested-With
XMLHttpRequest
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date
Thu, 17 Mar 2022 23:47:21 GMT
Server
nginx/1.13.4
Connection
keep-alive
Content-Length
0
Visibility
brain.rvty.net/RTB/ Frame 837A 		0
119 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://brain.rvty.net/RTB/Visibility
Requested by
Host: cdn.rvty.net
URL: https://cdn.rvty.net/_files/js/jquery-1.10.2.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
89.163.211.233 Dortmund, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
Software
nginx/1.13.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
*/*
Referer
https://brain.rvty.net/RTB/ShowAd?adHeight=250&adWidth=300&adFormat=5&adslotId=&siteId=128293778&bannerId=195234&e=3&p=YjPIhgABWC0H_Ya3AA4qKzUWgLFm4naCDA0CqA&penc=&bp=76923&a=6233c886-0002-2b70-08bb-c04dcd0e909b&n=1&geo=-873437515&rawURL=https%3A%2F%2Fnets4.com%2Fdomain%2Fgdrfirm.com&rawReferrerURL=&uid=1c59ceaf-b058-4c1f-b081-aa255bc6fdbe&euid=CAESEL0HsBdmpVXFNJ9tBChdTKI&encn=N4IgXglgDiBcIE4DsBmArABhAGhAYwHsBXAOwBcAnATzhABEBRHEAQzLgEZcAbEgc04YAdACYMANhQAWDkinTxCESgAcuPBDI14AWRYQSAIwCmFEgAtjEALbMKEWgCEAmswDOZNsacsqpkszcbHBSCEJIIiIqHCKyaEiYqAC+QA&clickurl=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCPnC1hsgzYq2wBbeN9u8Pq9S4wATm_qP3XO6LrIhfwI23ARABIABglYKAgJgHggEXY2EtcHViLTU0MTMzMjk1NDQwNDA5NDfIAQmpAu2N_Nuno7I-4AIAqAMBqgTAAk_QV6fRvH3vyhiaEE1OaSOpQVV17nsOxina-HenJRecxkmi5Go2h-B_2CeQ0ykPQf2matNVYy127tWAohpcpIvzQ0G1y9MB8vuD1amJ-yJEFDzahD6CDxi8sCDOlgoYqKl3B7j3PXH7410OV0wdU2rvqRlgKmkJJ_nsGI9noaUwdg46jcsyM2CIwfn7aLl-NmhKYNP9Ysa-Ujqp8iE_Yu8v3mk00i6nRR_t0cZKVf7X6YgVA4IYgKoD3IfLDECckJ9gUK0dTd6PYLElKhno9G7hgVx7d3GOV-j3M7QLGipL920X2n64tLpN6qRswo3BgLAvrk9sH5hRG_YCkXclxWpGNmhZbRgdTc_XBwDz_hhkkQKCN0LquelG9mxtmtpaNf5boRg_HqT4dtewb-yUu0oxcZY8VXRvi8pKYktNHII24AQBgAaXnpzDyJKHrn2gBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_322DE43XN4IFwcoT51-KmGENG7uA%26client%3Dca-pub-5413329544040947%26adurl%3D&gdpr=1&gdpr_consent=
X-Requested-With
XMLHttpRequest
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date
Thu, 17 Mar 2022 23:47:21 GMT
Server
nginx/1.13.4
Connection
keep-alive
Content-Length
0
Visibility
brain.rvty.net/RTB/ Frame 837A 		0
119 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://brain.rvty.net/RTB/Visibility
Requested by
Host: cdn.rvty.net
URL: https://cdn.rvty.net/_files/js/jquery-1.10.2.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
89.163.211.233 Dortmund, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
Software
nginx/1.13.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
*/*
Referer
