www.4k8k.xyz Open in urlscan Pro
2606:4700:3036::6815:456b Public Scan

Go To Rescan
Add Verdict Report

URL:
http://www.4k8k.xyz/
Submission Tags: falconsandbox
Submission: On January 04 via api (January 4th 2022, 5:12:50 pm UTC) from US — Scanned from DE

Summary HTTP 97 Redirects Behaviour Indicators

Summary

This website contacted 33 IPs in 7 countries across 25 domains to perform 97 HTTP transactions. The main IP is 2606:4700:3036::6815:456b, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.4k8k.xyz.

This is the only time www.4k8k.xyz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
7	2606:4700:303... 2606:4700:3036::6815:456b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
14	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80e::2008	15169 (GOOGLE) (GOOGLE)
2	2606:4700:303... 2606:4700:3037::6815:135b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	103.235.46.191 103.235.46.191	55967 (BAIDU Bei...) (BAIDU Beijing Baidu Netcom Science and Technology Co.)
9	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80f::200e	15169 (GOOGLE) (GOOGLE)
1 5	142.250.185.66 142.250.185.66	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
2	2606:4700:303... 2606:4700:3037::6815:3471	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	2a00:1450:400... 2a00:1450:4001:82a::2008	15169 (GOOGLE) (GOOGLE)
2	45.133.44.4 45.133.44.4	7018 (ATT-INTER...) (ATT-INTERNET4)
3	2a0c:5c81:514... 2a0c:5c81:5142::2	55081 (24SHELLS) (24SHELLS)
4	2a00:1450:400... 2a00:1450:4001:808::200e	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:827::200a	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:811::2003	15169 (GOOGLE) (GOOGLE)
9	2a00:1450:400... 2a00:1450:4001:82f::2001	15169 (GOOGLE) (GOOGLE)
1	37.18.16.21 37.18.16.21	205675 (HYBRID-AS) (HYBRID-AS)
2	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
1 3	2a00:1450:400... 2a00:1450:4001:80e::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82b::2003	15169 (GOOGLE) (GOOGLE)
3	185.29.132.242 185.29.132.242	30419 (MEDIAMATH...) (MEDIAMATH-INC)
1	94.130.102.164 94.130.102.164	24940 (HETZNER-AS) (HETZNER-AS)
1	2.18.233.201 2.18.233.201	16625 (AKAMAI-AS) (AKAMAI-AS)
1 4	46.4.10.49 46.4.10.49	24940 (HETZNER-AS) (HETZNER-AS)
1 2	142.250.184.230 142.250.184.230	15169 (GOOGLE) (GOOGLE)
1	2620:116:800d... 2620:116:800d:21:fcb8:22d2:d390:5f1b	16509 (AMAZON-02) (AMAZON-02)
1 1	52.210.94.59 52.210.94.59	16509 (AMAZON-02) (AMAZON-02)
1 4	142.250.185.162 142.250.185.162	15169 (GOOGLE) (GOOGLE)
1 1	18.196.159.27 18.196.159.27	16509 (AMAZON-02) (AMAZON-02)
1	35.227.252.103 35.227.252.103	15169 (GOOGLE) (GOOGLE)
1	2a05:d01c:1d8... 2a05:d01c:1d8:8101:bbdc:e89a:212:4373	16509 (AMAZON-02) (AMAZON-02)
1 2	79.137.69.120 79.137.69.120	16276 (OVH) (OVH)
1	51.75.147.170 51.75.147.170	16276 (OVH) (OVH)
97	33

7 2606:4700:3036::6815:456b (United States)

ASN13335 (CLOUDFLARENET, US)

www.4k8k.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3037::6815:135b (United States)

ASN13335 (CLOUDFLARENET, US)

papayads.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 103.235.46.191 (Hong Kong)

ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN)

hm.baidu.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 142.250.185.66 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3037::6815:3471 (United States)

ASN13335 (CLOUDFLARENET, US)

player.adtcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::2008 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 45.133.44.4 (Philadelphia, United States)

ASN7018 (ATT-INTERNET4, US)

player.adtelligent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a0c:5c81:5142::2 (London, United Kingdom)

ASN55081 (24SHELLS, US)

ghb.adtelligent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:82f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.18.16.21 (Russian Federation)

ASN205675 (HYBRID-AS, RU)

dm.hybrid.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80e::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.29.132.242 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)

tags.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 94.130.102.164 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.164.102.130.94.clients.your-server.de

hal9000.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.233.201 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-201.deploy.static.akamaitechnologies.com

pixel.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 46.4.10.49 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.49.10.4.46.clients.your-server.de

hal90001.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.184.230 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f6.1e100.net

5994599.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800d:21:fcb8:22d2:d390:5f1b (United States)

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.210.94.59 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-210-94-59.eu-west-1.compute.amazonaws.com

pixel.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.185.162 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.196.159.27 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-196-159-27.eu-central-1.compute.amazonaws.com

d.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.227.252.103 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 103.252.227.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d01c:1d8:8101:bbdc:e89a:212:4373 (London, United Kingdom)

ASN16509 (AMAZON-02, US)

ag.innovid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 79.137.69.120 (France) 1 redirects

ASN16276 (OVH, FR)
PTR: gcm10.host.hit.gemius.pl

googlecm.hit.gemius.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.75.147.170 (France)

ASN16276 (OVH, FR)
PTR: ns3133977.ip-51-75-147.eu

cdn.contentspread.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
19	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	335 KB
17	doubleclick.net 3 redirects googleads.g.doubleclick.net securepubads.g.doubleclick.net 5994599.fls.doubleclick.net cm.g.doubleclick.net	211 KB
11	google.com 1 redirects adservice.google.com fundingchoicesmessages.google.com www.google.com	83 KB
7	4k8k.xyz www.4k8k.xyz	89 KB
5	redintelligence.net 1 redirects hal9000.redintelligence.net hal90001.redintelligence.net	10 KB
5	gstatic.com www.gstatic.com fonts.gstatic.com	174 KB
5	adtelligent.com player.adtelligent.com ghb.adtelligent.com sync.adtelligent.com Failed	33 KB
4	mathtag.com tags.mathtag.com pixel.mathtag.com	3 KB
4	googletagmanager.com 1 redirects www.googletagmanager.com googletagmanager.com	182 KB
3	googleapis.com fonts.googleapis.com	5 KB
3	google.co.uk adservice.google.co.uk	1 KB
2	gemius.pl 1 redirects googlecm.hit.gemius.pl	543 B
2	googletagservices.com www.googletagservices.com	74 KB
2	adtcdn.com player.adtcdn.com	103 KB
2	google-analytics.com www.google-analytics.com	363 B
2	baidu.com hm.baidu.com	14 KB
2	papayads.net papayads.net	6 KB
1	contentspread.net cdn.contentspread.net	77 KB
1	innovid.com ag.innovid.com	296 B
1	openx.net rtb.openx.net	351 B
1	agkn.com 1 redirects d.agkn.com	814 B
1	everesttech.net 1 redirects pixel.everesttech.net	431 B
1	quantserve.com cms.quantserve.com	464 B
1	hybrid.ai dm.hybrid.ai	238 B
1	googleadservices.com partner.googleadservices.com	643 B
97	25

	Domain	Requested by
10	pagead2.googlesyndication.com	www.4k8k.xyz pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com
9	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
7	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net www.4k8k.xyz
7	www.4k8k.xyz	www.4k8k.xyz
4	cm.g.doubleclick.net	1 redirects googleads.g.doubleclick.net www.4k8k.xyz
4	hal90001.redintelligence.net	1 redirects googleads.g.doubleclick.net hal90001.redintelligence.net
4	fundingchoicesmessages.google.com	securepubads.g.doubleclick.net
4	securepubads.g.doubleclick.net	1 redirects www.4k8k.xyz securepubads.g.doubleclick.net
4	adservice.google.com	pagead2.googlesyndication.com papayads.net 5994599.fls.doubleclick.net
3	tags.mathtag.com	googleads.g.doubleclick.net tags.mathtag.com
3	www.google.com	1 redirects googleads.g.doubleclick.net tpc.googlesyndication.com
3	www.gstatic.com	googleads.g.doubleclick.net
3	fonts.googleapis.com	googleads.g.doubleclick.net
3	ghb.adtelligent.com	player.adtelligent.com
3	adservice.google.co.uk	pagead2.googlesyndication.com papayads.net
2	googlecm.hit.gemius.pl	1 redirects www.4k8k.xyz
2	5994599.fls.doubleclick.net	1 redirects www.4k8k.xyz
2	fonts.gstatic.com	fonts.googleapis.com
2	www.googletagservices.com	googleads.g.doubleclick.net
2	player.adtelligent.com	www.4k8k.xyz player.adtcdn.com
2	googletagmanager.com	1 redirects www.4k8k.xyz
2	player.adtcdn.com	papayads.net
2	www.google-analytics.com	www.googletagmanager.com
2	hm.baidu.com	www.4k8k.xyz
2	papayads.net	www.4k8k.xyz papayads.net
2	www.googletagmanager.com	www.4k8k.xyz
1	cdn.contentspread.net	hal90001.redintelligence.net
1	ag.innovid.com	googleads.g.doubleclick.net
1	rtb.openx.net	googleads.g.doubleclick.net
1	d.agkn.com	1 redirects
1	pixel.everesttech.net	1 redirects
1	cms.quantserve.com	googleads.g.doubleclick.net
1	pixel.mathtag.com	tags.mathtag.com
1	hal9000.redintelligence.net	www.4k8k.xyz
1	dm.hybrid.ai	www.4k8k.xyz
1	partner.googleadservices.com	pagead2.googlesyndication.com
0	sync.adtelligent.com Failed	player.adtelligent.com www.4k8k.xyz
97	37

This site contains no links.

Subject Issuer	Validity	Valid
*.g.doubleclick.net GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-07-03` - `2022-07-02`	a year	crt.sh
baidu.com GlobalSign Organization Validation CA - SHA256 - G2	`2021-07-01` - `2022-08-02`	a year	crt.sh
*.googleadservices.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
*.google.co.uk GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
ghb.adtelligent.com ZeroSSL ECC Domain Secure Site CA	`2021-12-08` - `2022-03-08`	3 months	crt.sh
player.adtelligent.com R3	`2021-11-19` - `2022-02-17`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
*.hybrid.ai Sectigo RSA Domain Validation Secure Server CA	`2020-07-07` - `2022-10-05`	2 years	crt.sh
*.mathtag.com DigiCert SHA2 Secure Server CA	`2020-04-15` - `2022-04-22`	2 years	crt.sh
redintelligence.net R3	`2021-12-21` - `2022-03-21`	3 months	crt.sh
pixel.mathtag.com DigiCert SHA2 Secure Server CA	`2021-06-29` - `2022-07-07`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2021-09-22` - `2022-09-21`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2021-07-08` - `2022-08-08`	a year	crt.sh
*.innovid.com RapidSSL RSA CA 2018	`2020-02-07` - `2022-04-07`	2 years	crt.sh
contentspread.net R3	`2021-12-03` - `2022-03-03`	3 months	crt.sh

This page contains 15 frames:

Primary Page: http://www.4k8k.xyz/
Frame ID: 57315D8646F298362EF1483C8F5B2C06
Requests: 49 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20211207/r20190131/zrt_lookup.html
Frame ID: 28014C56D1295E9AFD83C306DB960C49
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8705509105161355&output=html&adk=1812271804&adf=3025194257&lmt=1641316365&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=http%3A%2F%2Fwww.4k8k.xyz%2F&ea=0&flash=0&pra=5&wgl=1&dt=1641316365443&bpp=3&bdt=95&idt=77&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=978902132689&frm=20&pv=2&ga_vid=276829651.1641316365&ga_sid=1641316366&ga_hid=438854099&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063859%2C31063247&oid=2&pvsid=3198287763256968&pem=400&tmod=48&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=1&uci=a!1&fsb=1&dtd=89
Frame ID: D61D3EECE0DE5F539A5F7BBBD3842FA2
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8705509105161355&output=html&h=280&adk=594683318&adf=3056025636&pi=t.aa~a.299964388~rp.4&w=350&fwrn=4&fwrnh=100&lmt=1641316365&rafmt=1&to=qs&pwprc=3717380529&psa=0&format=350x280&url=http%3A%2F%2Fwww.4k8k.xyz%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1641316365933&bpp=2&bdt=584&idt=2&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc525264f51e0a682-22a1352d15cd0034%3AT%3D1641316365%3ART%3D1641316365%3AS%3DALNI_MYhi7IBg97Vm3njujZ0F72d1rLQzQ&prev_fmts=0x0&nras=2&correlator=978902132689&frm=20&pv=1&ga_vid=276829651.1641316365&ga_sid=1641316366&ga_hid=438854099&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1005&ady=1374&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063859%2C31063247&oid=2&pvsid=3198287763256968&pem=400&tmod=48&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=UmpzC4cEbY&p=http%3A//www.4k8k.xyz&dtd=12
Frame ID: FE0578C8DB0009E7243BAA438CE46933
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20211207/r20110914/zrt_lookup.html?fsb=1
Frame ID: BEEFC2C823571D79AF5001A25A8A322B
Requests: 5 HTTP requests in this frame

Frame: https://sync.adtelligent.com/csync?t=a&ep=319130&extuid=9a4b8b79-ae1c-47a3-a090-c95a4d8aa9d6
Frame ID: D853E1E4537E8E80B08F01B7742D9E6C
Requests: 1 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400
Frame ID: AB1E783A6827C9F26DF0E7CA78A36185
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: B505B0CEE078BF8011DAB5661E2BC8D0
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/U_DPXy_vflqTjVU_YutWJm0axOJE633NQGMGFEhf2s0.js
Frame ID: 560690D3CC33B9E2143562ED6C6466B3
Requests: 1 HTTP requests in this frame

Frame: https://tags.mathtag.com/notify/js?exch=adx&s_exch=adx&id=5aW95q2jLzIzLyAvWkdJNU9UZG1PRGd0WVdZNFppMWtZVGN4TFRBd01EQXRNREF3TURBd01EQXdNREF3LzQ3NDkyNDIxNDgyODAzNjEwNS82NjIyMzI4LzQ1NjIzMDYvNC9jSVM1YzZhb2YtdFMtUVRlQVZhYlVjdk5kdGpFYkNHbkJLcGR3cXFjMy1nLzEvNC8wLzAvOTU2ODAzLzAvMjE2NTM2LzY1MTg3MS8xLzAvMC9NREF3TURBd01EQXRNREF3TUMwd01EQXdMVEF3TURBdE1EQXdNREF3TURBd01EQXcvMC8wLzAvMC8wLzQ3NDkyNDIxNDgyODAzNjEwNS96cmgvMC85NzIvNzUvOTk5LzMyMi8yYTBmOjk0NDE6MTE6Oi8wLjAwMC8xNjQxMzE2MzY2LzE2NDEzMjg5NjYvNC9wdWItODcwNTUwOTEwNTE2MTM1NS8/1xvUbOvOHEpAMCpGRlAHwsRZxQY&nodeid=115&group=zrh&auctionid=474924214828036105&shardkey=474924214828036105&sid=4562306&cid=6622328&bp=a_bgafhj&nfy_act=LD5weg&type=adm&client=c2s&bfip=185.29.132.98&3pck=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCEvyDDoDUYaSoAvK9tOUP3-SLsA7Ph46bXMCG2YLGAsCNtwEQASAAYLsGggEXY2EtcHViLTg3MDU1MDkxMDUxNjEzNTXIAQmoAwGqBLkBT9BSgV_-xdUhmDrKzc4dlvKJI6-4W_m4RQLTMFE0XSPZxvCCyEQOBGmxLORYtvAYXQpjvPbn8MSVY1jCsepQecCQF6sNbAU3M-CYVscozsQq74YrLH_nOk4zkcgpTKMnnA4DUu7yXGUKG3-QL0b6pusio-2h1sGK1y_M2qwVn9TG3Cz_NyGT8LAdp6lNBBWGlszdEzlTRuXas_bCGUiB50deuD3tSSApfBw3RzMxwIj0Ts5PjaCU2maABpPmxMWZ3fWv-gGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2-lxPRgzGQztdjLVC-Rm69k6vM1Q%26client%3Dca-pub-8705509105161355%26adurl%3D
Frame ID: 88745E557AB3C9C681FF43F021EBC0AD
Requests: 12 HTTP requests in this frame

