www.kriptobi.com Open in urlscan Pro
176.53.35.152 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://kriptobi.com/
Effective URL:
https://www.kriptobi.com/
Submission: On April 15 via api (April 15th 2023, 12:46:47 pm UTC) from US — Scanned from DE

Summary HTTP 197 Redirects Links 6 Behaviour Indicators

Summary

This website contacted 31 IPs in 10 countries across 31 domains to perform 197 HTTP transactions. The main IP is 176.53.35.152, located in Turkey and belongs to RADORE, TR. The main domain is www.kriptobi.com.
TLS certificate: Issued by R3 on February 16th 2023. Valid for: 3 months.

This is the only time www.kriptobi.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 34	176.53.35.152 176.53.35.152	42926 (RADORE) (RADORE)
2	2a00:1450:400... 2a00:1450:4001:82b::2008	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:812::200a	15169 (GOOGLE) (GOOGLE)
26	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:810::200e	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:813::2003	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
15	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:806::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:830::2003	15169 (GOOGLE) (GOOGLE)
1 32	2a00:1450:400... 2a00:1450:4001:831::2001	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:803::2002	15169 (GOOGLE) (GOOGLE)
1 5	2a00:1450:400... 2a00:1450:4001:831::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:803::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80f::200e	15169 (GOOGLE) (GOOGLE)
1 3	2606:4700::68... 2606:4700::6812:19ad	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	151.101.2.49 151.101.2.49	54113 (FASTLY) (FASTLY)
3 24	142.250.185.162 142.250.185.162	15169 (GOOGLE) (GOOGLE)
2 2	213.155.156.165 213.155.156.165	1299 (TWELVE99 ...) (TWELVE99 Arelion)
3 3	37.157.2.239 37.157.2.239	198622 (ADFORM) (ADFORM)
1	35.227.252.103 35.227.252.103	15169 (GOOGLE) (GOOGLE)
3 5	185.80.39.216 185.80.39.216	27381 (CASALE-MEDIA) (CASALE-MEDIA)
1 1	51.89.9.252 51.89.9.252	16276 (OVH) (OVH)
2 2	34.91.62.186 34.91.62.186	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
2 2	35.190.0.66 35.190.0.66	15169 (GOOGLE) (GOOGLE)
2 2	52.29.82.113 52.29.82.113	16509 (AMAZON-02) (AMAZON-02)
1 1	2a05:d018:d29... 2a05:d018:d29:3602:ea30:652:4665:4067	16509 (AMAZON-02) (AMAZON-02)
2 2	185.64.189.115 185.64.189.115	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	2a05:d01c:1d8... 2a05:d01c:1d8:8101:a62a:a2db:d81b:4039	16509 (AMAZON-02) (AMAZON-02)
3 4	185.83.142.19 185.83.142.19	29990 (ASN-APPNEX) (ASN-APPNEX)
1 2	34.242.190.194 34.242.190.194	16509 (AMAZON-02) (AMAZON-02)
9	2a00:1450:400... 2a00:1450:4001:810::2006	15169 (GOOGLE) (GOOGLE)
1	2a02:fa8:8806... 2a02:fa8:8806:20::2010	41041 (VCLK-EU-SE) (VCLK-EU-SE)
1 1	85.114.159.118 85.114.159.118	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
1 1	69.173.144.138 69.173.144.138	26667 (RUBICONPR...) (RUBICONPROJECT)
2	2600:9000:212... 2600:9000:2127:9600:8:48e:53c0:93a1	16509 (AMAZON-02) (AMAZON-02)
5	2600:1f13:800... 2600:1f13:800:7781:274e:86ad:6bbc:9169	16509 (AMAZON-02) (AMAZON-02)
197	31

34 176.53.35.152 (Turkey) 2 redirects

ASN42926 (RADORE, TR)
PTR: 1527qmof7.guzel.net.tr

kriptobi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.kriptobi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

26 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
encrypted-tbn3.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

32 2a00:1450:4001:831::2001 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:831::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:803::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

encrypted-tbn2.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

encrypted-tbn1.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

encrypted-tbn0.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6812:19ad (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

a.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.2.49 (United States) 1 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 142.250.185.162 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.155.156.165 (Sweden) 2 redirects

ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE)
PTR: 213-155-156-165.teliacarrier-cust.com

d5p.de17a.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 37.157.2.239 (Denmark) 3 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.227.252.103 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 103.252.227.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 185.80.39.216 (Canada) 3 redirects

ASN27381 (CASALE-MEDIA, CA)

ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.89.9.252 (London, United Kingdom) 1 redirects

ASN16276 (OVH, FR)
PTR: ip252.ip-51-89-9.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.91.62.186 (Groningen, Netherlands) 2 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 186.62.91.34.bc.googleusercontent.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

id.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.190.0.66 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 66.0.190.35.bc.googleusercontent.com

ads.travelaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.29.82.113 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-29-82-113.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d018:d29:3602:ea30:652:4665:4067 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.64.189.115 (United Kingdom) 2 redirects

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d01c:1d8:8101:a62a:a2db:d81b:4039 (London, United Kingdom)

ASN16509 (AMAZON-02, US)

ag.innovid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.83.142.19 (Amsterdam, Netherlands) 3 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 960.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.242.190.194 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-242-190-194.eu-west-1.compute.amazonaws.com

fw.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:810::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:fa8:8806:20::2010 (Singapore)

ASN41041 (VCLK-EU-SE, US)

dclk-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.114.159.118 (Bad Durrheim, Germany) 1 redirects

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com

dsp.adfarm1.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.138 (Frankfurt am Main, Germany) 1 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2127:9600:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2600:1f13:800:7781:274e:86ad:6bbc:9169 (Boardman, United States)

ASN16509 (AMAZON-02, US)

dt.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
58	googlesyndication.com 1 redirects pagead2.googlesyndication.com — Cisco Umbrella Rank: 105 tpc.googlesyndication.com — Cisco Umbrella Rank: 138	558 KB
38	doubleclick.net 3 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 35 cm.g.doubleclick.net — Cisco Umbrella Rank: 220 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 333	213 KB
34	kriptobi.com 2 redirects kriptobi.com www.kriptobi.com	2 MB
19	gstatic.com fonts.gstatic.com www.gstatic.com encrypted-tbn2.gstatic.com encrypted-tbn3.gstatic.com encrypted-tbn1.gstatic.com encrypted-tbn0.gstatic.com	313 KB
9	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 294	117 KB
9	adsafeprotected.com 1 redirects fw.adsafeprotected.com — Cisco Umbrella Rank: 775 static.adsafeprotected.com — Cisco Umbrella Rank: 608 dt.adsafeprotected.com — Cisco Umbrella Rank: 541	168 KB
8	google.com 1 redirects adservice.google.com — Cisco Umbrella Rank: 73 www.google.com — Cisco Umbrella Rank: 2	1 KB
7	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 39	5 KB
5	casalemedia.com 3 redirects ssum-sec.casalemedia.com — Cisco Umbrella Rank: 458 dsum-sec.casalemedia.com — Cisco Umbrella Rank: 553	4 KB
5	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 192	244 KB
4	adnxs.com 3 redirects ib.adnxs.com — Cisco Umbrella Rank: 227	4 KB
3	adform.net 3 redirects c1.adform.net — Cisco Umbrella Rank: 585	2 KB
3	tribalfusion.com 1 redirects a.tribalfusion.com — Cisco Umbrella Rank: 779 s.tribalfusion.com — Cisco Umbrella Rank: 1904	2 KB
3	google.de adservice.google.de — Cisco Umbrella Rank: 9047	818 B
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 29 region1.google-analytics.com — Cisco Umbrella Rank: 2400	20 KB
2	pubmatic.com 2 redirects image6.pubmatic.com — Cisco Umbrella Rank: 758	1 KB
2	bidswitch.net 2 redirects x.bidswitch.net — Cisco Umbrella Rank: 314	1 KB
2	travelaudience.com 2 redirects ads.travelaudience.com — Cisco Umbrella Rank: 6107	914 B
2	simpli.fi 2 redirects um.simpli.fi — Cisco Umbrella Rank: 773	1 KB
2	de17a.com 2 redirects d5p.de17a.com — Cisco Umbrella Rank: 4908	653 B
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 48	133 KB
1	rubiconproject.com 1 redirects pixel.rubiconproject.com — Cisco Umbrella Rank: 351	461 B
1	adition.com 1 redirects dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1516	586 B
1	dotomi.com dclk-match.dotomi.com — Cisco Umbrella Rank: 2677	104 B
1	innovid.com ag.innovid.com — Cisco Umbrella Rank: 1738	298 B
1	yahoo.com 1 redirects pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 449	717 B
1	rlcdn.com id.rlcdn.com — Cisco Umbrella Rank: 654	98 B
1	onetag-sys.com 1 redirects onetag-sys.com — Cisco Umbrella Rank: 778	339 B
1	openx.net rtb.openx.net — Cisco Umbrella Rank: 1326	350 B
1	everesttech.net 1 redirects sync-tm.everesttech.net — Cisco Umbrella Rank: 627	546 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 925	603 B
197	31

	Domain	Requested by
32	tpc.googlesyndication.com	1 redirects googleads.g.doubleclick.net www.kriptobi.com tpc.googlesyndication.com pagead2.googlesyndication.com
32	www.kriptobi.com	www.kriptobi.com
26	pagead2.googlesyndication.com	www.kriptobi.com pagead2.googlesyndication.com tpc.googlesyndication.com googleads.g.doubleclick.net www.googletagservices.com
22	cm.g.doubleclick.net	3 redirects www.kriptobi.com googleads.g.doubleclick.net
14	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
9	s0.2mdn.net	www.kriptobi.com s0.2mdn.net googleads.g.doubleclick.net
8	fonts.gstatic.com	fonts.googleapis.com
7	fonts.googleapis.com	www.kriptobi.com googleads.g.doubleclick.net
6	www.gstatic.com	googleads.g.doubleclick.net
5	dt.adsafeprotected.com	googleads.g.doubleclick.net
5	www.google.com	1 redirects googleads.g.doubleclick.net tpc.googlesyndication.com
5	www.googletagservices.com	googleads.g.doubleclick.net
4	ib.adnxs.com	3 redirects googleads.g.doubleclick.net
3	dsum-sec.casalemedia.com	1 redirects googleads.g.doubleclick.net
3	c1.adform.net	3 redirects
3	adservice.google.com	pagead2.googlesyndication.com
3	adservice.google.de	pagead2.googlesyndication.com
2	googleads4.g.doubleclick.net	www.kriptobi.com
2	static.adsafeprotected.com	googleads.g.doubleclick.net
2	fw.adsafeprotected.com	1 redirects www.kriptobi.com
2	image6.pubmatic.com	2 redirects
2	x.bidswitch.net	2 redirects
2	ads.travelaudience.com	2 redirects
2	um.simpli.fi	2 redirects
2	ssum-sec.casalemedia.com	2 redirects
2	d5p.de17a.com	2 redirects
2	a.tribalfusion.com	1 redirects googleads.g.doubleclick.net
2	encrypted-tbn2.gstatic.com	googleads.g.doubleclick.net
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	www.googletagmanager.com	www.kriptobi.com www.googletagmanager.com
2	kriptobi.com	2 redirects
1	pixel.rubiconproject.com	1 redirects
1	dsp.adfarm1.adition.com	1 redirects
1	dclk-match.dotomi.com	googleads.g.doubleclick.net
1	ag.innovid.com	googleads.g.doubleclick.net
1	pr-bh.ybp.yahoo.com	1 redirects
1	id.rlcdn.com	googleads.g.doubleclick.net
1	onetag-sys.com	1 redirects
1	rtb.openx.net	googleads.g.doubleclick.net
1	sync-tm.everesttech.net	1 redirects
1	s.tribalfusion.com	www.kriptobi.com
1	encrypted-tbn0.gstatic.com	googleads.g.doubleclick.net
1	encrypted-tbn1.gstatic.com	googleads.g.doubleclick.net
1	encrypted-tbn3.gstatic.com	googleads.g.doubleclick.net
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	region1.google-analytics.com	www.googletagmanager.com
197	46

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
www.twitter.com
www.instagram.com

Subject Issuer	Validity	Valid
kriptobi.com R3	`2023-02-16` - `2023-05-17`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-03-28` - `2023-06-20`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-03-28` - `2023-06-20`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-03-28` - `2023-06-20`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-03-28` - `2023-06-20`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-03-28` - `2023-06-20`	3 months	crt.sh
*.google.de GTS CA 1C3	`2023-03-28` - `2023-06-20`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-03-28` - `2023-06-20`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-03-28` - `2023-06-20`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-03-28` - `2023-06-20`	3 months	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2022-07-21` - `2023-08-21`	a year	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2023-02-02` - `2024-03-03`	a year	crt.sh
*.innovid.com RapidSSL TLS RSA CA G1	`2023-03-15` - `2024-04-14`	a year	crt.sh
fw.adsafeprotected.com Amazon RSA 2048 M02	`2023-03-29` - `2024-04-27`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-03-28` - `2023-06-20`	3 months	crt.sh
*.dotomi.com GlobalSign RSA OV SSL CA 2018	`2022-08-09` - `2023-09-10`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-07` - `2023-06-06`	a year	crt.sh
static.adsafeprotected.com Amazon RSA 2048 M01	`2023-02-24` - `2023-09-04`	6 months	crt.sh
dt.adsafeprotected.com Amazon RSA 2048 M01	`2023-02-09` - `2023-12-03`	10 months	crt.sh

This page contains 24 frames:

Primary Page: https://www.kriptobi.com/
Frame ID: 08C87A46FDD0DF21F5B5B4894EBA06FE
Requests: 56 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230412/r20190131/zrt_lookup.html
Frame ID: 7ACD011D056BAF09AE07E57023B5A141
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1313850263284619&output=html&adk=1812271804&adf=3025194257&lmt=1681562802&plat=3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fwww.kriptobi.com%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1681562801801&bpp=10&bdt=940&idt=209&shv=r20230412&mjsv=m202304110101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8159805992336&frm=20&pv=2&ga_vid=1132074045.1681562802&ga_sid=1681562802&ga_hid=601787302&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759876%2C42532185%2C44759842%2C42532089%2C31073806%2C44788442%2C21065724&oid=2&pvsid=240041507209864&tmod=1622832237&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=274
Frame ID: 50E3655250A12B26B46EEAC98F88B0E3
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1313850263284619&output=html&h=280&adk=2767623100&adf=995376434&pi=t.aa~a.108489206~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1681562802&rafmt=1&to=qs&pwprc=3557328243&format=1200x280&url=https%3A%2F%2Fwww.kriptobi.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1681562801811&bpp=1&bdt=950&idt=269&shv=r20230412&mjsv=m202304110101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=8159805992336&frm=20&pv=1&ga_vid=1132074045.1681562802&ga_sid=1681562802&ga_hid=601787302&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=90&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759876%2C42532185%2C44759842%2C42532089%2C31073806%2C44788442%2C21065724&oid=2&pvsid=240041507209864&tmod=1622832237&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=FYtmmPYXMC&p=https%3A//www.kriptobi.com&dtd=272
Frame ID: C66C328CD426C1CA0F5899FE27DEA95D
Requests: 19 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1313850263284619&output=html&h=280&adk=2767623100&adf=226233620&pi=t.aa~a.1485073868~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1681562802&rafmt=1&to=qs&pwprc=3557328243&format=1200x280&url=https%3A%2F%2Fwww.kriptobi.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1681562802766&bpp=1&bdt=1905&idt=-M&shv=r20230412&mjsv=m202304110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd22aafe81fb0a66c-2299a61291dd005d%3AT%3D1681562802%3ART%3D1681562802%3AS%3DALNI_MZQBr8WGbln-V7JyHH-jIu-PuQc_Q&gpic=UID%3D00000bd6804a9a1d%3AT%3D1681562802%3ART%3D1681562802%3AS%3DALNI_Mb28WwxqoiV7HAMwfyAuq_ZY_zJ-A&prev_fmts=0x0%2C1200x280&nras=3&correlator=8159805992336&frm=20&pv=1&ga_vid=1132074045.1681562802&ga_sid=1681562802&ga_hid=601787302&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3232&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759876%2C42532185%2C44759842%2C42532089%2C31073806%2C44788442%2C21065724&oid=2&pvsid=240041507209864&tmod=1622832237&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=PeFtbw9pZD&p=https%3A//www.kriptobi.com&dtd=9
Frame ID: 134BDD3D790DD5660D22A086688A97C0
Requests: 16 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1313850263284619&output=html&h=280&adk=863612641&adf=2400033493&pi=t.aa~a.337950186~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1681562802&rafmt=1&to=qs&pwprc=3557328243&format=1200x280&url=https%3A%2F%2Fwww.kriptobi.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1681562802766&bpp=1&bdt=1906&idt=-M&shv=r20230412&mjsv=m202304110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd22aafe81fb0a66c-2299a61291dd005d%3AT%3D1681562802%3ART%3D1681562802%3AS%3DALNI_MZQBr8WGbln-V7JyHH-jIu-PuQc_Q&gpic=UID%3D00000bd6804a9a1d%3AT%3D1681562802%3ART%3D1681562802%3AS%3DALNI_Mb28WwxqoiV7HAMwfyAuq_ZY_zJ-A&prev_fmts=0x0%2C1200x280%2C1200x280&nras=4&correlator=8159805992336&frm=20&pv=1&ga_vid=1132074045.1681562802&ga_sid=1681562802&ga_hid=601787302&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3522&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759876%2C42532185%2C44759842%2C42532089%2C31073806%2C44788442%2C21065724&oid=2&pvsid=240041507209864&tmod=1622832237&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=JFZ435zsOW&p=https%3A//www.kriptobi.com&dtd=14
Frame ID: CF9C68EAF040702063C668D16A6CBEB7
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1313850263284619&output=html&h=280&adk=808466392&adf=1649704010&pi=t.aa~a.3111939286~rp.2&w=450&fwrn=4&fwrnh=100&lmt=1681562802&rafmt=1&to=qs&pwprc=3557328243&format=450x280&url=https%3A%2F%2Fwww.kriptobi.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1681562802766&bpp=1&bdt=1906&idt=1&shv=r20230412&mjsv=m202304110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd22aafe81fb0a66c-2299a61291dd005d%3AT%3D1681562802%3ART%3D1681562802%3AS%3DALNI_MZQBr8WGbln-V7JyHH-jIu-PuQc_Q&gpic=UID%3D00000bd6804a9a1d%3AT%3D1681562802%3ART%3D1681562802%3AS%3DALNI_Mb28WwxqoiV7HAMwfyAuq_ZY_zJ-A&prev_fmts=0x0%2C1200x280%2C1200x280%2C1200x280&nras=5&correlator=8159805992336&frm=20&pv=1&ga_vid=1132074045.1681562802&ga_sid=1681562802&ga_hid=601787302&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1059&ady=3875&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759876%2C42532185%2C44759842%2C42532089%2C31073806%2C44788442%2C21065724&oid=2&pvsid=240041507209864&tmod=1622832237&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=qOOucpAufo&p=https%3A//www.kriptobi.com&dtd=21
Frame ID: 7CF7DA08DEE46C1C6BE0718B77B2F1BC
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230412/r20110914/zrt_lookup.html?fsb=1
Frame ID: 2889D8A5EBCA9FC908425157B577B292
Requests: 6 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: 6F59E07DC97C6E254F8C92D1C2DF2F32
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 4C9759EEB543EF29CE70F7DB2624E921
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/qQ9mw0ckdUnCcE_fRg-2epoMaLUurlOMv3TU4-E81-A.js
Frame ID: 16833452E3247E54329E6C0E1691C863
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 1E9DFDCDE9850C715DA2D18CA4CD3946
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/qQ9mw0ckdUnCcE_fRg-2epoMaLUurlOMv3TU4-E81-A.js
Frame ID: 6C7A293C9FB0012275B66A0AB3F54DF6
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 39E99CF3C4D6B0E14105569C6E3543AE
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/qQ9mw0ckdUnCcE_fRg-2epoMaLUurlOMv3TU4-E81-A.js
Frame ID: 3F2BEF6264353E98942525F12ADAA9FB
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/qQ9mw0ckdUnCcE_fRg-2epoMaLUurlOMv3TU4-E81-A.js
Frame ID: BC0D4C8260A05C71BBD963E367396ECE
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/pagead/js/r20230412/r20110914/client/error_handler.js
Frame ID: C612B835873E046A398047F55AF9EB9C
Requests: 26 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkY-O_NxQEwAQ&v=APEucNUBGUxlclhe433hdT1_MgL3IHiJ-2HmDqeAXIDAxRoVIm4ptM8NdaXkCWkHgMeCfOO8PZX937EkrKNFF2EgfP1fXqOcyYaWQgw0gwtVkTNF2aEuGOKJtkRhcgEv-rzAKZloc1HVhQ8vjryheSaO2HPiDn-IZUkPs_VhG6vE3ffFL-Amo-g
Frame ID: CF982F11764291E30E8CE780CCD05F4A
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 69F813070BF671BDC9E53D7E17E4BF13
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 8403B37B0F1A274DA0AF21C1357B9B0D
Requests: 3 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: 2C89D4F9B8FD49ECE5A17BA443F2299E
Requests: 1 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/8545329873006492075/index.html
Frame ID: 3A40379A21CA2C0C01D81EC9928E5D05
Requests: 8 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 12F09B52EF40EFD90646A95B6044CFC4
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 6CCE370AF76B34F74DAF039CFF4968DA
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Anasayfa - Kriptobi

Page URL History Show full URLs

http://kriptobi.com/ HTTP 301
https://kriptobi.com/ HTTP 301
https://www.kriptobi.com/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

197
Requests

89 %
HTTPS

59 %
IPv6

31
Domains

46
Subdomains

31
IPs

10
Countries

3499 kB
Transfer

7614 kB
Size

30
Cookies

6 Outgoing links

These are links going to different origins than the main page.

URL: http://www.facebook.com/kriptobi

Search URL Search Domain Scan URL

URL: http://www.twitter.com/kriptobi

Search URL Search Domain Scan URL

URL: http://www.instagram.com/kriptobi

Search URL Search Domain Scan URL

URL: https://www.facebook.com/kriptobi
Title: Facebook

Search URL Search Domain Scan URL

URL: https://www.twitter.com/kriptobi/
Title: Twitter

Search URL Search Domain Scan URL

URL: https://www.instagram.com/kriptobi/
Title: İnstagram

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://kriptobi.com/ HTTP 301
https://kriptobi.com/ HTTP 301
https://www.kriptobi.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 60

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 75

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgODc3uLeQBCrBxjsATIIdK-thvyL5fY HTTP 301
https://tpc.googlesyndication.com/simgad/2178660640738150884

Request Chain 105

https://a.tribalfusion.com/i.match?p=b6&u=CAESEP47LS7VXakGog1iH2eZicM&google_cver=1&google_push=Aer7DvILEOUfoehFy_rOSjH08qLJBbCNmH_K6l-PWguoBCTtFS-trEcBOXGHhz-QDqEoFq4pC-ij1a1JduZFtHUumdjExGhOzJHkCF0&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAer7DvILEOUfoehFy_rOSjH08qLJBbCNmH_K6l-PWguoBCTtFS-trEcBOXGHhz-QDqEoFq4pC-ij1a1JduZFtHUumdjExGhOzJHkCF0%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEP47LS7VXakGog1iH2eZicM&google_cver=1&google_push=Aer7DvILEOUfoehFy_rOSjH08qLJBbCNmH_K6l-PWguoBCTtFS-trEcBOXGHhz-QDqEoFq4pC-ij1a1JduZFtHUumdjExGhOzJHkCF0&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAer7DvILEOUfoehFy_rOSjH08qLJBbCNmH_K6l-PWguoBCTtFS-trEcBOXGHhz-QDqEoFq4pC-ij1a1JduZFtHUumdjExGhOzJHkCF0%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24

Request Chain 106

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEFmyUofCu6vREmEWH7jEU3w&google_cver=1&google_push=Aer7DvJwV1LbNX0WgXztAlABPw1IFUT9CTk2kEqFCPhJyzXX_YPdlxmNFahWEgPT2HO3bTGUYqJXNvWyMX_5VGc8amaFGufbcUHUuA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEFmyUofCu6vREmEWH7jEU3w&google_push=Aer7DvJwV1LbNX0WgXztAlABPw1IFUT9CTk2kEqFCPhJyzXX_YPdlxmNFahWEgPT2HO3bTGUYqJXNvWyMX_5VGc8amaFGufbcUHUuA

Request Chain 107

https://d5p.de17a.com/cookies/google?google_gid=CAESEOCkRQIIT8Wd7pBXgEoRCdw&google_cver=1&google_push=Aer7DvKsTRBrZxRL7ssZEY-P7NEvXRVO6yKHrgFxH8nEU3bnqrsDMaKyPXd_899r2XRZywHWCE9vnckK333bd0Zk3bLc6o4_vZNyU9s HTTP 302
https://d5p.de17a.com/cookies/google;c?google_gid=CAESEOCkRQIIT8Wd7pBXgEoRCdw&google_cver=1&google_push=Aer7DvKsTRBrZxRL7ssZEY-P7NEvXRVO6yKHrgFxH8nEU3bnqrsDMaKyPXd_899r2XRZywHWCE9vnckK333bd0Zk3bLc6o4_vZNyU9s HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=Aer7DvKsTRBrZxRL7ssZEY-P7NEvXRVO6yKHrgFxH8nEU3bnqrsDMaKyPXd_899r2XRZywHWCE9vnckK333bd0Zk3bLc6o4_vZNyU9s

Request Chain 108

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEAIFnUqnJaQ1y9ri8rBwvAw&google_cver=1&google_push=Aer7DvLyipaZF3JnYF1vybcnYqlNA8q8RsnSKei2DEuFvJQ9CP-HJPCkK2cOt5vIGKW4cN_3TfzK82H8baYKvDu7yGLK26aMi9KYIBM HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEAIFnUqnJaQ1y9ri8rBwvAw&google_cver=1&google_push=Aer7DvLyipaZF3JnYF1vybcnYqlNA8q8RsnSKei2DEuFvJQ9CP-HJPCkK2cOt5vIGKW4cN_3TfzK82H8baYKvDu7yGLK26aMi9KYIBM HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MzgyOTQ1MjMwNjE5NzI1MzAy&google_push=Aer7DvLyipaZF3JnYF1vybcnYqlNA8q8RsnSKei2DEuFvJQ9CP-HJPCkK2cOt5vIGKW4cN_3TfzK82H8baYKvDu7yGLK26aMi9KYIBM

Request Chain 110

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESENCTbaWN6sKh961ZjLgEr3U&google_cver=1&google_push=Aer7DvLkg542K39KNyIguF5HbbxVVcsm7HCyLiHqsf48Ex4XbRa4BZdt6ekfZxOPQiI0ym33hZZ24qIHNADg14VScUTcoKp6D78n_U0 HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESENCTbaWN6sKh961ZjLgEr3U&google_push=Aer7DvLkg542K39KNyIguF5HbbxVVcsm7HCyLiHqsf48Ex4XbRa4BZdt6ekfZxOPQiI0ym33hZZ24qIHNADg14VScUTcoKp6D78n_U0&s=184023&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESENCTbaWN6sKh961ZjLgEr3U&google_hm=ZDqcs6Z98k_7hQ5MLlOc0wAAFHIAAAAB&google_nid=index&google_push=Aer7DvLkg542K39KNyIguF5HbbxVVcsm7HCyLiHqsf48Ex4XbRa4BZdt6ekfZxOPQiI0ym33hZZ24qIHNADg14VScUTcoKp6D78n_U0

Request Chain 111

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEAx_mERq5QSq7bgb_1cPXFc&google_cver=1&google_push=Aer7DvJoFVeXasPkkZnX2fa4_oqdRs8vSS-un8p5G5eylUhZOIhkhr8k5VaMqU8DErU5fPhlGj5WCZE_Zj1dS3jUD8uqjFJJa_ALqPA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=Aer7DvJoFVeXasPkkZnX2fa4_oqdRs8vSS-un8p5G5eylUhZOIhkhr8k5VaMqU8DErU5fPhlGj5WCZE_Zj1dS3jUD8uqjFJJa_ALqPA

Request Chain 119

https://um.simpli.fi/gp_match?google_gid=CAESEMNsGXAXmORexdFuIAddjxY&google_cver=1&google_push=Aer7DvI2tY1-zgAWkaApW2JzFblbStySzvU6B_w2SOFC_6Lmo4BfcoZSS3t3Dp2Po79FUgAPTP9INz-lYEu-OQen7L9iNoRi0hW6Qo4 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=DEB577C4245949E2B9B47531E82211A6&google_push=Aer7DvI2tY1-zgAWkaApW2JzFblbStySzvU6B_w2SOFC_6Lmo4BfcoZSS3t3Dp2Po79FUgAPTP9INz-lYEu-OQen7L9iNoRi0hW6Qo4

Request Chain 121

https://ads.travelaudience.com/google_pixel?google_gid=CAESEMSYwplsksRVxvkEW_DqnLA&google_cver=1&google_push=Aer7DvKgmy6X1ctH6EAtnRrLKHLfHXZGmygK8B62tEGkxJ81kLxG2gurwPSy0wNDlNT0EwbD8-1cG2OreVKp6M6JxyW39_sv7HzQ3gQ HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=aFR-07HYT8m1ZSG2SvtG8A2&google_push=Aer7DvKgmy6X1ctH6EAtnRrLKHLfHXZGmygK8B62tEGkxJ81kLxG2gurwPSy0wNDlNT0EwbD8-1cG2OreVKp6M6JxyW39_sv7HzQ3gQ

Request Chain 122

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEL6u1F37krF4qB0kG893HRA&google_cver=1&google_push=Aer7DvKysM476Ek6Y6fnsBsWv9FUf8l96Ry2pvA2xOC9_e3bnghRYL6tL4axRc0kOQiwEQBFvqByCNzvfoPDJf4AvsCdJaZZYA_IDPA HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEL6u1F37krF4qB0kG893HRA&google_cver=1&google_push=Aer7DvKysM476Ek6Y6fnsBsWv9FUf8l96Ry2pvA2xOC9_e3bnghRYL6tL4axRc0kOQiwEQBFvqByCNzvfoPDJf4AvsCdJaZZYA_IDPA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=Aer7DvKysM476Ek6Y6fnsBsWv9FUf8l96Ry2pvA2xOC9_e3bnghRYL6tL4axRc0kOQiwEQBFvqByCNzvfoPDJf4AvsCdJaZZYA_IDPA&google_hm=4BWJeI8PQX6Ha27LV0jFTQ==

Request Chain 123

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEI5cFDACvB2mrriddZ-ezME&google_cver=1&google_push=Aer7DvJGpjYNsLhg2FGjezWQ450OzaVwwp9s4FHF9zSwxHO3tPOu6Qa8fimpnVM6WQO2EMf0vXMhzne2vlDgUumanEXD8FdB4uNLBTM HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=Aer7DvJGpjYNsLhg2FGjezWQ450OzaVwwp9s4FHF9zSwxHO3tPOu6Qa8fimpnVM6WQO2EMf0vXMhzne2vlDgUumanEXD8FdB4uNLBTM&google_hm=eS1DY0FLM3IxRTJwRUdxTzZDbjk3VTUzSk9NbTNkZDZ5QX5B

Request Chain 124

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEHVCE3dq_bg82TjSdzayCZY&google_cver=1&google_push=Aer7DvIPQE5xMsmey_NicbH7EmwCXQhPMoODpE_cxdJVXSdyMG_81ppJJQ8tfIMRRymPJXZ4HyIFFNjJyPJxhg_kQNrf1BtO15dOHGM HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEHVCE3dq_bg82TjSdzayCZY&google_cver=1&google_push=Aer7DvIPQE5xMsmey_NicbH7EmwCXQhPMoODpE_cxdJVXSdyMG_81ppJJQ8tfIMRRymPJXZ4HyIFFNjJyPJxhg_kQNrf1BtO15dOHGM&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=KEBB4esURLiyGHjeTz-1Xw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=Aer7DvIPQE5xMsmey_NicbH7EmwCXQhPMoODpE_cxdJVXSdyMG_81ppJJQ8tfIMRRymPJXZ4HyIFFNjJyPJxhg_kQNrf1BtO15dOHGM