https://brain.rvty.net/RTB/ShowAd?adHeight=250&adWidth=300&adFormat=5&adslotId=&siteId=128293778&bannerId=195234&e=3&p=YjPIhgABWC0H_Ya3AA4qKzUWgLFm4naCDA0CqA&penc=&bp=76923&a=6233c886-0002-2b70-08bb-c04dcd0e909b&n=1&geo=-873437515&rawURL=https%3A%2F%2Fnets4.com%2Fdomain%2Fgdrfirm.com&rawReferrerURL=&uid=1c59ceaf-b058-4c1f-b081-aa255bc6fdbe&euid=CAESEL0HsBdmpVXFNJ9tBChdTKI&encn=N4IgXglgDiBcIE4DsBmArABhAGhAYwHsBXAOwBcAnATzhABEBRHEAQzLgEZcAbEgc04YAdACYMANhQAWDkinTxCESgAcuPBDI14AWRYQSAIwCmFEgAtjEALbMKEWgCEAmswDOZNsacsqpkszcbHBSCEJIIiIqHCKyaEiYqAC+QA&clickurl=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCPnC1hsgzYq2wBbeN9u8Pq9S4wATm_qP3XO6LrIhfwI23ARABIABglYKAgJgHggEXY2EtcHViLTU0MTMzMjk1NDQwNDA5NDfIAQmpAu2N_Nuno7I-4AIAqAMBqgTAAk_QV6fRvH3vyhiaEE1OaSOpQVV17nsOxina-HenJRecxkmi5Go2h-B_2CeQ0ykPQf2matNVYy127tWAohpcpIvzQ0G1y9MB8vuD1amJ-yJEFDzahD6CDxi8sCDOlgoYqKl3B7j3PXH7410OV0wdU2rvqRlgKmkJJ_nsGI9noaUwdg46jcsyM2CIwfn7aLl-NmhKYNP9Ysa-Ujqp8iE_Yu8v3mk00i6nRR_t0cZKVf7X6YgVA4IYgKoD3IfLDECckJ9gUK0dTd6PYLElKhno9G7hgVx7d3GOV-j3M7QLGipL920X2n64tLpN6qRswo3BgLAvrk9sH5hRG_YCkXclxWpGNmhZbRgdTc_XBwDz_hhkkQKCN0LquelG9mxtmtpaNf5boRg_HqT4dtewb-yUu0oxcZY8VXRvi8pKYktNHII24AQBgAaXnpzDyJKHrn2gBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_322DE43XN4IFwcoT51-KmGENG7uA%26client%3Dca-pub-5413329544040947%26adurl%3D&gdpr=1&gdpr_consent=
X-Requested-With
XMLHttpRequest
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date
Thu, 17 Mar 2022 23:47:22 GMT
Server
nginx/1.13.4
Connection
keep-alive
Content-Length
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
cm.g.doubleclick.net
URL
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjPIhs3TUtudPgKnL_Dx9wAABJAAAAIB&google_push=AYg5qPKnj7Ou7NYHkMbz-Bx3bcrdQpsPKPNMqgy6VaqQrzBQ2qfTANoz3GbPZ4al-sJ3XJbUFSWX5UAOXAVQE0dayRC3sZB1yO7s&google_cver=1&google_gid=CAESEDPDm7iT1uFak7j0CtFyIJ4

Verdicts & Comments Add Verdict or Comment

69 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 function| structuredClone object| oncontextlost object| oncontextrestored object| zarazData object| zaraz object| CloudflareApps object| __CF$cv$params object| __cfQR string| GoogleAnalyticsObject function| ga object| dataLayer function| clarity object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| __cfBeacon function| $ function| jQuery object| Popper object| bootstrap object| _0x4eef function| _0xf565 boolean| _purpleadsWasLoaded object| _purpleads object| a2a_config object| a2a function| a2a_show_dropdown function| a2a_miniLeaveDelay function| a2a_init object| icons string| svg_tag_open string| svg_tag_close undefined| svg_src undefined| svg_src_default number| a2apage_init object| _0x823e function| _0x5eb8 boolean| _purpleAdsDisplayInit string| purpleadsInstanceId object| purpleadsAgent object| L function| mytextcopyFunction object| map object| marker object| popup object| _leaflet_events function| submitForm boolean| __cfRLUnblockHandlers object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client undefined| color object| recaptcha object| closure_lm_275646 object| ampInaboxPositionObserver object| ampInaboxFrameOverlayManager