Frame: https://5994599.fls.doubleclick.net/activityi;dc_pre=CI2nmfjLmPUCFX0hBgAdLAoKqg;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=869393637257.8115
Frame ID: 1D83FBAE521C3E3680B790D05021DDA2
Requests: 2 HTTP requests in this frame

Frame: https://hal90001.redintelligence.net/request_content.php?s=18005100294213900951407011829001&a=88357a94
Frame ID: 7EE757979DF76B640AC7D81F5ADC223E
Requests: 4 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: E22C7382C7E1931A80A498333F301AA2
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 59F945F5B470EE778979CA53BDC8C2AD
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 111CACF6880C53FF748371BAC9B88BF2
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

程序员资料

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Baidu Analytics (百度统计) (Analytics) Expand

Overall confidence: 100%
Detected patterns

hm\.baidu\.com/hm\.js

Gemius (Analytics) Expand

Overall confidence: 80%
Detected patterns

hit\.gemius\.pl

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

97
Requests

79 %
HTTPS

56 %
IPv6

25
Domains

37
Subdomains

33
IPs

7
Countries

1397 kB
Transfer

3794 kB
Size

22
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 21

http://securepubads.g.doubleclick.net/tag/js/gpt.js HTTP 301
https://securepubads.g.doubleclick.net/tag/js/gpt.js

Request Chain 23

http://googletagmanager.com/gtag/js?id=G-28FYVDFLZ1 HTTP 302
https://googletagmanager.com/gtag/js?id=G-28FYVDFLZ1

Request Chain 24

http://www.googletagmanager.com/gtag/js?id=G-28FYVDFLZ1&l=dataLayer&cx=c HTTP 307
https://www.googletagmanager.com/gtag/js?id=G-28FYVDFLZ1&l=dataLayer&cx=c

Request Chain 26

http://player.adtelligent.com/prebidlink/455921/hbw_master_313926_12692.js HTTP 307
https://player.adtelligent.com/prebidlink/455921/hbw_master_313926_12692.js

Request Chain 44

http://csync.loopme.me/?redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D319130%26extuid%3D%7Bdevice_id%7D HTTP 307
https://sync.adtelligent.com/csync?t=a&ep=319130&extuid=9a4b8b79-ae1c-47a3-a090-c95a4d8aa9d6

Request Chain 57

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 73

https://hal90001.redintelligence.net/request.php?zone=h78o6ojw9z7r&nw=20&renderingType=javascript&namespace=cf08092676&subid=&uid=ec94dbf419af26f0&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=336x280&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D474924214828036105%26mt_id%3D6622328%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3Df3bc61d4-800e-4901-b7b4-66be01c016a2%26mt_cid%3Df3bc61d4-800e-4901-b7b4-66be01c016a2%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCEvyDDoDUYaSoAvK9tOUP3-SLsA7Ph46bXMCG2YLGAsCNtwEQASAAYLsGggEXY2EtcHViLTg3MDU1MDkxMDUxNjEzNTXIAQmoAwGqBLkBT9BSgV_-xdUhmDrKzc4dlvKJI6-4W_m4RQLTMFE0XSPZxvCCyEQOBGmxLORYtvAYXQpjvPbn8MSVY1jCsepQecCQF6sNbAU3M-CYVscozsQq74YrLH_nOk4zkcgpTKMnnA4DUu7yXGUKG3-QL0b6pusio-2h1sGK1y_M2qwVn9TG3Cz_NyGT8LAdp6lNBBWGlszdEzlTRuXas_bCGUiB50deuD3tSSApfBw3RzMxwIj0Ts5PjaCU2maABpPmxMWZ3fWv-gGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_2-lxPRgzGQztdjLVC-Rm69k6vM1Q%2526client%253Dca-pub-8705509105161355%2526adurl%253D%26redirect%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-8705509105161355%26output%3Dhtml%26h%3D280%26adk%3D594683318%26adf%3D3056025636%26pi%3Dt.aa~a.299964388~rp.4%26w%3D350%26fwrn%3D4%26fwrnh%3D100%26lmt%3D1641316365%26rafmt%3D1%26to%3Dqs%26pwprc%3D3717380529%26psa%3D0%26format%3D350x280%26url%3Dhttp%253A%252F%252Fwww.4k8k.xyz%252F%26flash%3D0%26fwr%3D0%26pra%3D3%26rpe%3D1%26resp_fmts%3D3%26wgl%3D1%26fa%3D40%26dt%3D1641316365933%26bpp%3D2%26bdt%3D584%26idt%3D2%26shv%3Dr20211207%26mjsv%3Dm202112060101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26cookie%3DID%253Dc525264f51e0a682-22a1352d15cd0034%253AT%253D1641316365%253ART%253D1641316365%253AS%253DALNI_MYhi7IBg97Vm3njujZ0F72d1rLQzQ%26prev_fmts%3D0x0%26nras%3D2%26correlator%3D978902132689%26frm%3D20%26pv%3D1%26ga_vid%3D276829651.1641316365%26ga_sid%3D1641316366%26ga_hid%3D438854099%26ga_fc%3D1%26u_tz%3D0%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26adx%3D1005%26ady%3D1374%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D31063859%252C31063247%26oid%3D2%26pvsid%3D3198287763256968%26pem%3D400%26tmod%3D48%26eae%3D0%26fc%3D1920%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257Cs%257C%26abl%3DNS%26fu%3D128%26bc%3D23%26ifi%3D2%26uci%3Da!2%26btvi%3D1%26fsb%3D1%26xpc%3DUmpzC4cEbY%26p%3Dhttp%253A%2F%2Fwww.4k8k.xyz%26dtd%3D12&ancestorOrigins=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Chttp%3A%2F%2Fwww.4k8k.xyz&random=4151163787951&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 HTTP 302
https://hal90001.redintelligence.net/request.php?zone=h78o6ojw9z7r&nw=20&renderingType=javascript&namespace=cf08092676&subid=&uid=ec94dbf419af26f0&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=336x280&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D474924214828036105%26mt_id%3D6622328%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3Df3bc61d4-800e-4901-b7b4-66be01c016a2%26mt_cid%3Df3bc61d4-800e-4901-b7b4-66be01c016a2%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCEvyDDoDUYaSoAvK9tOUP3-SLsA7Ph46bXMCG2YLGAsCNtwEQASAAYLsGggEXY2EtcHViLTg3MDU1MDkxMDUxNjEzNTXIAQmoAwGqBLkBT9BSgV_-xdUhmDrKzc4dlvKJI6-4W_m4RQLTMFE0XSPZxvCCyEQOBGmxLORYtvAYXQpjvPbn8MSVY1jCsepQecCQF6sNbAU3M-CYVscozsQq74YrLH_nOk4zkcgpTKMnnA4DUu7yXGUKG3-QL0b6pusio-2h1sGK1y_M2qwVn9TG3Cz_NyGT8LAdp6lNBBWGlszdEzlTRuXas_bCGUiB50deuD3tSSApfBw3RzMxwIj0Ts5PjaCU2maABpPmxMWZ3fWv-gGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_2-lxPRgzGQztdjLVC-Rm69k6vM1Q%2526client%253Dca-pub-8705509105161355%2526adurl%253D%26redirect%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-8705509105161355%26output%3Dhtml%26h%3D280%26adk%3D594683318%26adf%3D3056025636%26pi%3Dt.aa~a.299964388~rp.4%26w%3D350%26fwrn%3D4%26fwrnh%3D100%26lmt%3D1641316365%26rafmt%3D1%26to%3Dqs%26pwprc%3D3717380529%26psa%3D0%26format%3D350x280%26url%3Dhttp%253A%252F%252Fwww.4k8k.xyz%252F%26flash%3D0%26fwr%3D0%26pra%3D3%26rpe%3D1%26resp_fmts%3D3%26wgl%3D1%26fa%3D40%26dt%3D1641316365933%26bpp%3D2%26bdt%3D584%26idt%3D2%26shv%3Dr20211207%26mjsv%3Dm202112060101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26cookie%3DID%253Dc525264f51e0a682-22a1352d15cd0034%253AT%253D1641316365%253ART%253D1641316365%253AS%253DALNI_MYhi7IBg97Vm3njujZ0F72d1rLQzQ%26prev_fmts%3D0x0%26nras%3D2%26correlator%3D978902132689%26frm%3D20%26pv%3D1%26ga_vid%3D276829651.1641316365%26ga_sid%3D1641316366%26ga_hid%3D438854099%26ga_fc%3D1%26u_tz%3D0%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26adx%3D1005%26ady%3D1374%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D31063859%252C31063247%26oid%3D2%26pvsid%3D3198287763256968%26pem%3D400%26tmod%3D48%26eae%3D0%26fc%3D1920%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257Cs%257C%26abl%3DNS%26fu%3D128%26bc%3D23%26ifi%3D2%26uci%3Da!2%26btvi%3D1%26fsb%3D1%26xpc%3DUmpzC4cEbY%26p%3Dhttp%253A%2F%2Fwww.4k8k.xyz%26dtd%3D12&ancestorOrigins=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Chttp%3A%2F%2Fwww.4k8k.xyz&random=4151163787951&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1

Request Chain 74

https://5994599.fls.doubleclick.net/activityi;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=869393637257.8115 HTTP 302
https://5994599.fls.doubleclick.net/activityi;dc_pre=CI2nmfjLmPUCFX0hBgAdLAoKqg;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=869393637257.8115

Request Chain 79

https://pixel.everesttech.net/1/m?url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Deverest%26google_hm%3D__EFGSURFER_USB64__%26google_push%3DAYg5qPKexMnDxI7QSraaVCbREYaVSQYylM810OdUrLs_n7JCwIzZgf95PABFcRCkgo0ZshADBOV-j4TmOvZtgf62ewjybPjFOMgdob_saEHfJm1--3NfPLzoZ2LewVmtdU5fpRhQJ95XD06pwrfQ43ehEvA&google_gid=CAESECkOTXXeKITboVjBN-P1hGc&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WWRTQUR3QUFCZkAtZTI2aA&google_push=AYg5qPKexMnDxI7QSraaVCbREYaVSQYylM810OdUrLs_n7JCwIzZgf95PABFcRCkgo0ZshADBOV-j4TmOvZtgf62ewjybPjFOMgdob_saEHfJm1--3NfPLzoZ2LewVmtdU5fpRhQJ95XD06pwrfQ43ehEvA

Request Chain 80

https://d.agkn.com/pixel/2175/?google_gid=CAESEGEHOW1zCRaDNw843gtY9-E&google_cver=1&google_push=AYg5qPLRypc4lxqZhlSs7RsWhR-v2CcsRWCuRUvAiBc9NdQtNWY-O8vIQQknmTUdfLxJ26gxlDbVPfR4DpHo8ICzDPxdh4ezmma78rFDsBcPPt7imwrLY7bl0QDWFORUhh3MO8OrgAqs_dok6sJ8BzuvNMg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPLRypc4lxqZhlSs7RsWhR-v2CcsRWCuRUvAiBc9NdQtNWY-O8vIQQknmTUdfLxJ26gxlDbVPfR4DpHo8ICzDPxdh4ezmma78rFDsBcPPt7imwrLY7bl0QDWFORUhh3MO8OrgAqs_dok6sJ8BzuvNMg&google_hm=Q0FFU0VHRUhPVzF6Q1JhRE53ODQzZ3RZOS1F