Request Chain 139

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEO9-rBuWaoOxf0_1JO_f9BA&google_cver=1

Request Chain 140

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZDqcs6Z98k-7hQ5MLlOc0wAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEO9-rBuWaoOxf0_1JO_f9BA&google_cver=1

Request Chain 141

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEOnZ9dZeFyJOd5HzYfCYRCM&google_cver=1 HTTP 307
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEOnZ9dZeFyJOd5HzYfCYRCM%26google_cver%3D1

Request Chain 142

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjUyMjg3NzE0NDU0ODkwOTMwNg%3D%3D

Request Chain 155

https://um.simpli.fi/gp_match?google_gid=CAESEFbsk1JNl-d_ZSRKHysrWWk&google_cver=1&google_push=Aer7DvKL-e-XATypP0yQt9AIIPogAxTwujLvaKY2UdOHUwqVG79nGUuuaWQQFLAIYGuxVyv09T2JOjjkNtM2h8p7G6uyH9eNv4op HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=DEB577C4245949E2B9B47531E82211A6&google_push=Aer7DvKL-e-XATypP0yQt9AIIPogAxTwujLvaKY2UdOHUwqVG79nGUuuaWQQFLAIYGuxVyv09T2JOjjkNtM2h8p7G6uyH9eNv4op

Request Chain 156

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEOWnFcGNZzVKFiboUgL0Wwg&google_cver=1&google_push=Aer7DvJ0RZkcYFr20rnraW6YVuIOU9Rp0glBUe4I7djx-WL63g1FgIWo8lHuw0q6rtwLMjVWLw_MpiJ9ykPt7AoPb9wxT_DuVdqzog HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzIyMjI1NzI0OTM1NDkwNTc0MA%3D%3D&google_push=Aer7DvJ0RZkcYFr20rnraW6YVuIOU9Rp0glBUe4I7djx-WL63g1FgIWo8lHuw0q6rtwLMjVWLw_MpiJ9ykPt7AoPb9wxT_DuVdqzog

Request Chain 157

https://ads.travelaudience.com/google_pixel?google_gid=CAESEJbRrQkdKt7pYLS40mLC-KE&google_cver=1&google_push=Aer7DvJkz7NFH12U1IzBFSOgG30VNppmkA9yGqCY7PwGuWFGCZOB6XXp08NWhMDsVV-Zrf7m8aov0piOYQr5fB1PqiRM2TsVct4Cew HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=aFR-07HYT8m1ZSG2SvtG8A2&google_push=Aer7DvJkz7NFH12U1IzBFSOgG30VNppmkA9yGqCY7PwGuWFGCZOB6XXp08NWhMDsVV-Zrf7m8aov0piOYQr5fB1PqiRM2TsVct4Cew

Request Chain 158

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEPwyrAZ-10GS9_QW20_F0G8&google_cver=1&google_push=Aer7DvLB7o0QzTk9AbKF7nC_w4SpCMfpIth-se2MbJJ91fKHJrGXWtZgnThv6t4d2dxcXgDKQFtnQJms2lnNKPXHto0m1b3SyGikLw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MzgyOTQ1MjMwNjE5NzI1MzAy&google_push=Aer7DvLB7o0QzTk9AbKF7nC_w4SpCMfpIth-se2MbJJ91fKHJrGXWtZgnThv6t4d2dxcXgDKQFtnQJms2lnNKPXHto0m1b3SyGikLw

Request Chain 159

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESELqHN1KqAdnsR7shYHG0bJ4&google_cver=1&google_push=Aer7DvJ05PBLNiKdNNzLZ8XfKwMa1Er7eSpfrBc3y1VBvSfKFkCscrc4VaLwA8SAHewibxsvOXMM_Xtha2P9Sp8WIJ_8ncTbvfVN HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEdIWjJSTVMtMjUtMVFHNQ==&google_push=Aer7DvJ05PBLNiKdNNzLZ8XfKwMa1Er7eSpfrBc3y1VBvSfKFkCscrc4VaLwA8SAHewibxsvOXMM_Xtha2P9Sp8WIJ_8ncTbvfVN

Request Chain 164

https://fw.adsafeprotected.com/rfw/st/990511/61634100/4.js?ias_dspID=3&ias_campId=1010147412&ias_pubId=pub-1313850263284619&ias_chanId=1&ias_placementId=19429527826&bidurl=https://www.kriptobi.com/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0jLGwIEv8kucokqnZfJBBYX&adContainerId=brand_safety_s5w6ZIK8N_-Ax_APgPaZoA8&cbFunctionName=goog_wrapCb_s5w6ZIK8N_-Ax_APgPaZoA8&true_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2Fpassback_300x250.js&adsafe_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2F4a.js&adsafe_url=https%3A%2F%2Fwww.kriptobi.com&adsafe_type=g&adsafe_url=https%3A%2F%2Fwww.kriptobi.com%2F&adsafe_type=c&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-1313850263284619%26output%3Dhtml%26h%3D280%26adk%3D808466392%26adf%3D1649704010%26pi%3Dt.aa~a.3111939286~rp.2%26w%3D450%26fwrn%3D4%26fwrnh%3D100%26lmt%3D1681562802%26rafmt%3D1%26to%3Dqs%26pwprc%3D3557328243%26format%3D450x280%26url%3Dhttps%253A%252F%252Fwww.kriptobi.com%252F%26fwr%3D0%26pra%3D3%26rpe%3D1%26resp_fmts%3D3%26wgl%3D1%26fa%3D40%26uach%3DWyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd%26dt%3D1681562802766%26bpp%3D1%26bdt%3D1906%26idt%3D1%26shv%3Dr20230412%26mjsv%3Dm202304110101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26cookie%3DID%253Dd22aafe81fb0a66c-2299a61291dd005d%253AT%253D1681562802%253ART%253D1681562802%253AS%253DALNI_MZQBr8WGbln-V7JyHH-jIu-PuQc_Q%26gpic%3DUID%253D00000bd6804a9a1d%253AT%253D1681562802%253ART%253D1681562802%253AS%253DALNI_Mb28WwxqoiV7HAMwfyAuq_ZY_zJ-A%26prev_fmts%3D0x0%252C1200x280%252C1200x280%252C1200x280%26nras%3D5%26correlator%3D8159805992336%26frm%3D20%26pv%3D1%26ga_vid%3D1132074045.1681562802%26ga_sid%3D1681562802%26ga_hid%3D601787302%26ga_fc%3D1%26u_tz%3D0%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D1059%26ady%3D3875%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44759927%252C44759876%252C42532185%252C44759842%252C42532089%252C31073806%252C44788442%252C21065724%26oid%3D2%26pvsid%3D240041507209864%26tmod%3D1622832237%26uas%3D0%26nvt%3D1%26fc%3D1920%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257Cs%257C%26abl%3DNS%26fu%3D128%26bc%3D31%26ifi%3D5%26uci%3Da!5%26btvi%3D3%26fsb%3D1%26xpc%3DqOOucpAufo%26p%3Dhttps%253A%2F%2Fwww.kriptobi.com%26dtd%3D21&adsafe_type=bed&adsafe_jsinfo=,id:3228ae73-e750-ea8e-6a39-a8fa96512430,c:9RdGPP,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-67fb65999c-gp8vs,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.0.0,am:sp,cc:0.0.0.0,piv:0,obst:0,th:0,reas:r.h,mu:10000,br:c,bru:c,an:n,oam:0,scm:grpm1,mtim:4,mot:0,app:0,maw:0,fm:tBv49OW+11%7C12%7C131%7C141%7C142%7C151%7C152%7C161*.990511-61634100%7C1611%7C1612%7C1613%7C1711%7C1712,idMap:161*,ex:e2,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:svg.us,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,tt:rjss,et:20,oid:9392299a-db8b-11ed-9256-3265cfa1cbcb,v:19.8.400,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
https://static.adsafeprotected.com/4.js

197 HTTP transactions
7 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.kriptobi.com/
Redirect Chain

http://kriptobi.com/
https://kriptobi.com/
https://www.kriptobi.com/

115 KB
21 KB

165ms
89ms

Document
text/html

176.53.35.152
RADORE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.kriptobi.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 176.53.35.152 , Turkey, ASN42926 (RADORE, TR),
Reverse DNS: 1527qmof7.guzel.net.tr
Software: LiteSpeed / PHP/7.3.33
Resource Hash: 5b6a8b709c60b154c6d0cda4252bf7a595d062f3355fa730e7d3c70bd2901efd

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: br
content-length: 20795
content-type: text/html; charset=UTF-8
date: Sat, 15 Apr 2023 12:46:38 GMT
etag: "30183-1681547080;br"
link: <https://www.kriptobi.com/wp-json/>; rel="https://api.w.org/" <https://www.kriptobi.com/wp-json/wp/v2/pages/363>; rel="alternate"; type="application/json" <https://www.kriptobi.com/>; rel=shortlink
server: LiteSpeed
vary: Accept-Encoding
x-litespeed-cache: hit
x-powered-by: PHP/7.3.33

Redirect headers

alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 0
content-type: text/html; charset=UTF-8
date: Sat, 15 Apr 2023 12:46:38 GMT
location: https://www.kriptobi.com/
server: LiteSpeed
x-litespeed-cache: miss
x-powered-by: PHP/7.3.33
x-redirect-by: WordPress

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 164 KB
61 KB 71ms
31ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-90602782-3

Requested by

Host: www.kriptobi.com
URL: https://www.kriptobi.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

15ab541fac7b5f133143d54d212bb6cc2727b5aa62439073d9a712228758d0de

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kriptobi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 12:46:40 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 61602
x-xss-protection: 0
last-modified: Sat, 15 Apr 2023 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 15 Apr 2023 12:46:40 GMT

GET
H2 200 57b439a5d8a47d8f7f3271f3d0f2dc10.css
www.kriptobi.com/wp-content/litespeed/css/ 1 MB
160 KB 57ms
54ms Stylesheet
text/css 176.53.35.152
RADORE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.kriptobi.com/wp-content/litespeed/css/57b439a5d8a47d8f7f3271f3d0f2dc10.css?ver=34cf2
Requested by: Host: www.kriptobi.com
URL: https://www.kriptobi.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 176.53.35.152 , Turkey, ASN42926 (RADORE, TR),
Reverse DNS: 1527qmof7.guzel.net.tr
Software: LiteSpeed /
Resource Hash: 4465bf082ee3b60a8bb23aa6cd79239f51fb18fad2f3c2f363a05779d08b7580

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kriptobi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 12:46:38 GMT
content-encoding: br
last-modified: Thu, 30 Mar 2023 07:11:43 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 163357
expires: Sat, 22 Apr 2023 12:46:38 GMT

GET
H2 200 css
fonts.googleapis.com/ 4 KB
1 KB 66ms
25ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A+400%2C500%7CWork%2BSans%3A+400%2C500%2C600%2C700%2C800&ver=1.0.0

Requested by

Host: www.kriptobi.com
URL: https://www.kriptobi.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

35fd59b97a8e0d867188a88d4ec485d4daa94c2ac3ae46790435ee7b59f229c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kriptobi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 15 Apr 2023 12:46:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 15 Apr 2023 12:46:40 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 15 Apr 2023 12:46:40 GMT

GET
H2 200 css
fonts.googleapis.com/ 18 KB
785 B 74ms
33ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Exo:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic&display=swap&ver=1612293687

Requested by

Host: www.kriptobi.com
URL: https://www.kriptobi.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

592dbb3c4e19c00a8b8b60ac28aaa2dacaab14c605c2deb1a9c10e13a434692d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kriptobi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 15 Apr 2023 12:46:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 15 Apr 2023 12:46:40 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 15 Apr 2023 12:46:40 GMT

GET
H2 200 jquery.min.js Show response
www.kriptobi.com/wp-includes/js/jquery/ 88 KB
30 KB 101ms
98ms Script
application/javascript 176.53.35.152
RADORE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.kriptobi.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
Requested by: Host: www.kriptobi.com
URL: https://www.kriptobi.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 176.53.35.152 , Turkey, ASN42926 (RADORE, TR),
Reverse DNS: 1527qmof7.guzel.net.tr
Software: LiteSpeed /
Resource Hash: cc7403bab52ed166e24ea9324241045af370be482f5b594468f4a6ac6e7e7981

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kriptobi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 12:46:38 GMT
content-encoding: br
last-modified: Sun, 12 Mar 2023 11:58:56 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 30324
expires: Sat, 22 Apr 2023 12:46:38 GMT

GET
H2 200 9492683e4e1127a39dc39d2378419610.js Show response
www.kriptobi.com/wp-content/litespeed/js/ 11 KB
4 KB 103ms
100ms Script
application/javascript 176.53.35.152
RADORE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.kriptobi.com/wp-content/litespeed/js/9492683e4e1127a39dc39d2378419610.js?ver=35e16
Requested by: Host: www.kriptobi.com
URL: https://www.kriptobi.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 176.53.35.152 , Turkey, ASN42926 (RADORE, TR),
Reverse DNS: 1527qmof7.guzel.net.tr
Software: LiteSpeed /
Resource Hash: 5651b43b4e8e488d108feb52c447449fb94668c833bc8099951ffa55e0d7e9a1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kriptobi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 12:46:38 GMT
content-encoding: br
last-modified: Sat, 15 Apr 2023 12:37:20 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 3995
expires: Sat, 22 Apr 2023 12:46:38 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 138 KB
47 KB 587ms
77ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1313850263284619

Requested by

Host: www.kriptobi.com
URL: https://www.kriptobi.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

26e2631bbb158bd94d0590b31eec0ee3a5f91dab6dd34d2b09047aa9d4ba44d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.kriptobi.com/
Origin: https://www.kriptobi.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 12:46:41 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48064
x-xss-protection: 0
server: cafe
etag: 15263139708391577017
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sat, 15 Apr 2023 12:46:41 GMT

GET
H2 200 6a80f660ea2402932869c67d4b19a8f0.js Show response
www.kriptobi.com/wp-content/litespeed/js/ 15 KB
6 KB 102ms
100ms Script
application/javascript 176.53.35.152
RADORE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.kriptobi.com/wp-content/litespeed/js/6a80f660ea2402932869c67d4b19a8f0.js?ver=2b364
Requested by: Host: www.kriptobi.com
URL: https://www.kriptobi.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 176.53.35.152 , Turkey, ASN42926 (RADORE, TR),
Reverse DNS: 1527qmof7.guzel.net.tr
Software: LiteSpeed /
Resource Hash: def87dd899d0b7d84e3c03791b5dfa37de610b5d7ff11e3a2e384e2d90be03db

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kriptobi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 12:46:38 GMT
content-encoding: br
last-modified: Sat, 15 Apr 2023 12:37:20 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 5764
expires: Sat, 22 Apr 2023 12:46:38 GMT

GET
H2 200 c4f2be6cee1f72850fb2cc6440e52c40.js Show response
www.kriptobi.com/wp-content/litespeed/js/ 48 KB
12 KB 101ms
99ms Script
application/javascript 176.53.35.152
RADORE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.kriptobi.com/wp-content/litespeed/js/c4f2be6cee1f72850fb2cc6440e52c40.js?ver=b9dd9
Requested by: Host: www.kriptobi.com
URL: https://www.kriptobi.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 176.53.35.152 , Turkey, ASN42926 (RADORE, TR),
Reverse DNS: 1527qmof7.guzel.net.tr
Software: LiteSpeed /
Resource Hash: a3d5cab2ebdaf153284d3f3d4b07a37ee6f3afc3df0059ec5af4a5e0503ccf15

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kriptobi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 12:46:38 GMT
content-encoding: br
last-modified: Sat, 15 Apr 2023 12:37:20 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 12515
expires: Sat, 22 Apr 2023 12:46:38 GMT

GET
H2 200 f263104f74716b58dd691daff1746e43.js Show response
www.kriptobi.com/wp-content/litespeed/js/ 42 KB
10 KB 102ms
99ms Script
application/javascript 176.53.35.152
RADORE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.kriptobi.com/wp-content/litespeed/js/f263104f74716b58dd691daff1746e43.js?ver=afed7
Requested by: Host: www.kriptobi.com
URL: https://www.kriptobi.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 176.53.35.152 , Turkey, ASN42926 (RADORE, TR),
Reverse DNS: 1527qmof7.guzel.net.tr
Software: LiteSpeed /
Resource Hash: e59afc7f698704f985003a9ddc0688492491870dcfe7d9bf41d41ef6bdd39bb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kriptobi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 12:46:38 GMT
content-encoding: br
last-modified: Sat, 15 Apr 2023 12:37:20 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 10593
expires: Sat, 22 Apr 2023 12:46:38 GMT

GET
H2 200 6dd16dc3ba179f35c2ce7e60a2614918.js Show response
www.kriptobi.com/wp-content/litespeed/js/ 41 KB
9 KB 101ms
99ms Script
application/javascript 176.53.35.152
RADORE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.kriptobi.com/wp-content/litespeed/js/6dd16dc3ba179f35c2ce7e60a2614918.js?ver=0b4dd
Requested by: Host: www.kriptobi.com
URL: https://www.kriptobi.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 176.53.35.152 , Turkey, ASN42926 (RADORE, TR),
Reverse DNS: 1527qmof7.guzel.net.tr
Software: LiteSpeed /
Resource Hash: 2ffc81a66c376b42675c1b89737812ce8991df856ddbe9e59f9e745e44754c0f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kriptobi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 12:46:38 GMT
content-encoding: br
last-modified: Sat, 15 Apr 2023 12:37:20 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 9646
expires: Sat, 22 Apr 2023 12:46:38 GMT

GET
H2 200 d65af5f3bae1a6819237ba5ce62461d1.js Show response
www.kriptobi.com/wp-content/litespeed/js/ 8 KB
2 KB 101ms
99ms Script
application/javascript 176.53.35.152
RADORE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.kriptobi.com/wp-content/litespeed/js/d65af5f3bae1a6819237ba5ce62461d1.js?ver=84a2e
Requested by: Host: www.kriptobi.com
URL: https://www.kriptobi.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 176.53.35.152 , Turkey, ASN42926 (RADORE, TR),
Reverse DNS: 1527qmof7.guzel.net.tr
Software: LiteSpeed /
Resource Hash: 516335347b99da976cd0671241768cf73c1b23357189a48bd350d2dc0ebdc029

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kriptobi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 12:46:38 GMT
content-encoding: br
last-modified: Sat, 15 Apr 2023 12:37:20 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 2319
expires: Sat, 22 Apr 2023 12:46:38 GMT

GET
H2 200 6fd96af1bdfb72374288f541e0bf67dc.js Show response
www.kriptobi.com/wp-content/litespeed/js/ 943 B
441 B 101ms
99ms Script
application/javascript 176.53.35.152
RADORE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.kriptobi.com/wp-content/litespeed/js/6fd96af1bdfb72374288f541e0bf67dc.js?ver=034b7
Requested by: Host: www.kriptobi.com
URL: https://www.kriptobi.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 176.53.35.152 , Turkey, ASN42926 (RADORE, TR),
Reverse DNS: 1527qmof7.guzel.net.tr
Software: LiteSpeed /
Resource Hash: 1fcb0e18366ca0b4e62cd6f7297bcad640be8a77c287b4df1091cbc81bce3248

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kriptobi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 12:46:38 GMT
content-encoding: br
last-modified: Sat, 15 Apr 2023 12:37:20 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 408
expires: Sat, 22 Apr 2023 12:46:38 GMT

GET
H2 200 3c2cfb2044077f742e449d95a431c745.js Show response
www.kriptobi.com/wp-content/litespeed/js/ 1 KB
530 B 102ms
100ms Script
application/javascript 176.53.35.152
RADORE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.kriptobi.com/wp-content/litespeed/js/3c2cfb2044077f742e449d95a431c745.js?ver=9d87f
Requested by: Host: www.kriptobi.com
URL: https://www.kriptobi.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 176.53.35.152 , Turkey, ASN42926 (RADORE, TR),
Reverse DNS: 1527qmof7.guzel.net.tr
Software: LiteSpeed /
Resource Hash: bbb9de48d3529199f5aab2fa15c0ac61cb2f4790f8d921fe6e215aece7bebccc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kriptobi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 12:46:38 GMT
content-encoding: br
last-modified: Sat, 15 Apr 2023 12:37:20 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 497
expires: Sat, 22 Apr 2023 12:46:38 GMT

GET
H2 200 1d9dea16864c85cf9367b3f5149afd01.js Show response
www.kriptobi.com/wp-content/litespeed/js/ 5 KB
2 KB 188ms
186ms Script
application/javascript 176.53.35.152
RADORE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.kriptobi.com/wp-content/litespeed/js/1d9dea16864c85cf9367b3f5149afd01.js?ver=5743b
Requested by: Host: www.kriptobi.com
URL: https://www.kriptobi.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 176.53.35.152 , Turkey, ASN42926 (RADORE, TR),
Reverse DNS: 1527qmof7.guzel.net.tr
Software: LiteSpeed /
Resource Hash: c6d5a53ef2baaff57ed64a780b95eb52364d785780e63c87803a4eab54b5ebd5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kriptobi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 12:46:38 GMT
content-encoding: br
last-modified: Sat, 15 Apr 2023 12:46:38 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Sat, 22 Apr 2023 12:46:38 GMT

GET
H2 200 7912812397aa539f52b561ce3c92fedc.js Show response
www.kriptobi.com/wp-content/litespeed/js/ 34 KB
10 KB 190ms
188ms Script
application/javascript 176.53.35.152
RADORE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.kriptobi.com/wp-content/litespeed/js/7912812397aa539f52b561ce3c92fedc.js?ver=3ea0f
Requested by: Host: www.kriptobi.com
URL: https://www.kriptobi.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 176.53.35.152 , Turkey, ASN42926 (RADORE, TR),
Reverse DNS: 1527qmof7.guzel.net.tr
Software: LiteSpeed /
Resource Hash: 1e12a7bc146f528a7b78318928877040671a8f4135d9f132b07174c3278e6021

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kriptobi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 12:46:38 GMT
content-encoding: br
last-modified: Sat, 15 Apr 2023 12:46:38 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Sat, 22 Apr 2023 12:46:38 GMT

GET
H2 200 339fb528bafd22af1ff9688689147309.js Show response
www.kriptobi.com/wp-content/litespeed/js/ 1 KB
664 B 189ms
187ms Script
application/javascript 176.53.35.152
RADORE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.kriptobi.com/wp-content/litespeed/js/339fb528bafd22af1ff9688689147309.js?ver=fe8c5
Requested by: Host: www.kriptobi.com
URL: https://www.kriptobi.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 176.53.35.152 , Turkey, ASN42926 (RADORE, TR),
Reverse DNS: 1527qmof7.guzel.net.tr
Software: LiteSpeed /
Resource Hash: 015c66593c8d3c2732a7eb33a0fdb0ba6cbf6d0aa71bbf3e839285b51573b7a8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kriptobi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 12:46:38 GMT
content-encoding: br
last-modified: Sat, 15 Apr 2023 12:46:38 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Sat, 22 Apr 2023 12:46:38 GMT

GET
H2 200 be3ff1c031ea14716b26875fbe522af0.js Show response
www.kriptobi.com/wp-content/litespeed/js/ 20 KB
7 KB 189ms
188ms Script
application/javascript 176.53.35.152
RADORE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.kriptobi.com/wp-content/litespeed/js/be3ff1c031ea14716b26875fbe522af0.js?ver=93099
Requested by: Host: www.kriptobi.com
URL: https://www.kriptobi.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 176.53.35.152 , Turkey, ASN42926 (RADORE, TR),
Reverse DNS: 1527qmof7.guzel.net.tr
Software: LiteSpeed /
Resource Hash: 347dfcb13df666d68a6ebcc1d6e2752f4246787423c2d5d66cabc649bbf34fa2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kriptobi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 12:46:38 GMT
content-encoding: br
last-modified: Sat, 15 Apr 2023 12:46:38 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Sat, 22 Apr 2023 12:46:38 GMT

GET
H2 200 ad440b744174f42a09908254c2935ae8.js Show response
www.kriptobi.com/wp-content/litespeed/js/ 15 KB
4 KB 189ms
187ms Script
application/javascript 176.53.35.152
RADORE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.kriptobi.com/wp-content/litespeed/js/ad440b744174f42a09908254c2935ae8.js?ver=c5777
Requested by: Host: www.kriptobi.com
URL: https://www.kriptobi.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 176.53.35.152 , Turkey, ASN42926 (RADORE, TR),
Reverse DNS: 1527qmof7.guzel.net.tr
Software: LiteSpeed /
Resource Hash: 8b49d9f41d96eb1f02b2bc5bc6d727b99eecaf1c74160eb1447019f7772dd28b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kriptobi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 12:46:38 GMT
content-encoding: br
last-modified: Sat, 15 Apr 2023 12:46:38 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Sat, 22 Apr 2023 12:46:38 GMT

GET
H2 200 378967bd3732a3d4a0195e4117f70689.js Show response
www.kriptobi.com/wp-content/litespeed/js/ 20 KB
5 KB 188ms
186ms Script
application/javascript 176.53.35.152
RADORE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.kriptobi.com/wp-content/litespeed/js/378967bd3732a3d4a0195e4117f70689.js?ver=cbf64
Requested by: Host: www.kriptobi.com
URL: https://www.kriptobi.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 176.53.35.152 , Turkey, ASN42926 (RADORE, TR),
Reverse DNS: 1527qmof7.guzel.net.tr
Software: LiteSpeed /
Resource Hash: 1f8d60140a00561564748525ee1cbf3f7d7b87e7db087c57d73b660684837c03

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kriptobi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 12:46:38 GMT
content-encoding: br
last-modified: Sat, 15 Apr 2023 08:30:23 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 5524
expires: Sat, 22 Apr 2023 12:46:38 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 204 KB
73 KB 459ms
458ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-4EGCEX1B42&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-90602782-3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f8f98d806d4aee9ca562a78a1199e338cb6808a2121082e89579f89a32ea9925

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kriptobi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 12:46:41 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 74254
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 15 Apr 2023 12:46:41 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 508ms
18ms Script
text/javascript 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-90602782-3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kriptobi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 15 Apr 2023 12:35:42 GMT
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
server: Golfe2
age: 659
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20085
expires: Sat, 15 Apr 2023 14:35:42 GMT

GET
H2 200 wp-emoji-release.min.js Show response
www.kriptobi.com/wp-includes/js/ 18 KB
5 KB 456ms
456ms Script
application/javascript 176.53.35.152
RADORE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.kriptobi.com/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1
Requested by: Host: www.kriptobi.com
URL: https://www.kriptobi.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 176.53.35.152 , Turkey, ASN42926 (RADORE, TR),
Reverse DNS: 1527qmof7.guzel.net.tr
Software: LiteSpeed /
Resource Hash: 5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kriptobi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 12:46:39 GMT
content-encoding: br
last-modified: Sun, 12 Mar 2023 11:58:56 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 4619
expires: Sat, 22 Apr 2023 12:46:39 GMT

GET
DATA 200
OK truncated
/ 35 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 04c1bc744720c6e7542613e933c9a0f4bbd8f6ed45a5b1924223c256430dfd7b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 4UaOrEtFpBISc36j.woff2
fonts.gstatic.com/s/exo/v20/ 20 KB
20 KB 494ms
18ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/exo/v20/4UaOrEtFpBISc36j.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Exo:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic&display=swap&ver=1612293687

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e9d07ebb7ea3f8e5c5568fa3b4e81d5b93aacfd93cc05192a30c0438039d349

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.kriptobi.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 11:08:13 GMT
x-content-type-options: nosniff
age: 351508
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20364
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 19:24:29 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 10 Apr 2024 11:08:13 GMT

GET
H2 200 fontawesome-webfont.woff2
www.kriptobi.com/wp-content/plugins/js_composer/assets/lib/bower/font-awesome/fonts/ 75 KB
75 KB 481ms
480ms Font
font/woff2 176.53.35.152
RADORE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.kriptobi.com/wp-content/plugins/js_composer/assets/lib/bower/font-awesome/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by: Host: www.kriptobi.com
URL: https://www.kriptobi.com/wp-content/litespeed/css/57b439a5d8a47d8f7f3271f3d0f2dc10.css?ver=34cf2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 176.53.35.152 , Turkey, ASN42926 (RADORE, TR),
Reverse DNS: 1527qmof7.guzel.net.tr
Software: LiteSpeed /
Resource Hash: 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Referer: https://www.kriptobi.com/wp-content/litespeed/css/57b439a5d8a47d8f7f3271f3d0f2dc10.css?ver=34cf2
Origin: https://www.kriptobi.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 12:46:39 GMT
last-modified: Sat, 12 Oct 2019 17:51:11 GMT
server: LiteSpeed
content-type: font/woff2
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 77160
expires: Sat, 22 Apr 2023 12:46:39 GMT

GET
H2 200 4UaOrEtFpBISfX6jyDM.woff2
fonts.gstatic.com/s/exo/v20/ 18 KB
18 KB 502ms
29ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/exo/v20/4UaOrEtFpBISfX6jyDM.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e55e201b09b0526287ff78cd7292d70f137ebaea73cd6e46648ef24f56bd1150

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.kriptobi.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 10:57:19 GMT
x-content-type-options: nosniff
age: 352162
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18048
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 19:29:39 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 10 Apr 2024 10:57:19 GMT

GET
H2 200 4UaMrEtFpBISdk6h0Dc.woff2
fonts.gstatic.com/s/exo/v20/ 22 KB
22 KB 511ms
39ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/exo/v20/4UaMrEtFpBISdk6h0Dc.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1828b1e1234a828c768d1b455b413687aa8c430195f96918a176c6396f1f153b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.kriptobi.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 11:09:55 GMT
x-content-type-options: nosniff
age: 351406
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 22336
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 19:22:14 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 10 Apr 2024 11:09:55 GMT

GET
H2 200 Flaticon.woff
www.kriptobi.com/wp-content/themes/darpan/assets/fonts/ 20 KB
20 KB 479ms
479ms Font
font/woff 176.53.35.152
RADORE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.kriptobi.com/wp-content/themes/darpan/assets/fonts/Flaticon.woff
Requested by: Host: www.kriptobi.com
URL: https://www.kriptobi.com/wp-content/litespeed/css/57b439a5d8a47d8f7f3271f3d0f2dc10.css?ver=34cf2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 176.53.35.152 , Turkey, ASN42926 (RADORE, TR),
Reverse DNS: 1527qmof7.guzel.net.tr
Software: LiteSpeed /
Resource Hash: d86b9cf8881fe68962ffd7ea6f9ae82a35ddc389537707756e3fbabf0e63e11f

Request headers

Referer: https://www.kriptobi.com/wp-content/litespeed/css/57b439a5d8a47d8f7f3271f3d0f2dc10.css?ver=34cf2
Origin: https://www.kriptobi.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 12:46:39 GMT
last-modified: Sat, 12 Oct 2019 17:48:36 GMT
server: LiteSpeed
content-type: font/woff
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 20368
expires: Sat, 22 Apr 2023 12:46:39 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
255 B 77ms
18ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-4EGCEX1B42&gtm=45je34c0&_p=601787302&cid=1132074045.1681562802&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EA&_s=1&sid=1681562801&sct=1&seg=0&dl=https%3A%2F%2Fwww.kriptobi.com%2F&dt=Anasayfa%20-%20Kriptobi&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-4EGCEX1B42&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kriptobi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 15 Apr 2023 12:46:41 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.kriptobi.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 1 B
207 B 25ms
24ms XHR
text/plain 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j99&a=601787302&t=pageview&_s=1&dl=https%3A%2F%2Fwww.kriptobi.com%2F&ul=en-us&de=UTF-8&dt=Anasayfa%20-%20Kriptobi&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=1329282814&gjid=546525944&cid=1132074045.1681562802&tid=UA-90602782-3&_gid=463766507.1681562802&_r=1&gtm=457e34c0&jsscut=1&z=553659966