41 Cookies

Domain/Path Name / Value
.nets4.com/ Name: _ga
Value: GA1.2.1003258889.1647560836
.nets4.com/ Name: _gid
Value: GA1.2.1118825824.1647560836
.nets4.com/ Name: _gat
Value: 1
www.clarity.ms/ Name: CLID
Value: 439de54425de418fb1341497a5d4e1d6.20220317.20230317
.nets4.com/ Name: __cf_bm
Value: P_C0fFLB6QEnWbtaOwLywYvc3hml15dt4ZmpRomW_kw-1647560835-0-AYhWpFiA9+Uoqo43t2cPVoYtM52NxkziHZDWUAFewOnMFyEF53NRXO9cXdcJ3K+LZ9FZORmYsjQgHdTbxah7Xfh2+hAMwnEsI84bFnpQOeORNxcF+/kT7i8KOJLgj9lAGA==
.nets4.com/ Name: _clck
Value: bttlbh|1|ezu|0
.c.bing.com/ Name: SRM_B
Value: 065D1B68752962CF0DAF0A0274426355
.c.clarity.ms/ Name: SM
Value: C
.clarity.ms/ Name: MUID
Value: 065D1B68752962CF0DAF0A0274426355
.c.clarity.ms/ Name: ANONCHK
Value: 0
.nets4.com/ Name: _clsk
Value: 1wkld1i|1647560836437|1|1|d.clarity.ms/collect
.mgid.com/ Name: muidn
Value: m2hhw7YdmALg
.mgid.com/ Name: __cf_bm
Value: qzxa53g.4qCanPEyuvcbyVv2D2msIX4YamphnEShHvA-1647560837-0-AcYAJMImwYBsyJgRSqGaG/tORhxF3WSTao5d0Lh17dADc4H9oetCDf5C/wLtOAsqfGqoe1AxP1KjNkbNgZdOExU=
.doubleclick.net/ Name: IDE
Value: AHWqTUnop1qXCWHUDM19mda04eLdgfCTrorPHQotOVlnQu5HSMYX1s_mdd83BDfOJe4
.adform.net/ Name: C
Value: 1
.adform.net/ Name: uid
Value: 5693256529864568532
.adform.net/ Name: TPC
Value: 1647560837659
.doubleclick.net/ Name: DSID
Value: NO_DATA
.nets4.com/ Name: __gads
Value: ID=b1fca8d19217d8c8:T=1647560837:S=ALNI_MZEuyYm4W5H2DhShCgEcMPqbOGr_Q
brain.rvty.net/ Name: RTBUserId
Value: 1c59ceaf-b058-4c1f-b081-aa255bc6fdbe
.w55c.net/ Name: wfivefivec
Value: iMYVA4yr1NuZPU5
.w55c.net/ Name: matchgoogle
Value: 5
.casalemedia.com/ Name: CMID
Value: YjPIhs3TUtudPgKnL-Dx9wAA
.casalemedia.com/ Name: CMPS
Value: 5200
.de17a.com/ Name: guid2
Value: 1.7064822296444567405
.casalemedia.com/ Name: CMPRO
Value: 1168
.casalemedia.com/ Name: CMST
Value: YjPIhmIzyIYA
.turn.com/ Name: uid
Value: 4023051615008271746
.ad-srv.net/ Name: kdb0xdq3ls8m_uid
Value: 6fd213f8bb7e1dc2
.awin1.com/ Name: awpv14098
Value: 278235|1647560838|94d49d90-a64c-11ec-81bc-2262d3a2196d
.zenaps.com/ Name: AWSESS
Value: 377133:2470167
.awin1.com/ Name: awpv11354
Value: 278235|1647560838|94e71421-a64c-11ec-81bc-2262d3a2196d
.awin1.com/ Name: AWSESS
Value: 377133:2470167
pb.media01.eu/ Name: ASP.NET_SessionId
Value: gihs4jjila5gq2ympxe0o5ne
pb.media01.eu/ Name: DTU
Value: 327502828B682080B1873F485E666667
www.conrad.de/ Name: HTLP_timestamp