Request Chain 82

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEJZ1AOHUkiZOjk6-oHpxhZ8&google_cver=1&google_push=AYg5qPLRFeTnsq__mvaHbOYURcAaEQ_2KTRJCDVAj0lCm1ikujhTYZ8GVGbvt5r78Sektkm8PiBSjZ68dhgmt9PB8fjRBr7alwznDaejCy6lWnL4AcxAz5qFEUUIjt9JbkUKqA3rGVZm4EOEMa-mKQxQ7QU HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEJZ1AOHUkiZOjk6-oHpxhZ8&google_push=AYg5qPLRFeTnsq__mvaHbOYURcAaEQ_2KTRJCDVAj0lCm1ikujhTYZ8GVGbvt5r78Sektkm8PiBSjZ68dhgmt9PB8fjRBr7alwznDaejCy6lWnL4AcxAz5qFEUUIjt9JbkUKqA3rGVZm4EOEMa-mKQxQ7QU&s=184023&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YdSADxpzy9vvhxt1fdPBkAAABJcAAAAB&google_push=AYg5qPLRFeTnsq__mvaHbOYURcAaEQ_2KTRJCDVAj0lCm1ikujhTYZ8GVGbvt5r78Sektkm8PiBSjZ68dhgmt9PB8fjRBr7alwznDaejCy6lWnL4AcxAz5qFEUUIjt9JbkUKqA3rGVZm4EOEMa-mKQxQ7QU&google_gid=CAESEJZ1AOHUkiZOjk6-oHpxhZ8&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YdSADxpzy9vvhxt1fdPBkAAABJcAAAAB&google_push=AYg5qPLRFeTnsq__mvaHbOYURcAaEQ_2KTRJCDVAj0lCm1ikujhTYZ8GVGbvt5r78Sektkm8PiBSjZ68dhgmt9PB8fjRBr7alwznDaejCy6lWnL4AcxAz5qFEUUIjt9JbkUKqA3rGVZm4EOEMa-mKQxQ7QU&google_gid=CAESEJZ1AOHUkiZOjk6-oHpxhZ8&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YdSADxpzy9vvhxt1fdPBkAAABJcAAAAB&google_push=AYg5qPLRFeTnsq__mvaHbOYURcAaEQ_2KTRJCDVAj0lCm1ikujhTYZ8GVGbvt5r78Sektkm8PiBSjZ68dhgmt9PB8fjRBr7alwznDaejCy6lWnL4AcxAz5qFEUUIjt9JbkUKqA3rGVZm4EOEMa-mKQxQ7QU&google_gid=CAESEJZ1AOHUkiZOjk6-oHpxhZ8&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YdSADxpzy9vvhxt1fdPBkAAABJcAAAAB&google_push=AYg5qPLRFeTnsq__mvaHbOYURcAaEQ_2KTRJCDVAj0lCm1ikujhTYZ8GVGbvt5r78Sektkm8PiBSjZ68dhgmt9PB8fjRBr7alwznDaejCy6lWnL4AcxAz5qFEUUIjt9JbkUKqA3rGVZm4EOEMa-mKQxQ7QU&google_gid=CAESEJZ1AOHUkiZOjk6-oHpxhZ8&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YdSADxpzy9vvhxt1fdPBkAAABJcAAAAB&google_push=AYg5qPLRFeTnsq__mvaHbOYURcAaEQ_2KTRJCDVAj0lCm1ikujhTYZ8GVGbvt5r78Sektkm8PiBSjZ68dhgmt9PB8fjRBr7alwznDaejCy6lWnL4AcxAz5qFEUUIjt9JbkUKqA3rGVZm4EOEMa-mKQxQ7QU&google_gid=CAESEJZ1AOHUkiZOjk6-oHpxhZ8&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YdSADxpzy9vvhxt1fdPBkAAABJcAAAAB&google_push=AYg5qPLRFeTnsq__mvaHbOYURcAaEQ_2KTRJCDVAj0lCm1ikujhTYZ8GVGbvt5r78Sektkm8PiBSjZ68dhgmt9PB8fjRBr7alwznDaejCy6lWnL4AcxAz5qFEUUIjt9JbkUKqA3rGVZm4EOEMa-mKQxQ7QU&google_gid=CAESEJZ1AOHUkiZOjk6-oHpxhZ8&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YdSADxpzy9vvhxt1fdPBkAAABJcAAAAB&google_push=AYg5qPLRFeTnsq__mvaHbOYURcAaEQ_2KTRJCDVAj0lCm1ikujhTYZ8GVGbvt5r78Sektkm8PiBSjZ68dhgmt9PB8fjRBr7alwznDaejCy6lWnL4AcxAz5qFEUUIjt9JbkUKqA3rGVZm4EOEMa-mKQxQ7QU&google_gid=CAESEJZ1AOHUkiZOjk6-oHpxhZ8&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YdSADxpzy9vvhxt1fdPBkAAABJcAAAAB&google_push=AYg5qPLRFeTnsq__mvaHbOYURcAaEQ_2KTRJCDVAj0lCm1ikujhTYZ8GVGbvt5r78Sektkm8PiBSjZ68dhgmt9PB8fjRBr7alwznDaejCy6lWnL4AcxAz5qFEUUIjt9JbkUKqA3rGVZm4EOEMa-mKQxQ7QU&google_gid=CAESEJZ1AOHUkiZOjk6-oHpxhZ8&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YdSADxpzy9vvhxt1fdPBkAAABJcAAAAB&google_push=AYg5qPLRFeTnsq__mvaHbOYURcAaEQ_2KTRJCDVAj0lCm1ikujhTYZ8GVGbvt5r78Sektkm8PiBSjZ68dhgmt9PB8fjRBr7alwznDaejCy6lWnL4AcxAz5qFEUUIjt9JbkUKqA3rGVZm4EOEMa-mKQxQ7QU&google_gid=CAESEJZ1AOHUkiZOjk6-oHpxhZ8&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YdSADxpzy9vvhxt1fdPBkAAABJcAAAAB&google_push=AYg5qPLRFeTnsq__mvaHbOYURcAaEQ_2KTRJCDVAj0lCm1ikujhTYZ8GVGbvt5r78Sektkm8PiBSjZ68dhgmt9PB8fjRBr7alwznDaejCy6lWnL4AcxAz5qFEUUIjt9JbkUKqA3rGVZm4EOEMa-mKQxQ7QU&google_gid=CAESEJZ1AOHUkiZOjk6-oHpxhZ8&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YdSADxpzy9vvhxt1fdPBkAAABJcAAAAB&google_push=AYg5qPLRFeTnsq__mvaHbOYURcAaEQ_2KTRJCDVAj0lCm1ikujhTYZ8GVGbvt5r78Sektkm8PiBSjZ68dhgmt9PB8fjRBr7alwznDaejCy6lWnL4AcxAz5qFEUUIjt9JbkUKqA3rGVZm4EOEMa-mKQxQ7QU&google_gid=CAESEJZ1AOHUkiZOjk6-oHpxhZ8&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YdSADxpzy9vvhxt1fdPBkAAABJcAAAAB&google_push=AYg5qPLRFeTnsq__mvaHbOYURcAaEQ_2KTRJCDVAj0lCm1ikujhTYZ8GVGbvt5r78Sektkm8PiBSjZ68dhgmt9PB8fjRBr7alwznDaejCy6lWnL4AcxAz5qFEUUIjt9JbkUKqA3rGVZm4EOEMa-mKQxQ7QU&google_gid=CAESEJZ1AOHUkiZOjk6-oHpxhZ8&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YdSADxpzy9vvhxt1fdPBkAAABJcAAAAB&google_push=AYg5qPLRFeTnsq__mvaHbOYURcAaEQ_2KTRJCDVAj0lCm1ikujhTYZ8GVGbvt5r78Sektkm8PiBSjZ68dhgmt9PB8fjRBr7alwznDaejCy6lWnL4AcxAz5qFEUUIjt9JbkUKqA3rGVZm4EOEMa-mKQxQ7QU&google_gid=CAESEJZ1AOHUkiZOjk6-oHpxhZ8&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YdSADxpzy9vvhxt1fdPBkAAABJcAAAAB&google_push=AYg5qPLRFeTnsq__mvaHbOYURcAaEQ_2KTRJCDVAj0lCm1ikujhTYZ8GVGbvt5r78Sektkm8PiBSjZ68dhgmt9PB8fjRBr7alwznDaejCy6lWnL4AcxAz5qFEUUIjt9JbkUKqA3rGVZm4EOEMa-mKQxQ7QU&google_gid=CAESEJZ1AOHUkiZOjk6-oHpxhZ8&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YdSADxpzy9vvhxt1fdPBkAAABJcAAAAB&google_push=AYg5qPLRFeTnsq__mvaHbOYURcAaEQ_2KTRJCDVAj0lCm1ikujhTYZ8GVGbvt5r78Sektkm8PiBSjZ68dhgmt9PB8fjRBr7alwznDaejCy6lWnL4AcxAz5qFEUUIjt9JbkUKqA3rGVZm4EOEMa-mKQxQ7QU&google_gid=CAESEJZ1AOHUkiZOjk6-oHpxhZ8&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YdSADxpzy9vvhxt1fdPBkAAABJcAAAAB&google_push=AYg5qPLRFeTnsq__mvaHbOYURcAaEQ_2KTRJCDVAj0lCm1ikujhTYZ8GVGbvt5r78Sektkm8PiBSjZ68dhgmt9PB8fjRBr7alwznDaejCy6lWnL4AcxAz5qFEUUIjt9JbkUKqA3rGVZm4EOEMa-mKQxQ7QU&google_gid=CAESEJZ1AOHUkiZOjk6-oHpxhZ8&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YdSADxpzy9vvhxt1fdPBkAAABJcAAAAB&google_push=AYg5qPLRFeTnsq__mvaHbOYURcAaEQ_2KTRJCDVAj0lCm1ikujhTYZ8GVGbvt5r78Sektkm8PiBSjZ68dhgmt9PB8fjRBr7alwznDaejCy6lWnL4AcxAz5qFEUUIjt9JbkUKqA3rGVZm4EOEMa-mKQxQ7QU&google_gid=CAESEJZ1AOHUkiZOjk6-oHpxhZ8&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YdSADxpzy9vvhxt1fdPBkAAABJcAAAAB&google_push=AYg5qPLRFeTnsq__mvaHbOYURcAaEQ_2KTRJCDVAj0lCm1ikujhTYZ8GVGbvt5r78Sektkm8PiBSjZ68dhgmt9PB8fjRBr7alwznDaejCy6lWnL4AcxAz5qFEUUIjt9JbkUKqA3rGVZm4EOEMa-mKQxQ7QU&google_gid=CAESEJZ1AOHUkiZOjk6-oHpxhZ8&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YdSADxpzy9vvhxt1fdPBkAAABJcAAAAB&google_push=AYg5qPLRFeTnsq__mvaHbOYURcAaEQ_2KTRJCDVAj0lCm1ikujhTYZ8GVGbvt5r78Sektkm8PiBSjZ68dhgmt9PB8fjRBr7alwznDaejCy6lWnL4AcxAz5qFEUUIjt9JbkUKqA3rGVZm4EOEMa-mKQxQ7QU&google_gid=CAESEJZ1AOHUkiZOjk6-oHpxhZ8&google_cver=1

Request Chain 84

https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEP5-9m0ZsMRaF0zFOsmOPro&google_cver=1&google_push=AYg5qPJdAKBewOxFgzN6fT5EzRUX5Nq55vdBrCzi7Xe0ot_opkXlwGPgeEy4AJoU1hssr4Bko_eOF3hI4l0ceIveILmBJYt6yupeRuDg5iv7P2RwnYJY6-IWAgnnV43BKpjqZS5-5vaMfnr2_DyuFlBYjMT_ HTTP 301
https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AYg5qPJdAKBewOxFgzN6fT5EzRUX5Nq55vdBrCzi7Xe0ot_opkXlwGPgeEy4AJoU1hssr4Bko_eOF3hI4l0ceIveILmBJYt6yupeRuDg5iv7P2RwnYJY6-IWAg&google_hm= HTTP 302
https://googlecm.hit.gemius.pl/dot.gif?id=pyM1l.MgAY658jQJ4ykHpoYhP_hR_2_qZ3eEDY6uHMX.C7&google_error=5

97 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
www.4k8k.xyz/ 64 KB
14 KB 452ms
436ms Document
text/html 2606:4700:3036::6815:456b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://www.4k8k.xyz/
Protocol: HTTP/1.1
Server: 2606:4700:3036::6815:456b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4089060fef41304410d48a8638247f08e8f5858ff048c5c46ce30c6fe3c25879

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

Date: Tue, 04 Jan 2022 17:12:45 GMT
Content-Type: text/html;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
vary: Accept-Encoding
content-language: de-DE
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=legB1li9miYCYiX%2F30Ooue6NJeUfvnmnQKOyzHiZRNI%2B%2BMv3PGYmTWUIIpEH2vFls7mKIJJCFsoqUQC4GgouIQ21xtS0%2FsXdEn8ppQYXiZxuVq%2BmIbg2T1gSvoCtBw1BQwbBQx5RB3ogVBk%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 6c8617f0ba651776-FRA
Content-Encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 145 KB
51 KB 49ms
25ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8705509105161355

Requested by

Host: www.4k8k.xyz
URL: http://www.4k8k.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a55ce131f1da7305649744a31712cf23da0d8914460754c3d8cca79d742a98de

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.4k8k.xyz/
Origin: http://www.4k8k.xyz
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 17:12:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 51847
x-xss-protection: 0
server: cafe
etag: 1768795582097468916
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 04 Jan 2022 17:12:45 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 163 KB
61 KB 47ms
24ms Script
application/javascript 2a00:1450:4001:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-0PD9QC2HVB

Requested by

Host: www.4k8k.xyz
URL: http://www.4k8k.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

2656c507df9f1758610069bc09a3ff5aa77d41165fe22c91780a2c6affcef905

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.4k8k.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 17:12:45 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 61793
x-xss-protection: 0
expires: Tue, 04 Jan 2022 17:12:45 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 145 KB
51 KB 71ms
50ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: www.4k8k.xyz
URL: http://www.4k8k.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

316aae19d2184fe52ec31be241b7f05ad3c12e91c8bc39a38921bedd27317c72

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.4k8k.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 17:12:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 51867
x-xss-protection: 0
server: cafe
etag: 5529740501663637273
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 04 Jan 2022 17:12:45 GMT

GET
H2 200 adtags.js Show response
papayads.net/self/clnt/1013-1112/ 32 KB
5 KB 378ms
345ms Script
application/javascript 2606:4700:3037::6815:135b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://papayads.net/self/clnt/1013-1112/adtags.js
Requested by: Host: www.4k8k.xyz
URL: http://www.4k8k.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:135b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f0becff07a758ca2af13bd23de50285896df7294dcdaed3a1624105ffc5e4c38

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.4k8k.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 17:12:45 GMT
content-encoding: br
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=41596
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Mon, 03 Jan 2022 15:11:03 GMT
server: cloudflare
etag: W/"a27c-5d4aeeddd5685"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3uXdGXttC7Fvib%2FfpVDn16jJ6yYNxr4%2BWNv1TsDycOcjJDqfgCkuVyEOLJF91QJWoXbO%2BZdKyDR9RlsdqYISFPzMglqUOuxRz2DoDLQ6TO6zJOQjCoS3i9bmjUy3A89ZNvFJxh1HS87T9Tg%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 6c8617f3dd94692b-FRA
cf-bgj: minify

GET
H/1.1 200
OK bootstrap.css
www.4k8k.xyz/css/ 107 KB
22 KB 27ms
27ms Stylesheet
text/css 2606:4700:3036::6815:456b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://www.4k8k.xyz/css/bootstrap.css
Requested by: Host: www.4k8k.xyz
URL: http://www.4k8k.xyz/
Protocol: HTTP/1.1
Server: 2606:4700:3036::6815:456b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dc9735c5845867337a8fd01a6fdef5d8d12aa14d35eebb9104de461ef02030c5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.4k8k.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Tue, 04 Jan 2022 17:12:45 GMT
content-encoding: gzip
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 22641
Transfer-Encoding: chunked
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Mon, 11 Jan 2021 22:00:56 GMT
Server: cloudflare
vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ieUx74ODQRslEszSi%2FkaZD%2FwHfpzydUA4U3m%2BfwW6ep44MEGI3KA2HKNNX6JL9R5C4WxE%2FLQr1XBsq3RsZDN8mQ4XR9A2dLEvjdO9u%2BTZUHwyho8v2I2vhoa14G4FHIuEXZ9YnTXPJ95fKQ%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: text/css;charset=UTF-8
cache-control: max-age=43200
CF-RAY: 6c8617f39f3f1776-FRA
expires: Tue, 04 Jan 2022 22:55:24 GMT

GET
H/1.1 200
OK style.css
www.4k8k.xyz/css/ 6 KB
3 KB 28ms
22ms Stylesheet
text/css 2606:4700:3036::6815:456b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://www.4k8k.xyz/css/style.css
Requested by: Host: www.4k8k.xyz
URL: http://www.4k8k.xyz/
Protocol: HTTP/1.1
Server: 2606:4700:3036::6815:456b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a2a49cd0233e350b9a97660c6f5112eda02f482168f4f08ac4612d53583db996

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.4k8k.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Tue, 04 Jan 2022 17:12:45 GMT
content-encoding: gzip
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 22641
Transfer-Encoding: chunked
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Tue, 26 Jan 2021 23:03:10 GMT
Server: cloudflare
vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qniNn7hUPAJIdfgR3Ac6baCvAfesCXYYJtu8XhbmzC81EPSV2TM54TO%2FmnuDYzPz6zn99hHUj3Ow6rpvt8NcsDNHTpus9yCN%2FFu5aOWhAUSTEfWBqpApWslknIHHBC2vTdqF84eTV5A46G0%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: text/css;charset=UTF-8
cache-control: max-age=43200
CF-RAY: 6c8617f39d858b96-FRA
expires: Tue, 04 Jan 2022 22:55:24 GMT

GET
H/1.1 200
OK css.css
www.4k8k.xyz/css/ 2 KB
1 KB 29ms
23ms Stylesheet
text/css 2606:4700:3036::6815:456b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://www.4k8k.xyz/css/css.css
Requested by: Host: www.4k8k.xyz
URL: http://www.4k8k.xyz/
Protocol: HTTP/1.1
Server: 2606:4700:3036::6815:456b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5ca8b6d2614de2a82616dfe7e6236f94fe26ae0c8c61a8f9387aaf94c778b463

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.4k8k.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Tue, 04 Jan 2022 17:12:45 GMT
content-encoding: gzip
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 31241
Transfer-Encoding: chunked
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Mon, 11 Jan 2021 22:01:00 GMT
Server: cloudflare
vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YqIjUV4VecU2%2BvFcHjGK12ocYNsntdMWlzslR%2FnOX3SvD3pIwos%2BNupv%2FnB44usnlz%2BKJ9RcpwjtxiXytLXdFAvrl2r7kHepWhWbOpp6m9xzlu4JrPhsoZnUrDaprQGExCyywzRjhosIHG0%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: text/css;charset=UTF-8
cache-control: max-age=43200
CF-RAY: 6c8617f39ced692b-FRA
expires: Tue, 04 Jan 2022 20:32:04 GMT

GET
H/1.1 200
OK jquery.min.js Show response
www.4k8k.xyz/js/ 82 KB
33 KB 33ms
28ms Script
application/javascript 2606:4700:3036::6815:456b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://www.4k8k.xyz/js/jquery.min.js
Requested by: Host: www.4k8k.xyz
URL: http://www.4k8k.xyz/
Protocol: HTTP/1.1
Server: 2606:4700:3036::6815:456b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ab0d063b4ff2827192c0e44103d3091457a1d2374c3b6243721c5679bb61eae2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.4k8k.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Tue, 04 Jan 2022 17:12:45 GMT
content-encoding: gzip
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 31996
Transfer-Encoding: chunked
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Sun, 04 Aug 2019 20:54:46 GMT
Server: cloudflare
vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FdKf%2F2%2BxhcP2LAjmorhsIdXn%2BcCSM9Bc%2B3ByPnTxynp3M9YG12pkWk8v53VLHse7YJJPl8oxWnK4c%2FaI5LA3abWLgdmDHzNKbKlBFiffvrlDXs2AK77jrpOs%2BOXUj5EwMfgVB27IlTGAR4k%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript;charset=UTF-8
cache-control: max-age=43200
CF-RAY: 6c8617f39bf82bad-FRA
expires: Tue, 04 Jan 2022 20:19:29 GMT

GET
H/1.1 200
OK email-decode.min.js Show response
www.4k8k.xyz/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
1 KB 24ms
18ms Script
application/javascript 2606:4700:3036::6815:456b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

http://www.4k8k.xyz/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: www.4k8k.xyz
URL: http://www.4k8k.xyz/

Protocol

HTTP/1.1

Server

2606:4700:3036::6815:456b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.4k8k.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Tue, 04 Jan 2022 17:12:45 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Sun, 26 Dec 2021 13:15:20 GMT
Server: cloudflare
ETag: W/"61c86ae8-4d7"
X-Frame-Options: DENY
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WJ4qcIxQo5ox%2FALn7R1aYTkTjO6ldPwcxlWugCGZpLA%2BhFs1ccTW6LX07wsfk%2BksWuWAJ3siwwAG1xCGtlbAW3XZiRQLRdf%2FGvMZnSv%2BerKeb74zvSge2RE7IQxM0nWuJBoMjLq6MeHionw%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript
Cache-Control: max-age=172800, public
CF-RAY: 6c8617f39a617039-FRA
Expires: Thu, 06 Jan 2022 17:12:45 GMT

GET
H/1.1 200
OK hm.js Show response
hm.baidu.com/ 35 KB
13 KB 1350ms
327ms Script
application/javascript 103.235.46.191
BAIDU Beijing Bai...