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.kriptobi.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 15 Apr 2023 12:46:41 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.kriptobi.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304110101/ 345 KB
116 KB 113ms
81ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304110101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1313850263284619&plah=www.kriptobi.com&bust=31073806

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1313850263284619

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2af5b88d4bf91f911cd8ea751af807706291a5cdfe77bf59fddf04f24730f6da

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kriptobi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 12:46:41 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 118240
x-xss-protection: 0
server: cafe
etag: 4234906918801484116
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sat, 15 Apr 2023 12:46:41 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230412/r20190131/ Frame 7ACD 10 KB
5 KB 73ms
14ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230412/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1313850263284619

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.kriptobi.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 195
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4549
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 15 Apr 2023 12:43:26 GMT
etag: 2378337311435320485
expires: Sat, 29 Apr 2023 12:43:26 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 391 B
603 B 150ms
22ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.kriptobi.com&callback=_gfp_s_&client=ca-pub-1313850263284619

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304110101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1313850263284619&plah=www.kriptobi.com&bust=31073806

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f9753126aa21b163fdbf22b8ad6ef16dec23a20b6e608a6ab829030111568cfc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kriptobi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 12:46:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 252
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
531 B 139ms
23ms Script
application/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.kriptobi.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kriptobi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 12:46:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
456 B 137ms
22ms Script
application/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.kriptobi.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kriptobi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 12:46:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 50E3 185 KB
48 KB 562ms
559ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1313850263284619&output=html&adk=1812271804&adf=3025194257&lmt=1681562802&plat=3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fwww.kriptobi.com%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1681562801801&bpp=10&bdt=940&idt=209&shv=r20230412&mjsv=m202304110101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8159805992336&frm=20&pv=2&ga_vid=1132074045.1681562802&ga_sid=1681562802&ga_hid=601787302&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759876%2C42532185%2C44759842%2C42532089%2C31073806%2C44788442%2C21065724&oid=2&pvsid=240041507209864&tmod=1622832237&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=274

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e2841a39abb72b74688d300d9c4f6d5beebfe4d6f6f038a879d3aab19700d314

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.kriptobi.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 48458
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 15 Apr 2023 12:46:42 GMT
expires: Sat, 15 Apr 2023 12:46:42 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame C66C 119 KB
36 KB 1143ms
1140ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1313850263284619&output=html&h=280&adk=2767623100&adf=995376434&pi=t.aa~a.108489206~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1681562802&rafmt=1&to=qs&pwprc=3557328243&format=1200x280&url=https%3A%2F%2Fwww.kriptobi.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1681562801811&bpp=1&bdt=950&idt=269&shv=r20230412&mjsv=m202304110101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=8159805992336&frm=20&pv=1&ga_vid=1132074045.1681562802&ga_sid=1681562802&ga_hid=601787302&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=90&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759876%2C42532185%2C44759842%2C42532089%2C31073806%2C44788442%2C21065724&oid=2&pvsid=240041507209864&tmod=1622832237&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=FYtmmPYXMC&p=https%3A//www.kriptobi.com&dtd=272

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a6b8e3c479471370076b3dca3c77e4712d53ba5069fde9689b375f8a6f1df7b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.kriptobi.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 36734
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 15 Apr 2023 12:46:43 GMT
expires: Sat, 15 Apr 2023 12:46:43 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304110101/ 150 KB
51 KB 65ms
65ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304110101/reactive_library_fy2021.js?bust=31073806

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

281ca3f0c83453a58a26b3746f2f5edc3df17fca9295c2c26730c95875c61751

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kriptobi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 12:46:42 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52142
x-xss-protection: 0
server: cafe
etag: 4909053327126467089
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Sat, 15 Apr 2023 12:46:42 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
165 B 24ms
23ms Script
application/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.kriptobi.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kriptobi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 12:46:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 22ms
21ms Script
application/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.kriptobi.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kriptobi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 12:46:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 134B 93 KB
34 KB 576ms
576ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1313850263284619&output=html&h=280&adk=2767623100&adf=226233620&pi=t.aa~a.1485073868~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1681562802&rafmt=1&to=qs&pwprc=3557328243&format=1200x280&url=https%3A%2F%2Fwww.kriptobi.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1681562802766&bpp=1&bdt=1905&idt=-M&shv=r20230412&mjsv=m202304110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd22aafe81fb0a66c-2299a61291dd005d%3AT%3D1681562802%3ART%3D1681562802%3AS%3DALNI_MZQBr8WGbln-V7JyHH-jIu-PuQc_Q&gpic=UID%3D00000bd6804a9a1d%3AT%3D1681562802%3ART%3D1681562802%3AS%3DALNI_Mb28WwxqoiV7HAMwfyAuq_ZY_zJ-A&prev_fmts=0x0%2C1200x280&nras=3&correlator=8159805992336&frm=20&pv=1&ga_vid=1132074045.1681562802&ga_sid=1681562802&ga_hid=601787302&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3232&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759876%2C42532185%2C44759842%2C42532089%2C31073806%2C44788442%2C21065724&oid=2&pvsid=240041507209864&tmod=1622832237&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=PeFtbw9pZD&p=https%3A//www.kriptobi.com&dtd=9

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

88a3246fd96aad19b19d9b9d59d879dc3da3698beff2118c235c8ab7224e1f3d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.kriptobi.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 34693
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 15 Apr 2023 12:46:43 GMT
expires: Sat, 15 Apr 2023 12:46:43 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame CF9C 106 KB
36 KB 629ms
628ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1313850263284619&output=html&h=280&adk=863612641&adf=2400033493&pi=t.aa~a.337950186~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1681562802&rafmt=1&to=qs&pwprc=3557328243&format=1200x280&url=https%3A%2F%2Fwww.kriptobi.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1681562802766&bpp=1&bdt=1906&idt=-M&shv=r20230412&mjsv=m202304110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd22aafe81fb0a66c-2299a61291dd005d%3AT%3D1681562802%3ART%3D1681562802%3AS%3DALNI_MZQBr8WGbln-V7JyHH-jIu-PuQc_Q&gpic=UID%3D00000bd6804a9a1d%3AT%3D1681562802%3ART%3D1681562802%3AS%3DALNI_Mb28WwxqoiV7HAMwfyAuq_ZY_zJ-A&prev_fmts=0x0%2C1200x280%2C1200x280&nras=4&correlator=8159805992336&frm=20&pv=1&ga_vid=1132074045.1681562802&ga_sid=1681562802&ga_hid=601787302&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3522&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759876%2C42532185%2C44759842%2C42532089%2C31073806%2C44788442%2C21065724&oid=2&pvsid=240041507209864&tmod=1622832237&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=JFZ435zsOW&p=https%3A//www.kriptobi.com&dtd=14

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0472aae54f8e9ab5de8d211d2e1e9108807fb51bef0ea21ef13b60e1a4a8f17c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.kriptobi.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 37216
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 15 Apr 2023 12:46:43 GMT
expires: Sat, 15 Apr 2023 12:46:43 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 7CF7 21 KB
9 KB 806ms
805ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1313850263284619&output=html&h=280&adk=808466392&adf=1649704010&pi=t.aa~a.3111939286~rp.2&w=450&fwrn=4&fwrnh=100&lmt=1681562802&rafmt=1&to=qs&pwprc=3557328243&format=450x280&url=https%3A%2F%2Fwww.kriptobi.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1681562802766&bpp=1&bdt=1906&idt=1&shv=r20230412&mjsv=m202304110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd22aafe81fb0a66c-2299a61291dd005d%3AT%3D1681562802%3ART%3D1681562802%3AS%3DALNI_MZQBr8WGbln-V7JyHH-jIu-PuQc_Q&gpic=UID%3D00000bd6804a9a1d%3AT%3D1681562802%3ART%3D1681562802%3AS%3DALNI_Mb28WwxqoiV7HAMwfyAuq_ZY_zJ-A&prev_fmts=0x0%2C1200x280%2C1200x280%2C1200x280&nras=5&correlator=8159805992336&frm=20&pv=1&ga_vid=1132074045.1681562802&ga_sid=1681562802&ga_hid=601787302&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1059&ady=3875&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759876%2C42532185%2C44759842%2C42532089%2C31073806%2C44788442%2C21065724&oid=2&pvsid=240041507209864&tmod=1622832237&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=qOOucpAufo&p=https%3A//www.kriptobi.com&dtd=21

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

912a830cb0d040a9f7c513b39b82d3a2bfaaea52d623502cb5b95362ecd6e924

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.kriptobi.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 8969
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 15 Apr 2023 12:46:43 GMT
expires: Sat, 15 Apr 2023 12:46:43 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 23ms
23ms Script
application/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.kriptobi.com

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kriptobi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 12:46:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 24ms
24ms Script
application/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.kriptobi.com

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kriptobi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 12:46:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230412/r20110914/ Frame 2889 10 KB
4 KB 16ms
15ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230412/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.kriptobi.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 44817
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4549
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 15 Apr 2023 00:19:45 GMT
etag: 2378337311435320485
expires: Sat, 29 Apr 2023 00:19:45 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 css2
fonts.googleapis.com/ Frame 2889 4 KB
728 B 23ms
23ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230412/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1ae367420c242e83f64dd6cba96fca46a5285d40116c0e849c7752d40303c1ab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 15 Apr 2023 12:46:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 15 Apr 2023 12:18:23 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 15 Apr 2023 12:46:42 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 2889 205 B
650 B 76ms
17ms Image
image/png 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230412/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 07:08:14 GMT
x-content-type-options: nosniff
age: 20308
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sun, 14 Apr 2024 07:08:14 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 2889 604 B
693 B 80ms
20ms Image
image/png 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230412/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 12:42:56 GMT
x-content-type-options: nosniff
age: 226
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 604
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sun, 14 Apr 2024 12:42:56 GMT

GET
H2 200 fullscreen_api_adapter_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230412/r20110914/elements/html/ Frame 2889 13 KB
6 KB 86ms
32ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230412/r20110914/elements/html/fullscreen_api_adapter_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230412/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e719752a773076ca8e3f549032753877c83cafb2a640feb0886d9af24a3b44d3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Fri, 14 Apr 2023 20:48:41 GMT
content-encoding: br
x-content-type-options: nosniff
age: 57481
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5669
x-xss-protection: 0
server: cafe
etag: 11655758664418369095
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 28 Apr 2023 20:48:41 GMT

GET
H2 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230412/r20110914/elements/html/ Frame 2889 19 KB
8 KB 70ms
16ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230412/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230412/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c5663a1ab2a975aedc88dbbf644d92980a966b614286321a39baac756077b738

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Fri, 14 Apr 2023 18:12:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 66860
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8167
x-xss-protection: 0
server: cafe
etag: 3140062999518874537
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 28 Apr 2023 18:12:22 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 6F59 8 KB
893 B 24ms
23ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230412/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

05ee926cc9bf2039ad93af941a67d23d84bd78ecd9d6ef53ff85eeaf744cbd89

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 15 Apr 2023 12:46:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 15 Apr 2023 12:31:53 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 15 Apr 2023 12:46:42 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230412/r20110914/client/ Frame 6F59 2 KB
846 B 46ms
31ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230412/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230412/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Fri, 14 Apr 2023 18:12:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 66857
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 28 Apr 2023 18:12:25 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230412/r20110914/ Frame 6F59 22 KB
9 KB 32ms
18ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230412/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230412/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

26f2c1abc7720059c2f88aac37f0b15cd551c1b69b522eef0bf782cefcc98dc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 08:59:33 GMT
content-encoding: br
x-content-type-options: nosniff
age: 13629
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8756
x-xss-protection: 0
server: cafe
etag: 5179999606349116156
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 29 Apr 2023 08:59:33 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230412/r20110914/client/ Frame 6F59 3 KB
1 KB 45ms
31ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230412/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230412/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 09:37:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 11376
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 29 Apr 2023 09:37:06 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230412/r20110914/client/ Frame 6F59 20 KB
8 KB 35ms
22ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230412/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230412/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b1b3b73852f7856f1a0f317701846bc7853eb5b127ba882c23c5073dbe6d022d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Fri, 14 Apr 2023 18:12:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 66859
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8509
x-xss-protection: 0
server: cafe
etag: 3034682829645713766
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 28 Apr 2023 18:12:23 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 6F59 159 KB
49 KB 86ms
34ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230412/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cbeee230de9adc4b4765d4387c54fa936a5c26f8306fe0e6f5f8415284f56c33

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 12:46:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49801
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1681299295334834"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 15 Apr 2023 12:46:42 GMT

GET
H2 200 c15427455071565d8097eb04c444439b.js Show response
www.gstatic.com/mysidia/ Frame 6F59 33 KB
14 KB 36ms
18ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/c15427455071565d8097eb04c444439b.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230412/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

02fb5a960b6817695b363d2294c0945cc75bf10cd17e5a03b3ff68229b9f0d77

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Fri, 14 Apr 2023 18:11:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 66913
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14106
x-xss-protection: 0
last-modified: Fri, 14 Apr 2023 00:44:38 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 13 Jul 2023 18:11:29 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 4C97 143 B
166 B 15ms
14ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230412/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20230412/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 765
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 15 Apr 2023 12:33:57 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 4C97
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

25ms
25ms

Document
text/html

2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230412/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 15 Apr 2023 12:46:43 GMT
expires: Sat, 15 Apr 2023 12:46:43 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 15 Apr 2023 12:46:43 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 qQ9mw0ckdUnCcE_fRg-2epoMaLUurlOMv3TU4-E81-A.js Show response
pagead2.googlesyndication.com/bg/ Frame 1683 36 KB
14 KB 15ms
15ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/qQ9mw0ckdUnCcE_fRg-2epoMaLUurlOMv3TU4-E81-A.js

Requested by

Host: www.kriptobi.com
URL: https://www.kriptobi.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a90f66c347247549c2704fdf460fb67a9a0c68b52eae538cbf74d4e3e13cd7e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 08:59:33 GMT
content-encoding: br
x-content-type-options: nosniff
age: 13630
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14294
x-xss-protection: 0
last-modified: Tue, 11 Apr 2023 10:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 14 Apr 2024 08:59:33 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame C66C 2 KB
531 B 25ms
24ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1313850263284619&output=html&h=280&adk=2767623100&adf=995376434&pi=t.aa~a.108489206~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1681562802&rafmt=1&to=qs&pwprc=3557328243&format=1200x280&url=https%3A%2F%2Fwww.kriptobi.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1681562801811&bpp=1&bdt=950&idt=269&shv=r20230412&mjsv=m202304110101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=8159805992336&frm=20&pv=1&ga_vid=1132074045.1681562802&ga_sid=1681562802&ga_hid=601787302&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=90&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759876%2C42532185%2C44759842%2C42532089%2C31073806%2C44788442%2C21065724&oid=2&pvsid=240041507209864&tmod=1622832237&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=FYtmmPYXMC&p=https%3A//www.kriptobi.com&dtd=272

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c02b9ec79fbd254fa28c4af580ef583bb835db70e1fe23cf73578011e8c66f14

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 15 Apr 2023 12:46:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 15 Apr 2023 12:18:54 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 15 Apr 2023 12:46:43 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230412/r20110914/client/ Frame C66C 2 KB
804 B 20ms
18ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230412/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Fri, 14 Apr 2023 18:12:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 66858
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 28 Apr 2023 18:12:25 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230412/r20110914/ Frame C66C 22 KB
9 KB 18ms
16ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230412/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

26f2c1abc7720059c2f88aac37f0b15cd551c1b69b522eef0bf782cefcc98dc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 08:59:33 GMT
content-encoding: br
x-content-type-options: nosniff
age: 13630
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8756
x-xss-protection: 0
server: cafe
etag: 5179999606349116156
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 29 Apr 2023 08:59:33 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230412/r20110914/client/ Frame C66C 3 KB
1 KB 17ms
16ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230412/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 09:37:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 11377
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 29 Apr 2023 09:37:06 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230412/r20110914/client/ Frame C66C 20 KB
8 KB 16ms
15ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230412/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b1b3b73852f7856f1a0f317701846bc7853eb5b127ba882c23c5073dbe6d022d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Fri, 14 Apr 2023 18:12:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 66860
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8509
x-xss-protection: 0
server: cafe
etag: 3034682829645713766
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 28 Apr 2023 18:12:23 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame C66C 159 KB
49 KB 34ms
33ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cbeee230de9adc4b4765d4387c54fa936a5c26f8306fe0e6f5f8415284f56c33

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 12:46:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49801
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1681299295334834"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 15 Apr 2023 12:46:43 GMT

GET
H2 200 c15427455071565d8097eb04c444439b.js Show response
www.gstatic.com/mysidia/ Frame C66C 33 KB
14 KB 15ms
15ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/c15427455071565d8097eb04c444439b.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

02fb5a960b6817695b363d2294c0945cc75bf10cd17e5a03b3ff68229b9f0d77

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Fri, 14 Apr 2023 18:11:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 66914
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14106
x-xss-protection: 0
last-modified: Fri, 14 Apr 2023 00:44:38 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 13 Jul 2023 18:11:29 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame C66C 0
0 59ms
59ms Fetch
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=Ck20hspw6ZMTMCoHAxgOTwIfIB6-ts8JvoOadp84R2dCsxaA5EAEg7bKnPmCVgoCAtAegAeyxs4MpyAEJqQKaHreQCnGyPqgDAcgDywSqBMcBT9CXqST2Ao72ARW46-gynpyag9eL2iDft0_gzUfxp32jHKCDUaMGQ-K4zS13DgsXS6kcdjma4O6qObq9n3imOhz0ETBR54aRtVkmW8FGk5DhAWA4JoIkwn2DIgIAdTMeZdrKCyd8F-AeFVT2wb_hNN5EOoH-IZVqo96pb5jiIwleY4f9wD81Tc6AmvDF4SPo8VQCa2ihLC67OkxixSWnKi6wZEjmsvVTQ4MCz3elKduJTmEprv5Ahv8kGdA4HsUL_vUpleod8sAE6L-wwKUEkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBi6AB-zpg-MDqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgHpr4b2AcA8gcEEL2_OtIIEQiA4YAQEAEYHzICqgI6AoBAgAoByAsB2BMM0BUBmBYBgBcBshccChoIABIUcHViLTEzMTM4NTAyNjMyODQ2MTkYAA&sigh=V37sX2QurDs&uach_m=[UACH]&cid=CAQSGwBygQiDCqCAxRT8oveIm_UBLFIQiYnyWHIvJhgB&template_id=494

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1313850263284619&output=html&h=280&adk=2767623100&adf=995376434&pi=t.aa~a.108489206~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1681562802&rafmt=1&to=qs&pwprc=3557328243&format=1200x280&url=https%3A%2F%2Fwww.kriptobi.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1681562801811&bpp=1&bdt=950&idt=269&shv=r20230412&mjsv=m202304110101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=8159805992336&frm=20&pv=1&ga_vid=1132074045.1681562802&ga_sid=1681562802&ga_hid=601787302&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=90&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759876%2C42532185%2C44759842%2C42532089%2C31073806%2C44788442%2C21065724&oid=2&pvsid=240041507209864&tmod=1622832237&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=FYtmmPYXMC&p=https%3A//www.kriptobi.com&dtd=272
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sat, 15 Apr 2023 12:46:43 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Apr 2023 12:46:43 GMT

GET
H2 200 shopping
encrypted-tbn2.gstatic.com/ Frame C66C 18 KB
19 KB 88ms
19ms Image
image/jpeg 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcTJXaBSIB822-8PxyDqHHg5ZjDtZo9eNHd7-CEy1FjouThjqJo8PQcH7NbNeA&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

077d26b1a58dd6c282fa6e15c00699a6c303a65f40e32c13da3755c53330e6d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Fri, 14 Apr 2023 18:24:12 GMT
x-content-type-options: nosniff
age: 66151
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18831
x-xss-protection: 0
last-modified: Wed, 15 Dec 2021 14:17:31 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Sat, 13 Apr 2024 18:24:12 GMT

GET
H2 200 shopping
encrypted-tbn3.gstatic.com/ Frame C66C 21 KB
21 KB 80ms
14ms Image
image/jpeg 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcRp8sf-ZZSXEdH0sLinAlWGq5BdqG3L4TSgpVsyAjZ56LemXQ7EGJiCSIbhKSE&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a02c28dee2269f9fae99418dfc505fc4d9900160821ef1385e55b245b24713e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Fri, 14 Apr 2023 19:01:11 GMT
x-content-type-options: nosniff
age: 63932
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21229
x-xss-protection: 0
last-modified: Sat, 21 May 2022 19:54:13 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Sat, 13 Apr 2024 19:01:11 GMT

GET
H2 200 shopping
encrypted-tbn2.gstatic.com/ Frame C66C 14 KB
15 KB 90ms
21ms Image
image/jpeg 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcSkKRTUjE40vr3y5wTUDbwBLPfsxsh89sfsVu8-6lCq34ugFah2H8wnVTCNu7I&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

06e7cfc33099ad5ee212809eba92a05111f953f6da171cca9b1c07a5dec736bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 20:10:27 GMT
x-content-type-options: nosniff
age: 318976
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14753
x-xss-protection: 0
last-modified: Mon, 23 May 2022 09:08:46 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Wed, 10 Apr 2024 20:10:27 GMT

GET
H2 200 shopping
encrypted-tbn1.gstatic.com/ Frame C66C 26 KB
27 KB 74ms
15ms Image
image/jpeg 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcQynfFtvRoIv-Cisetu87jWHpzGPAa6IryA15GKDW73OMuYm_0TMoRuyExSNbQ&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

055c5a657d1fd027e2c279715ee0f4efb221be58ff4c97b9c7e3e0ba075f9776

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Fri, 14 Apr 2023 07:52:52 GMT
x-content-type-options: nosniff
age: 104031
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27039
x-xss-protection: 0
last-modified: Sat, 30 Oct 2021 23:36:52 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Sat, 13 Apr 2024 07:52:52 GMT

GET
H2 200 shopping
encrypted-tbn0.gstatic.com/ Frame C66C 18 KB
18 KB 87ms
19ms Image
image/jpeg 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcQ_X4GiqUGBOHturOxkv3TJUJOPWAUokvxTDHJ0IWQeIfOBzMS_Wuttp7TjkA&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5407ac009e7f801394853e3ae51c6bc685eeaf056f04fe47a75dc131712a4972

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Fri, 14 Apr 2023 18:57:45 GMT
x-content-type-options: nosniff
age: 64138
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18082
x-xss-protection: 0
last-modified: Sat, 28 May 2022 21:14:07 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Sat, 13 Apr 2024 18:57:45 GMT

GET
H2

200

2178660640738150884
tpc.googlesyndication.com/simgad/ Frame C66C
Redirect Chain

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgODc3uLeQBCrBxjsATIIdK-thvyL5fY
https://tpc.googlesyndication.com/simgad/2178660640738150884

21 KB
21 KB

16ms
15ms

Image
image/png

2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/2178660640738150884

Requested by

Protocol

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2d408b3407069eccc933306dcd72b68ff95b8455af8645256ef2049c605f4d65

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Fri, 14 Apr 2023 18:07:41 GMT
x-content-type-options: nosniff
age: 67142
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21212
x-xss-protection: 0
last-modified: Sat, 26 Nov 2022 05:11:52 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 13 Apr 2024 18:07:41 GMT

Redirect headers

date: Sat, 15 Apr 2023 04:32:21 GMT
x-content-type-options: nosniff
server: cafe
age: 29662
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://tpc.googlesyndication.com/simgad/2178660640738150884
content-type: text/html; charset=UTF-8
cache-control: public, max-age=2592000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Mon, 15 May 2023 04:32:21 GMT

GET
DATA 200
OK truncated
/ Frame C66C 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d4ec872a2d8d2bf80735a8aabf8030042bb7539b754282c42d26bf2166cab79d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 css
fonts.googleapis.com/ Frame 134B 6 KB
669 B 32ms
31ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1313850263284619&output=html&h=280&adk=2767623100&adf=226233620&pi=t.aa~a.1485073868~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1681562802&rafmt=1&to=qs&pwprc=3557328243&format=1200x280&url=https%3A%2F%2Fwww.kriptobi.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1681562802766&bpp=1&bdt=1905&idt=-M&shv=r20230412&mjsv=m202304110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd22aafe81fb0a66c-2299a61291dd005d%3AT%3D1681562802%3ART%3D1681562802%3AS%3DALNI_MZQBr8WGbln-V7JyHH-jIu-PuQc_Q&gpic=UID%3D00000bd6804a9a1d%3AT%3D1681562802%3ART%3D1681562802%3AS%3DALNI_Mb28WwxqoiV7HAMwfyAuq_ZY_zJ-A&prev_fmts=0x0%2C1200x280&nras=3&correlator=8159805992336&frm=20&pv=1&ga_vid=1132074045.1681562802&ga_sid=1681562802&ga_hid=601787302&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3232&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759876%2C42532185%2C44759842%2C42532089%2C31073806%2C44788442%2C21065724&oid=2&pvsid=240041507209864&tmod=1622832237&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=PeFtbw9pZD&p=https%3A//www.kriptobi.com&dtd=9

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c9f957cc06255b47576fff3b5cb87257783c7e554062ec31a21723d81d1df774

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 15 Apr 2023 12:46:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 15 Apr 2023 12:12:11 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 15 Apr 2023 12:46:43 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230412/r20110914/client/ Frame 134B 2 KB
765 B 17ms
16ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230412/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1313850263284619&output=html&h=280&adk=2767623100&adf=226233620&pi=t.aa~a.1485073868~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1681562802&rafmt=1&to=qs&pwprc=3557328243&format=1200x280&url=https%3A%2F%2Fwww.kriptobi.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1681562802766&bpp=1&bdt=1905&idt=-M&shv=r20230412&mjsv=m202304110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd22aafe81fb0a66c-2299a61291dd005d%3AT%3D1681562802%3ART%3D1681562802%3AS%3DALNI_MZQBr8WGbln-V7JyHH-jIu-PuQc_Q&gpic=UID%3D00000bd6804a9a1d%3AT%3D1681562802%3ART%3D1681562802%3AS%3DALNI_Mb28WwxqoiV7HAMwfyAuq_ZY_zJ-A&prev_fmts=0x0%2C1200x280&nras=3&correlator=8159805992336&frm=20&pv=1&ga_vid=1132074045.1681562802&ga_sid=1681562802&ga_hid=601787302&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3232&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759876%2C42532185%2C44759842%2C42532089%2C31073806%2C44788442%2C21065724&oid=2&pvsid=240041507209864&tmod=1622832237&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=PeFtbw9pZD&p=https%3A//www.kriptobi.com&dtd=9

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Fri, 14 Apr 2023 18:12:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 66858
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 28 Apr 2023 18:12:25 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230412/r20110914/ Frame 134B 22 KB
9 KB 18ms
17ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230412/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1313850263284619&output=html&h=280&adk=2767623100&adf=226233620&pi=t.aa~a.1485073868~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1681562802&rafmt=1&to=qs&pwprc=3557328243&format=1200x280&url=https%3A%2F%2Fwww.kriptobi.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1681562802766&bpp=1&bdt=1905&idt=-M&shv=r20230412&mjsv=m202304110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd22aafe81fb0a66c-2299a61291dd005d%3AT%3D1681562802%3ART%3D1681562802%3AS%3DALNI_MZQBr8WGbln-V7JyHH-jIu-PuQc_Q&gpic=UID%3D00000bd6804a9a1d%3AT%3D1681562802%3ART%3D1681562802%3AS%3DALNI_Mb28WwxqoiV7HAMwfyAuq_ZY_zJ-A&prev_fmts=0x0%2C1200x280&nras=3&correlator=8159805992336&frm=20&pv=1&ga_vid=1132074045.1681562802&ga_sid=1681562802&ga_hid=601787302&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3232&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759876%2C42532185%2C44759842%2C42532089%2C31073806%2C44788442%2C21065724&oid=2&pvsid=240041507209864&tmod=1622832237&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=PeFtbw9pZD&p=https%3A//www.kriptobi.com&dtd=9

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

26f2c1abc7720059c2f88aac37f0b15cd551c1b69b522eef0bf782cefcc98dc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 08:59:33 GMT
content-encoding: br
x-content-type-options: nosniff
age: 13630
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8756
x-xss-protection: 0
server: cafe
etag: 5179999606349116156
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 29 Apr 2023 08:59:33 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230412/r20110914/client/ Frame 134B 3 KB
1 KB 19ms
18ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230412/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1313850263284619&output=html&h=280&adk=2767623100&adf=226233620&pi=t.aa~a.1485073868~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1681562802&rafmt=1&to=qs&pwprc=3557328243&format=1200x280&url=https%3A%2F%2Fwww.kriptobi.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1681562802766&bpp=1&bdt=1905&idt=-M&shv=r20230412&mjsv=m202304110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd22aafe81fb0a66c-2299a61291dd005d%3AT%3D1681562802%3ART%3D1681562802%3AS%3DALNI_MZQBr8WGbln-V7JyHH-jIu-PuQc_Q&gpic=UID%3D00000bd6804a9a1d%3AT%3D1681562802%3ART%3D1681562802%3AS%3DALNI_Mb28WwxqoiV7HAMwfyAuq_ZY_zJ-A&prev_fmts=0x0%2C1200x280&nras=3&correlator=8159805992336&frm=20&pv=1&ga_vid=1132074045.1681562802&ga_sid=1681562802&ga_hid=601787302&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3232&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759876%2C42532185%2C44759842%2C42532089%2C31073806%2C44788442%2C21065724&oid=2&pvsid=240041507209864&tmod=1622832237&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=PeFtbw9pZD&p=https%3A//www.kriptobi.com&dtd=9

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 09:37:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 11377
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 29 Apr 2023 09:37:06 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230412/r20110914/client/ Frame 134B 20 KB
8 KB 18ms
17ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230412/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1313850263284619&output=html&h=280&adk=2767623100&adf=226233620&pi=t.aa~a.1485073868~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1681562802&rafmt=1&to=qs&pwprc=3557328243&format=1200x280&url=https%3A%2F%2Fwww.kriptobi.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1681562802766&bpp=1&bdt=1905&idt=-M&shv=r20230412&mjsv=m202304110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd22aafe81fb0a66c-2299a61291dd005d%3AT%3D1681562802%3ART%3D1681562802%3AS%3DALNI_MZQBr8WGbln-V7JyHH-jIu-PuQc_Q&gpic=UID%3D00000bd6804a9a1d%3AT%3D1681562802%3ART%3D1681562802%3AS%3DALNI_Mb28WwxqoiV7HAMwfyAuq_ZY_zJ-A&prev_fmts=0x0%2C1200x280&nras=3&correlator=8159805992336&frm=20&pv=1&ga_vid=1132074045.1681562802&ga_sid=1681562802&ga_hid=601787302&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3232&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759876%2C42532185%2C44759842%2C42532089%2C31073806%2C44788442%2C21065724&oid=2&pvsid=240041507209864&tmod=1622832237&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=PeFtbw9pZD&p=https%3A//www.kriptobi.com&dtd=9