Value: 1647560838
www.conrad.de/ Name: CEAffHA
Value: YD
.www.conrad.de/ Name: __cf_bm
Value: eYoY6Qm5sAtjZ.ZfChl3SwcjrfDDFgLFLiiTfi.fCPA-1647560838-0-Adai/TsXA//G4HqystsPIPWg6FPjfTa85IbjjFRiO0Yp+GxKfUqLy97/Yl3v+UrrPD1mf9UG4aLjBuPlUKVi0cs=
.pubmatic.com/ Name: KTPCACOOKIE
Value: YES
.zenaps.com/ Name: awpv11354
Value: 278235|1647560838|94e71421-a64c-11ec-81bc-2262d3a2196d
.pubmatic.com/ Name: KADUSERCOOKIE
Value: 089EAA72-D47A-4F93-8762-757A8FE21EB0

4 Console Messages

Source Level URL
Text
other warning URL: https://cdn.ampproject.org/rtv/032203150226000/v0/amp-ad-exit-0.1.mjs(Line 1)
Message:
Unrecognized feature: 'attribution-reporting'.
other warning URL: https://cdn.ampproject.org/rtv/012202142035000/v0/amp-ad-exit-0.1.mjs(Line 1)
Message:
Unrecognized feature: 'attribution-reporting'.
other warning URL: https://cdn.ampproject.org/rtv/012202142035000/v0/amp-ad-exit-0.1.mjs(Line 1)
Message:
Unrecognized feature: 'attribution-reporting'.
network error URL: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjPIhs3TUtudPgKnL_Dx9wAABJAAAAIB&google_push=AYg5qPKnj7Ou7NYHkMbz-Bx3bcrdQpsPKPNMqgy6VaqQrzBQ2qfTANoz3GbPZ4al-sJ3XJbUFSWX5UAOXAVQE0dayRC3sZB1yO7s&google_cver=1&google_gid=CAESEDPDm7iT1uFak7j0CtFyIJ4
Message:
Failed to load resource: net::ERR_TOO_MANY_REDIRECTS

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

15d2721b4356df5d408ddc6afff95263.safeframe.googlesyndication.com
1e7d6532cd7194601f9fb13674778223.safeframe.googlesyndication.com
6123f6b1e2260df2001dbc1ec59d498c.safeframe.googlesyndication.com
6578c7cbbd643ec253570b8b21f7c149.safeframe.googlesyndication.com
68e54b47a04210e958fb01baedc40a87.safeframe.googlesyndication.com
a.tile.openstreetmap.org
ad-server.eu
ad.ad-srv.net
ad.turn.com
ad13.ad-srv.net
ad4m.at
adservice.google.com
adservice.google.de
api.purpleads.io
as.ad4m.at
asset.conrad.com
assets.ad4m.at
b.tile.openstreetmap.org
brain.rvty.net
c.bing.com
c.clarity.ms
c.mgid.com
c.tile.openstreetmap.org
c1.adform.net
cdn.ampproject.org
cdn.contentspread.net
cdn.purpleads.io
cdn.rvty.net
cdnjs.cloudflare.com
cloudflareinsights.com
cm.g.doubleclick.net
csi.gstatic.com
d.clarity.ms
d5p.de17a.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
image6.pubmatic.com
img.nets4.com
media.kaspersky.com
nets4.com
pagead2.googlesyndication.com
pb.media01.eu
pm.w55c.net
pv.medialead.de
r.turn.com
s-img.mgid.com
s0.2mdn.net
s0.nets4.com
s1.adform.net
securepubads.g.doubleclick.net
static.addtoany.com
static.cloudflareinsights.com
tpc.googlesyndication.com
track.adform.net
www.awin1.com
www.clarity.ms
www.conrad.de
www.google-analytics.com
www.google.com
www.googletagservices.com
www.gstatic.com
www.zenaps.com