General

Check archive.org

Show headers Download Go to

Full URL

https://hm.baidu.com/hm.js?1d3747cc5d2651b9ecf7f427156bbe34

Requested by

Host: www.4k8k.xyz
URL: http://www.4k8k.xyz/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),

Reverse DNS

Software

apache /

Resource Hash

6250b248f76811db2ba2882dbf7b7f4fceb79939f0caf532db1e0d24073c6dc5

Security Headers

Name	Value
Strict-Transport-Security	max-age=172800

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.4k8k.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Tue, 04 Jan 2022 17:12:46 GMT
Content-Encoding: gzip
Server: apache
Etag: 2a43291a99eba5f36556affb87119f5b
Strict-Transport-Security: max-age=172800
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Cache-Control: max-age=0, must-revalidate
Content-Type: application/javascript
Content-Length: 12933

GET
H2 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202112060101/ 276 KB
100 KB 33ms
32ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202112060101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8705509105161355&plah=www.4k8k.xyz

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8705509105161355

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1037f1e0d1ae470df705a7179a41aa2c969aec5ff56771a7438edc74fc46a9f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.4k8k.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 17:12:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 101736
x-xss-protection: 0
server: cafe
etag: 6975236974516728872
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 04 Jan 2022 17:12:45 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20211207/r20190131/ Frame 2801 11 KB
5 KB 29ms
6ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20211207/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8705509105161355

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d853164105815c3ea423a95f095ee531f547ff1e12fba56a80be0f712c62929e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://www.4k8k.xyz/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Mon, 03 Jan 2022 18:37:20 GMT
expires: Mon, 17 Jan 2022 18:37:20 GMT
content-type: text/html; charset=UTF-8
etag: 17731914101004188133
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4884
x-xss-protection: 0
age: 81325
cache-control: public, max-age=1209600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H2 204 collect
www.google-analytics.com/g/ 0
346 B 35ms
13ms Ping
text/plain 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-0PD9QC2HVB&gtm=2oec10&_p=438854099&sr=1600x1200&ul=en-us&cid=276829651.1641316365&_s=1&dl=http%3A%2F%2Fwww.4k8k.xyz%2F&dt=%E7%A8%8B%E5%BA%8F%E5%91%98%E8%B5%84%E6%96%99&sid=1641316365&sct=1&seg=0&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-0PD9QC2HVB
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://www.4k8k.xyz/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 04 Jan 2022 17:12:45 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: http://www.4k8k.xyz
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 212 B
643 B 79ms
16ms Script
text/javascript 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.4k8k.xyz&callback=_gfp_s_&client=ca-pub-8705509105161355

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202112060101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8705509105161355&plah=www.4k8k.xyz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

94173610f20b407393b263e854b3947d670b28a9a7da3b5a6be2f6dd3694912a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.4k8k.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 17:12:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 198
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.co.uk/adsid/ 107 B
792 B 64ms
15ms Script
application/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.co.uk/adsid/integrator.js?domain=www.4k8k.xyz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.4k8k.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 04 Jan 2022 17:12:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 53ms
16ms Script
application/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.4k8k.xyz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.4k8k.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 04 Jan 2022 17:12:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame D61D 161 KB
43 KB 371ms
356ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8705509105161355&output=html&adk=1812271804&adf=3025194257&lmt=1641316365&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=http%3A%2F%2Fwww.4k8k.xyz%2F&ea=0&flash=0&pra=5&wgl=1&dt=1641316365443&bpp=3&bdt=95&idt=77&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=978902132689&frm=20&pv=2&ga_vid=276829651.1641316365&ga_sid=1641316366&ga_hid=438854099&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063859%2C31063247&oid=2&pvsid=3198287763256968&pem=400&tmod=48&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=1&uci=a!1&fsb=1&dtd=89

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

101ca499126798c16415d9649b1d4f8c036220129aecce42879f0a94ee4539e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://www.4k8k.xyz/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Tue, 04 Jan 2022 17:12:45 GMT
server: cafe
content-length: 43539
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Tue, 04 Jan 2022 17:12:45 GMT
cache-control: private

GET
H3 200 integrator.js Show response
adservice.google.co.uk/adsid/ 107 B
122 B 34ms
18ms Script
application/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.co.uk/adsid/integrator.js?domain=www.4k8k.xyz

Requested by

Host: papayads.net
URL: https://papayads.net/self/clnt/1013-1112/adtags.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.4k8k.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 04 Jan 2022 17:12:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 30ms
16ms Script
application/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.4k8k.xyz

Requested by

Host: papayads.net
URL: https://papayads.net/self/clnt/1013-1112/adtags.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.4k8k.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 04 Jan 2022 17:12:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 adtags.css
papayads.net/self/common/ 691 B
960 B 71ms
57ms Stylesheet
text/css 2606:4700:3037::6815:135b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://papayads.net/self/common/adtags.css
Requested by: Host: papayads.net
URL: https://papayads.net/self/clnt/1013-1112/adtags.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:135b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: de00b122423f369d5a67387814115e72e9712f9d86da43b9719991eb1008a88d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.4k8k.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 17:12:45 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 7178
cf-polished: origSize=972
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Tue, 21 Sep 2021 17:21:25 GMT
server: cloudflare
etag: W/"3cc-5cc84a098593b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zPPOW1mkRTbTvZCngFD4nXMDcN%2FYa0BxtX3dG7IsHpfWowNayCi9CnuRmerKJ4mnl%2FstebZXa3C%2BedeffRuTvUuwyt7QBg6RDlir1HbHPRZopi6VAD1WMIZDFoPOcn14%2Bm2lPUbB3zas0nA%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 6c8617f61a734e3e-FRA
cf-bgj: minify

GET
H/1.1 200
OK hb_313926_12692.js Show response
player.adtcdn.com/prebidlink/455921/ 330 KB
102 KB 35ms
17ms Script
application/javascript 2606:4700:3037::6815:3471
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://player.adtcdn.com/prebidlink/455921/hb_313926_12692.js
Requested by: Host: papayads.net
URL: https://papayads.net/self/clnt/1013-1112/adtags.js
Protocol: HTTP/1.1
Server: 2606:4700:3037::6815:3471 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 66b4785335fee7e1ee6365b4d57f9b5671703a6b88a14f64468d722bcd0262e5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.4k8k.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Tue, 04 Jan 2022 17:12:45 GMT
content-encoding: gzip
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 445
Transfer-Encoding: chunked
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Sat, 25 Dec 2021 19:58:28 GMT
Server: cloudflare
etag: W/"61c777e4-527ea"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Mg6aSGk4Jisciw6OdYF%2B6i9elDTCpXIQsujj%2FFJ7getPgeDH7wBG6lciMSIZpPWeR5VCIPnWm7oS8WpeEbP8o2VzyigoScv0404H8G6pArBRc47HhNyxszT2jIsyKBQiwEtwbCBfpbV6SG91yEiZuA%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript
cache-control: max-age=345600
CF-RAY: 6c8617f61b9b8b96-FRA
expires: Tue, 04 Jan 2022 17:20:20 GMT

GET
H2

200

gpt.js Show response
securepubads.g.doubleclick.net/tag/js/
Redirect Chain

http://securepubads.g.doubleclick.net/tag/js/gpt.js
https://securepubads.g.doubleclick.net/tag/js/gpt.js

78 KB
27 KB

41ms
19ms

Script
text/javascript

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.4k8k.xyz
URL: http://www.4k8k.xyz/

Protocol

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

sffe /

Resource Hash

33c7755e8b80e74dceea798df724a24b50b5c3d6208f6facc080735f6e468f92

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.4k8k.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 17:12:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1091 / 926 of 1000 / last-modified: 1641313179"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 26896
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Tue, 04 Jan 2022 17:12:45 GMT

Redirect headers

Date: Tue, 04 Jan 2022 17:09:24 GMT
X-Content-Type-Options: nosniff
Server: sffe
Age: 201
Content-Type: text/html; charset=UTF-8
Location: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Cache-Control: public, max-age=1800
Content-Length: 249
X-XSS-Protection: 0
Expires: Tue, 04 Jan 2022 17:39:24 GMT

GET
H/1.1 200
OK wrapper_hb_313926_12692.js Show response
player.adtcdn.com/prebidlink/455921/ 1 KB
1 KB 62ms
44ms Script
application/javascript 2606:4700:3037::6815:3471
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://player.adtcdn.com/prebidlink/455921/wrapper_hb_313926_12692.js
Requested by: Host: papayads.net
URL: https://papayads.net/self/clnt/1013-1112/adtags.js
Protocol: HTTP/1.1
Server: 2606:4700:3037::6815:3471 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3f83665abf5c39a4fd6182bc8218c1a091bd71ac631354493de5ff119ee6fa0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.4k8k.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Tue, 04 Jan 2022 17:12:45 GMT
content-encoding: gzip
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 445
Transfer-Encoding: chunked
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Mon, 03 Jan 2022 18:35:42 GMT
Server: cloudflare
etag: W/"61d341fe-41f"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aPS9d%2Bg3hNzd7%2FUdtVdtMdiKjMoSYprEbtr2KRuLZ%2B6tg4B7a34sI%2Bz04tRnyNEkozuytnIJLx2F70WXrxL%2BVWZC%2BZewqZcEzz65Wg6KuWWgS1JNOr5Am3tIvYGTSs24Br81tWpnqsbAZ1ugzCgjyw%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript
cache-control: max-age=345600
CF-RAY: 6c8617f61d88691f-FRA
expires: Tue, 04 Jan 2022 17:20:19 GMT

GET
H2

200

js Show response
googletagmanager.com/gtag/
Redirect Chain

http://googletagmanager.com/gtag/js?id=G-28FYVDFLZ1
https://googletagmanager.com/gtag/js?id=G-28FYVDFLZ1

163 KB
61 KB

42ms
20ms

Script
application/javascript

2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googletagmanager.com/gtag/js?id=G-28FYVDFLZ1

Requested by

Host: www.4k8k.xyz
URL: http://www.4k8k.xyz/

Protocol

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

8efff2d50d7174df851ad97f32145e5aff83173c342d10ac298f6c337a1b6078

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.4k8k.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 17:12:45 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 61776
x-xss-protection: 0
expires: Tue, 04 Jan 2022 17:12:45 GMT

Redirect headers

Location: https://googletagmanager.com/gtag/js?id=G-28FYVDFLZ1
Date: Tue, 04 Jan 2022 17:12:45 GMT
Cross-Origin-Resource-Policy: cross-origin
Server: Google Tag Manager
Content-Length: 249
X-XSS-Protection: 0
Content-Type: text/html; charset=UTF-8

GET
H3

200

js Show response
www.googletagmanager.com/gtag/
Redirect Chain

http://www.googletagmanager.com/gtag/js?id=G-28FYVDFLZ1&l=dataLayer&cx=c
https://www.googletagmanager.com/gtag/js?id=G-28FYVDFLZ1&l=dataLayer&cx=c

163 KB
60 KB

38ms
23ms

Script
application/javascript

2a00:1450:4001:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-28FYVDFLZ1&l=dataLayer&cx=c

Requested by

Host: www.4k8k.xyz
URL: http://www.4k8k.xyz/

Protocol

Server

2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f7e36640aa113de1f175df3b766701d50a0060c0149011bc9278ffd1f5c7f334

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.4k8k.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 17:12:45 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 61823
x-xss-protection: 0
expires: Tue, 04 Jan 2022 17:12:45 GMT

Redirect headers

Location: https://www.googletagmanager.com/gtag/js?id=G-28FYVDFLZ1&l=dataLayer&cx=c
Non-Authoritative-Reason: HSTS

GET
H/1.1 200
OK mem8yags126mizpba-ufvz0b.woff2
www.4k8k.xyz/fonts/ 14 KB
15 KB 18ms
18ms Font
font/woff2 2606:4700:3036::6815:456b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://www.4k8k.xyz/fonts/mem8yags126mizpba-ufvz0b.woff2
Requested by: Host: www.4k8k.xyz
URL: http://www.4k8k.xyz/css/css.css
Protocol: HTTP/1.1
Server: 2606:4700:3036::6815:456b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 159413a4b8750494bbb5e668402c7298f1669e8bac8d9d8d250069026a988313

Request headers

Referer: http://www.4k8k.xyz/css/css.css
Origin: http://www.4k8k.xyz
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Tue, 04 Jan 2022 17:12:45 GMT
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 6042
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
Content-Length: 14048
last-modified: Mon, 11 Jan 2021 21:31:24 GMT
Server: cloudflare
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=c5ciifutuuwfyaPkNRtypCVT7v9mfl6S%2BVNIKBahr6rlNjwyPYGX72nKWu87k6r%2BwDhtZQLKfaOjcXNJ2XeJrR3gy5InAzutd4jJEy2I5%2FwiVc9JFRlqGi5AL9yrF%2FGOWisWUYvC2KfTtsA%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: font/woff2;charset=UTF-8
access-control-allow-origin: http://www.4k8k.xyz
Cache-Control: max-age=14400
access-control-allow-credentials: true
Accept-Ranges: bytes
CF-RAY: 6c8617f608e52bad-FRA

GET
H2

200

hbw_master_313926_12692.js Show response
player.adtelligent.com/prebidlink/455921/
Redirect Chain

http://player.adtelligent.com/prebidlink/455921/hbw_master_313926_12692.js
https://player.adtelligent.com/prebidlink/455921/hbw_master_313926_12692.js

141 KB
28 KB

31ms
6ms

Script
application/javascript

45.133.44.4
ATT-INTERNET4

General

Check archive.org

Show headers Download Go to

Full URL: https://player.adtelligent.com/prebidlink/455921/hbw_master_313926_12692.js
Requested by: Host: www.4k8k.xyz
URL: http://www.4k8k.xyz/
Protocol: H2
Server: 45.133.44.4 Philadelphia, United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS
Software: nginx /
Resource Hash: 35d6d73eec5b9cc5739d5d4c1d045fc691fd0c7bd527761ece95dc92839f3b09

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.4k8k.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 17:12:45 GMT
content-encoding: gzip
last-modified: Mon, 03 Jan 2022 18:35:42 GMT
server: nginx
etag: W/"61d341fe-23245"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
expires: Tue, 04 Jan 2022 18:12:45 GMT
cache-control: max-age=3600
x-proxy-cache: HIT

Redirect headers

Location: https://player.adtelligent.com/prebidlink/455921/hbw_master_313926_12692.js
Non-Authoritative-Reason: HSTS