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b1b3b73852f7856f1a0f317701846bc7853eb5b127ba882c23c5073dbe6d022d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Fri, 14 Apr 2023 18:12:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 66860
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8509
x-xss-protection: 0
server: cafe
etag: 3034682829645713766
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 28 Apr 2023 18:12:23 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 134B 0
0 25ms
23ms Image
text/html 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaS2TDV7oJhk2DS5ax09_N3ZHb7NXFW2vi5eIqpMks4chyQl7ZwthDqxn0reZzsIN3rJOHLgWISLDKhvAno67KydRWKuRg
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1313850263284619&output=html&h=280&adk=2767623100&adf=226233620&pi=t.aa~a.1485073868~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1681562802&rafmt=1&to=qs&pwprc=3557328243&format=1200x280&url=https%3A%2F%2Fwww.kriptobi.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1681562802766&bpp=1&bdt=1905&idt=-M&shv=r20230412&mjsv=m202304110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd22aafe81fb0a66c-2299a61291dd005d%3AT%3D1681562802%3ART%3D1681562802%3AS%3DALNI_MZQBr8WGbln-V7JyHH-jIu-PuQc_Q&gpic=UID%3D00000bd6804a9a1d%3AT%3D1681562802%3ART%3D1681562802%3AS%3DALNI_Mb28WwxqoiV7HAMwfyAuq_ZY_zJ-A&prev_fmts=0x0%2C1200x280&nras=3&correlator=8159805992336&frm=20&pv=1&ga_vid=1132074045.1681562802&ga_sid=1681562802&ga_hid=601787302&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3232&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759876%2C42532185%2C44759842%2C42532089%2C31073806%2C44788442%2C21065724&oid=2&pvsid=240041507209864&tmod=1622832237&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=PeFtbw9pZD&p=https%3A//www.kriptobi.com&dtd=9
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 134B 159 KB
49 KB 30ms
30ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1313850263284619&output=html&h=280&adk=2767623100&adf=226233620&pi=t.aa~a.1485073868~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1681562802&rafmt=1&to=qs&pwprc=3557328243&format=1200x280&url=https%3A%2F%2Fwww.kriptobi.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1681562802766&bpp=1&bdt=1905&idt=-M&shv=r20230412&mjsv=m202304110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd22aafe81fb0a66c-2299a61291dd005d%3AT%3D1681562802%3ART%3D1681562802%3AS%3DALNI_MZQBr8WGbln-V7JyHH-jIu-PuQc_Q&gpic=UID%3D00000bd6804a9a1d%3AT%3D1681562802%3ART%3D1681562802%3AS%3DALNI_Mb28WwxqoiV7HAMwfyAuq_ZY_zJ-A&prev_fmts=0x0%2C1200x280&nras=3&correlator=8159805992336&frm=20&pv=1&ga_vid=1132074045.1681562802&ga_sid=1681562802&ga_hid=601787302&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3232&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759876%2C42532185%2C44759842%2C42532089%2C31073806%2C44788442%2C21065724&oid=2&pvsid=240041507209864&tmod=1622832237&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=PeFtbw9pZD&p=https%3A//www.kriptobi.com&dtd=9

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cbeee230de9adc4b4765d4387c54fa936a5c26f8306fe0e6f5f8415284f56c33

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 12:46:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49801
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1681299295334834"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 15 Apr 2023 12:46:43 GMT

GET
H3 200 c15427455071565d8097eb04c444439b.js Show response
www.gstatic.com/mysidia/ Frame 134B 33 KB
14 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/c15427455071565d8097eb04c444439b.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1313850263284619&output=html&h=280&adk=2767623100&adf=226233620&pi=t.aa~a.1485073868~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1681562802&rafmt=1&to=qs&pwprc=3557328243&format=1200x280&url=https%3A%2F%2Fwww.kriptobi.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1681562802766&bpp=1&bdt=1905&idt=-M&shv=r20230412&mjsv=m202304110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd22aafe81fb0a66c-2299a61291dd005d%3AT%3D1681562802%3ART%3D1681562802%3AS%3DALNI_MZQBr8WGbln-V7JyHH-jIu-PuQc_Q&gpic=UID%3D00000bd6804a9a1d%3AT%3D1681562802%3ART%3D1681562802%3AS%3DALNI_Mb28WwxqoiV7HAMwfyAuq_ZY_zJ-A&prev_fmts=0x0%2C1200x280&nras=3&correlator=8159805992336&frm=20&pv=1&ga_vid=1132074045.1681562802&ga_sid=1681562802&ga_hid=601787302&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3232&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759876%2C42532185%2C44759842%2C42532089%2C31073806%2C44788442%2C21065724&oid=2&pvsid=240041507209864&tmod=1622832237&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=PeFtbw9pZD&p=https%3A//www.kriptobi.com&dtd=9

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

02fb5a960b6817695b363d2294c0945cc75bf10cd17e5a03b3ff68229b9f0d77

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Fri, 14 Apr 2023 18:11:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 66914
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14106
x-xss-protection: 0
last-modified: Fri, 14 Apr 2023 00:44:38 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 13 Jul 2023 18:11:29 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 134B 0
0 61ms
61ms Fetch
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CM9A8spw6ZNO_MvPJ1fAP-cmG-ALf696sbLKUzO3vDtvZHhABIO2ypz5guwagAYPA_-0ByAEJqQKaHreQCnGyPqgDAcgDywSqBMQBT9COt9GuZVvuKgx4cZqMCx31LfL3N_7aC70ndPG7fUPzr-zCICNGkLkRiEO-Fjzjdx1hDhIFEmi2f7T1v7BAly3P-olHJh8jGJbQpv0oMUP84SYWFvmeunCh0vv3zOZAkqN-1Sx8JhI34NvKYBHPPXlwknedqw7MOHEjhH3jL_rl6cCWUjyu5mJxRNyVlVvC_t1-ZiE_NNwByEMuSs_EiTXyvOwTxJxZhgH0ZfV-vN-5-IthJzeEArcRWpZCwvUNgiNhh8AEmbOCpd4DkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBi6AB-W_gJICqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwQQ5b4R0ggRCIDhgBAQARgfMgKqAjoCgECACgHICwG4E-QD2BMNiBQB0BUBmBYBgBcBshccChoIABIUcHViLTEzMTM4NTAyNjMyODQ2MTkYAA&sigh=E3Dh4sKrkeo&uach_m=[UACH]&cid=CAQSPABygQiDzSPfUqtAlwE6NX5tBKKe1paQQgo5EziGYKB-Yb0WYjZTe0hmE_wbrPI4r3HXMxwQj9KG_NDZjBgB&template_id=484

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1313850263284619&output=html&h=280&adk=2767623100&adf=226233620&pi=t.aa~a.1485073868~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1681562802&rafmt=1&to=qs&pwprc=3557328243&format=1200x280&url=https%3A%2F%2Fwww.kriptobi.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1681562802766&bpp=1&bdt=1905&idt=-M&shv=r20230412&mjsv=m202304110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd22aafe81fb0a66c-2299a61291dd005d%3AT%3D1681562802%3ART%3D1681562802%3AS%3DALNI_MZQBr8WGbln-V7JyHH-jIu-PuQc_Q&gpic=UID%3D00000bd6804a9a1d%3AT%3D1681562802%3ART%3D1681562802%3AS%3DALNI_Mb28WwxqoiV7HAMwfyAuq_ZY_zJ-A&prev_fmts=0x0%2C1200x280&nras=3&correlator=8159805992336&frm=20&pv=1&ga_vid=1132074045.1681562802&ga_sid=1681562802&ga_hid=601787302&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3232&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759876%2C42532185%2C44759842%2C42532089%2C31073806%2C44788442%2C21065724&oid=2&pvsid=240041507209864&tmod=1622832237&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=PeFtbw9pZD&p=https%3A//www.kriptobi.com&dtd=9

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1313850263284619&output=html&h=280&adk=2767623100&adf=226233620&pi=t.aa~a.1485073868~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1681562802&rafmt=1&to=qs&pwprc=3557328243&format=1200x280&url=https%3A%2F%2Fwww.kriptobi.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1681562802766&bpp=1&bdt=1905&idt=-M&shv=r20230412&mjsv=m202304110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd22aafe81fb0a66c-2299a61291dd005d%3AT%3D1681562802%3ART%3D1681562802%3AS%3DALNI_MZQBr8WGbln-V7JyHH-jIu-PuQc_Q&gpic=UID%3D00000bd6804a9a1d%3AT%3D1681562802%3ART%3D1681562802%3AS%3DALNI_Mb28WwxqoiV7HAMwfyAuq_ZY_zJ-A&prev_fmts=0x0%2C1200x280&nras=3&correlator=8159805992336&frm=20&pv=1&ga_vid=1132074045.1681562802&ga_sid=1681562802&ga_hid=601787302&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3232&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759876%2C42532185%2C44759842%2C42532089%2C31073806%2C44788442%2C21065724&oid=2&pvsid=240041507209864&tmod=1622832237&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=PeFtbw9pZD&p=https%3A//www.kriptobi.com&dtd=9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sat, 15 Apr 2023 12:46:43 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame C66C 0
20 B 51ms
50ms Ping
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=jca&jc=26&version=r20230412&sample=0.01

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/js/r20230412/r20110914/client/load_preloaded_resource_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 15 Apr 2023 12:46:43 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2
fonts.gstatic.com/s/googlesansdisplay/v21/ Frame C66C 20 KB
20 KB 18ms
14ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesansdisplay/v21/ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

acc5497e76f832d950d14fcfa047dc3c864f7a0aae4c7a20521c0c655a53033b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 10:31:04 GMT
x-content-type-options: nosniff
age: 353739
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20784
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 19:21:31 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 10 Apr 2024 10:31:04 GMT

GET
H3 200 14763004658117789537
tpc.googlesyndication.com/simgad/6247915887955023110/ Frame 134B 16 KB
16 KB 19ms
15ms Image
image/jpeg 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/6247915887955023110/14763004658117789537?w=400&h=209

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1313850263284619&output=html&h=280&adk=2767623100&adf=226233620&pi=t.aa~a.1485073868~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1681562802&rafmt=1&to=qs&pwprc=3557328243&format=1200x280&url=https%3A%2F%2Fwww.kriptobi.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1681562802766&bpp=1&bdt=1905&idt=-M&shv=r20230412&mjsv=m202304110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd22aafe81fb0a66c-2299a61291dd005d%3AT%3D1681562802%3ART%3D1681562802%3AS%3DALNI_MZQBr8WGbln-V7JyHH-jIu-PuQc_Q&gpic=UID%3D00000bd6804a9a1d%3AT%3D1681562802%3ART%3D1681562802%3AS%3DALNI_Mb28WwxqoiV7HAMwfyAuq_ZY_zJ-A&prev_fmts=0x0%2C1200x280&nras=3&correlator=8159805992336&frm=20&pv=1&ga_vid=1132074045.1681562802&ga_sid=1681562802&ga_hid=601787302&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3232&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759876%2C42532185%2C44759842%2C42532089%2C31073806%2C44788442%2C21065724&oid=2&pvsid=240041507209864&tmod=1622832237&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=PeFtbw9pZD&p=https%3A//www.kriptobi.com&dtd=9

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6fecc8158486627b69420a15a18836e0daf915a29b61ce16a2c9d1adf99b6b8c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 01:00:44 GMT
x-content-type-options: nosniff
age: 42359
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16382
x-xss-protection: 0
last-modified: Wed, 24 Aug 2022 10:45:16 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 14 Apr 2024 01:00:44 GMT

GET
H3 200 14763004658117789537
tpc.googlesyndication.com/simgad/8863597772003098682/ Frame 134B 3 KB
3 KB 24ms
20ms Image
image/jpeg 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/8863597772003098682/14763004658117789537?w=100&h=100

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1313850263284619&output=html&h=280&adk=2767623100&adf=226233620&pi=t.aa~a.1485073868~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1681562802&rafmt=1&to=qs&pwprc=3557328243&format=1200x280&url=https%3A%2F%2Fwww.kriptobi.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1681562802766&bpp=1&bdt=1905&idt=-M&shv=r20230412&mjsv=m202304110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd22aafe81fb0a66c-2299a61291dd005d%3AT%3D1681562802%3ART%3D1681562802%3AS%3DALNI_MZQBr8WGbln-V7JyHH-jIu-PuQc_Q&gpic=UID%3D00000bd6804a9a1d%3AT%3D1681562802%3ART%3D1681562802%3AS%3DALNI_Mb28WwxqoiV7HAMwfyAuq_ZY_zJ-A&prev_fmts=0x0%2C1200x280&nras=3&correlator=8159805992336&frm=20&pv=1&ga_vid=1132074045.1681562802&ga_sid=1681562802&ga_hid=601787302&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3232&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759876%2C42532185%2C44759842%2C42532089%2C31073806%2C44788442%2C21065724&oid=2&pvsid=240041507209864&tmod=1622832237&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=PeFtbw9pZD&p=https%3A//www.kriptobi.com&dtd=9

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0f37dd4076e0af141b7099a24c6bfbe93d3142475fabd280d9fd82cb63797bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sun, 09 Apr 2023 02:58:28 GMT
x-content-type-options: nosniff
age: 553695
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2837
x-xss-protection: 0
last-modified: Thu, 21 Jul 2022 04:06:32 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Mon, 08 Apr 2024 02:58:28 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 1E9D 1 KB
643 B 15ms
15ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1313850263284619&output=html&h=280&adk=2767623100&adf=226233620&pi=t.aa~a.1485073868~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1681562802&rafmt=1&to=qs&pwprc=3557328243&format=1200x280&url=https%3A%2F%2Fwww.kriptobi.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1681562802766&bpp=1&bdt=1905&idt=-M&shv=r20230412&mjsv=m202304110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd22aafe81fb0a66c-2299a61291dd005d%3AT%3D1681562802%3ART%3D1681562802%3AS%3DALNI_MZQBr8WGbln-V7JyHH-jIu-PuQc_Q&gpic=UID%3D00000bd6804a9a1d%3AT%3D1681562802%3ART%3D1681562802%3AS%3DALNI_Mb28WwxqoiV7HAMwfyAuq_ZY_zJ-A&prev_fmts=0x0%2C1200x280&nras=3&correlator=8159805992336&frm=20&pv=1&ga_vid=1132074045.1681562802&ga_sid=1681562802&ga_hid=601787302&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3232&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759876%2C42532185%2C44759842%2C42532089%2C31073806%2C44788442%2C21065724&oid=2&pvsid=240041507209864&tmod=1622832237&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=PeFtbw9pZD&p=https%3A//www.kriptobi.com&dtd=9

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 27243
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 15 Apr 2023 05:12:40 GMT
etag: 48472445140208031
expires: Sun, 16 Apr 2023 05:12:40 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 134B 207 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 53ee76fe4e6f7ad2b1dba08d3961acfec62f0efd478661449a72589771bf8c53

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 css
fonts.googleapis.com/ Frame CF9C 8 KB
893 B 27ms
26ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1313850263284619&output=html&h=280&adk=863612641&adf=2400033493&pi=t.aa~a.337950186~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1681562802&rafmt=1&to=qs&pwprc=3557328243&format=1200x280&url=https%3A%2F%2Fwww.kriptobi.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1681562802766&bpp=1&bdt=1906&idt=-M&shv=r20230412&mjsv=m202304110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd22aafe81fb0a66c-2299a61291dd005d%3AT%3D1681562802%3ART%3D1681562802%3AS%3DALNI_MZQBr8WGbln-V7JyHH-jIu-PuQc_Q&gpic=UID%3D00000bd6804a9a1d%3AT%3D1681562802%3ART%3D1681562802%3AS%3DALNI_Mb28WwxqoiV7HAMwfyAuq_ZY_zJ-A&prev_fmts=0x0%2C1200x280%2C1200x280&nras=4&correlator=8159805992336&frm=20&pv=1&ga_vid=1132074045.1681562802&ga_sid=1681562802&ga_hid=601787302&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3522&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759876%2C42532185%2C44759842%2C42532089%2C31073806%2C44788442%2C21065724&oid=2&pvsid=240041507209864&tmod=1622832237&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=JFZ435zsOW&p=https%3A//www.kriptobi.com&dtd=14

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

05ee926cc9bf2039ad93af941a67d23d84bd78ecd9d6ef53ff85eeaf744cbd89

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 15 Apr 2023 12:46:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 15 Apr 2023 12:14:12 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 15 Apr 2023 12:46:43 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230412/r20110914/client/ Frame CF9C 2 KB
765 B 19ms
17ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230412/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Fri, 14 Apr 2023 18:12:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 66858
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 28 Apr 2023 18:12:25 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230412/r20110914/ Frame CF9C 22 KB
9 KB 19ms
18ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230412/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

26f2c1abc7720059c2f88aac37f0b15cd551c1b69b522eef0bf782cefcc98dc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 08:59:33 GMT
content-encoding: br
x-content-type-options: nosniff
age: 13630
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8756
x-xss-protection: 0
server: cafe
etag: 5179999606349116156
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 29 Apr 2023 08:59:33 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230412/r20110914/client/ Frame CF9C 3 KB
1 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230412/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 09:37:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 11377
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 29 Apr 2023 09:37:06 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230412/r20110914/client/ Frame CF9C 20 KB
8 KB 20ms
19ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230412/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b1b3b73852f7856f1a0f317701846bc7853eb5b127ba882c23c5073dbe6d022d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Fri, 14 Apr 2023 18:12:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 66860
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8509
x-xss-protection: 0
server: cafe
etag: 3034682829645713766
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 28 Apr 2023 18:12:23 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame CF9C 0
0 23ms
23ms Image
text/html 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQ8fpc1YGdLk-SCp4WsCtFztc3hQSiCpP1CCv7oeNPvDoOdrilKA-tj6oK561prDFZMuWtYtFxQzezYA7PTQ5mGnAiIrQ
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1313850263284619&output=html&h=280&adk=863612641&adf=2400033493&pi=t.aa~a.337950186~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1681562802&rafmt=1&to=qs&pwprc=3557328243&format=1200x280&url=https%3A%2F%2Fwww.kriptobi.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1681562802766&bpp=1&bdt=1906&idt=-M&shv=r20230412&mjsv=m202304110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd22aafe81fb0a66c-2299a61291dd005d%3AT%3D1681562802%3ART%3D1681562802%3AS%3DALNI_MZQBr8WGbln-V7JyHH-jIu-PuQc_Q&gpic=UID%3D00000bd6804a9a1d%3AT%3D1681562802%3ART%3D1681562802%3AS%3DALNI_Mb28WwxqoiV7HAMwfyAuq_ZY_zJ-A&prev_fmts=0x0%2C1200x280%2C1200x280&nras=4&correlator=8159805992336&frm=20&pv=1&ga_vid=1132074045.1681562802&ga_sid=1681562802&ga_hid=601787302&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3522&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759876%2C42532185%2C44759842%2C42532089%2C31073806%2C44788442%2C21065724&oid=2&pvsid=240041507209864&tmod=1622832237&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=JFZ435zsOW&p=https%3A//www.kriptobi.com&dtd=14
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame CF9C 0
0 59ms
59ms Fetch
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C6dzxspw6ZJvzMdCA1fAPweCRgAPTj6eAafTUn7OHCZaCzYWIFhABIO2ypz5glYKAgLQHoAGgibr_A8gBCagDAcgDywSqBMQBT9AFu2t_FUc2i_kwACo-FNSR2PKTrGIsNKDmeaqFOdYIHvY-zZyeCoEN7wmvBUODAAswxVa3lPPrV_BF4GDnGnmI02YmgHR7AkwS7OhJfJ_PBogMeKf4jTVbv06sratyxOYvXvlt2m3Y2yofIevBsHBYSt9BnG9mDX4lDeLzcqFhOBECISk3CSOH0x-dtJRV13nkDGUjmBqAJAgSSTMeHIJ0XXPAU1EAf4XSISaQK1Y_7jCBWVRsisO0nbIutuMiEdBU3MAE9JLB2IUCkgUECAQYAZIFBAgFGASgBi6AB8j2RagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEEKbSBNIIEQiA4YAQEAEYHzICqgI6AoBAgAoByAsB2BMMiBQB0BUBgBcBshccChoIABIUcHViLTEzMTM4NTAyNjMyODQ2MTkYAA&sigh=5vMl-e4PDyE&uach_m=[UACH]&cid=CAQSPABygQiDWRYUD1-JqHribq3ZybussA0Hi0NJRU7GGhl7InW_35137XmZobJRCz2sQim4AyoEpfr1Jj5BpxgB&template_id=5000

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1313850263284619&output=html&h=280&adk=863612641&adf=2400033493&pi=t.aa~a.337950186~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1681562802&rafmt=1&to=qs&pwprc=3557328243&format=1200x280&url=https%3A%2F%2Fwww.kriptobi.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1681562802766&bpp=1&bdt=1906&idt=-M&shv=r20230412&mjsv=m202304110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd22aafe81fb0a66c-2299a61291dd005d%3AT%3D1681562802%3ART%3D1681562802%3AS%3DALNI_MZQBr8WGbln-V7JyHH-jIu-PuQc_Q&gpic=UID%3D00000bd6804a9a1d%3AT%3D1681562802%3ART%3D1681562802%3AS%3DALNI_Mb28WwxqoiV7HAMwfyAuq_ZY_zJ-A&prev_fmts=0x0%2C1200x280%2C1200x280&nras=4&correlator=8159805992336&frm=20&pv=1&ga_vid=1132074045.1681562802&ga_sid=1681562802&ga_hid=601787302&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3522&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759876%2C42532185%2C44759842%2C42532089%2C31073806%2C44788442%2C21065724&oid=2&pvsid=240041507209864&tmod=1622832237&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=JFZ435zsOW&p=https%3A//www.kriptobi.com&dtd=14
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sat, 15 Apr 2023 12:46:43 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame CF9C 159 KB
49 KB 28ms
28ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cbeee230de9adc4b4765d4387c54fa936a5c26f8306fe0e6f5f8415284f56c33

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 12:46:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49801
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1681299295334834"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 15 Apr 2023 12:46:43 GMT

GET
H3 200 c15427455071565d8097eb04c444439b.js Show response
www.gstatic.com/mysidia/ Frame CF9C 33 KB
14 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/c15427455071565d8097eb04c444439b.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

02fb5a960b6817695b363d2294c0945cc75bf10cd17e5a03b3ff68229b9f0d77

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Fri, 14 Apr 2023 18:11:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 66914
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14106
x-xss-protection: 0
last-modified: Fri, 14 Apr 2023 00:44:38 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 13 Jul 2023 18:11:29 GMT

GET
H3 200 14763004658117789537
tpc.googlesyndication.com/simgad/10293362493063515949/ Frame CF9C 24 KB
24 KB 16ms
15ms Image
image/jpeg 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/10293362493063515949/14763004658117789537

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0ec59046d0954124ebc1efd8fa4b3bef7db20538fcbf4058c48f22d3bba7c299

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 10:07:33 GMT
x-content-type-options: nosniff
age: 268750
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24632
x-xss-protection: 0
last-modified: Tue, 28 Jun 2022 17:10:24 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 11 Apr 2024 10:07:33 GMT

GET
DATA 200
OK truncated
/ Frame CF9C 206 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame CF9C 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 qQ9mw0ckdUnCcE_fRg-2epoMaLUurlOMv3TU4-E81-A.js Show response
pagead2.googlesyndication.com/bg/ Frame 6C7A 36 KB
14 KB 18ms
17ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/qQ9mw0ckdUnCcE_fRg-2epoMaLUurlOMv3TU4-E81-A.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a90f66c347247549c2704fdf460fb67a9a0c68b52eae538cbf74d4e3e13cd7e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 08:59:33 GMT
content-encoding: br
x-content-type-options: nosniff
age: 13630
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14294
x-xss-protection: 0
last-modified: Tue, 11 Apr 2023 10:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 14 Apr 2024 08:59:33 GMT

GET
H2

200

i.match
s.tribalfusion.com/z/ Frame 1E9D
Redirect Chain

https://a.tribalfusion.com/i.match?p=b6&u=CAESEP47LS7VXakGog1iH2eZicM&google_cver=1&google_push=Aer7DvILEOUfoehFy_rOSjH08qLJBbCNmH_K6l-PWguoBCTtFS-trEcBOXGHhz-QDqEoFq4pC-ij1a1JduZFtHUumdjExGhOzJHkC...
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEP47LS7VXakGog1iH2eZicM&google_cver=1&google_push=Aer7DvILEOUfoehFy_rOSjH08qLJBbCNmH_K6l-PWguoBCTtFS-trEcBOXGHhz-QDqEoFq4pC-ij1a1JduZFtHUumdjExGhOzJH...

43 B
418 B

204ms
186ms

Image
image/gif

2606:4700::6812:19ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEP47LS7VXakGog1iH2eZicM&google_cver=1&google_push=Aer7DvILEOUfoehFy_rOSjH08qLJBbCNmH_K6l-PWguoBCTtFS-trEcBOXGHhz-QDqEoFq4pC-ij1a1JduZFtHUumdjExGhOzJHkCF0&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAer7DvILEOUfoehFy_rOSjH08qLJBbCNmH_K6l-PWguoBCTtFS-trEcBOXGHhz-QDqEoFq4pC-ij1a1JduZFtHUumdjExGhOzJHkCF0%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by: Host: www.kriptobi.com
URL: https://www.kriptobi.com/
Protocol: H2
Server: 2606:4700::6812:19ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 15 Apr 2023 12:46:43 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
content-type: image/gif; charset=utf-8
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 7b844b038c416934-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 15 Apr 2023 12:46:43 GMT
cf-cache-status: DYNAMIC
x-function: 206
server: cloudflare
x-reuse-index: 439
content-type: text/html
location: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEP47LS7VXakGog1iH2eZicM&google_cver=1&google_push=Aer7DvILEOUfoehFy_rOSjH08qLJBbCNmH_K6l-PWguoBCTtFS-trEcBOXGHhz-QDqEoFq4pC-ij1a1JduZFtHUumdjExGhOzJHkCF0&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAer7DvILEOUfoehFy_rOSjH08qLJBbCNmH_K6l-PWguoBCTtFS-trEcBOXGHhz-QDqEoFq4pC-ij1a1JduZFtHUumdjExGhOzJHkCF0%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 7b844b022a1f6934-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 1E9D
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEFmyUofCu6vREmEWH7jEU3w&google_push=Aer7DvJwV1LbNX0WgXztAlABPw1IFUT9CTk2kEqFCPhJyzXX_YPdlxmNFa...

170 B
188 B

26ms
26ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEFmyUofCu6vREmEWH7jEU3w&google_push=Aer7DvJwV1LbNX0WgXztAlABPw1IFUT9CTk2kEqFCPhJyzXX_YPdlxmNFahWEgPT2HO3bTGUYqJXNvWyMX_5VGc8amaFGufbcUHUuA

Requested by

Host: www.kriptobi.com
URL: https://www.kriptobi.com/

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 15 Apr 2023 12:46:43 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by: cache-hhn-etou8220022-HHN
pragma: no-cache
date: Sat, 15 Apr 2023 12:46:43 GMT
via: 1.1 varnish
server: Jetty(9.4.35.v20201120)
x-timer: S1681562804.527665,VS0,VE93
x-cache: MISS
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin: *
location: https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEFmyUofCu6vREmEWH7jEU3w&google_push=Aer7DvJwV1LbNX0WgXztAlABPw1IFUT9CTk2kEqFCPhJyzXX_YPdlxmNFahWEgPT2HO3bTGUYqJXNvWyMX_5VGc8amaFGufbcUHUuA
cache-control: no-cache
accept-ranges: bytes
content-length: 0
x-cache-hits: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 1E9D
Redirect Chain

https://d5p.de17a.com/cookies/google?google_gid=CAESEOCkRQIIT8Wd7pBXgEoRCdw&google_cver=1&google_push=Aer7DvKsTRBrZxRL7ssZEY-P7NEvXRVO6yKHrgFxH8nEU3bnqrsDMaKyPXd_899r2XRZywHWCE9vnckK333bd0Zk3bLc6o4...
https://d5p.de17a.com/cookies/google;c?google_gid=CAESEOCkRQIIT8Wd7pBXgEoRCdw&google_cver=1&google_push=Aer7DvKsTRBrZxRL7ssZEY-P7NEvXRVO6yKHrgFxH8nEU3bnqrsDMaKyPXd_899r2XRZywHWCE9vnckK333bd0Zk3bLc6...
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=Aer7DvKsTRBrZxRL7ssZEY-P7NEvXRVO6yKHrgFxH8nEU3bnqrsDMaKyPXd_899r2XRZywHWCE9vnckK333bd0Zk3bLc6o4_vZNyU9s

170 B
188 B

32ms
31ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=Aer7DvKsTRBrZxRL7ssZEY-P7NEvXRVO6yKHrgFxH8nEU3bnqrsDMaKyPXd_899r2XRZywHWCE9vnckK333bd0Zk3bLc6o4_vZNyU9s

Requested by

Host: www.kriptobi.com
URL: https://www.kriptobi.com/

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 15 Apr 2023 12:46:43 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=Aer7DvKsTRBrZxRL7ssZEY-P7NEvXRVO6yKHrgFxH8nEU3bnqrsDMaKyPXd_899r2XRZywHWCE9vnckK333bd0Zk3bLc6o4_vZNyU9s
content-length: 0
p3p: CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 1E9D
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEAIFnUqnJaQ1y9ri8rBwvAw&google_cver=1&google_push=Aer7DvLyipaZF3JnYF1vybcnYqlNA8q8RsnSKei2DEuFvJQ9CP-HJPCkK2cOt5vIGKW4cN_3TfzK82H8...
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEAIFnUqnJaQ1y9ri8rBwvAw&google_cver=1&google_push=Aer7DvLyipaZF3JnYF1vybcnYqlNA8q8RsnSKei2DEuFvJQ9CP-HJPCkK2cOt5vIGKW4cN_3Tfz...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MzgyOTQ1MjMwNjE5NzI1MzAy&google_push=Aer7DvLyipaZF3JnYF1vybcnYqlNA8q8RsnSKei2DEuFvJQ9CP-HJPCkK2cOt5vIGKW4cN_3TfzK82H8...

170 B
188 B

27ms
26ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MzgyOTQ1MjMwNjE5NzI1MzAy&google_push=Aer7DvLyipaZF3JnYF1vybcnYqlNA8q8RsnSKei2DEuFvJQ9CP-HJPCkK2cOt5vIGKW4cN_3TfzK82H8baYKvDu7yGLK26aMi9KYIBM

Requested by

Host: www.kriptobi.com
URL: https://www.kriptobi.com/

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 15 Apr 2023 12:46:43 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 15 Apr 2023 12:46:43 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MzgyOTQ1MjMwNjE5NzI1MzAy&google_push=Aer7DvLyipaZF3JnYF1vybcnYqlNA8q8RsnSKei2DEuFvJQ9CP-HJPCkK2cOt5vIGKW4cN_3TfzK82H8baYKvDu7yGLK26aMi9KYIBM
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2 200 dds
rtb.openx.net/sync/ Frame 1E9D 43 B
350 B 77ms
20ms Image
image/gif 35.227.252.103
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESELVgovKljSMzzH-cedxo2tI&google_cver=1&google_push=Aer7DvK4Yk0PP9n94lWFNrKhv6GBcYU46fnbRZhgsdQMx6KN_cGCm8opuguOvKQOM2AZsmKKst7wMrJ6eXAtNYob8leNvriWXAClhXM
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1313850263284619&output=html&h=280&adk=2767623100&adf=226233620&pi=t.aa~a.1485073868~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1681562802&rafmt=1&to=qs&pwprc=3557328243&format=1200x280&url=https%3A%2F%2Fwww.kriptobi.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1681562802766&bpp=1&bdt=1905&idt=-M&shv=r20230412&mjsv=m202304110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd22aafe81fb0a66c-2299a61291dd005d%3AT%3D1681562802%3ART%3D1681562802%3AS%3DALNI_MZQBr8WGbln-V7JyHH-jIu-PuQc_Q&gpic=UID%3D00000bd6804a9a1d%3AT%3D1681562802%3ART%3D1681562802%3AS%3DALNI_Mb28WwxqoiV7HAMwfyAuq_ZY_zJ-A&prev_fmts=0x0%2C1200x280&nras=3&correlator=8159805992336&frm=20&pv=1&ga_vid=1132074045.1681562802&ga_sid=1681562802&ga_hid=601787302&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3232&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759876%2C42532185%2C44759842%2C42532089%2C31073806%2C44788442%2C21065724&oid=2&pvsid=240041507209864&tmod=1622832237&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=PeFtbw9pZD&p=https%3A//www.kriptobi.com&dtd=9
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 103.252.227.35.bc.googleusercontent.com
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 15 Apr 2023 12:46:43 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-request-id: aqlb8k81ic186fs1hpdts8jou7tuqbn2

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 1E9D
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESENCTbaWN6sKh961ZjLgEr3U&google_cver=1&googl...
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESENCTbaWN6sKh961ZjLgEr3U&google_push=Ae...
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESENCTbaWN6sKh961ZjLgEr3U&google_hm=ZDqcs6Z98k_7hQ5MLlOc0wAAFHIAAAAB&google_nid=index&google_push=Aer7DvLkg542K39KNyIguF5HbbxVVcsm7HCyL...