cm.g.doubleclick.net
104.111.239.217
104.16.18.94
104.18.126.5
104.18.47.230
104.19.134.78
104.19.136.78
104.22.71.197
104.26.11.209
116.202.48.214
13.107.21.200
13.32.99.54
142.250.184.202
142.250.184.226
142.250.185.131
142.250.185.162
142.250.185.226
142.250.185.99
142.250.186.102
142.250.186.129
142.250.186.161
142.250.186.164
145.239.193.130
151.101.130.137
151.101.2.137
151.101.66.137
172.217.16.129
172.217.16.142
172.217.31.3
172.64.156.26
178.79.242.245
18.194.22.119
185.85.15.31
188.114.96.7
192.82.242.209
2.16.186.155
213.155.156.166
216.58.212.130
3.94.45.13
37.157.2.235
37.157.4.40
40.76.174.66
40.90.65.22
46.228.164.11
52.142.114.2
54.76.176.197
78.46.23.46
88.198.250.30
88.99.65.215
89.163.211.233
89.163.211.242
002e130324d00aa25aa20fa2d9a881033632b0c754970089429de9fccf99ceb3
00bb2f69ab06efff6555f6ccae10902e87bb6aea861e83de082a45a07e525054
0246ba4e653f0b3a8594a606043c985275c5e447293fcb096b3add67fca67d6e
0442de55e3838ce2b8cfca9a7ad2a6bcecfd94844453c13b38d7a9f1d31944b9
0b43999f77e447254a78e068f55a6cc9075071b252277337b901e095e607e474
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0ba081f546084bd5097aa8a73c75931d5aa1fc4d6e846e53c21f98e6a1509988
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
0cd48e24d2c40fbc60268830b3ec3d11a7a6c6203d2005835f378c8c2c68b2e8
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
130ef9dad6ccde3945db1284bfb0917dc4123904a50b1d29f662ff366ff42c47
14b9f60776b750d6e9c56a249664e6ade986ce02e511da63f9df52cceccd6e18
15a725aba814e5482334099de61998b00bee38c8c24b42f34563ada600b877b0
15c9a12b774a3fd7b6193ed3bbff67e99545affb93f0127463320f977469771b
15f97543ff4d546609111ebf1c117bbe16c5fe852fa7e826204b74566e91a8f7
17a97981604a1fe56f8804e77655010e70cbfbbac2c66e03a303e876dfd72640
19c2d633b058bc1c770012984372e99f9d7e4c6c8186f05187a53fbf278f0104
1c9d3eca43d5f9f485ecbd906dd1f97e63c65d80454b80205e90359e1cccc685
1d07bcab4c15f3ff3b56d0b5c9f44c3dd1c7266eb5788bfbc09f02822b07de0c
1e02189b6990b38c43207a8c0c206a2fda1833e7b7401fa42af72671e62f43a5
1e046a89bb90f44dadb24f5fdfbe412b5f6d320b790f7317fad956b193234726
1e85ec81b9800b4c443d39caca0d0926089a3ac201120db1ceb45b93789480b8
20e9059774ce4fb51f6fc6cb6a685df978a661144feb964bc86b428cef709320
213738a8de7a1e55874dcbc92825c84599256579b64f60f19c2514e61844e6bb
21af66f64bb18b1159ee363a933d5630e27419c83915d4d5ef42d8154f3921da
2255ec4c3254a41b448889224b2cc5c32f8d6f8a6165d3c58aa6523f86c0957c
230f27646f2460a7e13106d06ec50cb822acf254ae08fba4058aa06ca57b9dab
23443ac73d1e6193f8a33c7a6162c3fb1c5b063ac7d9f00aafcdcccd940d9a58
23cc8f32949c8b6960b1a4ca216ccaff2db4b769f6565bef2ee1fa954e072029
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
264f5c640339f042dd729062cfc04c17f8ea0f29882b538e3848ed8f10edb4da