POST
H3 204 collect
www.google-analytics.com/g/ 0
17 B 28ms
14ms Ping
text/plain 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-28FYVDFLZ1&gtm=2oec10&_p=438854099&sr=1600x1200&ul=en-us&cid=276829651.1641316365&_s=1&dl=http%3A%2F%2Fwww.4k8k.xyz%2F&dt=%E7%A8%8B%E5%BA%8F%E5%91%98%E8%B5%84%E6%96%99&sid=1641316365&sct=1&seg=0&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: http://www.googletagmanager.com/gtag/js?id=G-28FYVDFLZ1&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://www.4k8k.xyz/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 04 Jan 2022 17:12:45 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: http://www.4k8k.xyz
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 pubads_impl_2021120601.js Show response
securepubads.g.doubleclick.net/gpt/ 348 KB
117 KB 37ms
23ms Script
text/javascript 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Requested by

Host: securepubads.g.doubleclick.net
URL: http://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

sffe /

Resource Hash

2d5ae5a515a688823dc98d032242c2ed6f490a74c4281bdd599567898f9fa675

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.4k8k.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 17:12:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 119476
x-xss-protection: 0
last-modified: Mon, 06 Dec 2021 09:34:20 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Tue, 04 Jan 2022 17:12:45 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 113 B
120 B 33ms
18ms XHR
application/json 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.4k8k.xyz

Requested by

Host: securepubads.g.doubleclick.net
URL: http://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

09d680df9435218ae5d842467aeddb4f64508b54c9d9ddf1f75c0c9cc957af9f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.4k8k.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 04 Jan 2022 17:12:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 95
x-xss-protection: 0
expires: Tue, 04 Jan 2022 17:12:45 GMT

GET
H/1.1 200
OK / Show response
ghb.adtelligent.com/geo/ 127 B
374 B 101ms
19ms XHR
application/json 2a0c:5c81:5142::2
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://ghb.adtelligent.com/geo/
Requested by: Host: player.adtelligent.com
URL: http://player.adtelligent.com/prebidlink/455921/hbw_master_313926_12692.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: VertaMedia 1.0 /
Resource Hash: ca75d5b16e7d333d0004cde301e865d4aaf5675e33f6ed8d3525de6635c1c6a6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.4k8k.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Access-Control-Allow-Origin: http://www.4k8k.xyz
Date: Tue, 04 Jan 2022 17:12:45 GMT
Access-Control-Allow-Credentials: true
Server: VertaMedia 1.0
Connection: Keep-Alive
Content-Length: 127
Content-Type: application/json

GET
H/1.1 200
OK tracking Show response
ghb.adtelligent.com/adunit/ 43 B
413 B 102ms
20ms XHR
image/gif 2a0c:5c81:5142::2
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://ghb.adtelligent.com/adunit/tracking?event=11&type=0&client_id=313926&site_id=12692&full_page_url=http%3A%2F%2Fwww.4k8k.xyz%2F&adid=0ddx6h.lr&features=0&vpbv=N040&lifecycle_tte=1009
Requested by: Host: player.adtelligent.com
URL: http://player.adtelligent.com/prebidlink/455921/hbw_master_313926_12692.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: VertaMedia 1.0 /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.4k8k.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Access-Control-Allow-Origin: http://www.4k8k.xyz
Date: Tue, 04 Jan 2022 17:12:45 GMT
Access-Control-Allow-Credentials: true
Server: VertaMedia 1.0
Connection: Keep-Alive
Content-Length: 43
Content-Type: image/gif

GET
H3 200 reactive_library_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202112060101/ 149 KB
53 KB 28ms
28ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202112060101/reactive_library_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

dbea79f2df0b90afb4a54efb447d86eeb387be30ca8387fb69b069a46ae4896a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.4k8k.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 17:12:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 54388
x-xss-protection: 0
server: cafe
etag: 7489837695308457557
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Tue, 04 Jan 2022 17:12:45 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame FE05 32 KB
13 KB 746ms
746ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8705509105161355&output=html&h=280&adk=594683318&adf=3056025636&pi=t.aa~a.299964388~rp.4&w=350&fwrn=4&fwrnh=100&lmt=1641316365&rafmt=1&to=qs&pwprc=3717380529&psa=0&format=350x280&url=http%3A%2F%2Fwww.4k8k.xyz%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1641316365933&bpp=2&bdt=584&idt=2&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc525264f51e0a682-22a1352d15cd0034%3AT%3D1641316365%3ART%3D1641316365%3AS%3DALNI_MYhi7IBg97Vm3njujZ0F72d1rLQzQ&prev_fmts=0x0&nras=2&correlator=978902132689&frm=20&pv=1&ga_vid=276829651.1641316365&ga_sid=1641316366&ga_hid=438854099&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1005&ady=1374&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063859%2C31063247&oid=2&pvsid=3198287763256968&pem=400&tmod=48&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=UmpzC4cEbY&p=http%3A//www.4k8k.xyz&dtd=12

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b261fc850bdb63a15c5fed88e38d232500d9c483ec5777afdee2f39a67f53be3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://www.4k8k.xyz/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Tue, 04 Jan 2022 17:12:46 GMT
server: cafe
content-length: 13002
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Tue, 04 Jan 2022 17:12:46 GMT
cache-control: private

GET
H3 200 integrator.js Show response
adservice.google.co.uk/adsid/ 107 B
122 B 16ms
16ms Script
application/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.co.uk/adsid/integrator.js?domain=www.4k8k.xyz

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.4k8k.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 04 Jan 2022 17:12:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 16ms
16ms Script
application/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.4k8k.xyz

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.4k8k.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 04 Jan 2022 17:12:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20211207/r20110914/ Frame BEEF 11 KB
5 KB 7ms
6ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20211207/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d853164105815c3ea423a95f095ee531f547ff1e12fba56a80be0f712c62929e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://www.4k8k.xyz/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Mon, 03 Jan 2022 19:07:16 GMT
expires: Mon, 17 Jan 2022 19:07:16 GMT
content-type: text/html; charset=UTF-8
etag: 17731914101004188133
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4884
x-xss-protection: 0
age: 79529
cache-control: public, max-age=1209600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 config.json Show response
player.adtelligent.com/exchange_rates/313925/ 6 KB
3 KB 22ms
7ms XHR
application/json 45.133.44.4
ATT-INTERNET4

General

Check archive.org

Show headers Download Go to

Full URL: https://player.adtelligent.com/exchange_rates/313925/config.json?cb=http%3A%2F%2Fwww.4k8k.xyz%2F
Requested by: Host: player.adtcdn.com
URL: http://player.adtcdn.com/prebidlink/455921/hb_313926_12692.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.4 Philadelphia, United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS
Software: nginx /
Resource Hash: a4e4d0fdb133716022916f2cfcabfcb3b38dea7053404f16f19c535ece04f48b

Request headers

Referer: http://www.4k8k.xyz/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 04 Jan 2022 17:12:46 GMT
content-encoding: gzip
last-modified: Tue, 04 Jan 2022 12:02:26 GMT
server: nginx
etag: W/"61d43752-19a0"
content-type: application/json
access-control-allow-origin: http://www.4k8k.xyz
expires: Tue, 04 Jan 2022 18:12:46 GMT
cache-control: max-age=3600
x-proxy-cache: HIT

GET
H2 200 22377623070 Show response
fundingchoicesmessages.google.com/i/ 80 KB
28 KB 58ms
35ms Script
application/javascript 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/i/22377623070?ers=3

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f2d6839593a501d1337612b8c883c655a4609a5a865031249f05b8c9a0fa6c75

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-puIy1R+h2fFy08xjVNTNEQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'nonce-puIy1R+h2fFy08xjVNTNEQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.4k8k.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-puIy1R+h2fFy08xjVNTNEQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'nonce-puIy1R+h2fFy08xjVNTNEQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server: ESF
cross-origin-opener-policy: same-origin
date: Tue, 04 Jan 2022 17:12:46 GMT
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-resource-policy: cross-origin
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-xss-protection: 0
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK csyncs Show response
ghb.adtelligent.com/ 572 B
611 B 20ms
19ms XHR
application/json 2a0c:5c81:5142::2
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://ghb.adtelligent.com/csyncs?aid1=681210&aid2=681211
Requested by: Host: player.adtelligent.com
URL: http://player.adtelligent.com/prebidlink/455921/hbw_master_313926_12692.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: VertaMedia 1.0 /
Resource Hash: ef471ae87ab2e7f3a54fead5fa77407cd7e2eb3ad9938dd91ecbec3cca433ef8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.4k8k.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Tue, 04 Jan 2022 17:12:45 GMT
Content-Encoding: gzip
Server: VertaMedia 1.0
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: http://www.4k8k.xyz
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Content-Length: 325

GET
H2 200 css2
fonts.googleapis.com/ Frame BEEF 4 KB
1 KB 39ms
15ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ab7475d461d9f613ef90faa375ec3387987dd7536af23c13cacd6be9c0c0e370

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 04 Jan 2022 16:13:03 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 04 Jan 2022 17:12:46 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 04 Jan 2022 17:12:46 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame BEEF 205 B
744 B 29ms
7ms Image
image/png 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 02 Jan 2022 02:17:40 GMT
x-content-type-options: nosniff
age: 226506
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 205
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Mon, 02 Jan 2023 02:17:40 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame BEEF 604 B
695 B 30ms
7ms Image
image/png 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 03 Jan 2022 20:32:52 GMT
x-content-type-options: nosniff
age: 74394
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 604
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Tue, 03 Jan 2023 20:32:52 GMT

GET
H2 200 interstitial_ad_frame_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/elements/html/ Frame BEEF 19 KB
9 KB 29ms
6ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/elements/html/interstitial_ad_frame_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bc7731959f24eb86dc0127adfa88c91e71d68b5a0c958dae09aab1b34438256c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 16:55:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1041
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8346
x-xss-protection: 0
server: cafe
etag: 3177319193432224586
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 18 Jan 2022 16:55:25 GMT

GET

csync
sync.adtelligent.com/ Frame D853
Redirect Chain

http://csync.loopme.me/?redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D319130%26extuid%3D%7Bdevice_id%7D
https://sync.adtelligent.com/csync?t=a&ep=319130&extuid=9a4b8b79-ae1c-47a3-a090-c95a4d8aa9d6

0
0

GET csync
sync.adtelligent.com/ 0
0

GET
H2 204 match
dm.hybrid.ai/ 0
238 B 144ms
47ms Image
text/plain 37.18.16.21
HYBRID-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dm.hybrid.ai/match?id=186&burl=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D324902%26extuid%3D%24%7BVID%7D

Requested by

Host: www.4k8k.xyz
URL: http://www.4k8k.xyz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

37.18.16.21 , Russian Federation, ASN205675 (HYBRID-AS, RU),

Reverse DNS

Software

Hybrid Web Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.4k8k.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 04 Jan 2022 17:12:46 GMT
server: Hybrid Web Server
p3p: CP="NOI DSP COR CUR ADMa DEVo TAIo PSAo PSDo IVAo IVDo OUR IND COM NAV INT STA OTC"
access-control-allow-origin: *
cache-control: no-cache, no-store
x-mode: 127
x-xss-protection: 1; mode=block
expires: -1

GET
H3 200 css
fonts.googleapis.com/ Frame AB1E 2 KB
513 B 30ms
16ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e2f43f6b7ddbd421caa2f283b114e810e158b5ed13d7fd35884b299303f3b464

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 04 Jan 2022 16:53:40 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 04 Jan 2022 17:12:46 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 04 Jan 2022 17:12:46 GMT

GET
H3 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/ Frame AB1E 1 KB
880 B 24ms
6ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b4a25f11fbb1e2b547eaf848472f9c048824e307a945f3a0417aac7b09d0456e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 16:54:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1121
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 853
x-xss-protection: 0
server: cafe
etag: 7170004918125193417
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 18 Jan 2022 16:54:05 GMT

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/ Frame AB1E 19 KB
8 KB 24ms
8ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d9955b485ec10339d863941175c02572657bf9d4f6c5fa2e5603e7d803c1b8cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 17:09:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 177
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7876
x-xss-protection: 0
server: cafe
etag: 5333878705136318229
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 18 Jan 2022 17:09:49 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/ Frame AB1E 2 KB
1 KB 25ms
9ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 17:09:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 169
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1332
x-xss-protection: 0
server: cafe
etag: 3351516697335751560
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 18 Jan 2022 17:09:57 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame AB1E 119 KB
37 KB 67ms
29ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

87f7f86b17eacf56e623a69be05e5f5487470d6b30347efe12742aefa3f5af48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 17:12:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37305
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1638461285297402"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 04 Jan 2022 17:12:46 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/ Frame AB1E 15 KB
6 KB 23ms
7ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ffb89f1f1fa54e822805cddf1f6ec0492cd8b806b36a921eda855241d1eee914

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 17:11:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 61
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6464
x-xss-protection: 0
server: cafe
etag: 15715955993838318253
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 18 Jan 2022 17:11:45 GMT

GET
H3 200 6d065ef8aad4e53a06604e1059b7b7b3.js Show response
www.gstatic.com/mysidia/ Frame AB1E 27 KB
11 KB 23ms
7ms Script
text/javascript 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/6d065ef8aad4e53a06604e1059b7b7b3.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b138f0b28fe44581bebb03d0ff7046e4f8416deeb5d152ede640eaa3dc1c7872

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 03 Jan 2022 22:16:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 68167
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11408
x-xss-protection: 0
last-modified: Mon, 06 Dec 2021 07:52:38 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 03 Apr 2022 22:16:39 GMT

POST
H3 204 AGSKWxVTh2C-z-J7ujtGmJ9PofKu-zR0iYq265aecJvZdPvXHGuJAiQlcz4bepLsBAkmJVcobmcQYoCxyRE6TLg7xsg= Show response
fundingchoicesmessages.google.com/el/ 0
27 B 33ms
19ms XHR
text/html 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxVTh2C-z-J7ujtGmJ9PofKu-zR0iYq265aecJvZdPvXHGuJAiQlcz4bepLsBAkmJVcobmcQYoCxyRE6TLg7xsg=?pvid=F86213F1-F920-4DF9-B085-A3EB58780CE6&anonid=A50631D9-7F04-4763-BCC3-7776294EF135

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.KLc8KbJV95Q.es5.O/d=1/rs=AJlcJMwJqmdDiwK4nS6at5D4r4_xZPDaSg/m=kernel_loader,loader_js_executable

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-1qpvo467UETxW9lG0tLFNw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-1qpvo467UETxW9lG0tLFNw' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: http://www.4k8k.xyz/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 04 Jan 2022 17:12:46 GMT
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
access-control-max-age: 86400
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: ESF
cross-origin-opener-policy: same-origin; report-to="ContributorLoggingHttp"
x-frame-options: SAMEORIGIN
report-to: {"group":"ContributorLoggingHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorLoggingHttp/external"}]}
content-type: text/html; charset=utf-8
access-control-allow-origin: http://www.4k8k.xyz
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-1qpvo467UETxW9lG0tLFNw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-1qpvo467UETxW9lG0tLFNw' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 AGSKWxWftSp985Lx48u0GaHnRQRiX1TSnCvhxEjB_jOOcW7YUkYVP0lhre_rhAL1jLTDjlLtkEjkrGIX820CiSXMhso= Show response
fundingchoicesmessages.google.com/f/ 275 KB
52 KB 65ms
51ms Script
application/javascript 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxWftSp985Lx48u0GaHnRQRiX1TSnCvhxEjB_jOOcW7YUkYVP0lhre_rhAL1jLTDjlLtkEjkrGIX820CiSXMhso=?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjQxMzE2MzY2LDExMjAwMDAwMF0sIkY4NjIxM0YxLUY5MjAtNERGOS1CMDg1LUEzRUI1ODc4MENFNiIsIkE1MDYzMUQ5LTdGMDQtNDc2My1CQ0MzLTc3NzYyOTRFRjEzNSIsbnVsbCxbbnVsbCxbN11dLCJodHRwOi8vd3d3LjRrOGsueHl6LyIsbnVsbCxbXV0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5113c00934648617898af9a41c0afa5c24bfe7ee5ea8bd694d67231aa729a46a