170 B
188 B

26ms
25ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESENCTbaWN6sKh961ZjLgEr3U&google_hm=ZDqcs6Z98k_7hQ5MLlOc0wAAFHIAAAAB&google_nid=index&google_push=Aer7DvLkg542K39KNyIguF5HbbxVVcsm7HCyLiHqsf48Ex4XbRa4BZdt6ekfZxOPQiI0ym33hZZ24qIHNADg14VScUTcoKp6D78n_U0

Requested by

Host: www.kriptobi.com
URL: https://www.kriptobi.com/

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 15 Apr 2023 12:46:43 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sat, 15 Apr 2023 12:46:43 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESENCTbaWN6sKh961ZjLgEr3U&google_hm=ZDqcs6Z98k_7hQ5MLlOc0wAAFHIAAAAB&google_nid=index&google_push=Aer7DvLkg542K39KNyIguF5HbbxVVcsm7HCyLiHqsf48Ex4XbRa4BZdt6ekfZxOPQiI0ym33hZZ24qIHNADg14VScUTcoKp6D78n_U0
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 0
Expires: 0

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 1E9D
Redirect Chain

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEAx_mERq5QSq7bgb_1cPXFc&google_cver=1&google_push=Aer7DvJoFVeXasPkkZnX2fa4_oqdRs8vSS-un8p5G5eylUhZOIhkhr8k5VaMqU8DErU5fPhlGj5WCZE_Zj1d...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=Aer7DvJoFVeXasPkkZnX2fa4_oqdRs8vSS-un8p5G5eylUhZOIhkhr8k5VaMqU8DErU5fPhlGj5WCZE_Zj1dS3jUD8uqjFJJa_ALqPA

170 B
329 B

26ms
25ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=Aer7DvJoFVeXasPkkZnX2fa4_oqdRs8vSS-un8p5G5eylUhZOIhkhr8k5VaMqU8DErU5fPhlGj5WCZE_Zj1dS3jUD8uqjFJJa_ALqPA

Requested by

Host: www.kriptobi.com
URL: https://www.kriptobi.com/

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 15 Apr 2023 12:46:43 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=Aer7DvJoFVeXasPkkZnX2fa4_oqdRs8vSS-un8p5G5eylUhZOIhkhr8k5VaMqU8DErU5fPhlGj5WCZE_Zj1dS3jUD8uqjFJJa_ALqPA
strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 1E9D 0
130 B 78ms
22ms Image
text/html 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JdQfluxhUKdburmpEzhF8DohthHR73vFThXhHx2TmrNwicCh3trnPSAHD-8xT4C3A0lRc_

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1313850263284619&output=html&h=280&adk=2767623100&adf=226233620&pi=t.aa~a.1485073868~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1681562802&rafmt=1&to=qs&pwprc=3557328243&format=1200x280&url=https%3A%2F%2Fwww.kriptobi.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1681562802766&bpp=1&bdt=1905&idt=-M&shv=r20230412&mjsv=m202304110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd22aafe81fb0a66c-2299a61291dd005d%3AT%3D1681562802%3ART%3D1681562802%3AS%3DALNI_MZQBr8WGbln-V7JyHH-jIu-PuQc_Q&gpic=UID%3D00000bd6804a9a1d%3AT%3D1681562802%3ART%3D1681562802%3AS%3DALNI_Mb28WwxqoiV7HAMwfyAuq_ZY_zJ-A&prev_fmts=0x0%2C1200x280&nras=3&correlator=8159805992336&frm=20&pv=1&ga_vid=1132074045.1681562802&ga_sid=1681562802&ga_hid=601787302&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3232&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759876%2C42532185%2C44759842%2C42532089%2C31073806%2C44788442%2C21065724&oid=2&pvsid=240041507209864&tmod=1622832237&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=PeFtbw9pZD&p=https%3A//www.kriptobi.com&dtd=9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 12:46:43 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 39E9 1 KB
643 B 17ms
14ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 27243
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 15 Apr 2023 05:12:40 GMT
etag: 48472445140208031
expires: Sun, 16 Apr 2023 05:12:40 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 134B 15 KB
15 KB 15ms
15ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 10:31:08 GMT
x-content-type-options: nosniff
age: 353735
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15740
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 10 Apr 2024 10:31:08 GMT

GET
H3 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 134B 15 KB
16 KB 35ms
35ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 10:31:10 GMT
x-content-type-options: nosniff
age: 353733
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 10 Apr 2024 10:31:10 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 134B 15 KB
15 KB 35ms
35ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 10:31:11 GMT
x-content-type-options: nosniff
age: 353732
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 10 Apr 2024 10:31:11 GMT

GET
DATA 200
OK truncated
/ Frame CF9C 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fae77f7b8670e6e82ebdb99fbbf8df3785ae6087cd9ff7a69b2bdb3a48cf4386

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 qQ9mw0ckdUnCcE_fRg-2epoMaLUurlOMv3TU4-E81-A.js Show response
pagead2.googlesyndication.com/bg/ Frame 3F2B 36 KB
14 KB 18ms
17ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/qQ9mw0ckdUnCcE_fRg-2epoMaLUurlOMv3TU4-E81-A.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1313850263284619&output=html&h=280&adk=2767623100&adf=226233620&pi=t.aa~a.1485073868~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1681562802&rafmt=1&to=qs&pwprc=3557328243&format=1200x280&url=https%3A%2F%2Fwww.kriptobi.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1681562802766&bpp=1&bdt=1905&idt=-M&shv=r20230412&mjsv=m202304110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd22aafe81fb0a66c-2299a61291dd005d%3AT%3D1681562802%3ART%3D1681562802%3AS%3DALNI_MZQBr8WGbln-V7JyHH-jIu-PuQc_Q&gpic=UID%3D00000bd6804a9a1d%3AT%3D1681562802%3ART%3D1681562802%3AS%3DALNI_Mb28WwxqoiV7HAMwfyAuq_ZY_zJ-A&prev_fmts=0x0%2C1200x280&nras=3&correlator=8159805992336&frm=20&pv=1&ga_vid=1132074045.1681562802&ga_sid=1681562802&ga_hid=601787302&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3232&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759876%2C42532185%2C44759842%2C42532089%2C31073806%2C44788442%2C21065724&oid=2&pvsid=240041507209864&tmod=1622832237&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=PeFtbw9pZD&p=https%3A//www.kriptobi.com&dtd=9

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a90f66c347247549c2704fdf460fb67a9a0c68b52eae538cbf74d4e3e13cd7e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 08:59:33 GMT
content-encoding: br
x-content-type-options: nosniff
age: 13630
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14294
x-xss-protection: 0
last-modified: Tue, 11 Apr 2023 10:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 14 Apr 2024 08:59:33 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 39E9
Redirect Chain

https://um.simpli.fi/gp_match?google_gid=CAESEMNsGXAXmORexdFuIAddjxY&google_cver=1&google_push=Aer7DvI2tY1-zgAWkaApW2JzFblbStySzvU6B_w2SOFC_6Lmo4BfcoZSS3t3Dp2Po79FUgAPTP9INz-lYEu-OQen7L9iNoRi0hW6Qo4
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=DEB577C4245949E2B9B47531E82211A6&google_push=Aer7DvI2tY1-zgAWkaApW2JzFblbStySzvU6B_w2SOFC_6Lmo4BfcoZSS3t3Dp2Po79FUgAPTP9INz-lYEu-OQe...

170 B
188 B

26ms
26ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=DEB577C4245949E2B9B47531E82211A6&google_push=Aer7DvI2tY1-zgAWkaApW2JzFblbStySzvU6B_w2SOFC_6Lmo4BfcoZSS3t3Dp2Po79FUgAPTP9INz-lYEu-OQen7L9iNoRi0hW6Qo4

Requested by

Host: www.kriptobi.com
URL: https://www.kriptobi.com/

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 15 Apr 2023 12:46:43 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sat, 15 Apr 2023 12:46:43 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=DEB577C4245949E2B9B47531E82211A6&google_push=Aer7DvI2tY1-zgAWkaApW2JzFblbStySzvU6B_w2SOFC_6Lmo4BfcoZSS3t3Dp2Po79FUgAPTP9INz-lYEu-OQen7L9iNoRi0hW6Qo4
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Fri, 14 Apr 2023 12:46:43 GMT

GET
H2 451 466606.gif
id.rlcdn.com/ Frame 39E9 0
98 B 69ms
24ms Image
text/plain 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://id.rlcdn.com/466606.gif?cparams=google_push%3DAer7DvLImhJrbROKwec8mLinEejNfJhzY2c2--DRW1HFr8gwUDjySxRB5TGz_zVUB-xEJ-4TtSCyI94NxwW_ONHP4MG8y8nPYxMYGmE&google_gid=CAESENP9c9qa-BMRIYvjggKLgjs&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1313850263284619&output=html&h=280&adk=863612641&adf=2400033493&pi=t.aa~a.337950186~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1681562802&rafmt=1&to=qs&pwprc=3557328243&format=1200x280&url=https%3A%2F%2Fwww.kriptobi.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1681562802766&bpp=1&bdt=1906&idt=-M&shv=r20230412&mjsv=m202304110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd22aafe81fb0a66c-2299a61291dd005d%3AT%3D1681562802%3ART%3D1681562802%3AS%3DALNI_MZQBr8WGbln-V7JyHH-jIu-PuQc_Q&gpic=UID%3D00000bd6804a9a1d%3AT%3D1681562802%3ART%3D1681562802%3AS%3DALNI_Mb28WwxqoiV7HAMwfyAuq_ZY_zJ-A&prev_fmts=0x0%2C1200x280%2C1200x280&nras=4&correlator=8159805992336&frm=20&pv=1&ga_vid=1132074045.1681562802&ga_sid=1681562802&ga_hid=601787302&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3522&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759876%2C42532185%2C44759842%2C42532089%2C31073806%2C44788442%2C21065724&oid=2&pvsid=240041507209864&tmod=1622832237&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=JFZ435zsOW&p=https%3A//www.kriptobi.com&dtd=14
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 12:46:43 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 39E9
Redirect Chain

https://ads.travelaudience.com/google_pixel?google_gid=CAESEMSYwplsksRVxvkEW_DqnLA&google_cver=1&google_push=Aer7DvKgmy6X1ctH6EAtnRrLKHLfHXZGmygK8B62tEGkxJ81kLxG2gurwPSy0wNDlNT0EwbD8-1cG2OreVKp6M6J...
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=aFR-07HYT8m1ZSG2SvtG8A2&google_push=Aer7DvKgmy6X1ctH6EAtnRrLKHLfHXZGmygK8B62tEGkxJ81kLxG2gurwPSy0wNDlNT0EwbD8-1cG2OreVKp6M6JxyW39_sv7HzQ3gQ

170 B
188 B

26ms
26ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=aFR-07HYT8m1ZSG2SvtG8A2&google_push=Aer7DvKgmy6X1ctH6EAtnRrLKHLfHXZGmygK8B62tEGkxJ81kLxG2gurwPSy0wNDlNT0EwbD8-1cG2OreVKp6M6JxyW39_sv7HzQ3gQ

Requested by

Host: www.kriptobi.com
URL: https://www.kriptobi.com/

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 15 Apr 2023 12:46:43 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sat, 15 Apr 2023 12:46:43 GMT
via: 1.1 google
x-engine-version: 0.0.0
server: nginx/1.21.6
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location: https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=aFR-07HYT8m1ZSG2SvtG8A2&google_push=Aer7DvKgmy6X1ctH6EAtnRrLKHLfHXZGmygK8B62tEGkxJ81kLxG2gurwPSy0wNDlNT0EwbD8-1cG2OreVKp6M6JxyW39_sv7HzQ3gQ
x-host: tde-deliveryengine-production-64c8469d98-8s4w9
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 39E9
Redirect Chain

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEL6u1F37krF4qB0kG893HRA&google_cver=1&google_push=Aer7DvKysM476Ek6Y6fnsBsWv9FUf8l96Ry2pvA2xOC9_e3bnghRYL6tL4axRc0kOQiwEQBFvqByCNzvfoPDJf4AvsCd...
https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEL6u1F37krF4qB0kG893HRA&google_cver=1&google_push=Aer7DvKysM476Ek6Y6fnsBsWv9FUf8l96Ry2pvA2xOC9_e3bnghRYL6tL4axRc0kOQiwEQBFvqByCNzvfoPDJf...
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=Aer7DvKysM476Ek6Y6fnsBsWv9FUf8l96Ry2pvA2xOC9_e3bnghRYL6tL4axRc0kOQiwEQBFvqByCNzvfoPDJf4AvsCdJaZZYA_IDPA&google_hm=4BWJeI8PQX6Ha27LV0jF...

170 B
188 B

29ms
29ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=Aer7DvKysM476Ek6Y6fnsBsWv9FUf8l96Ry2pvA2xOC9_e3bnghRYL6tL4axRc0kOQiwEQBFvqByCNzvfoPDJf4AvsCdJaZZYA_IDPA&google_hm=4BWJeI8PQX6Ha27LV0jFTQ==

Requested by

Host: www.kriptobi.com
URL: https://www.kriptobi.com/

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 15 Apr 2023 12:46:43 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: //cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=Aer7DvKysM476Ek6Y6fnsBsWv9FUf8l96Ry2pvA2xOC9_e3bnghRYL6tL4axRc0kOQiwEQBFvqByCNzvfoPDJf4AvsCdJaZZYA_IDPA&google_hm=4BWJeI8PQX6Ha27LV0jFTQ==
date: Sat, 15 Apr 2023 12:46:43 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 39E9
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEI5cFDACvB2mrriddZ-ezME&google_cver=1&google_push=Aer7DvJGpjYNsLhg2FGjezWQ450OzaVwwp9s4FHF9zSwxHO3tPOu6Qa8fimpnVM6WQO2EMf0vXMhzne2vlDgUumanEXD8Fd...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=Aer7DvJGpjYNsLhg2FGjezWQ450OzaVwwp9s4FHF9zSwxHO3tPOu6Qa8fimpnVM6WQO2EMf0vXMhzne2vlDgUumanEXD8FdB4uNLBTM&google_hm=eS1DY0FLM3IxRTJwRUd...

170 B
188 B

25ms
24ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=Aer7DvJGpjYNsLhg2FGjezWQ450OzaVwwp9s4FHF9zSwxHO3tPOu6Qa8fimpnVM6WQO2EMf0vXMhzne2vlDgUumanEXD8FdB4uNLBTM&google_hm=eS1DY0FLM3IxRTJwRUdxTzZDbjk3VTUzSk9NbTNkZDZ5QX5B

Requested by

Host: www.kriptobi.com
URL: https://www.kriptobi.com/

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 15 Apr 2023 12:46:43 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sat, 15 Apr 2023 12:46:43 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=Aer7DvJGpjYNsLhg2FGjezWQ450OzaVwwp9s4FHF9zSwxHO3tPOu6Qa8fimpnVM6WQO2EMf0vXMhzne2vlDgUumanEXD8FdB4uNLBTM&google_hm=eS1DY0FLM3IxRTJwRUdxTzZDbjk3VTUzSk9NbTNkZDZ5QX5B
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 39E9
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=KEBB4esURLiyGHjeTz-1Xw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

32ms
30ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=KEBB4esURLiyGHjeTz-1Xw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=Aer7DvIPQE5xMsmey_NicbH7EmwCXQhPMoODpE_cxdJVXSdyMG_81ppJJQ8tfIMRRymPJXZ4HyIFFNjJyPJxhg_kQNrf1BtO15dOHGM

Requested by

Host: www.kriptobi.com
URL: https://www.kriptobi.com/

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 15 Apr 2023 12:46:43 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=KEBB4esURLiyGHjeTz-1Xw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=Aer7DvIPQE5xMsmey_NicbH7EmwCXQhPMoODpE_cxdJVXSdyMG_81ppJJQ8tfIMRRymPJXZ4HyIFFNjJyPJxhg_kQNrf1BtO15dOHGM
date: Sat, 15 Apr 2023 12:46:43 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H2 200 trk
ag.innovid.com/ Frame 39E9 43 B
298 B 199ms
25ms Image
image/gif 2a05:d01c:1d8:8101:a62a:a2db:d81b:4039
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ag.innovid.com/trk?tid=11711&google_gid=CAESEMmAlupI_byoRX5gOZt910g&google_cver=1&google_push=Aer7DvK4CutDFR1LLPRDaZogqpQCKNLhJ6Bmoltsn0kjEvAbpuWdSVW_uZPuMcIvT45CM6-WDGPZoLF6hfHS0BhWay7dueR5ksOiHmQ
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1313850263284619&output=html&h=280&adk=863612641&adf=2400033493&pi=t.aa~a.337950186~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1681562802&rafmt=1&to=qs&pwprc=3557328243&format=1200x280&url=https%3A%2F%2Fwww.kriptobi.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1681562802766&bpp=1&bdt=1906&idt=-M&shv=r20230412&mjsv=m202304110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd22aafe81fb0a66c-2299a61291dd005d%3AT%3D1681562802%3ART%3D1681562802%3AS%3DALNI_MZQBr8WGbln-V7JyHH-jIu-PuQc_Q&gpic=UID%3D00000bd6804a9a1d%3AT%3D1681562802%3ART%3D1681562802%3AS%3DALNI_Mb28WwxqoiV7HAMwfyAuq_ZY_zJ-A&prev_fmts=0x0%2C1200x280%2C1200x280&nras=4&correlator=8159805992336&frm=20&pv=1&ga_vid=1132074045.1681562802&ga_sid=1681562802&ga_hid=601787302&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3522&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759876%2C42532185%2C44759842%2C42532089%2C31073806%2C44788442%2C21065724&oid=2&pvsid=240041507209864&tmod=1622832237&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=JFZ435zsOW&p=https%3A//www.kriptobi.com&dtd=14
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a05:d01c:1d8:8101:a62a:a2db:d81b:4039 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Sat, 15 Apr 2023 12:46:43 GMT
cache-control: no-cache
content-length: 43
request-time: 1
expires: -1

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 39E9 0
40 B 28ms
24ms Image
text/html 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13I18yOSNVBRvcl5kTpmcCr0GOvM2xslcdX8eCnBdkb6XCJSN-p9-yvr1xDQ9VjZ6P04D7o0

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 12:46:43 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v46/ Frame CF9C 29 KB
29 KB 16ms
15ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v46/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

45a61a04904fc2115c440a349a65dc93d2965b0b24dc5a8172bd8b792bdbf103

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Mon, 10 Apr 2023 21:54:53 GMT
x-content-type-options: nosniff
age: 399110
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29728
x-xss-protection: 0
last-modified: Mon, 03 Apr 2023 16:59:50 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 09 Apr 2024 21:54:53 GMT

GET
H3 200 error_handler.js Show response
tpc.googlesyndication.com/pagead/js/r20230412/r20110914/client/ Frame 7CF7 8 KB
3 KB 17ms
17ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230412/r20110914/client/error_handler.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1313850263284619&output=html&h=280&adk=808466392&adf=1649704010&pi=t.aa~a.3111939286~rp.2&w=450&fwrn=4&fwrnh=100&lmt=1681562802&rafmt=1&to=qs&pwprc=3557328243&format=450x280&url=https%3A%2F%2Fwww.kriptobi.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1681562802766&bpp=1&bdt=1906&idt=1&shv=r20230412&mjsv=m202304110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd22aafe81fb0a66c-2299a61291dd005d%3AT%3D1681562802%3ART%3D1681562802%3AS%3DALNI_MZQBr8WGbln-V7JyHH-jIu-PuQc_Q&gpic=UID%3D00000bd6804a9a1d%3AT%3D1681562802%3ART%3D1681562802%3AS%3DALNI_Mb28WwxqoiV7HAMwfyAuq_ZY_zJ-A&prev_fmts=0x0%2C1200x280%2C1200x280%2C1200x280&nras=5&correlator=8159805992336&frm=20&pv=1&ga_vid=1132074045.1681562802&ga_sid=1681562802&ga_hid=601787302&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1059&ady=3875&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759876%2C42532185%2C44759842%2C42532089%2C31073806%2C44788442%2C21065724&oid=2&pvsid=240041507209864&tmod=1622832237&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=qOOucpAufo&p=https%3A//www.kriptobi.com&dtd=21

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

78cad1fb95d1e9bbe4a7b1f90fa38ef699314ee65bf914e65ffae62005103a8e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Fri, 14 Apr 2023 18:12:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 66861
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3465
x-xss-protection: 0
server: cafe
etag: 6788195977828770272
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 28 Apr 2023 18:12:22 GMT

GET
H3 200 qQ9mw0ckdUnCcE_fRg-2epoMaLUurlOMv3TU4-E81-A.js Show response
pagead2.googlesyndication.com/bg/ Frame BC0D 36 KB
14 KB 17ms
17ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/qQ9mw0ckdUnCcE_fRg-2epoMaLUurlOMv3TU4-E81-A.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a90f66c347247549c2704fdf460fb67a9a0c68b52eae538cbf74d4e3e13cd7e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 08:59:33 GMT
content-encoding: br
x-content-type-options: nosniff
age: 13630
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14294
x-xss-protection: 0
last-modified: Tue, 11 Apr 2023 10:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 14 Apr 2024 08:59:33 GMT

GET
H3 200 error_handler.js Show response
tpc.googlesyndication.com/pagead/js/r20230412/r20110914/client/ Frame C612 8 KB
3 KB 16ms
16ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230412/r20110914/client/error_handler.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

78cad1fb95d1e9bbe4a7b1f90fa38ef699314ee65bf914e65ffae62005103a8e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Fri, 14 Apr 2023 18:12:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 66861
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3465
x-xss-protection: 0
server: cafe
etag: 6788195977828770272
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 28 Apr 2023 18:12:22 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame C612 42 B
63 B 49ms
48ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DNa_aMwjk66r_-nfhNkg3yAbQ_KyDQUT9WRxFS_LSuRRJlxglvQhfFIYb4sfzEPbh-l-qM4VdNdiFh1sG97B2IIeYmjpXTVTHGF4JF8R939TvIZPU

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 15 Apr 2023 12:46:43 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame C612 0
20 B 49ms
47ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=9154176718488683339&x=1&ct=76

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 15 Apr 2023 12:46:43 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame C612 78 KB
27 KB 178ms
177ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

46b3e081067e631f9a1049fbfa37844da854f741b7f9a45900dc02a19a4ef143

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 12:46:43 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28043
x-xss-protection: 0
server: cafe
etag: 15270303690107644053
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Sat, 15 Apr 2023 12:46:43 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230412/r20110914/client/ Frame C612 3 KB
1 KB 16ms
14ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230412/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 09:37:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 11377
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 29 Apr 2023 09:37:06 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230412/r20110914/client/ Frame C612 20 KB
8 KB 17ms
15ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230412/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b1b3b73852f7856f1a0f317701846bc7853eb5b127ba882c23c5073dbe6d022d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Fri, 14 Apr 2023 18:12:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 66860
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8509
x-xss-protection: 0
server: cafe
etag: 3034682829645713766
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 28 Apr 2023 18:12:23 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame C612 0
0 24ms
22ms Image
text/html 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRijsbgoDyRPGkgW8cUVmUSxYSiAoagpABWkd2SImXG1YvM5lbk9oMj6mKs294ZBUiIVBXZgW7sAfz5-jDm2qgxWfJoTQ
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1313850263284619&output=html&h=280&adk=808466392&adf=1649704010&pi=t.aa~a.3111939286~rp.2&w=450&fwrn=4&fwrnh=100&lmt=1681562802&rafmt=1&to=qs&pwprc=3557328243&format=450x280&url=https%3A%2F%2Fwww.kriptobi.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1681562802766&bpp=1&bdt=1906&idt=1&shv=r20230412&mjsv=m202304110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd22aafe81fb0a66c-2299a61291dd005d%3AT%3D1681562802%3ART%3D1681562802%3AS%3DALNI_MZQBr8WGbln-V7JyHH-jIu-PuQc_Q&gpic=UID%3D00000bd6804a9a1d%3AT%3D1681562802%3ART%3D1681562802%3AS%3DALNI_Mb28WwxqoiV7HAMwfyAuq_ZY_zJ-A&prev_fmts=0x0%2C1200x280%2C1200x280%2C1200x280&nras=5&correlator=8159805992336&frm=20&pv=1&ga_vid=1132074045.1681562802&ga_sid=1681562802&ga_hid=601787302&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1059&ady=3875&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759876%2C42532185%2C44759842%2C42532089%2C31073806%2C44788442%2C21065724&oid=2&pvsid=240041507209864&tmod=1622832237&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=qOOucpAufo&p=https%3A//www.kriptobi.com&dtd=21
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame C612 159 KB
49 KB 33ms
31ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cbeee230de9adc4b4765d4387c54fa936a5c26f8306fe0e6f5f8415284f56c33

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 12:46:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49801
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1681299295334834"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 15 Apr 2023 12:46:43 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame CF98 624 B
242 B 56ms
56ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkY-O_NxQEwAQ&v=APEucNUBGUxlclhe433hdT1_MgL3IHiJ-2HmDqeAXIDAxRoVIm4ptM8NdaXkCWkHgMeCfOO8PZX937EkrKNFF2EgfP1fXqOcyYaWQgw0gwtVkTNF2aEuGOKJtkRhcgEv-rzAKZloc1HVhQ8vjryheSaO2HPiDn-IZUkPs_VhG6vE3ffFL-Amo-g

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1313850263284619&output=html&h=280&adk=808466392&adf=1649704010&pi=t.aa~a.3111939286~rp.2&w=450&fwrn=4&fwrnh=100&lmt=1681562802&rafmt=1&to=qs&pwprc=3557328243&format=450x280&url=https%3A%2F%2Fwww.kriptobi.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1681562802766&bpp=1&bdt=1906&idt=1&shv=r20230412&mjsv=m202304110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd22aafe81fb0a66c-2299a61291dd005d%3AT%3D1681562802%3ART%3D1681562802%3AS%3DALNI_MZQBr8WGbln-V7JyHH-jIu-PuQc_Q&gpic=UID%3D00000bd6804a9a1d%3AT%3D1681562802%3ART%3D1681562802%3AS%3DALNI_Mb28WwxqoiV7HAMwfyAuq_ZY_zJ-A&prev_fmts=0x0%2C1200x280%2C1200x280%2C1200x280&nras=5&correlator=8159805992336&frm=20&pv=1&ga_vid=1132074045.1681562802&ga_sid=1681562802&ga_hid=601787302&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1059&ady=3875&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759876%2C42532185%2C44759842%2C42532089%2C31073806%2C44788442%2C21065724&oid=2&pvsid=240041507209864&tmod=1622832237&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=qOOucpAufo&p=https%3A//www.kriptobi.com&dtd=21
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 15 Apr 2023 12:46:43 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame CF98
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEO9-rBuWaoOxf0_1JO_f9BA&google_cver=1

43 B
632 B

40ms
8ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEO9-rBuWaoOxf0_1JO_f9BA&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkY-O_NxQEwAQ&v=APEucNUBGUxlclhe433hdT1_MgL3IHiJ-2HmDqeAXIDAxRoVIm4ptM8NdaXkCWkHgMeCfOO8PZX937EkrKNFF2EgfP1fXqOcyYaWQgw0gwtVkTNF2aEuGOKJtkRhcgEv-rzAKZloc1HVhQ8vjryheSaO2HPiDn-IZUkPs_VhG6vE3ffFL-Amo-g
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 15 Apr 2023 12:46:43 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=500
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Sat, 15 Apr 2023 12:46:43 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEO9-rBuWaoOxf0_1JO_f9BA&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame CF98
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZDqcs6Z98k-7hQ5MLlOc0wAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEO9-rBuWaoOxf0_1JO_f9BA&google_cver=1

43 B
632 B

9ms
9ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEO9-rBuWaoOxf0_1JO_f9BA&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkY-O_NxQEwAQ&v=APEucNUBGUxlclhe433hdT1_MgL3IHiJ-2HmDqeAXIDAxRoVIm4ptM8NdaXkCWkHgMeCfOO8PZX937EkrKNFF2EgfP1fXqOcyYaWQgw0gwtVkTNF2aEuGOKJtkRhcgEv-rzAKZloc1HVhQ8vjryheSaO2HPiDn-IZUkPs_VhG6vE3ffFL-Amo-g
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 15 Apr 2023 12:46:43 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Sat, 15 Apr 2023 12:46:43 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEO9-rBuWaoOxf0_1JO_f9BA&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

bounce
ib.adnxs.com/ Frame CF98
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEOnZ9dZeFyJOd5HzYfCYRCM&google_cver=1
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEOnZ9dZeFyJOd5HzYfCYRCM%26google_cver%3D1

43 B
1 KB

14ms
14ms

Image
image/gif

185.83.142.19
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEOnZ9dZeFyJOd5HzYfCYRCM%26google_cver%3D1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkY-O_NxQEwAQ&v=APEucNUBGUxlclhe433hdT1_MgL3IHiJ-2HmDqeAXIDAxRoVIm4ptM8NdaXkCWkHgMeCfOO8PZX937EkrKNFF2EgfP1fXqOcyYaWQgw0gwtVkTNF2aEuGOKJtkRhcgEv-rzAKZloc1HVhQ8vjryheSaO2HPiDn-IZUkPs_VhG6vE3ffFL-Amo-g

Protocol

HTTP/1.1

Server

185.83.142.19 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

960.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 15 Apr 2023 12:46:43 GMT
AN-X-Request-Uuid: c53a4f54-5f2f-4a38-8f34-df592d08f3e3
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: image/gif
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 37.58.57.1; 37.58.57.1; 960.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sat, 15 Apr 2023 12:46:43 GMT
AN-X-Request-Uuid: e58898fc-a166-42b0-a0cb-ab9e29c61f98
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEOnZ9dZeFyJOd5HzYfCYRCM%26google_cver%3D1
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 37.58.57.1; 37.58.57.1; 960.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame CF98
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjUyMjg3NzE0NDU0ODkwOTMwNg%3D%3D

170 B
188 B

26ms
26ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjUyMjg3NzE0NDU0ODkwOTMwNg%3D%3D

Requested by

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 15 Apr 2023 12:46:43 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Sat, 15 Apr 2023 12:46:43 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 37.58.57.1; 37.58.57.1; 960.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: e0c5ca8d-a5ae-4710-b30a-04937df53325
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjUyMjg3NzE0NDU0ODkwOTMwNg%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame C612 0
20 B 49ms
49ms Ping
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=5762212515549&version=m202301230201