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
2af494599a7add04b0a028eda1b1638bc100ab53c37722b5d543b804d3dc6af0
2cef3a9d0606aecfe2476867e61f76535b9bb5b8e9d31957cc9504cdd1e69396
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2eb2a641ec9143273f4f5ba4f1526364fd4b1a040b628b4be54b77dbe362690f
2fd4c3ae6afc2b4026d9f0b64b8ff1110ecfcf47b90bc988c06e844b3921cbf6
3110966fa73dac64901ac2cec67656155bb9717286b7b0da0544cdd8ae7c888d
32a97e6497cd6c3a611286892f51f127409221715c0cb3f2795f8c480bc76de4
32b8fae56a7edbfe89e7f7fd22aa7df75546183f81660692c9cf03d3c8d914ba
33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97
33f820c33074a8332f0a72349309504670818bc9f8a3f1958ba03bc0cebd5ad2
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
36b76d1541f43059fdcf991474b553ea86fdc4dd43c0a5b4f66467b4707319ed
3701cadc5fc84e8ad639f83a87e20d82575e3cc28d479d73a0e66e5230e71c65
3b322c9030883acdb559f857024b4ef3ab7574712b635b6e3db135749e32e1fe
3b5565f9af82a9dcef28e4039f26a672bcb37c9b46432ee8f79901d520156f47
3c865f9ba19b80bbab61230ac6f099d6c605af2b21615415338a9bfa471c863a
3d0bf782b47dcd079eedf6bb34ecb0742c114a4e4b90e37a58a412482101b475
42d4f40591d67ed16b413ec6e8ed5ec49e4a26d3841322ea4e7c038d891f1687
4383d72fd6ad435e144ced5b6f56393eebd4c321ea168114eeb2d7fe5cb4ac3a
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4d44b03d4e4d1df9a852bf35460f5584c94b37c52d08742682a1a03d20d2f6d1
4fef239ebd936e96f316dee1aca599952e7adaaba26fab72b45328871855ac4b
5061cb0765c3ab9721b8e26bdfaba5819a1f14b27fc3d93b2809a1c83056277f
50fb88e3a2d413c5c0a0294b71e0da34829b2ec9444ba55af7e1d6935a4029a3
516fadf20aefdc9565d38ff12fd35aa4262d20408dace2f5849cd191119496c0
529a91132e134f7c9c20383bbc6a32621e827289d3f4d6797b42968fa0ba6db1
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
56386db6fedf5475ff6ac57939cfaac58722f519fdce666cee7494b993c84e81
5680a47c73d1d095b6efacdfc495f7a2a38f55091ed68a3a2a62a11fdce02fda
574c3a5cca85f4114085b6841596d62f00d7c892c7b03f28cbfa301deb1dc437
587259314084a04755f0dfb2d0f0e9f07bdf03a575352e366e308d2e19cfc70a
59d49b7aa8f1df8a56b7d4620ae2f1a9c5d8341c2f63d0fa8b09c33b74f3a0a0
5d15bc2a140397dbe6b9a06a75b0bcc2ce6a1e385aaeedd8115dfa03f59b3199
5e46c9a24b258179a1e2657d5257afe29044965606d2deb0e6d5435fac23c804
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62321eb5358cbf8b66eba26b56144c3eec1262ea6923d3e28b8ced86da0bcdb0
657cfd7f13fedd954dd516332ed9b81549bb199e080146111811e2ca7ee2d566
68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f
68764844bd09e53056e82e9914dcec3d70f299560eeef679e2ce78b8e43230f4
691d4bd7b9b31f9ab1b1837e7d956e0e3041ef63c1ee0edee8ca6208a4234efd
69c052d48c498c3fb25533d8e3d16e8852b0959d705eb6219e6174ac12f665f7