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-OdSox9lIjarldc+NXSicTA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-OdSox9lIjarldc+NXSicTA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.4k8k.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 04 Jan 2022 17:12:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-OdSox9lIjarldc+NXSicTA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-OdSox9lIjarldc+NXSicTA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame B505 143 B
163 B 6ms
6ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20211207/r20110914/zrt_lookup.html?fsb=1

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Tue, 04 Jan 2022 17:02:26 GMT
server: cafe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 620
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame B505
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
18 B

76ms
75ms

Document
text/html

2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Tue, 04 Jan 2022 17:12:46 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Tue, 04 Jan 2022 17:12:46 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Tue, 04 Jan 2022 17:12:46 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 css
fonts.googleapis.com/ 54 KB
3 KB 33ms
33ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorIabTcfV2ClientJs.de.qGwc5vvryk4.es5.O/d=1/rs=AJlcJMy2rHTiPG35qlfWY3rpjEh4R1XFNQ/m=iabtcfv2wallscript

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ac443a266063eb2f00b23e057e3630574a9664098f90124a0570dca43a264bc4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.4k8k.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 04 Jan 2022 17:12:46 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 04 Jan 2022 17:12:46 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 04 Jan 2022 17:12:46 GMT

POST
H3 204 AGSKWxWuIpehwc4erLucz0eqrcPasudHGBLX2-X54-8InbjskxKbwwAGRoOfmA_KgH93pVBdLerFbQAdIrUNcO2bKJqAU8LoDVgBkCk64J01fNNPqIkl3V4suJp2Zz_AaPpSYMeTuSUhf_ZcV1ShdYh32oE4FR1d5VjlGMbrGfob6QDCdn0KulcCJa1jT6gl Show response
fundingchoicesmessages.google.com/el/ 0
27 B 22ms
22ms XHR
text/html 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxWuIpehwc4erLucz0eqrcPasudHGBLX2-X54-8InbjskxKbwwAGRoOfmA_KgH93pVBdLerFbQAdIrUNcO2bKJqAU8LoDVgBkCk64J01fNNPqIkl3V4suJp2Zz_AaPpSYMeTuSUhf_ZcV1ShdYh32oE4FR1d5VjlGMbrGfob6QDCdn0KulcCJa1jT6gl?dmid=c4fc497e38256a5d

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-/EJvbpCDacWHxOXWdVGFow' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-/EJvbpCDacWHxOXWdVGFow' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: http://www.4k8k.xyz/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 04 Jan 2022 17:12:46 GMT
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
access-control-max-age: 86400
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: ESF
cross-origin-opener-policy: same-origin; report-to="ContributorLoggingHttp"
x-frame-options: SAMEORIGIN
report-to: {"group":"ContributorLoggingHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorLoggingHttp/external"}]}
content-type: text/html; charset=utf-8
access-control-allow-origin: http://www.4k8k.xyz
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-security-policy: script-src 'report-sample' 'nonce-/EJvbpCDacWHxOXWdVGFow' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-/EJvbpCDacWHxOXWdVGFow' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
fonts.gstatic.com/s/materialicons/v118/ 117 KB
117 KB 37ms
15ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/materialicons/v118/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5750e404dee79ec463531c5b93847bbada31f7e3c6d88bfc48d8b09b8812f543

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: http://www.4k8k.xyz
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 29 Dec 2021 23:34:46 GMT
x-content-type-options: nosniff
age: 495480
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 119540
x-xss-protection: 0
last-modified: Tue, 30 Nov 2021 20:45:01 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 29 Dec 2022 23:34:46 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v27/ 44 KB
44 KB 28ms
6ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v27/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: http://www.4k8k.xyz
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 31 Dec 2021 13:52:02 GMT
x-content-type-options: nosniff
age: 357644
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44656
x-xss-protection: 0
last-modified: Thu, 28 Oct 2021 00:30:43 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sat, 31 Dec 2022 13:52:02 GMT

GET
H3 200 U_DPXy_vflqTjVU_YutWJm0axOJE633NQGMGFEhf2s0.js Show response
pagead2.googlesyndication.com/bg/ Frame 5606 35 KB
13 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/U_DPXy_vflqTjVU_YutWJm0axOJE633NQGMGFEhf2s0.js

Requested by

Host: www.4k8k.xyz
URL: http://www.4k8k.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

53f0cf5f2fef7e5a938d553f62eb56266d1ac4e244eb7dcd40630614485fdacd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 03 Jan 2022 03:41:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 135057
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13577
x-xss-protection: 0
last-modified: Mon, 06 Dec 2021 19:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 03 Jan 2023 03:41:49 GMT

GET
H/1.1 200
OK js Show response
tags.mathtag.com/notify/ Frame 8874 2 KB
2 KB 43ms
13ms Script
application/x-javascript 185.29.132.242
MEDIAMATH-INC

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.mathtag.com/notify/js?exch=adx&s_exch=adx&id=5aW95q2jLzIzLyAvWkdJNU9UZG1PRGd0WVdZNFppMWtZVGN4TFRBd01EQXRNREF3TURBd01EQXdNREF3LzQ3NDkyNDIxNDgyODAzNjEwNS82NjIyMzI4LzQ1NjIzMDYvNC9jSVM1YzZhb2YtdFMtUVRlQVZhYlVjdk5kdGpFYkNHbkJLcGR3cXFjMy1nLzEvNC8wLzAvOTU2ODAzLzAvMjE2NTM2LzY1MTg3MS8xLzAvMC9NREF3TURBd01EQXRNREF3TUMwd01EQXdMVEF3TURBdE1EQXdNREF3TURBd01EQXcvMC8wLzAvMC8wLzQ3NDkyNDIxNDgyODAzNjEwNS96cmgvMC85NzIvNzUvOTk5LzMyMi8yYTBmOjk0NDE6MTE6Oi8wLjAwMC8xNjQxMzE2MzY2LzE2NDEzMjg5NjYvNC9wdWItODcwNTUwOTEwNTE2MTM1NS8/1xvUbOvOHEpAMCpGRlAHwsRZxQY&nodeid=115&group=zrh&auctionid=474924214828036105&shardkey=474924214828036105&sid=4562306&cid=6622328&bp=a_bgafhj&nfy_act=LD5weg&type=adm&client=c2s&bfip=185.29.132.98&3pck=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCEvyDDoDUYaSoAvK9tOUP3-SLsA7Ph46bXMCG2YLGAsCNtwEQASAAYLsGggEXY2EtcHViLTg3MDU1MDkxMDUxNjEzNTXIAQmoAwGqBLkBT9BSgV_-xdUhmDrKzc4dlvKJI6-4W_m4RQLTMFE0XSPZxvCCyEQOBGmxLORYtvAYXQpjvPbn8MSVY1jCsepQecCQF6sNbAU3M-CYVscozsQq74YrLH_nOk4zkcgpTKMnnA4DUu7yXGUKG3-QL0b6pusio-2h1sGK1y_M2qwVn9TG3Cz_NyGT8LAdp6lNBBWGlszdEzlTRuXas_bCGUiB50deuD3tSSApfBw3RzMxwIj0Ts5PjaCU2maABpPmxMWZ3fWv-gGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2-lxPRgzGQztdjLVC-Rm69k6vM1Q%26client%3Dca-pub-8705509105161355%26adurl%3D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8705509105161355&output=html&h=280&adk=594683318&adf=3056025636&pi=t.aa~a.299964388~rp.4&w=350&fwrn=4&fwrnh=100&lmt=1641316365&rafmt=1&to=qs&pwprc=3717380529&psa=0&format=350x280&url=http%3A%2F%2Fwww.4k8k.xyz%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1641316365933&bpp=2&bdt=584&idt=2&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc525264f51e0a682-22a1352d15cd0034%3AT%3D1641316365%3ART%3D1641316365%3AS%3DALNI_MYhi7IBg97Vm3njujZ0F72d1rLQzQ&prev_fmts=0x0&nras=2&correlator=978902132689&frm=20&pv=1&ga_vid=276829651.1641316365&ga_sid=1641316366&ga_hid=438854099&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1005&ady=1374&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063859%2C31063247&oid=2&pvsid=3198287763256968&pem=400&tmod=48&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=UmpzC4cEbY&p=http%3A//www.4k8k.xyz&dtd=12
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.29.132.242 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software: MMBD/3.210.4 /
Resource Hash: cfe755927a343e6ee07bc2698c77072065d6c9e80a83c1ad5f339b9477c9aee6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Tue, 04 Jan 2022 17:12:46 GMT
Content-Encoding: gzip
x-mm-bid-request-time: 1641316366
Last-Modified: Tue, 04 Jan 2022 17:12:46 GMT
Server: MMBD/3.210.4
x-mm-latency: 1 (1)
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
x-mm-dbg: Count
Cache-Control: no-cache
x-mm-host: zrh-router-x82, zrh-bidder-x14
Connection: close
Content-Type: application/x-javascript; charset=UTF-8
Expires: Tue, 04 Jan 2022 17:12:45 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/ Frame 8874 2 KB
1 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8705509105161355&output=html&h=280&adk=594683318&adf=3056025636&pi=t.aa~a.299964388~rp.4&w=350&fwrn=4&fwrnh=100&lmt=1641316365&rafmt=1&to=qs&pwprc=3717380529&psa=0&format=350x280&url=http%3A%2F%2Fwww.4k8k.xyz%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1641316365933&bpp=2&bdt=584&idt=2&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc525264f51e0a682-22a1352d15cd0034%3AT%3D1641316365%3ART%3D1641316365%3AS%3DALNI_MYhi7IBg97Vm3njujZ0F72d1rLQzQ&prev_fmts=0x0&nras=2&correlator=978902132689&frm=20&pv=1&ga_vid=276829651.1641316365&ga_sid=1641316366&ga_hid=438854099&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1005&ady=1374&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063859%2C31063247&oid=2&pvsid=3198287763256968&pem=400&tmod=48&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=UmpzC4cEbY&p=http%3A//www.4k8k.xyz&dtd=12

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 17:09:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 169
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1332
x-xss-protection: 0
server: cafe
etag: 3351516697335751560
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 18 Jan 2022 17:09:57 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 8874 119 KB
36 KB 48ms
33ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

87f7f86b17eacf56e623a69be05e5f5487470d6b30347efe12742aefa3f5af48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 17:12:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37305
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1638461285297402"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 04 Jan 2022 17:12:46 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/ Frame 8874 15 KB
6 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ffb89f1f1fa54e822805cddf1f6ec0492cd8b806b36a921eda855241d1eee914

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 17:11:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 61
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6464
x-xss-protection: 0
server: cafe
etag: 15715955993838318253
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 18 Jan 2022 17:11:45 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 8874 0
0 32ms
15ms Image
text/html 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaR6BOJD_qgq1TWVG2YoddGluzzM81e-5Be4vICPTPXmQvFXpswgNbFV3doV9WUj2xZYtviZRlUu9-XjZg74CrsF1xlLpg
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8705509105161355&output=html&h=280&adk=594683318&adf=3056025636&pi=t.aa~a.299964388~rp.4&w=350&fwrn=4&fwrnh=100&lmt=1641316365&rafmt=1&to=qs&pwprc=3717380529&psa=0&format=350x280&url=http%3A%2F%2Fwww.4k8k.xyz%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1641316365933&bpp=2&bdt=584&idt=2&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc525264f51e0a682-22a1352d15cd0034%3AT%3D1641316365%3ART%3D1641316365%3AS%3DALNI_MYhi7IBg97Vm3njujZ0F72d1rLQzQ&prev_fmts=0x0&nras=2&correlator=978902132689&frm=20&pv=1&ga_vid=276829651.1641316365&ga_sid=1641316366&ga_hid=438854099&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1005&ady=1374&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063859%2C31063247&oid=2&pvsid=3198287763256968&pem=400&tmod=48&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=UmpzC4cEbY&p=http%3A//www.4k8k.xyz&dtd=12
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 8874 0
0 47ms
46ms Fetch
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CWHoTDoDUYaSoAvK9tOUP3-SLsA7Ph46bXMCG2YLGAsCNtwEQASAAYLsGggEXY2EtcHViLTg3MDU1MDkxMDUxNjEzNTXIAQmoAwGqBLYBT9BSgV_-xdUhmDrKzc4dlvKJI6-4W_m4RQLTMFE0XSPZxvCCyEQOBGmxLORYtvAYXQpjvPbn8MSVY1jCsepQecCQF6sNbAU3M-CYVscozsQq74YrLH_nOk4zkcgpTKMnnA4DUu7yXGUKG3-QL0b6pusio-2h1sGK1y_M2qwVn9TG3Cz_NyGT8LAdp6lNBBWG1M78gZXv4uJXF75pwQguF1pKsoHnZzjIwdx36MmQ3qTs4Ffzii2ABpPmxMWZ3fWv-gGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAYAKAfoLAggBgAwB0BUBgBcBshcaChgSFHB1Yi04NzA1NTA5MTA1MTYxMzU1GAA&sigh=7r_AVtEU6aw&uach_m=[UACH]&cid=CAQSPACNIrLMAyxAPBV5_FJ4NhinbBf93zKHEh0oGDuitPjesZCTF8p_y1OrCMLtkhVNsX94MWp6A9felXeWexgB&tpd=AGWhJms9inawogs0bFOkgfSlNShdr2LtTm0jT3eL42eWiqDUICWFHEPrEl1_vIoDoEWsOibAKwth3ozb1akZcW0lH0BwbRUhzqwM0616P0iF1ZGWzvkgXgxbV1P-gRfx9KJ9tsRgVBNKssjbqalDBH6gDGFy5bOELHISXiMgIEzMhxNb2QI7GGUqot4185G90eyiJ3T3UytunqRRFmPv85mMamfZc1hfaU792Uhmum8GxlKT1cJsKo-gkFehHiOzcYzB-kFSG4wLBq8njZqxBQnaZu1gqGIMnN8ZE6DRJNYOxMUmlIpKbAgteehnIUxjIO6Jq8uQrY9J3aIY2NExngaGPaiS3lGK_eUr1ekncxOJE1KcYjItzNH6oNfgyWTEGfvlHRG_68Hfix2ujZugJUS2kMSEWJ2fRTKvcB4G5VNiAry9-GMv_IWVERooOLbyLrbc3b-t18fVqcdpjXzglt9lERgsYicYOUouTa_uEYEWzp3wjchIKlJIPlIubW5FvHR8NqpD6GcT8cy8-4eYBB9--haajVYiN90F_6oR1gFWtIrfKHyWOGAxuG-z0WSm5PAw38pxgKAhQVzVG4lSk5MSSEaN8N5Pxgri_sxycK5OdCQQPGo0Zz0MUDuV11H2XyVA3lEcbAMEOPijXlxE072hUPqEC6Y1Hi26vYyQIm98Bzcqw_xzrKBd5xYuRYCxLd9PDizCyWzvxDgnzLzOEhVKxaHbsanXneyawY2HZR-Wms95B8kwHPb9ecVO7NjceQerqg8fDnCl71H16fikb7qE-_IRkKD9yaNvt5Uf_Z4Ty3Ho0B24io62yDs-ZzjRdYgk-huIpaFoMTE1sldOH8_1tOj0KFG3N9_72aEnfz6Vv9hZEdw-8NWYdt17ioc0fHjp5V3p9aMr8xXFPKa4EVQFz-JiIdzIEVy813xnaT01anU9f_KCDm6XP3lEnAO9uZi9CCNuZCrCXrVQrnT_1ZsuhWSNsQ-2flyprBhjJh0dARfZB-91WpBCXXD6KKiz3ftSMLo5vxkQMNw8rTrIddCamGj6CUXpZcQkCA0o67GiaMyTpYDwlnsClOBHhxrfRA