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 15 Apr 2023 12:46:43 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame C612 0
20 B 49ms
49ms Ping
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=5762212515549&version=m202301230201&ct=76&x=1&cor=9154176718488684000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 15 Apr 2023 12:46:43 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame C612 95 KB
38 KB 60ms
59ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BVIs7fFSL-oryy3JRvTYiYeBkGsMLC5BAWPsXwFyItzdM3EmXgLo2VtwmXJf4_jYDVUOJ9RQFQ1IljLlXjrrTkhS_v_54S0_vqiDF4ej9Ybju_jcY1W82FLMaZC5U7GXDmhtE-lLoTzyZcRLzRNo0LstzM9Zci6LF348N0JmIhQ_JoGyo&dbm_d=AKAmf-AdFNz1PBJIOywf7BhyYgHnIe5VWX1WnwiVnicVwstNKUOJFpZ1pHdgtBzZhvfID9SoNbSpUzajQSV_p38hJqe4HFdB9oicas7MXl8EBNet4tURkJo2TyP284L7XWmzpvq8h6N-TLXDGpR0jE0UyXTCOPF0toqR_TfR1iajQw5Iyn3FcjdgE84g9w1hfbsllVR_jAa-t9PJ-vc0YJb1NLop1WrKLC8xo6JTjmQmFoQoT94PwwBkuuVEivlZUmgYWpKqb0eofkNK9-7hiB9jg1WBIVBCPoKgrtmWIkeuAF7MENA5F_eJONHRFkfIEBV0ngFd7OhcGgkqTHT7vWTsnbxAc05X30IT-JxeHhkdhqEpis3rDZzxTp20MsNWZiUqR5XUmZF4I0Zuzi4JT2573nHZmmgXlri19_n5A-0qkHBHSSaq8sdlPYNcVq6culZLJAcHcWQ5mOaI70fWbfB6N_pLjN7hWcwb6N0_Iefc6VQOsvwhFok6cHtEY6rM3OGtwn3qDVIhTdiOTgBFskfdxyhq5eO8fQP3nPfn2c5sfDhykUA_hTkePRo_giBqXC0Fe7DT9U5BVNB3-xoGmQQlnlWDKxllKwC002eJzrEZY9I5qk0gyMb-DyqNjxQEBO82SXLLBjVQqx3fvxhhcskopFc6gxr_3WXT2o_HHg8C70b1gAMtTb4XgiEX28pbZVIa6aCAhkjCZZXn3evXTM2H7Ae-OG88lRUxS0YYlR0kiyua-rAJy3yxenOz_GjuVBGHOzNCdHQXvZuwFAmOU1Az5agEz8uRuCZd_5yWCatl4JvVT0vBTB7oQXz08KUbsmTH97rxskScRc8lkR0Qmph5Az1xEVfcGZpXVpdqf9YnILh137z8-63KJMBogs3bEuCj8VhyKcWe1nURg9aaCsD64c1j7N8YxGAsNLQEUvxnZC-wyaT3Onaw2hQGePyt8ZfLG3dcsejy64i1XtRj4DV9WgUrvOmI6Atkgzu3WsAqrzIXxvIsqeNcl6GXHC5a2Z5gZxjygh5fLD5IIX1W04zAtEwRYTSoYV6uXEjkWI5cg0MVzTC_YILq0rBYYOSwwfcEHKdRn02tSnRYnb31_ELocc1ulxn3175hBdfgid9MTasfGxmQh9QkgTU1m3qwGBZI_tmQFNHCkERUk3jFjdaKIt1F4P1w_LjDWHW2zhCI8_6Dp9TpihT7UCQ7hL5c3CSdN5oGgQ9IWJnUS8HKqIa5dd3uVRgHpi80Mdzx19zbuve-itFsPy2YL2W0ur2bboPAUYp1nHrUxWiPPA3Y9ilxhpQdARAQ94PrYoePxkawV3yW8haP2yy4kRD_ahokDOsIjjWiTsy34zL5TDtjp3Zy4j-u2tZzSCbzCwvDl_A5Wq9WXk_qb55H3_7z7tUTY0yIIHMkPK605uxzTgxHEpYnSDZ8P7XFBDc-nwesC77U-thB8wIuHMZyszClS_rMqMGwYtrhRHZgZhcc9gwWxl6fB1_wVMOfLT6AkCicpfMaKRXz71uwT8_d2OapQJPAH9exysTnRnrBDi9ENLvl1Twdwb0qoklGa9AVDtErhqc7BbtdafUi1cM1kfDm81pw75Y1pXMUal7grTIqyPWS1xWTd-OhWfTgA5jdl25uuciZm5Q_uDIhTaRj4tklWdfjoQxXKCCs7243mcfU_VlOvs6Nf6rReCf_cHy7n98I-wVLuHS4P-9OcP2ONyqRuW4f1ucZF-VLyJxHSzZffaTXkuARHmpNYo4USlUvjC1i3yBHmugubdYz3ampkpgTnt4555G9kDKHa9QqmNnMcuJQQ2HFardshCyGkJK-iVNtp_Fu73m9nvrSR7EvAXBnt_WN1Pl8-wzVAkGNVgwqpDvUrBATMUMl5y1Cp4w55ymRUoVOr0aV7VA1LHlgrOqMoBI0j8cBIdItfIa_OQcq4YvIIBmbXqdHXoNOoQ3jJbK7Mro0zvS9TKzDFQrtW787KvESPa3bx0KOAGiuALjGxTxRdFNCkLnHprSWHRAt27bUNYx0Wv1a6HBub3D4SJqOebGUoop4WEP7x2aNldBnWvFMkTRSi3jr5jfpRZVXeqg-s5K_SBBp2ue-WmXtYxY3r4H7FEZdsv0OC1mCqkXuZMVHJ93Y1sRQvpC5KW4DxyGRfWYrdoKcI6PImr6hND-t9_YXOp-vUOw-Pvd8QmRPiXEaEMWCvpaUSxqyfW28VCxxA2dpB7cxt9SzkyXJ-5o4A2bW2FkclKY41baXSg4J99lepMfvR0GsvRMz8oZRJe8w6LrytbpMOI1LCdMj4oQu408sk9OP3rNqo_mz-Z9rDQg9Np5ToiHw-TOTJHmUdG-qFOof4cGfRlBNBGP6irmY9cIZgzJK_ZX7ccBOpcdcOOsu5wH3lKS9e_9sISvoleEf7LINWk_e7fEeFwIBzFnQIjCc--BLg67VAVtUfFjLYjlkMET0Wtp1HDkd2p7YgcN5KulDUApxQLttchngq1KT7kTh1u8GwZ6rWGf3MlB_hDPttvwNK2kt007C5ooZLmipwlLBX8uc8myrhXJWIhGrFD64_E3M0j-xwKLZDiF4dGOgi-5piyfqtZfKYS2PHwTtOlmN6tPFcZKuQPMYAIyLOEy33jCsOXRG8MDrxVBFNliwe15dVmVvWGpJFRmBeVsDKzwSz_3-CVA6CdmVU-r5_xGttRw1L6HKdbmoJoYN9smdXq6_IsVA725gjpn9ksJ4ffttks9g_4UgRQ-dS6lr_pFP8M-Hr3WO71G2JjnvFXF3fDuSaZ4nBBoqaUT4-l1RwiNyA9EQUDenlU9anw5fnPeNeEK7XiHA9co5EF3K1s2-9b479Ya3dXrjOjUKz-MJLu2JmbbVRMQVxBH-kN3AtySiaF3yBbgVyGHUPF0LAetVwx6CJmDGU3vjdNiFhN3GaIMm44znPamCla7DCSos0BlIttoEpTOG9Vvamm5RuLG7fnDbPOiVUjOnL3d8kSuBukJDZUKVmfNiwucs-4Z3Jxr84jmvk4UuZ5kbT7iNdcqWL7J-1RL73TqNe_CeNb0HdVQbmvZ6wY_9bTIXu7dF0nXgKuWQKN8Lxb31ivqCF2gGFMYq_o1oufMs1mtidO8f2bvYiHTGpVElpLtblKX_pBm3sCG0ogvj-gRoASPO4dsvYw-2q42ZjIMGBmAS2u18LYRRg56TK-uuEJlg5G0gjgNC5ts2PRe2ej_RnkJuDASrKPbIO42F4VX4xS8T2LVJB1KYzBYj550zlfLHL1028KG86vKuXU8QqTnsnV1rMrmDqIYg4hCctfIw-gby1d7Zct0flo_9cOueh6ZpROhTweWOk1T3yu02rhtFh3WlGdT5g4DB06pNEf1XiKt0Lj_Dp5r5I57UOsP234L8yT4AWufSpLv1bKJyHta3&cid=CAQSPABygQiDNqIRrwYvgESkKpVjAqA2RMx3o1Vl8r-0CM0VHnN1Fd0VzQN8eJ5l1qf0KBTtG48-uJN46fa_JRgB&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww.kriptobi.com%2F&ds=l&xdt=1&iif=1&cor=9154176718488684000&adk=1726166460&idt=183&cac=0&dtd=8

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4efc4a14ca93184f6bc714835f503e2e016c2d6a926e32734d3d6144b0549fb4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1313850263284619&output=html&h=280&adk=808466392&adf=1649704010&pi=t.aa~a.3111939286~rp.2&w=450&fwrn=4&fwrnh=100&lmt=1681562802&rafmt=1&to=qs&pwprc=3557328243&format=450x280&url=https%3A%2F%2Fwww.kriptobi.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1681562802766&bpp=1&bdt=1906&idt=1&shv=r20230412&mjsv=m202304110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd22aafe81fb0a66c-2299a61291dd005d%3AT%3D1681562802%3ART%3D1681562802%3AS%3DALNI_MZQBr8WGbln-V7JyHH-jIu-PuQc_Q&gpic=UID%3D00000bd6804a9a1d%3AT%3D1681562802%3ART%3D1681562802%3AS%3DALNI_Mb28WwxqoiV7HAMwfyAuq_ZY_zJ-A&prev_fmts=0x0%2C1200x280%2C1200x280%2C1200x280&nras=5&correlator=8159805992336&frm=20&pv=1&ga_vid=1132074045.1681562802&ga_sid=1681562802&ga_hid=601787302&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1059&ady=3875&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759876%2C42532185%2C44759842%2C42532089%2C31073806%2C44788442%2C21065724&oid=2&pvsid=240041507209864&tmod=1622832237&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=qOOucpAufo&p=https%3A//www.kriptobi.com&dtd=21
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 15 Apr 2023 12:46:43 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 38457
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 skeleton.js Show response
fw.adsafeprotected.com/rjss/st/990511/61634100/ Frame C612 243 KB
73 KB 174ms
37ms Script
application/javascript 34.242.190.194
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://fw.adsafeprotected.com/rjss/st/990511/61634100/skeleton.js?ias_dspID=3&ias_campId=1010147412&ias_pubId=pub-1313850263284619&ias_chanId=1&ias_placementId=19429527826&bidurl=https://www.kriptobi.com/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0jLGwIEv8kucokqnZfJBBYX
Requested by: Host: www.kriptobi.com
URL: https://www.kriptobi.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.242.190.194 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-242-190-194.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 26326d9d5d768503c954be274d975455269146bba87409af461e46645e297ed7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 15 Apr 2023 12:46:44 GMT
content-encoding: gzip
vary: accept-encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: fw.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H2 200 express_html_inpage_rendering_lib_200_276.js Show response
s0.2mdn.net/879366/ Frame C612 106 KB
37 KB 303ms
16ms Script
text/javascript 2a00:1450:4001:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Requested by

Host: www.kriptobi.com
URL: https://www.kriptobi.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 11:15:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 5495
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 37872
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 23:07:26 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 16 Apr 2023 11:15:09 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20230412/r20110914/elements/html/ Frame C612 11 KB
4 KB 16ms
15ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230412/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BVIs7fFSL-oryy3JRvTYiYeBkGsMLC5BAWPsXwFyItzdM3EmXgLo2VtwmXJf4_jYDVUOJ9RQFQ1IljLlXjrrTkhS_v_54S0_vqiDF4ej9Ybju_jcY1W82FLMaZC5U7GXDmhtE-lLoTzyZcRLzRNo0LstzM9Zci6LF348N0JmIhQ_JoGyo&dbm_d=AKAmf-AdFNz1PBJIOywf7BhyYgHnIe5VWX1WnwiVnicVwstNKUOJFpZ1pHdgtBzZhvfID9SoNbSpUzajQSV_p38hJqe4HFdB9oicas7MXl8EBNet4tURkJo2TyP284L7XWmzpvq8h6N-TLXDGpR0jE0UyXTCOPF0toqR_TfR1iajQw5Iyn3FcjdgE84g9w1hfbsllVR_jAa-t9PJ-vc0YJb1NLop1WrKLC8xo6JTjmQmFoQoT94PwwBkuuVEivlZUmgYWpKqb0eofkNK9-7hiB9jg1WBIVBCPoKgrtmWIkeuAF7MENA5F_eJONHRFkfIEBV0ngFd7OhcGgkqTHT7vWTsnbxAc05X30IT-JxeHhkdhqEpis3rDZzxTp20MsNWZiUqR5XUmZF4I0Zuzi4JT2573nHZmmgXlri19_n5A-0qkHBHSSaq8sdlPYNcVq6culZLJAcHcWQ5mOaI70fWbfB6N_pLjN7hWcwb6N0_Iefc6VQOsvwhFok6cHtEY6rM3OGtwn3qDVIhTdiOTgBFskfdxyhq5eO8fQP3nPfn2c5sfDhykUA_hTkePRo_giBqXC0Fe7DT9U5BVNB3-xoGmQQlnlWDKxllKwC002eJzrEZY9I5qk0gyMb-DyqNjxQEBO82SXLLBjVQqx3fvxhhcskopFc6gxr_3WXT2o_HHg8C70b1gAMtTb4XgiEX28pbZVIa6aCAhkjCZZXn3evXTM2H7Ae-OG88lRUxS0YYlR0kiyua-rAJy3yxenOz_GjuVBGHOzNCdHQXvZuwFAmOU1Az5agEz8uRuCZd_5yWCatl4JvVT0vBTB7oQXz08KUbsmTH97rxskScRc8lkR0Qmph5Az1xEVfcGZpXVpdqf9YnILh137z8-63KJMBogs3bEuCj8VhyKcWe1nURg9aaCsD64c1j7N8YxGAsNLQEUvxnZC-wyaT3Onaw2hQGePyt8ZfLG3dcsejy64i1XtRj4DV9WgUrvOmI6Atkgzu3WsAqrzIXxvIsqeNcl6GXHC5a2Z5gZxjygh5fLD5IIX1W04zAtEwRYTSoYV6uXEjkWI5cg0MVzTC_YILq0rBYYOSwwfcEHKdRn02tSnRYnb31_ELocc1ulxn3175hBdfgid9MTasfGxmQh9QkgTU1m3qwGBZI_tmQFNHCkERUk3jFjdaKIt1F4P1w_LjDWHW2zhCI8_6Dp9TpihT7UCQ7hL5c3CSdN5oGgQ9IWJnUS8HKqIa5dd3uVRgHpi80Mdzx19zbuve-itFsPy2YL2W0ur2bboPAUYp1nHrUxWiPPA3Y9ilxhpQdARAQ94PrYoePxkawV3yW8haP2yy4kRD_ahokDOsIjjWiTsy34zL5TDtjp3Zy4j-u2tZzSCbzCwvDl_A5Wq9WXk_qb55H3_7z7tUTY0yIIHMkPK605uxzTgxHEpYnSDZ8P7XFBDc-nwesC77U-thB8wIuHMZyszClS_rMqMGwYtrhRHZgZhcc9gwWxl6fB1_wVMOfLT6AkCicpfMaKRXz71uwT8_d2OapQJPAH9exysTnRnrBDi9ENLvl1Twdwb0qoklGa9AVDtErhqc7BbtdafUi1cM1kfDm81pw75Y1pXMUal7grTIqyPWS1xWTd-OhWfTgA5jdl25uuciZm5Q_uDIhTaRj4tklWdfjoQxXKCCs7243mcfU_VlOvs6Nf6rReCf_cHy7n98I-wVLuHS4P-9OcP2ONyqRuW4f1ucZF-VLyJxHSzZffaTXkuARHmpNYo4USlUvjC1i3yBHmugubdYz3ampkpgTnt4555G9kDKHa9QqmNnMcuJQQ2HFardshCyGkJK-iVNtp_Fu73m9nvrSR7EvAXBnt_WN1Pl8-wzVAkGNVgwqpDvUrBATMUMl5y1Cp4w55ymRUoVOr0aV7VA1LHlgrOqMoBI0j8cBIdItfIa_OQcq4YvIIBmbXqdHXoNOoQ3jJbK7Mro0zvS9TKzDFQrtW787KvESPa3bx0KOAGiuALjGxTxRdFNCkLnHprSWHRAt27bUNYx0Wv1a6HBub3D4SJqOebGUoop4WEP7x2aNldBnWvFMkTRSi3jr5jfpRZVXeqg-s5K_SBBp2ue-WmXtYxY3r4H7FEZdsv0OC1mCqkXuZMVHJ93Y1sRQvpC5KW4DxyGRfWYrdoKcI6PImr6hND-t9_YXOp-vUOw-Pvd8QmRPiXEaEMWCvpaUSxqyfW28VCxxA2dpB7cxt9SzkyXJ-5o4A2bW2FkclKY41baXSg4J99lepMfvR0GsvRMz8oZRJe8w6LrytbpMOI1LCdMj4oQu408sk9OP3rNqo_mz-Z9rDQg9Np5ToiHw-TOTJHmUdG-qFOof4cGfRlBNBGP6irmY9cIZgzJK_ZX7ccBOpcdcOOsu5wH3lKS9e_9sISvoleEf7LINWk_e7fEeFwIBzFnQIjCc--BLg67VAVtUfFjLYjlkMET0Wtp1HDkd2p7YgcN5KulDUApxQLttchngq1KT7kTh1u8GwZ6rWGf3MlB_hDPttvwNK2kt007C5ooZLmipwlLBX8uc8myrhXJWIhGrFD64_E3M0j-xwKLZDiF4dGOgi-5piyfqtZfKYS2PHwTtOlmN6tPFcZKuQPMYAIyLOEy33jCsOXRG8MDrxVBFNliwe15dVmVvWGpJFRmBeVsDKzwSz_3-CVA6CdmVU-r5_xGttRw1L6HKdbmoJoYN9smdXq6_IsVA725gjpn9ksJ4ffttks9g_4UgRQ-dS6lr_pFP8M-Hr3WO71G2JjnvFXF3fDuSaZ4nBBoqaUT4-l1RwiNyA9EQUDenlU9anw5fnPeNeEK7XiHA9co5EF3K1s2-9b479Ya3dXrjOjUKz-MJLu2JmbbVRMQVxBH-kN3AtySiaF3yBbgVyGHUPF0LAetVwx6CJmDGU3vjdNiFhN3GaIMm44znPamCla7DCSos0BlIttoEpTOG9Vvamm5RuLG7fnDbPOiVUjOnL3d8kSuBukJDZUKVmfNiwucs-4Z3Jxr84jmvk4UuZ5kbT7iNdcqWL7J-1RL73TqNe_CeNb0HdVQbmvZ6wY_9bTIXu7dF0nXgKuWQKN8Lxb31ivqCF2gGFMYq_o1oufMs1mtidO8f2bvYiHTGpVElpLtblKX_pBm3sCG0ogvj-gRoASPO4dsvYw-2q42ZjIMGBmAS2u18LYRRg56TK-uuEJlg5G0gjgNC5ts2PRe2ej_RnkJuDASrKPbIO42F4VX4xS8T2LVJB1KYzBYj550zlfLHL1028KG86vKuXU8QqTnsnV1rMrmDqIYg4hCctfIw-gby1d7Zct0flo_9cOueh6ZpROhTweWOk1T3yu02rhtFh3WlGdT5g4DB06pNEf1XiKt0Lj_Dp5r5I57UOsP234L8yT4AWufSpLv1bKJyHta3&cid=CAQSPABygQiDNqIRrwYvgESkKpVjAqA2RMx3o1Vl8r-0CM0VHnN1Fd0VzQN8eJ5l1qf0KBTtG48-uJN46fa_JRgB&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww.kriptobi.com%2F&ds=l&xdt=1&iif=1&cor=9154176718488684000&adk=1726166460&idt=183&cac=0&dtd=8

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6d95ea547b0974a09d61104fa136f5eb6973466b6358fb06d997cc7f20ee71b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Fri, 14 Apr 2023 19:33:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 62020
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4123
x-xss-protection: 0
server: cafe
etag: 4541610132340792384
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 28 Apr 2023 19:33:03 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20230412/r20110914/ Frame C612 28 KB
11 KB 19ms
18ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230412/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2e6a2c48ddf656dd18431ca6f656e4d671a93141d2db4f304587d74280ecfbe4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 12:27:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1166
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11036
x-xss-protection: 0
server: cafe
etag: 7166013058933939784
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 29 Apr 2023 12:27:17 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame C612 41 KB
15 KB 19ms
19ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: www.kriptobi.com
URL: https://www.kriptobi.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Fri, 14 Apr 2023 18:12:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 66853
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 13 Apr 2024 18:12:30 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 69F8 1 KB
643 B 18ms
17ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 27243
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 15 Apr 2023 05:12:40 GMT
etag: 48472445140208031
expires: Sun, 16 Apr 2023 05:12:40 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame C612 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: df929866fe41ad0f9e1b964f7004fa4915923ba0f78e8979fb51f82093075144

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 204 current
dclk-match.dotomi.com/match/bounce/ Frame 69F8 0
104 B 117ms
29ms Image
text/plain 2a02:fa8:8806:20::2010
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEKJdtbJ6_iH78Vtrc6WUgZo&google_cver=1&google_push=Aer7DvJD16kQY7tXl1YuMNz4Nb6aDPJYUX2pF9ORdMvvyhiOIbS-v55vFkyWzlftUsLt38EbsgSaUhhtAwk9MQgQc6ebPJtfPTfx
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1313850263284619&output=html&h=280&adk=808466392&adf=1649704010&pi=t.aa~a.3111939286~rp.2&w=450&fwrn=4&fwrnh=100&lmt=1681562802&rafmt=1&to=qs&pwprc=3557328243&format=450x280&url=https%3A%2F%2Fwww.kriptobi.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1681562802766&bpp=1&bdt=1906&idt=1&shv=r20230412&mjsv=m202304110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd22aafe81fb0a66c-2299a61291dd005d%3AT%3D1681562802%3ART%3D1681562802%3AS%3DALNI_MZQBr8WGbln-V7JyHH-jIu-PuQc_Q&gpic=UID%3D00000bd6804a9a1d%3AT%3D1681562802%3ART%3D1681562802%3AS%3DALNI_Mb28WwxqoiV7HAMwfyAuq_ZY_zJ-A&prev_fmts=0x0%2C1200x280%2C1200x280%2C1200x280&nras=5&correlator=8159805992336&frm=20&pv=1&ga_vid=1132074045.1681562802&ga_sid=1681562802&ga_hid=601787302&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1059&ady=3875&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759876%2C42532185%2C44759842%2C42532089%2C31073806%2C44788442%2C21065724&oid=2&pvsid=240041507209864&tmod=1622832237&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=qOOucpAufo&p=https%3A//www.kriptobi.com&dtd=21
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:20::2010 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 15 Apr 2023 12:46:44 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H2 200 i.match
a.tribalfusion.com/ Frame 69F8 43 B
440 B 192ms
190ms Image
image/gif 2606:4700::6812:19ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.tribalfusion.com/i.match?p=b6&u=CAESECIc03NfliD1JPIdc3Bprcw&google_cver=1&google_push=Aer7DvLxffgs1tjWhX4B_Yf-ggxT64jc9CfKOFFY_89wmVwH5NXxGTjLgauDJ9aMVZd7br5D2yikzDQBYp9bDpZ44LVD3w-Adtas&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAer7DvLxffgs1tjWhX4B_Yf-ggxT64jc9CfKOFFY_89wmVwH5NXxGTjLgauDJ9aMVZd7br5D2yikzDQBYp9bDpZ44LVD3w-Adtas%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1313850263284619&output=html&h=280&adk=808466392&adf=1649704010&pi=t.aa~a.3111939286~rp.2&w=450&fwrn=4&fwrnh=100&lmt=1681562802&rafmt=1&to=qs&pwprc=3557328243&format=450x280&url=https%3A%2F%2Fwww.kriptobi.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1681562802766&bpp=1&bdt=1906&idt=1&shv=r20230412&mjsv=m202304110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd22aafe81fb0a66c-2299a61291dd005d%3AT%3D1681562802%3ART%3D1681562802%3AS%3DALNI_MZQBr8WGbln-V7JyHH-jIu-PuQc_Q&gpic=UID%3D00000bd6804a9a1d%3AT%3D1681562802%3ART%3D1681562802%3AS%3DALNI_Mb28WwxqoiV7HAMwfyAuq_ZY_zJ-A&prev_fmts=0x0%2C1200x280%2C1200x280%2C1200x280&nras=5&correlator=8159805992336&frm=20&pv=1&ga_vid=1132074045.1681562802&ga_sid=1681562802&ga_hid=601787302&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1059&ady=3875&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759876%2C42532185%2C44759842%2C42532089%2C31073806%2C44788442%2C21065724&oid=2&pvsid=240041507209864&tmod=1622832237&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=qOOucpAufo&p=https%3A//www.kriptobi.com&dtd=21
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:19ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 15 Apr 2023 12:46:44 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
content-type: image/gif; charset=utf-8
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 7b844b051ea46934-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 69F8
Redirect Chain

https://um.simpli.fi/gp_match?google_gid=CAESEFbsk1JNl-d_ZSRKHysrWWk&google_cver=1&google_push=Aer7DvKL-e-XATypP0yQt9AIIPogAxTwujLvaKY2UdOHUwqVG79nGUuuaWQQFLAIYGuxVyv09T2JOjjkNtM2h8p7G6uyH9eNv4op
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=DEB577C4245949E2B9B47531E82211A6&google_push=Aer7DvKL-e-XATypP0yQt9AIIPogAxTwujLvaKY2UdOHUwqVG79nGUuuaWQQFLAIYGuxVyv09T2JOjjkNtM2h8p...

170 B
188 B

25ms
25ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=DEB577C4245949E2B9B47531E82211A6&google_push=Aer7DvKL-e-XATypP0yQt9AIIPogAxTwujLvaKY2UdOHUwqVG79nGUuuaWQQFLAIYGuxVyv09T2JOjjkNtM2h8p7G6uyH9eNv4op

Requested by

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 15 Apr 2023 12:46:44 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sat, 15 Apr 2023 12:46:44 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=DEB577C4245949E2B9B47531E82211A6&google_push=Aer7DvKL-e-XATypP0yQt9AIIPogAxTwujLvaKY2UdOHUwqVG79nGUuuaWQQFLAIYGuxVyv09T2JOjjkNtM2h8p7G6uyH9eNv4op
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Fri, 14 Apr 2023 12:46:44 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 69F8
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEOWnFcGNZzVKFiboUgL0Wwg&google_cver=1&google_push=Aer7DvJ0RZkcYFr20rnraW6YVuIOU9Rp0glBUe4I7djx-WL63g1FgIWo8lHuw0q6rtwLMjVWLw_MpiJ9ykPt7A...
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzIyMjI1NzI0OTM1NDkwNTc0MA%3D%3D&google_push=Aer7DvJ0RZkcYFr20rnraW6YVuIOU9Rp0glBUe4I7djx-WL63g1FgIWo8lHuw0q6rtwLMjVWLw_MpiJ9ykPt7AoPb9...

170 B
188 B

25ms
25ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzIyMjI1NzI0OTM1NDkwNTc0MA%3D%3D&google_push=Aer7DvJ0RZkcYFr20rnraW6YVuIOU9Rp0glBUe4I7djx-WL63g1FgIWo8lHuw0q6rtwLMjVWLw_MpiJ9ykPt7AoPb9wxT_DuVdqzog

Requested by

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 15 Apr 2023 12:46:44 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzIyMjI1NzI0OTM1NDkwNTc0MA%3D%3D&google_push=Aer7DvJ0RZkcYFr20rnraW6YVuIOU9Rp0glBUe4I7djx-WL63g1FgIWo8lHuw0q6rtwLMjVWLw_MpiJ9ykPt7AoPb9wxT_DuVdqzog
Date: Sat, 15 Apr 2023 12:46:44 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 69F8
Redirect Chain

https://ads.travelaudience.com/google_pixel?google_gid=CAESEJbRrQkdKt7pYLS40mLC-KE&google_cver=1&google_push=Aer7DvJkz7NFH12U1IzBFSOgG30VNppmkA9yGqCY7PwGuWFGCZOB6XXp08NWhMDsVV-Zrf7m8aov0piOYQr5fB1P...
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=aFR-07HYT8m1ZSG2SvtG8A2&google_push=Aer7DvJkz7NFH12U1IzBFSOgG30VNppmkA9yGqCY7PwGuWFGCZOB6XXp08NWhMDsVV-Zrf7m8aov0piOYQr5fB1PqiRM2TsVct4Cew

170 B
188 B

28ms
27ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=aFR-07HYT8m1ZSG2SvtG8A2&google_push=Aer7DvJkz7NFH12U1IzBFSOgG30VNppmkA9yGqCY7PwGuWFGCZOB6XXp08NWhMDsVV-Zrf7m8aov0piOYQr5fB1PqiRM2TsVct4Cew

Requested by

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 15 Apr 2023 12:46:44 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sat, 15 Apr 2023 12:46:44 GMT
via: 1.1 google
x-engine-version: 0.0.0
server: nginx/1.21.6
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location: https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=aFR-07HYT8m1ZSG2SvtG8A2&google_push=Aer7DvJkz7NFH12U1IzBFSOgG30VNppmkA9yGqCY7PwGuWFGCZOB6XXp08NWhMDsVV-Zrf7m8aov0piOYQr5fB1PqiRM2TsVct4Cew
x-host: tde-deliveryengine-production-64c8469d98-5p9br
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 69F8
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEPwyrAZ-10GS9_QW20_F0G8&google_cver=1&google_push=Aer7DvLB7o0QzTk9AbKF7nC_w4SpCMfpIth-se2MbJJ91fKHJrGXWtZgnThv6t4d2dxcXgDKQFtnQJms...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MzgyOTQ1MjMwNjE5NzI1MzAy&google_push=Aer7DvLB7o0QzTk9AbKF7nC_w4SpCMfpIth-se2MbJJ91fKHJrGXWtZgnThv6t4d2dxcXgDKQFtnQJms...