69f6a4be31408bc6704d769c75693ab42eaa1922546e3f1f07d6971efdecc474
6ad584690f7fa3e788ea1df9a6a567211be5d9d627908e9339e84e99efe70126
6c7a62e2c53ecd978b0e1f540942745faf2e11ec92b18780fe8c2f30ac0d7c9b
704f6f54ae77cd5ea0a0bf47ebb70727a9bd76a311d7e54788ad3dc79b366739
722c5b95144aaf980dafacd36b1df0a3a0cff78962e8eee8f56e40c423f00b6f
736178c7c449ff13e47d41342c7fc7374da9a7dc6f5c744b8cd9ef67ec4bd7a4
73706d5b0fa330b58b4ce7d098db061df4fd43eb9ff7a2961666059016f540f6
78e337650847b61cc315a30f739483508ee400d63b10dae7ad8423dc8d25a092
794ee14dd1db8efdba58a0b36251f57ea388d10afbea1b33bed23f450d6caa45
7ddcdb425051dbc349b91079fe450031f1c28e182aa24974ddfa20a92b4facbd
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
831638ff326e9da0d644ed8c84a9bd16237c810cd7d6d82a461ff767bcff4dcb
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
855e67867dbe5c7aa77b3dcfd6f514853103c73a3d7c5e407456581d2a15fc0a
878632016def33489e208a16bff0c9133546ca3582fc3629bd40b224b3800240
8b307a25384952e1557d5a2c4cc136a70fac0115abfb74977aa1c166d3098b56
8df2471e70ec25df07eec963b45c31d8da788e8695af2ef2ec9c6208d518c1c6
8f52ae059ebd18fcb45ca5d2f81ab410ade2b54e096aa1284fd4b2b97bf3ddc9
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
91f027887307865b67fca7f39a5a7c3bb9606576dd5a874809baf21bd3fb5400
9681c0a0a13d8581f202bfaf62e53563ea6d0d6bd8e542b35b6d7c09b0e7b41b
99464ceb71bc9bbdcc72275faefe44f98eb5cbb6b5d8ee665b87b35376f1a96e
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
99c3bb6ca05861635fa2d84e489a2f20ea6f7fd4854b4b2aad2fbd17efed8ce6
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a1df2f41c62ee23a01cd0fc33c0394507d195df6f06231975348005abfa4c3df
a2abcde87c812822c1d61a1f153960d7e7394cb98577b4afbcf6c078214b34c9
a38325612f5fdaaa4dd5ca534a1d5afbf7323ad5c6f3fbca0e9ef247495cc2e2
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a67d07f733785876b3192826e76f537e2b9dc0be172ce52c773d30d65f712a07
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a747c61c2762926db3f5fb6b9018e2da640cad4f7bbb89aab50ec1632c9aeb78
ac2a6bdf3640e1213ba9a0a900ea6864a0274b080ba3bcf05ff245bfabb5eba0
aec5ee5147fdc283bcb601dc6231c234d9bec077d32756aef2a75eeedf78038f
b02392de3c75234a90f71cafd02963eb202d8ce252e266b09933feaceb636d41
b5815d21981d5959835dc06be6b58df4f3bd7189652093d08bbdaddc40a5c00d
b7aaea908b866c1619b9bf156a002c22b717a771bf22d9a2965151f9cf969670
bc68a3e6e6f0074ff46c18beea2033fc4e8c6ee513dc0617758f45e2bdd8b88a
bd3cedcd8ba11bc1819253dc1229bf5c0cbd7ace95a566d4d70958dfb5ce7f87
be5ea5d0875e91d34fe8909fb7fa4462cc65a081d0af724a7f37dc8a11b6506e
c395b5122c45194cd616064e8b5cd68d3fa0f9a8bfe2df8a376ddabdaf5e2f10
c6cd28b8f48cd9c890723dbd16c6847083e7c322af81fc3da91b9730ac576658
c82a58123e9f042fb6f68695578cff668b16b22915e0a8cb8acca14741df2bac