Requested by

Host: www.4k8k.xyz
URL: http://www.4k8k.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8705509105161355&output=html&h=280&adk=594683318&adf=3056025636&pi=t.aa~a.299964388~rp.4&w=350&fwrn=4&fwrnh=100&lmt=1641316365&rafmt=1&to=qs&pwprc=3717380529&psa=0&format=350x280&url=http%3A%2F%2Fwww.4k8k.xyz%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1641316365933&bpp=2&bdt=584&idt=2&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc525264f51e0a682-22a1352d15cd0034%3AT%3D1641316365%3ART%3D1641316365%3AS%3DALNI_MYhi7IBg97Vm3njujZ0F72d1rLQzQ&prev_fmts=0x0&nras=2&correlator=978902132689&frm=20&pv=1&ga_vid=276829651.1641316365&ga_sid=1641316366&ga_hid=438854099&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1005&ady=1374&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063859%2C31063247&oid=2&pvsid=3198287763256968&pem=400&tmod=48&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=UmpzC4cEbY&p=http%3A//www.4k8k.xyz&dtd=12
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Tue, 04 Jan 2022 17:12:46 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H/1.1 200
OK h78o6ojw9z7r Show response
hal9000.redintelligence.net/zone/ Frame 8874 11 KB
3 KB 42ms
12ms Script
text/html 94.130.102.164
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal9000.redintelligence.net/zone/h78o6ojw9z7r?subid=&rnd=474924214828036105&extVar[]=DOUBLEBORDER:1&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D474924214828036105%26mt_id%3D6622328%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3Df3bc61d4-800e-4901-b7b4-66be01c016a2%26mt_cid%3Df3bc61d4-800e-4901-b7b4-66be01c016a2%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCEvyDDoDUYaSoAvK9tOUP3-SLsA7Ph46bXMCG2YLGAsCNtwEQASAAYLsGggEXY2EtcHViLTg3MDU1MDkxMDUxNjEzNTXIAQmoAwGqBLkBT9BSgV_-xdUhmDrKzc4dlvKJI6-4W_m4RQLTMFE0XSPZxvCCyEQOBGmxLORYtvAYXQpjvPbn8MSVY1jCsepQecCQF6sNbAU3M-CYVscozsQq74YrLH_nOk4zkcgpTKMnnA4DUu7yXGUKG3-QL0b6pusio-2h1sGK1y_M2qwVn9TG3Cz_NyGT8LAdp6lNBBWGlszdEzlTRuXas_bCGUiB50deuD3tSSApfBw3RzMxwIj0Ts5PjaCU2maABpPmxMWZ3fWv-gGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_2-lxPRgzGQztdjLVC-Rm69k6vM1Q%2526client%253Dca-pub-8705509105161355%2526adurl%253D%26redirect%3D
Requested by: Host: www.4k8k.xyz
URL: http://www.4k8k.xyz/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 94.130.102.164 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.164.102.130.94.clients.your-server.de
Software: Apache /
Resource Hash: d07717a66d37ee0f8988a0beb7b488f424941495083bdc0ac0a1fb54ff2ee05e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Tue, 04 Jan 2022 17:12:46 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 3363
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK ck-confirm
tags.mathtag.com/ Frame 8874 49 B
329 B 40ms
18ms Image
image/gif 185.29.132.242
MEDIAMATH-INC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.mathtag.com/ck-confirm?bid_id=474924214828036105&node_id=115&exch_id=4
Requested by: Host: tags.mathtag.com
URL: https://tags.mathtag.com/notify/js?exch=adx&s_exch=adx&id=5aW95q2jLzIzLyAvWkdJNU9UZG1PRGd0WVdZNFppMWtZVGN4TFRBd01EQXRNREF3TURBd01EQXdNREF3LzQ3NDkyNDIxNDgyODAzNjEwNS82NjIyMzI4LzQ1NjIzMDYvNC9jSVM1YzZhb2YtdFMtUVRlQVZhYlVjdk5kdGpFYkNHbkJLcGR3cXFjMy1nLzEvNC8wLzAvOTU2ODAzLzAvMjE2NTM2LzY1MTg3MS8xLzAvMC9NREF3TURBd01EQXRNREF3TUMwd01EQXdMVEF3TURBdE1EQXdNREF3TURBd01EQXcvMC8wLzAvMC8wLzQ3NDkyNDIxNDgyODAzNjEwNS96cmgvMC85NzIvNzUvOTk5LzMyMi8yYTBmOjk0NDE6MTE6Oi8wLjAwMC8xNjQxMzE2MzY2LzE2NDEzMjg5NjYvNC9wdWItODcwNTUwOTEwNTE2MTM1NS8/1xvUbOvOHEpAMCpGRlAHwsRZxQY&nodeid=115&group=zrh&auctionid=474924214828036105&shardkey=474924214828036105&sid=4562306&cid=6622328&bp=a_bgafhj&nfy_act=LD5weg&type=adm&client=c2s&bfip=185.29.132.98&3pck=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCEvyDDoDUYaSoAvK9tOUP3-SLsA7Ph46bXMCG2YLGAsCNtwEQASAAYLsGggEXY2EtcHViLTg3MDU1MDkxMDUxNjEzNTXIAQmoAwGqBLkBT9BSgV_-xdUhmDrKzc4dlvKJI6-4W_m4RQLTMFE0XSPZxvCCyEQOBGmxLORYtvAYXQpjvPbn8MSVY1jCsepQecCQF6sNbAU3M-CYVscozsQq74YrLH_nOk4zkcgpTKMnnA4DUu7yXGUKG3-QL0b6pusio-2h1sGK1y_M2qwVn9TG3Cz_NyGT8LAdp6lNBBWGlszdEzlTRuXas_bCGUiB50deuD3tSSApfBw3RzMxwIj0Ts5PjaCU2maABpPmxMWZ3fWv-gGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2-lxPRgzGQztdjLVC-Rm69k6vM1Q%26client%3Dca-pub-8705509105161355%26adurl%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.29.132.242 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software: MMBD/3.210.4 /
Resource Hash: 1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Tue, 04 Jan 2022 17:12:46 GMT
Server: MMBD/3.210.4
Content-Type: image/gif
Cache-Control: no-cache
x-mm-host: zrh-router-x74, zrh-bidder-x14
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 49
Expires: Tue, 04 Jan 2022 17:12:45 GMT

GET
H/1.1 200
OK img
pixel.mathtag.com/event/ Frame 8874 43 B
404 B 53ms
23ms Image
image/gif 2.18.233.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.mathtag.com/event/img?mt_id=1368875&mt_adid=216764&v1=4&v2=474924214828036105&v3=651871&v4=4562306&v5=6622328&mt_nsync=1&no_attr=1
Requested by: Host: tags.mathtag.com
URL: https://tags.mathtag.com/notify/js?exch=adx&s_exch=adx&id=5aW95q2jLzIzLyAvWkdJNU9UZG1PRGd0WVdZNFppMWtZVGN4TFRBd01EQXRNREF3TURBd01EQXdNREF3LzQ3NDkyNDIxNDgyODAzNjEwNS82NjIyMzI4LzQ1NjIzMDYvNC9jSVM1YzZhb2YtdFMtUVRlQVZhYlVjdk5kdGpFYkNHbkJLcGR3cXFjMy1nLzEvNC8wLzAvOTU2ODAzLzAvMjE2NTM2LzY1MTg3MS8xLzAvMC9NREF3TURBd01EQXRNREF3TUMwd01EQXdMVEF3TURBdE1EQXdNREF3TURBd01EQXcvMC8wLzAvMC8wLzQ3NDkyNDIxNDgyODAzNjEwNS96cmgvMC85NzIvNzUvOTk5LzMyMi8yYTBmOjk0NDE6MTE6Oi8wLjAwMC8xNjQxMzE2MzY2LzE2NDEzMjg5NjYvNC9wdWItODcwNTUwOTEwNTE2MTM1NS8/1xvUbOvOHEpAMCpGRlAHwsRZxQY&nodeid=115&group=zrh&auctionid=474924214828036105&shardkey=474924214828036105&sid=4562306&cid=6622328&bp=a_bgafhj&nfy_act=LD5weg&type=adm&client=c2s&bfip=185.29.132.98&3pck=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCEvyDDoDUYaSoAvK9tOUP3-SLsA7Ph46bXMCG2YLGAsCNtwEQASAAYLsGggEXY2EtcHViLTg3MDU1MDkxMDUxNjEzNTXIAQmoAwGqBLkBT9BSgV_-xdUhmDrKzc4dlvKJI6-4W_m4RQLTMFE0XSPZxvCCyEQOBGmxLORYtvAYXQpjvPbn8MSVY1jCsepQecCQF6sNbAU3M-CYVscozsQq74YrLH_nOk4zkcgpTKMnnA4DUu7yXGUKG3-QL0b6pusio-2h1sGK1y_M2qwVn9TG3Cz_NyGT8LAdp6lNBBWGlszdEzlTRuXas_bCGUiB50deuD3tSSApfBw3RzMxwIj0Ts5PjaCU2maABpPmxMWZ3fWv-gGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2-lxPRgzGQztdjLVC-Rm69k6vM1Q%26client%3Dca-pub-8705509105161355%26adurl%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-201.deploy.static.akamaitechnologies.com
Software: MT3 4133 baa842e master cdg-pixel-x1 config:1.0.0 /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Tue, 04 Jan 2022 17:12:46 GMT
Server: MT3 4133 baa842e master cdg-pixel-x1 config:1.0.0
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Tue, 04 Jan 2022 17:12:45 GMT

GET
H/1.1 200
OK img
tags.mathtag.com/event/ Frame 8874 49 B
329 B 44ms
18ms Image
image/gif 185.29.132.242
MEDIAMATH-INC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.mathtag.com/event/img?type=mmImpTrack&exch=adx&bid=474924214828036105&st=4562306&time=1641316366&nodeid=115
Requested by: Host: tags.mathtag.com
URL: https://tags.mathtag.com/notify/js?exch=adx&s_exch=adx&id=5aW95q2jLzIzLyAvWkdJNU9UZG1PRGd0WVdZNFppMWtZVGN4TFRBd01EQXRNREF3TURBd01EQXdNREF3LzQ3NDkyNDIxNDgyODAzNjEwNS82NjIyMzI4LzQ1NjIzMDYvNC9jSVM1YzZhb2YtdFMtUVRlQVZhYlVjdk5kdGpFYkNHbkJLcGR3cXFjMy1nLzEvNC8wLzAvOTU2ODAzLzAvMjE2NTM2LzY1MTg3MS8xLzAvMC9NREF3TURBd01EQXRNREF3TUMwd01EQXdMVEF3TURBdE1EQXdNREF3TURBd01EQXcvMC8wLzAvMC8wLzQ3NDkyNDIxNDgyODAzNjEwNS96cmgvMC85NzIvNzUvOTk5LzMyMi8yYTBmOjk0NDE6MTE6Oi8wLjAwMC8xNjQxMzE2MzY2LzE2NDEzMjg5NjYvNC9wdWItODcwNTUwOTEwNTE2MTM1NS8/1xvUbOvOHEpAMCpGRlAHwsRZxQY&nodeid=115&group=zrh&auctionid=474924214828036105&shardkey=474924214828036105&sid=4562306&cid=6622328&bp=a_bgafhj&nfy_act=LD5weg&type=adm&client=c2s&bfip=185.29.132.98&3pck=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCEvyDDoDUYaSoAvK9tOUP3-SLsA7Ph46bXMCG2YLGAsCNtwEQASAAYLsGggEXY2EtcHViLTg3MDU1MDkxMDUxNjEzNTXIAQmoAwGqBLkBT9BSgV_-xdUhmDrKzc4dlvKJI6-4W_m4RQLTMFE0XSPZxvCCyEQOBGmxLORYtvAYXQpjvPbn8MSVY1jCsepQecCQF6sNbAU3M-CYVscozsQq74YrLH_nOk4zkcgpTKMnnA4DUu7yXGUKG3-QL0b6pusio-2h1sGK1y_M2qwVn9TG3Cz_NyGT8LAdp6lNBBWGlszdEzlTRuXas_bCGUiB50deuD3tSSApfBw3RzMxwIj0Ts5PjaCU2maABpPmxMWZ3fWv-gGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2-lxPRgzGQztdjLVC-Rm69k6vM1Q%26client%3Dca-pub-8705509105161355%26adurl%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.29.132.242 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software: MMBD/3.210.4 /
Resource Hash: 1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Tue, 04 Jan 2022 17:12:46 GMT
Server: MMBD/3.210.4
Content-Type: image/gif
Cache-Control: no-cache
x-mm-host: zrh-router-x76, zrh-bidder-x14
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 49
Expires: Tue, 04 Jan 2022 17:12:45 GMT

GET
H/1.1

200
OK

request.php Show response
hal90001.redintelligence.net/ Frame 8874
Redirect Chain

https://hal90001.redintelligence.net/request.php?zone=h78o6ojw9z7r&nw=20&renderingType=javascript&namespace=cf08092676&subid=&uid=ec94dbf419af26f0&screenSize=1600x1200&screenSizeAvail=1600x1200&cli...
https://hal90001.redintelligence.net/request.php?zone=h78o6ojw9z7r&nw=20&renderingType=javascript&namespace=cf08092676&subid=&uid=ec94dbf419af26f0&screenSize=1600x1200&screenSizeAvail=1600x1200&cli...

2 KB
1 KB

152ms
130ms

Script
application/x-javascript

46.4.10.49
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal90001.redintelligence.net/request.php?zone=h78o6ojw9z7r&nw=20&renderingType=javascript&namespace=cf08092676&subid=&uid=ec94dbf419af26f0&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=336x280&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D474924214828036105%26mt_id%3D6622328%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3Df3bc61d4-800e-4901-b7b4-66be01c016a2%26mt_cid%3Df3bc61d4-800e-4901-b7b4-66be01c016a2%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCEvyDDoDUYaSoAvK9tOUP3-SLsA7Ph46bXMCG2YLGAsCNtwEQASAAYLsGggEXY2EtcHViLTg3MDU1MDkxMDUxNjEzNTXIAQmoAwGqBLkBT9BSgV_-xdUhmDrKzc4dlvKJI6-4W_m4RQLTMFE0XSPZxvCCyEQOBGmxLORYtvAYXQpjvPbn8MSVY1jCsepQecCQF6sNbAU3M-CYVscozsQq74YrLH_nOk4zkcgpTKMnnA4DUu7yXGUKG3-QL0b6pusio-2h1sGK1y_M2qwVn9TG3Cz_NyGT8LAdp6lNBBWGlszdEzlTRuXas_bCGUiB50deuD3tSSApfBw3RzMxwIj0Ts5PjaCU2maABpPmxMWZ3fWv-gGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_2-lxPRgzGQztdjLVC-Rm69k6vM1Q%2526client%253Dca-pub-8705509105161355%2526adurl%253D%26redirect%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-8705509105161355%26output%3Dhtml%26h%3D280%26adk%3D594683318%26adf%3D3056025636%26pi%3Dt.aa~a.299964388~rp.4%26w%3D350%26fwrn%3D4%26fwrnh%3D100%26lmt%3D1641316365%26rafmt%3D1%26to%3Dqs%26pwprc%3D3717380529%26psa%3D0%26format%3D350x280%26url%3Dhttp%253A%252F%252Fwww.4k8k.xyz%252F%26flash%3D0%26fwr%3D0%26pra%3D3%26rpe%3D1%26resp_fmts%3D3%26wgl%3D1%26fa%3D40%26dt%3D1641316365933%26bpp%3D2%26bdt%3D584%26idt%3D2%26shv%3Dr20211207%26mjsv%3Dm202112060101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26cookie%3DID%253Dc525264f51e0a682-22a1352d15cd0034%253AT%253D1641316365%253ART%253D1641316365%253AS%253DALNI_MYhi7IBg97Vm3njujZ0F72d1rLQzQ%26prev_fmts%3D0x0%26nras%3D2%26correlator%3D978902132689%26frm%3D20%26pv%3D1%26ga_vid%3D276829651.1641316365%26ga_sid%3D1641316366%26ga_hid%3D438854099%26ga_fc%3D1%26u_tz%3D0%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26adx%3D1005%26ady%3D1374%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D31063859%252C31063247%26oid%3D2%26pvsid%3D3198287763256968%26pem%3D400%26tmod%3D48%26eae%3D0%26fc%3D1920%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257Cs%257C%26abl%3DNS%26fu%3D128%26bc%3D23%26ifi%3D2%26uci%3Da!2%26btvi%3D1%26fsb%3D1%26xpc%3DUmpzC4cEbY%26p%3Dhttp%253A%2F%2Fwww.4k8k.xyz%26dtd%3D12&ancestorOrigins=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Chttp%3A%2F%2Fwww.4k8k.xyz&random=4151163787951&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8705509105161355&output=html&h=280&adk=594683318&adf=3056025636&pi=t.aa~a.299964388~rp.4&w=350&fwrn=4&fwrnh=100&lmt=1641316365&rafmt=1&to=qs&pwprc=3717380529&psa=0&format=350x280&url=http%3A%2F%2Fwww.4k8k.xyz%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1641316365933&bpp=2&bdt=584&idt=2&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc525264f51e0a682-22a1352d15cd0034%3AT%3D1641316365%3ART%3D1641316365%3AS%3DALNI_MYhi7IBg97Vm3njujZ0F72d1rLQzQ&prev_fmts=0x0&nras=2&correlator=978902132689&frm=20&pv=1&ga_vid=276829651.1641316365&ga_sid=1641316366&ga_hid=438854099&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1005&ady=1374&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063859%2C31063247&oid=2&pvsid=3198287763256968&pem=400&tmod=48&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=UmpzC4cEbY&p=http%3A//www.4k8k.xyz&dtd=12
Protocol: HTTP/1.1
Server: 46.4.10.49 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.49.10.4.46.clients.your-server.de
Software: Apache /
Resource Hash: 039177970b8453c8c7ed77c8e42b141366caa85c84ecb630e72cee7def232718