170 B
188 B

64ms
64ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MzgyOTQ1MjMwNjE5NzI1MzAy&google_push=Aer7DvLB7o0QzTk9AbKF7nC_w4SpCMfpIth-se2MbJJ91fKHJrGXWtZgnThv6t4d2dxcXgDKQFtnQJms2lnNKPXHto0m1b3SyGikLw

Requested by

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 15 Apr 2023 12:46:44 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 15 Apr 2023 12:46:44 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MzgyOTQ1MjMwNjE5NzI1MzAy&google_push=Aer7DvLB7o0QzTk9AbKF7nC_w4SpCMfpIth-se2MbJJ91fKHJrGXWtZgnThv6t4d2dxcXgDKQFtnQJms2lnNKPXHto0m1b3SyGikLw
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 69F8
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESELqHN1KqAdnsR7shYHG0bJ4&google_cver=1&google_push=Aer7DvJ05PBLNiKdNNzLZ8XfKwMa1Er7eSpfrBc3y1VBvSfKFkCscrc4VaLwA8SAHewibxsvOXM...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEdIWjJSTVMtMjUtMVFHNQ==&google_push=Aer7DvJ05PBLNiKdNNzLZ8XfKwMa1Er7eSpfrBc3y1VBvSfKFkCscrc4VaLwA8SAHewibxsvOXMM_Xtha2P9Sp8WIJ_8ncTbvfVN

170 B
188 B

28ms
27ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEdIWjJSTVMtMjUtMVFHNQ==&google_push=Aer7DvJ05PBLNiKdNNzLZ8XfKwMa1Er7eSpfrBc3y1VBvSfKFkCscrc4VaLwA8SAHewibxsvOXMM_Xtha2P9Sp8WIJ_8ncTbvfVN

Requested by

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 15 Apr 2023 12:46:44 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEdIWjJSTVMtMjUtMVFHNQ==&google_push=Aer7DvJ05PBLNiKdNNzLZ8XfKwMa1Er7eSpfrBc3y1VBvSfKFkCscrc4VaLwA8SAHewibxsvOXMM_Xtha2P9Sp8WIJ_8ncTbvfVN
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: cc9654c54e9aa67bf2b10be1073297a8
Expires: 0

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 69F8 0
12 B 28ms
27ms Image
text/html 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13K3wGdcFvMI0L-zXUT0MH-cSr1RzG40jR685Pm6pdPDtLVlnOmTqvwnnthTO1IKRg2Z9u-W

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 12:46:44 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 8403 22 KB
8 KB 20ms
19ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 66818
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 14 Apr 2023 18:13:06 GMT
expires: Sat, 13 Apr 2024 18:13:06 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 qQ9mw0ckdUnCcE_fRg-2epoMaLUurlOMv3TU4-E81-A.js Show response
pagead2.googlesyndication.com/bg/ Frame 8403 36 KB
14 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/qQ9mw0ckdUnCcE_fRg-2epoMaLUurlOMv3TU4-E81-A.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a90f66c347247549c2704fdf460fb67a9a0c68b52eae538cbf74d4e3e13cd7e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 08:59:33 GMT
content-encoding: br
x-content-type-options: nosniff
age: 13631
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14294
x-xss-protection: 0
last-modified: Tue, 11 Apr 2023 10:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 14 Apr 2024 08:59:33 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 8403 0
20 B 52ms
52ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BKWWDs5w6ZIK8N_-Ax_APgPaZoA8AAAAAOAHgBAI&bg=!9Pel96PNAAZA7GLoYOw7ADkAdvg8Wn1pFxoL-x3gfB7lH9A8q4yNOFfV72wW8vy7rKffNRdtXsY8pZXUAN0xIxTuMxaa4Ev4MvgCAAAAUFIAAAACaAEHmQNCGwc_VZyS9by3frM_-ZpvOdXN9doVRJ8447CuMZgjjjj2lFT9wKiZecKJQEx4M5-bPm8UCAxxsgGZM7HNkfTQ-VZwxzfxdqc3bm8zmAJ6L1i4GyATMItWpcMvbzp0arz0YEBOg49OyHsh6GjjI8laAWUdsiA1jAbVH-1KeE9U2yvS-Bsnjp2yfYIYn5GBjbz4eQn7Hw2dVm5mYU1UM7TN35dbNIgSLMvp3B41mQ_qjV_YxHcAdbh9klsM3H5WHY9J_IT2MiBqXP78M6psHZSLDZMJcuk7t7RxO_TUq7-pCVOeg-D6EibRisC1Op0g9EVKngRwK8cWNOLHvkDCrP2iHMKHc7y8yu6XbJ07Yt5k5rl3FJ8juX-EMwd_KFyCVNTJM8fDKt7YdNp1Z65vBVcsyAcnHZMq1n_5hcY-Si_nVjoxCxqTMULZT-JU8PwDu6knBouIDsy2pbylCBUgj1mtrRhpVqloV46w4KqA_LavWv5RDfLLxrL-sK1gZSh7F-BmwH6DSFUe49_iDtuKeNy6v9XMFwnPkuSfR24H5HuA1ng1Lw21sgzo63Aku7ABhHzVJsjuwcuaCJKGOTOrZXwD6huEy09B-w1pV7zIk_VEEiZh9zVznW9Mhv39YGs3FnEyi554-llQCNpHpJmHCj8G3odrurablCqemH1_Dcbp4siYCdfsko-hiRPZxX5Fb7PgpTYKo7eGMOCetfuhecpiCJ20QIg8y5Z6R2qPk-mKGykEpil-PUsOzYZoCESf7BiuUksrvpqwglhCCOnIRQwzDBaRs3yC7j6xEXBqJrmwJRx-9OvDTCqCky8HdsCZfct7bJFm6mHVL4HOQ6y___i1Ag4msxKEYz9aNq_i8TgcGLAvkYapz4stKfilBDqszsPCHikf2b4Z6KAtwmIIIPNTghZe1IErBNxxCP5EYi04VWYBIh1ymFTqF98HmCKeiAZwt7_bwZpRwZoznv0Ih1mNZO839PXQsMywSA7ocJGlO-xL3OS7EyKWl18G8fOOutIgOQYyGM3lcKn7D3m1RHJs_uqtI6d-uIMf4PUIHvBPRIzVPkISCIWlebgaMHu0jbg94e9YiQxriqBhcQBwBnqaYD9W

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 15 Apr 2023 12:46:44 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

4.js Show response
static.adsafeprotected.com/ Frame C612
Redirect Chain

https://fw.adsafeprotected.com/rfw/st/990511/61634100/4.js?ias_dspID=3&ias_campId=1010147412&ias_pubId=pub-1313850263284619&ias_chanId=1&ias_placementId=19429527826&bidurl=https://www.kriptobi.com/...
https://static.adsafeprotected.com/4.js

1 KB
1 KB

85ms
55ms

Script
application/javascript

2600:9000:2127:9600:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/4.js
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1313850263284619&output=html&h=280&adk=808466392&adf=1649704010&pi=t.aa~a.3111939286~rp.2&w=450&fwrn=4&fwrnh=100&lmt=1681562802&rafmt=1&to=qs&pwprc=3557328243&format=450x280&url=https%3A%2F%2Fwww.kriptobi.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1681562802766&bpp=1&bdt=1906&idt=1&shv=r20230412&mjsv=m202304110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd22aafe81fb0a66c-2299a61291dd005d%3AT%3D1681562802%3ART%3D1681562802%3AS%3DALNI_MZQBr8WGbln-V7JyHH-jIu-PuQc_Q&gpic=UID%3D00000bd6804a9a1d%3AT%3D1681562802%3ART%3D1681562802%3AS%3DALNI_Mb28WwxqoiV7HAMwfyAuq_ZY_zJ-A&prev_fmts=0x0%2C1200x280%2C1200x280%2C1200x280&nras=5&correlator=8159805992336&frm=20&pv=1&ga_vid=1132074045.1681562802&ga_sid=1681562802&ga_hid=601787302&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1059&ady=3875&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759876%2C42532185%2C44759842%2C42532089%2C31073806%2C44788442%2C21065724&oid=2&pvsid=240041507209864&tmod=1622832237&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=qOOucpAufo&p=https%3A//www.kriptobi.com&dtd=21
Protocol: H2
Server: 2600:9000:2127:9600:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 27564fe0e5a95c61c9fbd45ecdb0a0a640fbb320bb64a54f3307a52fe96f86e4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sun, 09 Apr 2023 07:46:37 GMT
x-amz-version-id: ml8sLXd95uD59cm.BnrTx99uclgxfFZ2
content-encoding: gzip
via: 1.1 65dc50162b685d34f2ac712298bb090c.cloudfront.net (CloudFront)
x-amz-cf-pop: PRG50-C1
age: 536408
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Tue, 21 Mar 2023 18:43:33 GMT
server: AmazonS3
etag: W/"33dffa7df253125904b2f354b5bb5e8d"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=604800
x-amz-cf-id: r_1wZuEBxmz_TXbq6XjE21WxcueT3CiAHMvIc0Pn6iCkCqxhrnQVqQ==

Redirect headers

pragma: no-cache
date: Sat, 15 Apr 2023 12:46:44 GMT
server: nginx
x-server-name: app01.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
location: https://static.adsafeprotected.com/4.js
cache-control: no-cache
content-length: 0

GET
H2 200 sca.17.6.2.js Show response
static.adsafeprotected.com/ Frame 2C89 91 KB
92 KB 91ms
24ms Script
application/javascript 2600:9000:2127:9600:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.6.2.js
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1313850263284619&output=html&h=280&adk=808466392&adf=1649704010&pi=t.aa~a.3111939286~rp.2&w=450&fwrn=4&fwrnh=100&lmt=1681562802&rafmt=1&to=qs&pwprc=3557328243&format=450x280&url=https%3A%2F%2Fwww.kriptobi.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1681562802766&bpp=1&bdt=1906&idt=1&shv=r20230412&mjsv=m202304110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd22aafe81fb0a66c-2299a61291dd005d%3AT%3D1681562802%3ART%3D1681562802%3AS%3DALNI_MZQBr8WGbln-V7JyHH-jIu-PuQc_Q&gpic=UID%3D00000bd6804a9a1d%3AT%3D1681562802%3ART%3D1681562802%3AS%3DALNI_Mb28WwxqoiV7HAMwfyAuq_ZY_zJ-A&prev_fmts=0x0%2C1200x280%2C1200x280%2C1200x280&nras=5&correlator=8159805992336&frm=20&pv=1&ga_vid=1132074045.1681562802&ga_sid=1681562802&ga_hid=601787302&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1059&ady=3875&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759876%2C42532185%2C44759842%2C42532089%2C31073806%2C44788442%2C21065724&oid=2&pvsid=240041507209864&tmod=1622832237&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=qOOucpAufo&p=https%3A//www.kriptobi.com&dtd=21
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2127:9600:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 01:38:18 GMT
x-amz-version-id: go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
via: 1.1 65dc50162b685d34f2ac712298bb090c.cloudfront.net (CloudFront)
x-amz-cf-pop: PRG50-C1
age: 3236906
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 93606
last-modified: Tue, 20 Sep 2022 19:21:34 GMT
server: AmazonS3
etag: "1f3488247c90bb5de253d3d0cb3b7458"
content-type: application/javascript
cache-control: max-age=315360000
accept-ranges: bytes
x-amz-cf-id: bA2mfwLRtfxY_vnja-4eOJukm0yQ-G4zMcJ9MGVLEvFPGcVJf1sYeQ==

GET
H2 200 dt
dt.adsafeprotected.com/ Frame C612 43 B
224 B 572ms
172ms Image
image/gif 2600:1f13:800:7781:274e:86ad:6bbc:9169
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=990511&asId=3228ae73-e750-ea8e-6a39-a8fa96512430&tv=%7Bc:9RdGQf,pingTime:-3,time:45,type:v,clog:%5B%7Bpiv:0,vs:o,r:r.h,w:0,h:0,t:19%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:45,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:19,wc:0.0.1600.1200,ac:NaN.NaN.0.0,am:sp,cc:0.0.0.0,piv:0,obst:0,th:0,reas:r.h,bkn:%7Bpiv:%5B36~0%5D,as:%5B36~0.0%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tBv49OW+11%7C12%7C131%7C141%7C142%7C151%7C152%7C161*.990511-61634100%7C1611%7C1612%7C1613%7C1711%7C1712,idMap:161*,rmeas:1,rend:0,renddet:svg.us,siq:20%7D&br=c
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1313850263284619&output=html&h=280&adk=808466392&adf=1649704010&pi=t.aa~a.3111939286~rp.2&w=450&fwrn=4&fwrnh=100&lmt=1681562802&rafmt=1&to=qs&pwprc=3557328243&format=450x280&url=https%3A%2F%2Fwww.kriptobi.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1681562802766&bpp=1&bdt=1906&idt=1&shv=r20230412&mjsv=m202304110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd22aafe81fb0a66c-2299a61291dd005d%3AT%3D1681562802%3ART%3D1681562802%3AS%3DALNI_MZQBr8WGbln-V7JyHH-jIu-PuQc_Q&gpic=UID%3D00000bd6804a9a1d%3AT%3D1681562802%3ART%3D1681562802%3AS%3DALNI_Mb28WwxqoiV7HAMwfyAuq_ZY_zJ-A&prev_fmts=0x0%2C1200x280%2C1200x280%2C1200x280&nras=5&correlator=8159805992336&frm=20&pv=1&ga_vid=1132074045.1681562802&ga_sid=1681562802&ga_hid=601787302&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1059&ady=3875&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759876%2C42532185%2C44759842%2C42532089%2C31073806%2C44788442%2C21065724&oid=2&pvsid=240041507209864&tmod=1622832237&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=qOOucpAufo&p=https%3A//www.kriptobi.com&dtd=21
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7781:274e:86ad:6bbc:9169 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 15 Apr 2023 12:46:44 GMT
server: nginx
x-server-name: ip-10-48-11-254.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame C612 43 B
222 B 572ms
175ms Image
image/gif 2600:1f13:800:7781:274e:86ad:6bbc:9169
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=990511&asId=3228ae73-e750-ea8e-6a39-a8fa96512430&tv=%7Bc:9RdGQh,pingTime:-6,time:47,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:47,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:19,wc:0.0.1600.1200,ac:NaN.NaN.0.0,am:sp,cc:0.0.0.0,piv:0,obst:0,th:0,reas:r.h,bkn:%7Bpiv:%5B38~0%5D,as:%5B38~0.0%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tBv49OW+11%7C12%7C131%7C141%7C142%7C151%7C152%7C161*.990511-61634100%7C1611%7C1612%7C1613%7C1711%7C1712,idMap:161*,rmeas:1,rend:0,renddet:svg.us,siq:20%7D&tpiLookup=ao:www.kriptobi.com*%2Cgoogleads.g.doubleclick.net*&br=c
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1313850263284619&output=html&h=280&adk=808466392&adf=1649704010&pi=t.aa~a.3111939286~rp.2&w=450&fwrn=4&fwrnh=100&lmt=1681562802&rafmt=1&to=qs&pwprc=3557328243&format=450x280&url=https%3A%2F%2Fwww.kriptobi.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1681562802766&bpp=1&bdt=1906&idt=1&shv=r20230412&mjsv=m202304110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd22aafe81fb0a66c-2299a61291dd005d%3AT%3D1681562802%3ART%3D1681562802%3AS%3DALNI_MZQBr8WGbln-V7JyHH-jIu-PuQc_Q&gpic=UID%3D00000bd6804a9a1d%3AT%3D1681562802%3ART%3D1681562802%3AS%3DALNI_Mb28WwxqoiV7HAMwfyAuq_ZY_zJ-A&prev_fmts=0x0%2C1200x280%2C1200x280%2C1200x280&nras=5&correlator=8159805992336&frm=20&pv=1&ga_vid=1132074045.1681562802&ga_sid=1681562802&ga_hid=601787302&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1059&ady=3875&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759876%2C42532185%2C44759842%2C42532089%2C31073806%2C44788442%2C21065724&oid=2&pvsid=240041507209864&tmod=1622832237&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=qOOucpAufo&p=https%3A//www.kriptobi.com&dtd=21
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7781:274e:86ad:6bbc:9169 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 15 Apr 2023 12:46:44 GMT
server: nginx
x-server-name: ip-10-48-4-159.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame C612 43 B
222 B 569ms
174ms Image
image/gif 2600:1f13:800:7781:274e:86ad:6bbc:9169
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=990511&asId=3228ae73-e750-ea8e-6a39-a8fa96512430&tv=%7Bc:9RdGQl,pingTime:-2,time:51,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:529,beZ:531,mfA:534,cmA:535,inA:536,inZ:540,prA:540,prZ:545,si:549,poA:550,poZ:569,cmZ:569,mfZ:569,loA:576,loZ:579,ltA:580,ltZ:580%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:100.100,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r.h,w:0,h:0,t:19%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:51,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:19,wc:0.0.1600.1200,ac:NaN.NaN.0.0,am:sp,cc:0.0.0.0,piv:0,obst:0,th:0,reas:r.h,bkn:%7Bpiv:%5B42~0%5D,as:%5B42~0.0%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tBv49OW+11%7C12%7C131%7C141%7C142%7C151%7C152%7C161*.990511-61634100%7C1611%7C1612%7C1613%7C1711%7C1712,idMap:161*,pd:VEBo.mhjfbmdgcfjbbpaeojofohoefgiehjai,rmeas:1,rend:0,renddet:svg.us,siq:20,sinceFw:29,readyFired:true%7D&br=c
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1313850263284619&output=html&h=280&adk=808466392&adf=1649704010&pi=t.aa~a.3111939286~rp.2&w=450&fwrn=4&fwrnh=100&lmt=1681562802&rafmt=1&to=qs&pwprc=3557328243&format=450x280&url=https%3A%2F%2Fwww.kriptobi.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1681562802766&bpp=1&bdt=1906&idt=1&shv=r20230412&mjsv=m202304110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd22aafe81fb0a66c-2299a61291dd005d%3AT%3D1681562802%3ART%3D1681562802%3AS%3DALNI_MZQBr8WGbln-V7JyHH-jIu-PuQc_Q&gpic=UID%3D00000bd6804a9a1d%3AT%3D1681562802%3ART%3D1681562802%3AS%3DALNI_Mb28WwxqoiV7HAMwfyAuq_ZY_zJ-A&prev_fmts=0x0%2C1200x280%2C1200x280%2C1200x280&nras=5&correlator=8159805992336&frm=20&pv=1&ga_vid=1132074045.1681562802&ga_sid=1681562802&ga_hid=601787302&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1059&ady=3875&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759876%2C42532185%2C44759842%2C42532089%2C31073806%2C44788442%2C21065724&oid=2&pvsid=240041507209864&tmod=1622832237&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=qOOucpAufo&p=https%3A//www.kriptobi.com&dtd=21
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7781:274e:86ad:6bbc:9169 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 15 Apr 2023 12:46:44 GMT
server: nginx
x-server-name: ip-10-48-1-176.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/8545329873006492075/ Frame 3A40 142 KB
22 KB 46ms
14ms Document
text/html 2a00:1450:4001:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/8545329873006492075/index.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5728239d6302f134e425b17d7758bc6f4206b4acfc035db7f8625c2f1bbdea5e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 31617
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 22810
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Sat, 15 Apr 2023 03:59:47 GMT
expires: Sun, 14 Apr 2024 03:59:47 GMT
last-modified: Wed, 09 Feb 2022 10:36:00 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame C612 0
0 118ms
59ms Fetch
image/gif 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvGH5-YQrlA28rW1EGHKUGd683_9UJOGYjC4JwgKz9Iu-9EZGG-qG-SwI6Sbsw9OsaAU3JILjmm18duXF-G8vmLjcRkMlqPtrVk6r1QrdUl18LNLyxCjM2NxBtrp0rug9cuqriCFBw5ZUj_-UnvVAm6YzEzsaUZqU1YPl7RqFdBPFV6ydXZRSBLwhTbBjXKup3M6sgXVEClLjTkwn6v7rxu8CEo1G9Fk_-lFZTAG5T3_rGUgYPy2Qs9WdqS5ny_G--SN3Sgu7e2Yg-VEx1Mu2dGVi6a4lvIw4OgEymHRdYGaFxk4CXKGsQXB41KLLVm1epi09jW_SSM1Iby09i7CVBw0-nEW8R084z_SRFPXXPc9L8OWGOboLiySXoNiJ16QsWeR35ZPwe4HRhGOAPZQZMzFg1uvTSR-aGqh0vwcwEfXkjtUePFpNfWZuB0ndEaW25MzHo2YM2xM6ByzSC65d3MWct4VzZ97r56aYb0kfjxS6fehwu8aButNLng3F0y14o_bZ1s-xWVe4ID5_lSBHF8Dw5mbURyju1JSPc9huI6GEw6VdvVwXa0XltzwFA6Nf5zrBQPD3ntrxob7dJ-4G401DD3n9fMDa-Mhq64OP8PsWZDCR_6MR9Euc2H8RkCCdVNPY7ww-nJjIex6wCQHGZNfiOu94izYOr1x7axD2_6argOk8iX33mix8Ly01TbdQg-Dg3E1MuKLg6i1SbwdozVVAv0P5PnN7YBkzSdqVOQB8zAWi_RZt1L1V5sri4G1IscwWPppStdtscw8ZNhMQ2S8N80Vj_Xpto52jdCv3i7wjhzXmAKQHOqPlMP512cq2o28Qqx5kzIeOoZlmJLdxysfKB9O8KPigB28DhTs74BXgPzdfAXVTUPpDL-5Cnc1SYexqOtT-U4hnk_uFq47zCPK_ghmCe4SVP47Lsqp451i-ETGvvGxEbuYPY3vO3JN4prgCgfS4zRLwR70Zeqgrb0OhCo55ekCSw0Z9K0HUVwbshl0MZ_hQ2IQ-BgHoEX_dU8Eq5AIX8EGEtgptKU-PXuxqTXBw6QzG7jWlKS2t45WXecW9T9dyivmm7hHHTIsxUjInsOZPItZAGNtBGWMGA15dsuqJzyVYDKRRS1G4ygBPJE_wJpQ-kEx9v7tQeSgbmVzwvNjiqece4uugTFWXL8uGFP5X8EvL4MR5aB4zkbPExbDIL6gxAUWyZzVSm7MEZoNl5IzOhMpoG1xEpeapxXFRliognRwzdw9NZyKvN3Pmf8mZ-2qmDlZnYcvg&sai=AMfl-YSLIB1utSNcWDTHk8a4rsMJPSJvJnYWHKzIriJZP2AmXxzJ6I3QQUKZXpYJGfojF7LsDvjO_r5u1rRFFy5cBNcQihi2GGdOxsqdkFli_xfZ9uueq3nV49OgFU268AMwUT2tZGT0uNa2CQBERjBwb3U-9cFYYN9inNMDzv6h4ihRHgwEK8Rylkvd9HV-I9Y6B-7qAcUnvp1oZwEXWKAXlGZbguY4A24h_K22uFI4KQRwqltJzx3AwokUMWiByX_Aw4Yzz0o&sig=Cg0ArKJSzOuPLfmovDQREAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=336&cbvp=1&cstd=332&cisv=r20230412.65053&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=

Requested by

Host: www.kriptobi.com
URL: https://www.kriptobi.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sat, 15 Apr 2023 12:46:44 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
expires: Sat, 15 Apr 2023 12:46:44 GMT

GET
H3 200 DcmEnabler_01_247.js Show response
s0.2mdn.net/879366/ Frame 3A40 29 KB
10 KB 15ms
15ms Script
text/javascript 2a00:1450:4001:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/DcmEnabler_01_247.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8545329873006492075/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

467a5b06cb117035f7882e8c71d80e093f04ce586c1ac2b84e7e4adf978edb30

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8545329873006492075/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Fri, 14 Apr 2023 16:34:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 72743
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10136
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:45:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 15 Apr 2023 16:34:21 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame C612 0
0 53ms
53ms Fetch
image/gif 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvGH5-YQrlA28rW1EGHKUGd683_9UJOGYjC4JwgKz9Iu-9EZGG-qG-SwI6Sbsw9OsaAU3JILjmm18duXF-G8vmLjcRkMlqPtrVk6r1QrdUl18LNLyxCjM2NxBtrp0rug9cuqriCFBw5ZUj_-UnvVAm6YzEzsaUZqU1YPl7RqFdBPFV6ydXZRSBLwhTbBjXKup3M6sgXVEClLjTkwn6v7rxu8CEo1G9Fk_-lFZTAG5T3_rGUgYPy2Qs9WdqS5ny_G--SN3Sgu7e2Yg-VEx1Mu2dGVi6a4lvIw4OgEymHRdYGaFxk4CXKGsQXB41KLLVm1epi09jW_SSM1Iby09i7CVBw0-nEW8R084z_SRFPXXPc9L8OWGOboLiySXoNiJ16QsWeR35ZPwe4HRhGOAPZQZMzFg1uvTSR-aGqh0vwcwEfXkjtUePFpNfWZuB0ndEaW25MzHo2YM2xM6ByzSC65d3MWct4VzZ97r56aYb0kfjxS6fehwu8aButNLng3F0y14o_bZ1s-xWVe4ID5_lSBHF8Dw5mbURyju1JSPc9huI6GEw6VdvVwXa0XltzwFA6Nf5zrBQPD3ntrxob7dJ-4G401DD3n9fMDa-Mhq64OP8PsWZDCR_6MR9Euc2H8RkCCdVNPY7ww-nJjIex6wCQHGZNfiOu94izYOr1x7axD2_6argOk8iX33mix8Ly01TbdQg-Dg3E1MuKLg6i1SbwdozVVAv0P5PnN7YBkzSdqVOQB8zAWi_RZt1L1V5sri4G1IscwWPppStdtscw8ZNhMQ2S8N80Vj_Xpto52jdCv3i7wjhzXmAKQHOqPlMP512cq2o28Qqx5kzIeOoZlmJLdxysfKB9O8KPigB28DhTs74BXgPzdfAXVTUPpDL-5Cnc1SYexqOtT-U4hnk_uFq47zCPK_ghmCe4SVP47Lsqp451i-ETGvvGxEbuYPY3vO3JN4prgCgfS4zRLwR70Zeqgrb0OhCo55ekCSw0Z9K0HUVwbshl0MZ_hQ2IQ-BgHoEX_dU8Eq5AIX8EGEtgptKU-PXuxqTXBw6QzG7jWlKS2t45WXecW9T9dyivmm7hHHTIsxUjInsOZPItZAGNtBGWMGA15dsuqJzyVYDKRRS1G4ygBPJE_wJpQ-kEx9v7tQeSgbmVzwvNjiqece4uugTFWXL8uGFP5X8EvL4MR5aB4zkbPExbDIL6gxAUWyZzVSm7MEZoNl5IzOhMpoG1xEpeapxXFRliognRwzdw9NZyKvN3Pmf8mZ-2qmDlZnYcvg&sai=AMfl-YSLIB1utSNcWDTHk8a4rsMJPSJvJnYWHKzIriJZP2AmXxzJ6I3QQUKZXpYJGfojF7LsDvjO_r5u1rRFFy5cBNcQihi2GGdOxsqdkFli_xfZ9uueq3nV49OgFU268AMwUT2tZGT0uNa2CQBERjBwb3U-9cFYYN9inNMDzv6h4ihRHgwEK8Rylkvd9HV-I9Y6B-7qAcUnvp1oZwEXWKAXlGZbguY4A24h_K22uFI4KQRwqltJzx3AwokUMWiByX_Aw4Yzz0o&sig=Cg0ArKJSzOuPLfmovDQREAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=417&vt=11&dtpt=81&dett=3&cstd=332&cisv=r20230412.65053&vwbs=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=

Requested by

Host: www.kriptobi.com
URL: https://www.kriptobi.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 12:46:44 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Apr 2023 12:46:44 GMT

GET
H3 200 cta_jetzt_buchen.svg
s0.2mdn.net/creatives/assets/4331440/ Frame 3A40 2 KB
1 KB 16ms
15ms Image
image/svg+xml 2a00:1450:4001:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4331440/cta_jetzt_buchen.svg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6b9b2b33d50320446996a318fbd7129b3b365e760c44e8acc28031438bb3f8d3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8545329873006492075/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 12:38:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 515
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1056
x-xss-protection: 0
last-modified: Wed, 13 Oct 2021 09:19:56 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 15 Apr 2023 12:53:09 GMT

GET
H3 200 flex_tarif_white.svg
s0.2mdn.net/creatives/assets/4453672/ Frame 3A40 4 KB
2 KB 17ms
16ms Image
image/svg+xml 2a00:1450:4001:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4453672/flex_tarif_white.svg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7df9c79b69dac7eb60962fa843afaabcbf31482db9fdfd346ecb8ca1b7cc8b0d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8545329873006492075/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 12:42:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 255
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1508
x-xss-protection: 0
last-modified: Tue, 08 Feb 2022 09:12:27 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 15 Apr 2023 12:57:29 GMT

GET
H3 200 head2_3line_paare.svg
s0.2mdn.net/creatives/assets/4453672/ Frame 3A40 11 KB
3 KB 17ms
16ms Image
image/svg+xml 2a00:1450:4001:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4453672/head2_3line_paare.svg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ba9e143db781b645a27217f7205e9b2e51ba525c0458ad50e3868d695cc27fa3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8545329873006492075/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 12:42:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 276
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3285
x-xss-protection: 0
last-modified: Tue, 08 Feb 2022 09:12:20 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 15 Apr 2023 12:57:08 GMT

GET
H3 200 head1_1line_paare.svg
s0.2mdn.net/creatives/assets/4453672/ Frame 3A40 4 KB
2 KB 18ms
17ms Image
image/svg+xml 2a00:1450:4001:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4453672/head1_1line_paare.svg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4f859c54c2abc8c5257845d36ebb1152e3eb5c555b9b78420cca3a626ecabc9d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8545329873006492075/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 12:34:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 733
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1610
x-xss-protection: 0
last-modified: Tue, 08 Feb 2022 09:12:24 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 15 Apr 2023 12:49:31 GMT

GET
H3 200 tui_logo_live_happy.svg
s0.2mdn.net/creatives/assets/4364511/ Frame 3A40 6 KB
2 KB 24ms
24ms Image
image/svg+xml 2a00:1450:4001:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4364511/tui_logo_live_happy.svg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

854a1cb3bf2ef67e6a303c0ca22cbf1616a6683a1415997646bb2129047a7e1d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8545329873006492075/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 12:34:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 753
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2072
x-xss-protection: 0
last-modified: Mon, 08 Nov 2021 07:44:21 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 15 Apr 2023 12:49:11 GMT

GET
H3 200 300x250_kv_paar.jpg
s0.2mdn.net/creatives/assets/4453672/ Frame 3A40 38 KB
38 KB 18ms
18ms Image
image/jpeg 2a00:1450:4001:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4453672/300x250_kv_paar.jpg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

292532d44ba2bbf15d48b2bf6ab6388bc21155a71655e38533de8cf606c02fa7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8545329873006492075/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 12:40:33 GMT
x-content-type-options: nosniff
age: 371
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 38528
x-xss-protection: 0
last-modified: Tue, 08 Feb 2022 09:12:17 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 15 Apr 2023 12:55:33 GMT

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame C66C 42 B
174 B 51ms
50ms Fetch
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvw1xdncS6u1xarzniXyaX_teCsv6s2uzcv19l63EJl_rJpzxIg6ETAn6T3gDbgp_OcZVzMk_UmSgZgPqJ1VMgC5RblQeuE2wmwB_J04NAYQbjC6E26Mvlm8qCT_IQt7gEapzCO2A&sai=AMfl-YT0_yTGKIAV99HoABUNzLbtFnSa00OQ-napXvovh4ItZXdIQOpoIQbWhWpj3RjQH91oQf55IrCj8Azn&sig=Cg0ArKJSzLxUT56PEIc7EAE&cid=CAQSGwBygQiDCqCAxRT8oveIm_UBLFIQiYnyWHIvJhgB&id=lidar2&mcvt=1000&p=0,0,280,1200&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230412&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=2767623100&rs=2&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1681562802084&rpt=1351&met=mue&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 15 Apr 2023 12:46:44 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame C612 43 B
215 B 173ms
173ms Image
image/gif 2600:1f13:800:7781:274e:86ad:6bbc:9169
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=990511&asId=3228ae73-e750-ea8e-6a39-a8fa96512430&tv=%7Bc:9RdGWN,pingTime:-10,time:451,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwwfHxNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTEyLjAuNTYxNS40OSBTYWZhcmkvNTM3LjM2fHwxfHwxfHxHb29nbGUgSW5jLnx8bg--,ch:n,fsc:17.6.2v222222220002222202222222222222222222202222222220222202000022000220222222220000222202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1681562804652%7C%7C3b0f60cac0768f31331e86abe812a6a7%7C%7Cdfcb286d4e51c7f962b51496412cef83%7C%7Cf74168aec0ac8a83a4864c7c6f44fc52%7C%7C91d0633e6aa43a0c5e311a60ce332e97%7C%7C1af8c78248a89d493f4869683a802f5d%7C%7C122fad48919701bfb7976d667588f517%7C%7C9b18bcaad4c7e3650d4b502e38d28cc5%7C%7C1663701684%7D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1313850263284619&output=html&h=280&adk=808466392&adf=1649704010&pi=t.aa~a.3111939286~rp.2&w=450&fwrn=4&fwrnh=100&lmt=1681562802&rafmt=1&to=qs&pwprc=3557328243&format=450x280&url=https%3A%2F%2Fwww.kriptobi.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1681562802766&bpp=1&bdt=1906&idt=1&shv=r20230412&mjsv=m202304110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd22aafe81fb0a66c-2299a61291dd005d%3AT%3D1681562802%3ART%3D1681562802%3AS%3DALNI_MZQBr8WGbln-V7JyHH-jIu-PuQc_Q&gpic=UID%3D00000bd6804a9a1d%3AT%3D1681562802%3ART%3D1681562802%3AS%3DALNI_Mb28WwxqoiV7HAMwfyAuq_ZY_zJ-A&prev_fmts=0x0%2C1200x280%2C1200x280%2C1200x280&nras=5&correlator=8159805992336&frm=20&pv=1&ga_vid=1132074045.1681562802&ga_sid=1681562802&ga_hid=601787302&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1059&ady=3875&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759876%2C42532185%2C44759842%2C42532089%2C31073806%2C44788442%2C21065724&oid=2&pvsid=240041507209864&tmod=1622832237&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=qOOucpAufo&p=https%3A//www.kriptobi.com&dtd=21
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7781:274e:86ad:6bbc:9169 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 15 Apr 2023 12:46:44 GMT
server: nginx
x-server-name: dt16.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
11 KB 72ms
72ms XHR
application/json 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230412&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

acbcc62bcbf7c5fc5397167093acf3fac25d5ea9166d48b3c5f5aef06c9b19a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kriptobi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 12:46:44 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11307
x-xss-protection: 0

GET
H2 200 logo.png
www.kriptobi.com/wp-content/uploads/2019/10/ 78 KB
79 KB 46ms
46ms Image
image/png 176.53.35.152
RADORE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.kriptobi.com/wp-content/uploads/2019/10/logo.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 176.53.35.152 , Turkey, ASN42926 (RADORE, TR),
Reverse DNS: 1527qmof7.guzel.net.tr
Software: LiteSpeed /
Resource Hash: ff4a14286b656a8e522f75009911e3fa1c31a87ef4be5bccf54aab32dcf5c97f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kriptobi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 12:46:42 GMT
last-modified: Sat, 12 Oct 2019 18:11:45 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 80302
expires: Sat, 22 Apr 2023 12:46:42 GMT