c837347a297c1a35852aa375392cc74950a2b868214e8b1909c4637b8b63ee24
c87dc7d9c212984118785676c741a202f5cac746b7b003298a930ed56316e51f
ca9d8502359d5141e4b26d68d65092f1f974f057cc4f194f1dc1ddaf507bb475
caedde1e9c3337a0db41760cac318f03b2f620cc86f958f3b7051693e6d8427e
cb04b2db485641ae128456f8d68f248f797b624e9803f32884fe1f3b7f1d5beb
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
ce7e29ddb0b537ab37acabdfd30146244d28719d58ac64cf584d779095db76cf
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d023be4abb6819a1ea6b454234480dc80a563e7757a0e4c69b8ee2130cb982a2
d05a01f1f832a89a1419f229f0ab3c8f8ae8b791f1b24f973bfb3800ae5efec8
d12a71cd626ac8f0fc91e6f1b98280cfb49fd724f2dcc118d192adff9a0154b4
d1e8b86755b94e3d65d8411538bc4415ab4be5c76a40aee11856fd0585ea4247
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6
d81da1c2333ea18b9649d21dd0dbb2a09141d43d18ef3e2eea1157f3e56d6277
d8968086f7509df34c3278563dab87399da4f9dcdfb419818e3a309eedc70b88
d97b44cbd5f371d1b1627c3ca414f9c1bd49e74294fc4407fc81f2176851c67a
dd1892cb87a74dac682a6207344909a96f23d342670b32063a4f4bae614805dd
dea6d9b977b06e1be6dbf3fc5118a1d8bfca410f14b6c4ad64ec07c057d4783c
df50938ddefef776a122e59861ac743a707c6731b18a6596df3f231b689cde45
e25d424553c86f8d4f17b9d8392b5913fb65b858197ea5c30508c3a3acb5d394
e30f848c353b8ab801c18d2109527cb32a27f145262dccb3cd4db9f309cc53bb
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e415d9d0616f890ca610ffb19dc36d88549176edf8d00da5540e8670488bc013
e56cacd4127c6cc1b7b3cec4f7c4dc2f00c7516ab134b891d5869a7b8f8e3c2a
e9dce55c3680655b291f228f6920d2d475a83f0d33dcd875e8ea0f641b37e935
ec0f7b818a546afa5cf7b53e72770a9a0c92cde352f2c2c9a9b7dc5026e05705
ecc2e585ea072abb205881f3aad6f36e92d556537e7100a8a128ddbc75edb436
ed7385b2ca535f7f90bb14266ddd68d64393f41d1559cbb4af01ece4dd36b8fb
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efc1d175cc0e9cd59e2c920419df165549a34e9e9bbd1eb5b9002567f05c8444
f0f382f3320ade05dd14f969ff7dd9d894c6a6571165ab6d7fcdade2f4836dfc
f412a8a3886bdd1eb0ef84f81f3dc05c74ee0a25db828f09824bee7f370a7bb3
f4eb55c4e5fa4a98232581c0bd2aba039df9d418239ef87489d3af0388d19c55
f6d032132eed5aa1a417456f07864c51fe631858b190224cf7d1a50116d15f48
f70751d4b3f5d5c9f208ea16e8cbcac3c6abf1bda80357da3fcd21dde4333449
f77c0d1739b618edc4a01ca3f6b2990b01a3009030af49ee8cf68e83052df194
f7a33be62eabe69ec7d77aa91e512c1ef89ebc7c81db2aedb7ab6c9b64f8f58c
fa1b008b1dd2d79071ba901605ab896b6c2ff94364fa1a63da08f2ac6ce78c76
fcbcd40c79f2c9aa3fb843277da99901250576e1f0f62d656ff15bb37ddeefec
fd0a1ac929c11b08e819fe4b0a18c5574012c44f09de8987c6be99a0f055a505
fd69041cd34fd4720f2c8b5537d10bc66a2f9c2400bd1ced969eb47b84827f88
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e