GET
H2 200 cropped-hb-image11.jpg
www.kriptobi.com/wp-content/uploads/2019/11/ 94 KB
94 KB 122ms
121ms Image
image/jpeg 176.53.35.152
RADORE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.kriptobi.com/wp-content/uploads/2019/11/cropped-hb-image11.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 176.53.35.152 , Turkey, ASN42926 (RADORE, TR),
Reverse DNS: 1527qmof7.guzel.net.tr
Software: LiteSpeed /
Resource Hash: 6f8e9bc344e4a1765ca51141bd14ce1f425cf970c6a23e0c19cd64c83aea26f4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kriptobi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 12:46:42 GMT
last-modified: Wed, 06 Nov 2019 21:36:41 GMT
server: LiteSpeed
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 96366
expires: Sat, 22 Apr 2023 12:46:42 GMT

GET
H2 200 f1671ee046b07df2b19b1b241c90df9e.png
www.kriptobi.com/wp-content/uploads/2019/11/ 11 KB
11 KB 165ms
164ms Image
image/png 176.53.35.152
RADORE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.kriptobi.com/wp-content/uploads/2019/11/f1671ee046b07df2b19b1b241c90df9e.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 176.53.35.152 , Turkey, ASN42926 (RADORE, TR),
Reverse DNS: 1527qmof7.guzel.net.tr
Software: LiteSpeed /
Resource Hash: b921ddc652789b4efb5efba0ee08d719189575af63bb314f7d15b6c5ecfcad01

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kriptobi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 12:46:42 GMT
last-modified: Fri, 01 Nov 2019 16:08:18 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 11200
expires: Sat, 22 Apr 2023 12:46:42 GMT

GET
H2 200 leather-3080553_640.jpg
www.kriptobi.com/wp-content/uploads/2019/10/ 88 KB
89 KB 166ms
165ms Image
image/jpeg 176.53.35.152
RADORE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.kriptobi.com/wp-content/uploads/2019/10/leather-3080553_640.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 176.53.35.152 , Turkey, ASN42926 (RADORE, TR),
Reverse DNS: 1527qmof7.guzel.net.tr
Software: LiteSpeed /
Resource Hash: 853f96d87457289e2713e674c49cab268fbebd73a25e57aaac73264851e26f19

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kriptobi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 12:46:42 GMT
last-modified: Thu, 31 Oct 2019 11:42:25 GMT
server: LiteSpeed
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 90617
expires: Sat, 22 Apr 2023 12:46:42 GMT

GET
H2 200 o3swap-760x450.png
www.kriptobi.com/wp-content/uploads/2021/05/ 359 KB
360 KB 267ms
266ms Image
image/png 176.53.35.152
RADORE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.kriptobi.com/wp-content/uploads/2021/05/o3swap-760x450.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 176.53.35.152 , Turkey, ASN42926 (RADORE, TR),
Reverse DNS: 1527qmof7.guzel.net.tr
Software: LiteSpeed /
Resource Hash: 8a38f586da0eeb24a79b43449d29a03337f2a1b1a206a96923c198b248ace703

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kriptobi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 12:46:42 GMT
last-modified: Thu, 13 May 2021 17:17:32 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 367950
expires: Sat, 22 Apr 2023 12:46:42 GMT

GET
H2 200 best_bitcoin_btc_desktop_wallpaper_2-760x450.jpg
www.kriptobi.com/wp-content/uploads/2021/04/ 26 KB
26 KB 165ms
165ms Image
image/jpeg 176.53.35.152
RADORE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.kriptobi.com/wp-content/uploads/2021/04/best_bitcoin_btc_desktop_wallpaper_2-760x450.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 176.53.35.152 , Turkey, ASN42926 (RADORE, TR),
Reverse DNS: 1527qmof7.guzel.net.tr
Software: LiteSpeed /
Resource Hash: 16b7023171c0f44fb50e3c5512ef841931f6901c9d87afedb6e86c49833411f6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kriptobi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 12:46:42 GMT
last-modified: Thu, 29 Apr 2021 09:39:37 GMT
server: LiteSpeed
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 26501
expires: Sat, 22 Apr 2023 12:46:42 GMT

GET
H2 200 unnamed.jpg
www.kriptobi.com/wp-content/uploads/2021/04/ 61 KB
62 KB 146ms
146ms Image
image/jpeg 176.53.35.152
RADORE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.kriptobi.com/wp-content/uploads/2021/04/unnamed.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 176.53.35.152 , Turkey, ASN42926 (RADORE, TR),
Reverse DNS: 1527qmof7.guzel.net.tr
Software: LiteSpeed /
Resource Hash: 8745adfd0982b4f22e58c07def8b280276b4fcd58ec457a8ee455e8a1d473ee0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kriptobi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 12:46:42 GMT
last-modified: Tue, 13 Apr 2021 19:17:26 GMT
server: LiteSpeed
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 62952
expires: Sat, 22 Apr 2023 12:46:42 GMT

GET
H2 200 eth-760x450.png
www.kriptobi.com/wp-content/uploads/2021/05/ 302 KB
302 KB 130ms
130ms Image
image/png 176.53.35.152
RADORE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.kriptobi.com/wp-content/uploads/2021/05/eth-760x450.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 176.53.35.152 , Turkey, ASN42926 (RADORE, TR),
Reverse DNS: 1527qmof7.guzel.net.tr
Software: LiteSpeed /
Resource Hash: 6388c572ce340c0558bef35bc3143d9f70c874f8da01ee3b10f313db38d02109

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kriptobi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 12:46:42 GMT
last-modified: Mon, 10 May 2021 09:01:10 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 309283
expires: Sat, 22 Apr 2023 12:46:42 GMT

GET
H2 200 1-760x448.jpg
www.kriptobi.com/wp-content/uploads/2021/05/ 67 KB
67 KB 131ms
130ms Image
image/jpeg 176.53.35.152
RADORE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.kriptobi.com/wp-content/uploads/2021/05/1-760x448.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 176.53.35.152 , Turkey, ASN42926 (RADORE, TR),
Reverse DNS: 1527qmof7.guzel.net.tr
Software: LiteSpeed /
Resource Hash: 44aafb041b585e71f599786e7f8f78a9d3af62a1eb617046cc3ca6e8ae457b93

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kriptobi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 12:46:42 GMT
last-modified: Mon, 10 May 2021 08:56:53 GMT
server: LiteSpeed
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 68933
expires: Sat, 22 Apr 2023 12:46:42 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame C612 43 B
215 B 175ms
174ms Image
image/gif 2600:1f13:800:7781:274e:86ad:6bbc:9169
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=990511&asId=3228ae73-e750-ea8e-6a39-a8fa96512430&tv=%7Bc:9RdH0a,time:660,type:e,im:%7Bpci:%7Btdr:613%7D%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:660,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:19,wc:0.0.1600.1200,ac:NaN.NaN.0.0,am:sp,cc:0.0.0.0,piv:0,obst:0,th:0,reas:r.h,bkn:%7Bpiv:%5B651~0%5D,as:%5B651~0.0%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:176,fm:tBv49OW+11%7C12%7C131%7C141%7C142%7C151%7C152%7C161*.990511-61634100%7C1611%7C1612%7C1613%7C1711%7C1712,idMap:161*,rmeas:1,rend:1,renddet:XIFRAME.qs.dr,siq:20,sis:168%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7781:274e:86ad:6bbc:9169 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 15 Apr 2023 12:46:44 GMT
server: nginx
x-server-name: dt12.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 41ms
41ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kriptobi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 12:46:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 15 Apr 2023 12:46:44 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 12F0 13 KB
5 KB 15ms
14ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.kriptobi.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 9422
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 15 Apr 2023 10:09:42 GMT
expires: Sun, 14 Apr 2024 10:09:42 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 6CCE 783 B
535 B 25ms
24ms Document
text/html 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

0b80f19291b3c8826c41ffda1c698310c1afb9e474f54bdc5d30ad9b6674b333

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-FCf4f_-T14eUmi3FUDvS3Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.kriptobi.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-FCf4f_-T14eUmi3FUDvS3Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sat, 15 Apr 2023 12:46:44 GMT
expires: Sat, 15 Apr 2023 12:46:44 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 6CCE 0
0 49ms
49ms Image
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230412&jk=240041507209864&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

GET
H3 200 qQ9mw0ckdUnCcE_fRg-2epoMaLUurlOMv3TU4-E81-A.js Show response
pagead2.googlesyndication.com/bg/ Frame 12F0 36 KB
14 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/qQ9mw0ckdUnCcE_fRg-2epoMaLUurlOMv3TU4-E81-A.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a90f66c347247549c2704fdf460fb67a9a0c68b52eae538cbf74d4e3e13cd7e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 08:59:33 GMT
content-encoding: br
x-content-type-options: nosniff
age: 13632
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14294
x-xss-protection: 0
last-modified: Tue, 11 Apr 2023 10:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 14 Apr 2024 08:59:33 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 12F0 0
12 B 15ms
14ms Image
text/plain 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?E7VuUQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 12:46:45 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 analysis-680572_640-640x450.jpg
www.kriptobi.com/wp-content/uploads/2019/10/ 102 KB
102 KB 95ms
94ms Image
image/jpeg 176.53.35.152
RADORE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.kriptobi.com/wp-content/uploads/2019/10/analysis-680572_640-640x450.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 176.53.35.152 , Turkey, ASN42926 (RADORE, TR),
Reverse DNS: 1527qmof7.guzel.net.tr
Software: LiteSpeed /
Resource Hash: 6ff18b185d8ed1bf1a60d09c8fef4801d9fcb5cbba696803796812f6c2f87e6d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kriptobi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 12:46:43 GMT
last-modified: Tue, 29 Oct 2019 12:09:12 GMT
server: LiteSpeed
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 104096
expires: Sat, 22 Apr 2023 12:46:43 GMT

GET
H2 200 bitcoin-blockchain-760x440.jpg
www.kriptobi.com/wp-content/uploads/2021/04/ 78 KB
78 KB 128ms
128ms Image
image/jpeg 176.53.35.152
RADORE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.kriptobi.com/wp-content/uploads/2021/04/bitcoin-blockchain-760x440.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 176.53.35.152 , Turkey, ASN42926 (RADORE, TR),
Reverse DNS: 1527qmof7.guzel.net.tr
Software: LiteSpeed /
Resource Hash: 108e1a196e0b05876cfee978078e2eec2f3737b2290a97aedded03514e60cfe9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kriptobi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 12:46:43 GMT
last-modified: Tue, 06 Apr 2021 11:22:41 GMT
server: LiteSpeed
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 79685
expires: Sat, 22 Apr 2023 12:46:43 GMT

GET
H2 200 1-760x448.jpg
www.kriptobi.com/wp-content/uploads/2021/05/ 67 KB
67 KB 56ms
56ms Image
image/jpeg 176.53.35.152
RADORE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.kriptobi.com/wp-content/uploads/2021/05/1-760x448.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 176.53.35.152 , Turkey, ASN42926 (RADORE, TR),
Reverse DNS: 1527qmof7.guzel.net.tr
Software: LiteSpeed /
Resource Hash: 44aafb041b585e71f599786e7f8f78a9d3af62a1eb617046cc3ca6e8ae457b93

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kriptobi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 12:46:43 GMT
last-modified: Mon, 10 May 2021 08:56:53 GMT
server: LiteSpeed
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 68933
expires: Sat, 22 Apr 2023 12:46:43 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 52ms
51ms Image
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230412&jk=240041507209864&bg=!RUalRhLNAAZA7GLoYOw7ADkAdvg8WswuM1Yx7KokWmSgnJtBEnbOxKOxN7pPgrOA3Ntc4ciGfBv4vMMEJsDLamy3mnZTEkXXW8sCAAAAV1IAAAAEaAEHmQLXoDSRUSDatnfU1nQONPprjJhD4laFeTl3CDSMaNYBsqZqLTW3kFi3svcXmUyGrH7LRPStnqxk-6eiVh1sE99uAWyAZfURGvqri8JcrtCPOa2l_G9eL_taEK0YXMj6DzmNL6dTD-n3ufJr_ZxnYhahhzpSTVePYYGA0i5SW0sKSwVzTx5CBXQ1UZrPPxng-kFHECHESJQwVSoIa6hNO1z4DM0-7Mb8_0_3_xCYa5TPHfpAxhzNiRRGibl8wMxM_4rpNLkl1hDrZ2LmQPfGzb2RXeGmJv3uI4Qw4S-qhGpZPqt0cXD7waH7SaB051nLh48I-vNsW7jCOu7JS1q1c8y9dKc7sMD8K2weRicgSq7Wsph5GAmTFGswEYaOaMdTOK6xBqLpWwJNVeYxwUlN4Ibkard_TdrXiJn1KcwyMPKwC-6c9XJVkm3hIeftk7wUSWEiaINMB5hEZKqthfx9q6BACJV3zae-PJOvtYUzAkaJpAM8vg84y2Rx-ppGSBDckWyp-t5njKwk1fOvULWt_WeKlXyfcOmoedQXx1qYF3JDeXLxXBteJvJ0Xbl1MOp7D7B7SM6BaelPId-0YlVks3yGP5247xtwsGYrNVqRrIbr0t8WxczXjj-I2aWLAOfambhCe9oIlL53I_Zy6hHx2VN93p-QmilNvRv1nnItFKEEfMHYy5Aj-8-wZgB5ZG0CzhhPEkje1ZkocVpqlzrQ5IlJulaB1MkTvpz65YeaK4B-bqETjHZwtVQZVEyGYN_qI1udEx14nJRrsb9iRW7LHYyYTMOpWteP56FbmbcXHRGlyomsbSMszzah0u7B29hraPNdY2_LgijxcCODqoLvgpC1jXF37yczgLb-U5uLcZyBIBKbF-Kqc6a4R7q6TGRt9OeZonudXpKnXicsYbYSCI_G3C8Oc6c3ixaxzQBitdkIEZqpexQy1nR6rbQzXL383dT9ooblarBtbQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kriptobi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame C612 0
20 B 48ms
48ms Ping
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=5762212515549&version=m202301230201&ct=76&x=1&cor=9154176718488684000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 15 Apr 2023 12:46:45 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

101 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

30 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.kriptobi.com/	1970-01-20 20:42:02	Name: _ga_4EGCEX1B42 Value: GS1.1.1681562801.1.0.1681562801.0.0.0
.kriptobi.com/	1970-01-20 20:42:02	Name: _ga Value: GA1.2.1132074045.1681562802
.kriptobi.com/	1970-01-20 11:07:29	Name: _gid Value: GA1.2.463766507.1681562802
.kriptobi.com/	1970-01-20 11:06:02	Name: _gat_gtag_UA_90602782_3 Value: 1
.kriptobi.com/	1970-01-20 20:27:38	Name: __gads Value: ID=d22aafe81fb0a66c-2299a61291dd005d:T=1681562802:RT=1681562802:S=ALNI_MZQBr8WGbln-V7JyHH-jIu-PuQc_Q
.kriptobi.com/	1970-01-20 20:27:38	Name: __gpi Value: UID=00000bd6804a9a1d:T=1681562802:RT=1681562802:S=ALNI_Mb28WwxqoiV7HAMwfyAuq_ZY_zJ-A
.doubleclick.net/	1970-01-20 11:06:06	Name: DSID Value: NO_DATA
.casalemedia.com/	1970-01-20 19:51:38	Name: CMID Value: ZDqcs6Z98k-7hQ5MLlOc0wAA
.casalemedia.com/	1970-01-20 13:15:38	Name: CMPS Value: 5234
.casalemedia.com/	1970-01-20 13:15:38	Name: CMPRO Value: 5234
.adform.net/	1970-01-20 11:49:14	Name: C Value: 1
.doubleclick.net/	1970-01-20 20:27:38	Name: IDE Value: AHWqTUm5tLKN1DHEF36lEBreB-6hBE8GLh6qFO59w1vPOFO495XDiMbdWzoTSxVZ8HE
.de17a.com/	1970-01-20 19:44:26	Name: guid Value: 1.3454393487336103357
.adform.net/	1970-01-20 12:32:26	Name: uid Value: 382945230619725302
.everesttech.net/	1970-01-20 19:51:38	Name: everest_g_v2 Value: g_surferid~ZDqcswAAAPhrwwAn
.pubmatic.com/	1970-01-20 11:07:29	Name: KTPCACOOKIE Value: YES
.simpli.fi/	1970-01-20 19:53:05	Name: suid Value: DEB577C4245949E2B9B47531E82211A6
.travelaudience.com/	1970-01-20 20:36:17	Name: _tracker Value: %7B%22UUID%22%3A%2268547ED3-B1D8-4FC9-B565-21B64AFB46F0%22%7D
.pubmatic.com/	1970-01-20 19:51:38	Name: KADUSERCOOKIE Value: 284041E1-EB14-44B8-B218-78DE4F3FB55F
.bidswitch.net/	1970-01-20 19:51:38	Name: tuuid Value: e0158978-8f0f-417e-876b-6ecb5748c54d
.bidswitch.net/	1970-01-20 19:51:38	Name: c Value: 1681562803
.bidswitch.net/	1970-01-20 19:51:38	Name: tuuid_lu Value: 1681562803
.bidswitch.net/	1970-01-20 11:06:03	Name: google_push Value: Aer7DvKysM476Ek6Y6fnsBsWv9FUf8l96Ry2pvA2xOC9_e3bnghRYL6tL4axRc0kOQiwEQBFvqByCNzvfoPDJf4AvsCdJaZZYA_IDPA
.yahoo.com/	1970-01-20 19:52:00	Name: A3 Value: d=AQABBLOcOmQCEGPjFSh89Ys5BzjO-je9SAoFEgEBAQHuO2REZAAAAAAA_eMAAA&S=AQAAAuuT5gKAEE7O9oY_Y7sQMDU
.innovid.com/	1970-01-20 13:15:38	Name: uuid Value: 7f0e35db-17f8-4bd5-81eb-b29385cb5e96-20230415 08:46:43
.adnxs.com/	1970-01-20 13:15:38	Name: uuid2 Value: 2522877144548909306
.adnxs.com/	1970-01-20 13:15:38	Name: anj Value: dTM7k!M41.D>6NRF']wIg2In>j!:l8!]tbPl1M>e)ZlrFUfJ+tGXxomCFk#s@5x3!U`frq:tf+lJ*GFA^NF>p^<7I<3If)y3KL9D3I?-%l+!hn
ads.travelaudience.com/	1970-01-20 20:36:17	Name: _tracker Value: %7B%22UUID%22%3A%2268547ED3-B1D8-4FC9-B565-21B64AFB46F0%22%7D
.adfarm1.adition.com/	1970-01-20 13:15:38	Name: UserID1 Value: 7222257249354905740
.tribalfusion.com/	1970-01-20 13:15:38	Name: ANON_ID Value: aNnu7qyg6AbrA7u8QCkueIcQI7HS4FVoHCsFy0hUo3n2v62ULtoH88PT6TYudohmpLvxayxr7xpq1ZaplQeawANWlavy0I8WU6IZaEmW5F

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://id.rlcdn.com/466606.gif?cparams=google_push%3DAer7DvLImhJrbROKwec8mLinEejNfJhzY2c2--DRW1HFr8gwUDjySxRB5TGz_zVUB-xEJ-4TtSCyI94NxwW_ONHP4MG8y8nPYxMYGmE&google_gid=CAESENP9c9qa-BMRIYvjggKLgjs&google_cver=1 Message: Failed to load resource: the server responded with a status of 451 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.tribalfusion.com
ads.travelaudience.com
adservice.google.com
adservice.google.de
ag.innovid.com
c1.adform.net
cm.g.doubleclick.net
d5p.de17a.com
dclk-match.dotomi.com
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
dt.adsafeprotected.com
encrypted-tbn0.gstatic.com
encrypted-tbn1.gstatic.com
encrypted-tbn2.gstatic.com
encrypted-tbn3.gstatic.com
fonts.googleapis.com
fonts.gstatic.com
fw.adsafeprotected.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
ib.adnxs.com
id.rlcdn.com
image6.pubmatic.com
kriptobi.com
onetag-sys.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel.rubiconproject.com
pr-bh.ybp.yahoo.com
region1.google-analytics.com
rtb.openx.net
s.tribalfusion.com
s0.2mdn.net
ssum-sec.casalemedia.com
static.adsafeprotected.com
sync-tm.everesttech.net
tpc.googlesyndication.com
um.simpli.fi
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.kriptobi.com
x.bidswitch.net
142.250.185.162
151.101.2.49
176.53.35.152
185.64.189.115
185.80.39.216
185.83.142.19
2001:4860:4802:34::36
213.155.156.165
2600:1f13:800:7781:274e:86ad:6bbc:9169
2600:9000:2127:9600:8:48e:53c0:93a1
2606:4700::6812:19ad
2a00:1450:4001:803::2002
2a00:1450:4001:803::200e
2a00:1450:4001:806::2002
2a00:1450:4001:80e::2002
2a00:1450:4001:80f::200e
2a00:1450:4001:810::2002
2a00:1450:4001:810::2006
2a00:1450:4001:810::200e
2a00:1450:4001:812::2002
2a00:1450:4001:812::200a
2a00:1450:4001:813::2003
2a00:1450:4001:827::2002
2a00:1450:4001:827::200e
2a00:1450:4001:82b::2008
2a00:1450:4001:830::2003
2a00:1450:4001:831::2001
2a00:1450:4001:831::2004
2a02:fa8:8806:20::2010
2a05:d018:d29:3602:ea30:652:4665:4067
2a05:d01c:1d8:8101:a62a:a2db:d81b:4039
34.242.190.194
34.91.62.186
35.190.0.66
35.227.252.103
35.244.174.68
37.157.2.239
51.89.9.252
52.29.82.113
69.173.144.138
85.114.159.118
015c66593c8d3c2732a7eb33a0fdb0ba6cbf6d0aa71bbf3e839285b51573b7a8
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd
02fb5a960b6817695b363d2294c0945cc75bf10cd17e5a03b3ff68229b9f0d77
0472aae54f8e9ab5de8d211d2e1e9108807fb51bef0ea21ef13b60e1a4a8f17c
04c1bc744720c6e7542613e933c9a0f4bbd8f6ed45a5b1924223c256430dfd7b
055c5a657d1fd027e2c279715ee0f4efb221be58ff4c97b9c7e3e0ba075f9776
05ee926cc9bf2039ad93af941a67d23d84bd78ecd9d6ef53ff85eeaf744cbd89
06e7cfc33099ad5ee212809eba92a05111f953f6da171cca9b1c07a5dec736bc
077d26b1a58dd6c282fa6e15c00699a6c303a65f40e32c13da3755c53330e6d1
0b80f19291b3c8826c41ffda1c698310c1afb9e474f54bdc5d30ad9b6674b333
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0ec59046d0954124ebc1efd8fa4b3bef7db20538fcbf4058c48f22d3bba7c299
108e1a196e0b05876cfee978078e2eec2f3737b2290a97aedded03514e60cfe9
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
15ab541fac7b5f133143d54d212bb6cc2727b5aa62439073d9a712228758d0de
16b7023171c0f44fb50e3c5512ef841931f6901c9d87afedb6e86c49833411f6
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1828b1e1234a828c768d1b455b413687aa8c430195f96918a176c6396f1f153b
1ae367420c242e83f64dd6cba96fca46a5285d40116c0e849c7752d40303c1ab
1e12a7bc146f528a7b78318928877040671a8f4135d9f132b07174c3278e6021
1f8d60140a00561564748525ee1cbf3f7d7b87e7db087c57d73b660684837c03
1fcb0e18366ca0b4e62cd6f7297bcad640be8a77c287b4df1091cbc81bce3248
26326d9d5d768503c954be274d975455269146bba87409af461e46645e297ed7
26e2631bbb158bd94d0590b31eec0ee3a5f91dab6dd34d2b09047aa9d4ba44d4
26f2c1abc7720059c2f88aac37f0b15cd551c1b69b522eef0bf782cefcc98dc5
27564fe0e5a95c61c9fbd45ecdb0a0a640fbb320bb64a54f3307a52fe96f86e4
281ca3f0c83453a58a26b3746f2f5edc3df17fca9295c2c26730c95875c61751
292532d44ba2bbf15d48b2bf6ab6388bc21155a71655e38533de8cf606c02fa7
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2af5b88d4bf91f911cd8ea751af807706291a5cdfe77bf59fddf04f24730f6da
2d408b3407069eccc933306dcd72b68ff95b8455af8645256ef2049c605f4d65
2e6a2c48ddf656dd18431ca6f656e4d671a93141d2db4f304587d74280ecfbe4
2ffc81a66c376b42675c1b89737812ce8991df856ddbe9e59f9e745e44754c0f
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
347dfcb13df666d68a6ebcc1d6e2752f4246787423c2d5d66cabc649bbf34fa2
35fd59b97a8e0d867188a88d4ec485d4daa94c2ac3ae46790435ee7b59f229c2
3e9d07ebb7ea3f8e5c5568fa3b4e81d5b93aacfd93cc05192a30c0438039d349
4465bf082ee3b60a8bb23aa6cd79239f51fb18fad2f3c2f363a05779d08b7580
44aafb041b585e71f599786e7f8f78a9d3af62a1eb617046cc3ca6e8ae457b93
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e
45a61a04904fc2115c440a349a65dc93d2965b0b24dc5a8172bd8b792bdbf103
467a5b06cb117035f7882e8c71d80e093f04ce586c1ac2b84e7e4adf978edb30
46b3e081067e631f9a1049fbfa37844da854f741b7f9a45900dc02a19a4ef143
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4efc4a14ca93184f6bc714835f503e2e016c2d6a926e32734d3d6144b0549fb4
4f859c54c2abc8c5257845d36ebb1152e3eb5c555b9b78420cca3a626ecabc9d
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
516335347b99da976cd0671241768cf73c1b23357189a48bd350d2dc0ebdc029
53ee76fe4e6f7ad2b1dba08d3961acfec62f0efd478661449a72589771bf8c53
5407ac009e7f801394853e3ae51c6bc685eeaf056f04fe47a75dc131712a4972
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5651b43b4e8e488d108feb52c447449fb94668c833bc8099951ffa55e0d7e9a1
5728239d6302f134e425b17d7758bc6f4206b4acfc035db7f8625c2f1bbdea5e
592dbb3c4e19c00a8b8b60ac28aaa2dacaab14c605c2deb1a9c10e13a434692d
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782
5b6a8b709c60b154c6d0cda4252bf7a595d062f3355fa730e7d3c70bd2901efd
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6388c572ce340c0558bef35bc3143d9f70c874f8da01ee3b10f313db38d02109
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6b9b2b33d50320446996a318fbd7129b3b365e760c44e8acc28031438bb3f8d3
6d95ea547b0974a09d61104fa136f5eb6973466b6358fb06d997cc7f20ee71b2
6f8e9bc344e4a1765ca51141bd14ce1f425cf970c6a23e0c19cd64c83aea26f4
6fecc8158486627b69420a15a18836e0daf915a29b61ce16a2c9d1adf99b6b8c
6ff18b185d8ed1bf1a60d09c8fef4801d9fcb5cbba696803796812f6c2f87e6d
78cad1fb95d1e9bbe4a7b1f90fa38ef699314ee65bf914e65ffae62005103a8e
7df9c79b69dac7eb60962fa843afaabcbf31482db9fdfd346ecb8ca1b7cc8b0d
853f96d87457289e2713e674c49cab268fbebd73a25e57aaac73264851e26f19
854a1cb3bf2ef67e6a303c0ca22cbf1616a6683a1415997646bb2129047a7e1d
8745adfd0982b4f22e58c07def8b280276b4fcd58ec457a8ee455e8a1d473ee0
88a3246fd96aad19b19d9b9d59d879dc3da3698beff2118c235c8ab7224e1f3d
8a38f586da0eeb24a79b43449d29a03337f2a1b1a206a96923c198b248ace703
8b49d9f41d96eb1f02b2bc5bc6d727b99eecaf1c74160eb1447019f7772dd28b
912a830cb0d040a9f7c513b39b82d3a2bfaaea52d623502cb5b95362ecd6e924
9a6b8e3c479471370076b3dca3c77e4712d53ba5069fde9689b375f8a6f1df7b
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a02c28dee2269f9fae99418dfc505fc4d9900160821ef1385e55b245b24713e7
a3d5cab2ebdaf153284d3f3d4b07a37ee6f3afc3df0059ec5af4a5e0503ccf15
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a90f66c347247549c2704fdf460fb67a9a0c68b52eae538cbf74d4e3e13cd7e0
acbcc62bcbf7c5fc5397167093acf3fac25d5ea9166d48b3c5f5aef06c9b19a1
acc5497e76f832d950d14fcfa047dc3c864f7a0aae4c7a20521c0c655a53033b
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1b3b73852f7856f1a0f317701846bc7853eb5b127ba882c23c5073dbe6d022d
b921ddc652789b4efb5efba0ee08d719189575af63bb314f7d15b6c5ecfcad01
ba9e143db781b645a27217f7205e9b2e51ba525c0458ad50e3868d695cc27fa3
bbb9de48d3529199f5aab2fa15c0ac61cb2f4790f8d921fe6e215aece7bebccc
c02b9ec79fbd254fa28c4af580ef583bb835db70e1fe23cf73578011e8c66f14
c5663a1ab2a975aedc88dbbf644d92980a966b614286321a39baac756077b738
c6d5a53ef2baaff57ed64a780b95eb52364d785780e63c87803a4eab54b5ebd5
c9f957cc06255b47576fff3b5cb87257783c7e554062ec31a21723d81d1df774
ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93
cbeee230de9adc4b4765d4387c54fa936a5c26f8306fe0e6f5f8415284f56c33
cc7403bab52ed166e24ea9324241045af370be482f5b594468f4a6ac6e7e7981
d0f37dd4076e0af141b7099a24c6bfbe93d3142475fabd280d9fd82cb63797bb
d4ec872a2d8d2bf80735a8aabf8030042bb7539b754282c42d26bf2166cab79d
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6
d86b9cf8881fe68962ffd7ea6f9ae82a35ddc389537707756e3fbabf0e63e11f
def87dd899d0b7d84e3c03791b5dfa37de610b5d7ff11e3a2e384e2d90be03db
df929866fe41ad0f9e1b964f7004fa4915923ba0f78e8979fb51f82093075144
e2841a39abb72b74688d300d9c4f6d5beebfe4d6f6f038a879d3aab19700d314
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
e55e201b09b0526287ff78cd7292d70f137ebaea73cd6e46648ef24f56bd1150
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e59afc7f698704f985003a9ddc0688492491870dcfe7d9bf41d41ef6bdd39bb7
e719752a773076ca8e3f549032753877c83cafb2a640feb0886d9af24a3b44d3
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
f8f98d806d4aee9ca562a78a1199e338cb6808a2121082e89579f89a32ea9925
f9753126aa21b163fdbf22b8ad6ef16dec23a20b6e608a6ab829030111568cfc
fae77f7b8670e6e82ebdb99fbbf8df3785ae6087cd9ff7a69b2bdb3a48cf4386
ff4a14286b656a8e522f75009911e3fa1c31a87ef4be5bccf54aab32dcf5c97f

www.kriptobi.com Open in urlscan Pro 176.53.35.152 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

197 Requests

89 %HTTPS

59 %IPv6

31 Domains

46 Subdomains

31 IPs

10 Countries

3499 kBTransfer

7614 kBSize

30 Cookies

6 Outgoing links

Page URL History

Redirected requests

197 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 7 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.kriptobi.com Open in urlscan Pro
176.53.35.152 Public Scan

Screenshot
Live screenshot

Full Image

197
Requests

89 %
HTTPS

59 %
IPv6

31
Domains

46
Subdomains

31
IPs

10
Countries

3499 kB
Transfer

7614 kB
Size

30
Cookies

197 HTTP transactions
7 data transactions