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 04 Jan 2022 17:12:46 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId: 18005100294213900951407011829001
Connection: close
Content-Type: application/x-javascript; charset=utf-8
Content-Length: 895
Expires: Tue, 04 Jan 2022 17:12:46 +0100

Redirect headers

Pragma: no-cache
Date: Tue, 04 Jan 2022 17:12:46 GMT
Server: Apache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location: request.php?zone=h78o6ojw9z7r&nw=20&renderingType=javascript&namespace=cf08092676&subid=&uid=ec94dbf419af26f0&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=336x280&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D474924214828036105%26mt_id%3D6622328%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3Df3bc61d4-800e-4901-b7b4-66be01c016a2%26mt_cid%3Df3bc61d4-800e-4901-b7b4-66be01c016a2%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCEvyDDoDUYaSoAvK9tOUP3-SLsA7Ph46bXMCG2YLGAsCNtwEQASAAYLsGggEXY2EtcHViLTg3MDU1MDkxMDUxNjEzNTXIAQmoAwGqBLkBT9BSgV_-xdUhmDrKzc4dlvKJI6-4W_m4RQLTMFE0XSPZxvCCyEQOBGmxLORYtvAYXQpjvPbn8MSVY1jCsepQecCQF6sNbAU3M-CYVscozsQq74YrLH_nOk4zkcgpTKMnnA4DUu7yXGUKG3-QL0b6pusio-2h1sGK1y_M2qwVn9TG3Cz_NyGT8LAdp6lNBBWGlszdEzlTRuXas_bCGUiB50deuD3tSSApfBw3RzMxwIj0Ts5PjaCU2maABpPmxMWZ3fWv-gGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_2-lxPRgzGQztdjLVC-Rm69k6vM1Q%2526client%253Dca-pub-8705509105161355%2526adurl%253D%26redirect%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-8705509105161355%26output%3Dhtml%26h%3D280%26adk%3D594683318%26adf%3D3056025636%26pi%3Dt.aa~a.299964388~rp.4%26w%3D350%26fwrn%3D4%26fwrnh%3D100%26lmt%3D1641316365%26rafmt%3D1%26to%3Dqs%26pwprc%3D3717380529%26psa%3D0%26format%3D350x280%26url%3Dhttp%253A%252F%252Fwww.4k8k.xyz%252F%26flash%3D0%26fwr%3D0%26pra%3D3%26rpe%3D1%26resp_fmts%3D3%26wgl%3D1%26fa%3D40%26dt%3D1641316365933%26bpp%3D2%26bdt%3D584%26idt%3D2%26shv%3Dr20211207%26mjsv%3Dm202112060101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26cookie%3DID%253Dc525264f51e0a682-22a1352d15cd0034%253AT%253D1641316365%253ART%253D1641316365%253AS%253DALNI_MYhi7IBg97Vm3njujZ0F72d1rLQzQ%26prev_fmts%3D0x0%26nras%3D2%26correlator%3D978902132689%26frm%3D20%26pv%3D1%26ga_vid%3D276829651.1641316365%26ga_sid%3D1641316366%26ga_hid%3D438854099%26ga_fc%3D1%26u_tz%3D0%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26adx%3D1005%26ady%3D1374%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D31063859%252C31063247%26oid%3D2%26pvsid%3D3198287763256968%26pem%3D400%26tmod%3D48%26eae%3D0%26fc%3D1920%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257Cs%257C%26abl%3DNS%26fu%3D128%26bc%3D23%26ifi%3D2%26uci%3Da!2%26btvi%3D1%26fsb%3D1%26xpc%3DUmpzC4cEbY%26p%3Dhttp%253A%2F%2Fwww.4k8k.xyz%26dtd%3D12&ancestorOrigins=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Chttp%3A%2F%2Fwww.4k8k.xyz&random=4151163787951&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Expires: Tue, 04 Jan 2022 17:12:46 +0100

GET
H3

200

activityi;dc_pre=CI2nmfjLmPUCFX0hBgAdLAoKqg;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=869393637257.8115 Show response
5994599.fls.doubleclick.net/ Frame 1D83
Redirect Chain

https://5994599.fls.doubleclick.net/activityi;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=869393637257.8115?
https://5994599.fls.doubleclick.net/activityi;dc_pre=CI2nmfjLmPUCFX0hBgAdLAoKqg;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=869393637257.8115?

391 B
347 B

73ms
59ms

Document
text/html

142.250.184.230
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://5994599.fls.doubleclick.net/activityi;dc_pre=CI2nmfjLmPUCFX0hBgAdLAoKqg;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=869393637257.8115?

Requested by

Host: www.4k8k.xyz
URL: http://www.4k8k.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.230 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f6.1e100.net

Software

cafe /

Resource Hash

5446b28cda839e6bd15e6a852d14fdfe160f25284b766bb03c288ac60b16e7c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 04 Jan 2022 17:12:47 GMT
expires: Tue, 04 Jan 2022 17:12:47 GMT
cache-control: private, max-age=0
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 324
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 04 Jan 2022 17:12:47 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
follow-only-when-prerender-shown: 1
strict-transport-security: max-age=21600
location: https://5994599.fls.doubleclick.net/activityi;dc_pre=CI2nmfjLmPUCFX0hBgAdLAoKqg;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=869393637257.8115?
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK request_content.php Show response
hal90001.redintelligence.net/ Frame 7EE7 4 KB
2 KB 33ms
11ms Document
text/html 46.4.10.49
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal90001.redintelligence.net/request_content.php?s=18005100294213900951407011829001&a=88357a94
Requested by: Host: hal90001.redintelligence.net
URL: https://hal90001.redintelligence.net/request.php?zone=h78o6ojw9z7r&nw=20&renderingType=javascript&namespace=cf08092676&subid=&uid=ec94dbf419af26f0&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=336x280&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D474924214828036105%26mt_id%3D6622328%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3Df3bc61d4-800e-4901-b7b4-66be01c016a2%26mt_cid%3Df3bc61d4-800e-4901-b7b4-66be01c016a2%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCEvyDDoDUYaSoAvK9tOUP3-SLsA7Ph46bXMCG2YLGAsCNtwEQASAAYLsGggEXY2EtcHViLTg3MDU1MDkxMDUxNjEzNTXIAQmoAwGqBLkBT9BSgV_-xdUhmDrKzc4dlvKJI6-4W_m4RQLTMFE0XSPZxvCCyEQOBGmxLORYtvAYXQpjvPbn8MSVY1jCsepQecCQF6sNbAU3M-CYVscozsQq74YrLH_nOk4zkcgpTKMnnA4DUu7yXGUKG3-QL0b6pusio-2h1sGK1y_M2qwVn9TG3Cz_NyGT8LAdp6lNBBWGlszdEzlTRuXas_bCGUiB50deuD3tSSApfBw3RzMxwIj0Ts5PjaCU2maABpPmxMWZ3fWv-gGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_2-lxPRgzGQztdjLVC-Rm69k6vM1Q%2526client%253Dca-pub-8705509105161355%2526adurl%253D%26redirect%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-8705509105161355%26output%3Dhtml%26h%3D280%26adk%3D594683318%26adf%3D3056025636%26pi%3Dt.aa~a.299964388~rp.4%26w%3D350%26fwrn%3D4%26fwrnh%3D100%26lmt%3D1641316365%26rafmt%3D1%26to%3Dqs%26pwprc%3D3717380529%26psa%3D0%26format%3D350x280%26url%3Dhttp%253A%252F%252Fwww.4k8k.xyz%252F%26flash%3D0%26fwr%3D0%26pra%3D3%26rpe%3D1%26resp_fmts%3D3%26wgl%3D1%26fa%3D40%26dt%3D1641316365933%26bpp%3D2%26bdt%3D584%26idt%3D2%26shv%3Dr20211207%26mjsv%3Dm202112060101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26cookie%3DID%253Dc525264f51e0a682-22a1352d15cd0034%253AT%253D1641316365%253ART%253D1641316365%253AS%253DALNI_MYhi7IBg97Vm3njujZ0F72d1rLQzQ%26prev_fmts%3D0x0%26nras%3D2%26correlator%3D978902132689%26frm%3D20%26pv%3D1%26ga_vid%3D276829651.1641316365%26ga_sid%3D1641316366%26ga_hid%3D438854099%26ga_fc%3D1%26u_tz%3D0%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26adx%3D1005%26ady%3D1374%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D31063859%252C31063247%26oid%3D2%26pvsid%3D3198287763256968%26pem%3D400%26tmod%3D48%26eae%3D0%26fc%3D1920%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257Cs%257C%26abl%3DNS%26fu%3D128%26bc%3D23%26ifi%3D2%26uci%3Da!2%26btvi%3D1%26fsb%3D1%26xpc%3DUmpzC4cEbY%26p%3Dhttp%253A%2F%2Fwww.4k8k.xyz%26dtd%3D12&ancestorOrigins=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Chttp%3A%2F%2Fwww.4k8k.xyz&random=4151163787951&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 46.4.10.49 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.49.10.4.46.clients.your-server.de
Software: Apache /
Resource Hash: deb4cd0160f2989fdef85ae5782d0736e0e635b5d650c54edc801492ff14ddab

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/

Response headers

Date: Tue, 04 Jan 2022 17:12:47 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Expires: Tue, 04 Jan 2022 17:12:47 +0100
Pragma: no-cache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1412
Connection: close
Content-Type: text/html; charset=utf-8

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame E22C 1 KB
749 B 6ms
6ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Tue, 04 Jan 2022 13:26:12 GMT
expires: Wed, 05 Jan 2022 13:26:12 GMT
content-type: text/html; charset=UTF-8
etag: 48472445140208031
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
age: 13595
cache-control: public, max-age=86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 8874 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f2f530f531772f32853ab666257658968fd8b41e333eec8687749fa859d53364

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 dpixel
cms.quantserve.com/ Frame E22C 35 B
464 B 35ms
9ms Image
image/gif 2620:116:800d:21:fcb8:22d2:d390:5f1b
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEN8xKSY8Ge5psD2nsCgJ-O0&google_cver=1&google_push=AYg5qPJG7E8J58P27nuP3jH8jB169tFyEwrOhCcP9dD_OIXEU5-wK0F8RK3KJJhRBZv1_dvdL1rijflz8aLa-4isDgQHvMNDftS3wK8g-V007bnL5-C2It5ELv0Ew2NSYf6smoRYKs-k9J5kRbloZa3ctfI

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:fcb8:22d2:d390:5f1b , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 04 Jan 2022 17:12:47 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame E22C
Redirect Chain

https://pixel.everesttech.net/1/m?url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Deverest%26google_hm%3D__EFGSURFER_USB64__%26google_push%3DAYg5qPKexMnDxI7QSraaVCbREYaVSQYylM810OdUrLs...
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WWRTQUR3QUFCZkAtZTI2aA&google_push=AYg5qPKexMnDxI7QSraaVCbREYaVSQYylM810OdUrLs_n7JCwIzZgf95PABFcRCkgo0ZshADBOV-j4TmOvZtgf62ewjybPjFOM...

170 B
188 B

16ms
16ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WWRTQUR3QUFCZkAtZTI2aA&google_push=AYg5qPKexMnDxI7QSraaVCbREYaVSQYylM810OdUrLs_n7JCwIzZgf95PABFcRCkgo0ZshADBOV-j4TmOvZtgf62ewjybPjFOMgdob_saEHfJm1--3NfPLzoZ2LewVmtdU5fpRhQJ95XD06pwrfQ43ehEvA

Requested by

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 04 Jan 2022 17:12:47 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WWRTQUR3QUFCZkAtZTI2aA&google_push=AYg5qPKexMnDxI7QSraaVCbREYaVSQYylM810OdUrLs_n7JCwIzZgf95PABFcRCkgo0ZshADBOV-j4TmOvZtgf62ewjybPjFOMgdob_saEHfJm1--3NfPLzoZ2LewVmtdU5fpRhQJ95XD06pwrfQ43ehEvA
Date: Tue, 04 Jan 2022 17:12:47 GMT
Server: Apache
Connection: keep-alive
Content-Length: 446
Content-Type: text/html; charset=iso-8859-1

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame E22C
Redirect Chain

https://d.agkn.com/pixel/2175/?google_gid=CAESEGEHOW1zCRaDNw843gtY9-E&google_cver=1&google_push=AYg5qPLRypc4lxqZhlSs7RsWhR-v2CcsRWCuRUvAiBc9NdQtNWY-O8vIQQknmTUdfLxJ26gxlDbVPfR4DpHo8ICzDPxdh4ezmma78...
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPLRypc4lxqZhlSs7RsWhR-v2CcsRWCuRUvAiBc9NdQtNWY-O8vIQQknmTUdfLxJ26gxlDbVPfR4DpHo8ICzDPxdh4ezmma78rFDsBcPPt7imwrLY7bl0QDWFORUhh3M...

170 B
188 B

32ms
18ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPLRypc4lxqZhlSs7RsWhR-v2CcsRWCuRUvAiBc9NdQtNWY-O8vIQQknmTUdfLxJ26gxlDbVPfR4DpHo8ICzDPxdh4ezmma78rFDsBcPPt7imwrLY7bl0QDWFORUhh3MO8OrgAqs_dok6sJ8BzuvNMg&google_hm=Q0FFU0VHRUhPVzF6Q1JhRE53ODQzZ3RZOS1F

Requested by

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 04 Jan 2022 17:12:47 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 04 Jan 2022 17:12:46 GMT
Server: Apache-Coyote/1.1
P3P: CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPLRypc4lxqZhlSs7RsWhR-v2CcsRWCuRUvAiBc9NdQtNWY-O8vIQQknmTUdfLxJ26gxlDbVPfR4DpHo8ICzDPxdh4ezmma78rFDsBcPPt7imwrLY7bl0QDWFORUhh3MO8OrgAqs_dok6sJ8BzuvNMg&google_hm=Q0FFU0VHRUhPVzF6Q1JhRE53ODQzZ3RZOS1F
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 dds
rtb.openx.net/sync/ Frame E22C 43 B
351 B 38ms
17ms Image
image/gif 35.227.252.103
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESEJoBDcvw7pzkntFDyN7_-JI&google_cver=1&google_push=AYg5qPKvBsbiykCIS77Hc0WawEfsjwSdsJ28djlM3r7UPAGvcCJn7vZ5sQ8kqEBANO4ab_qZ3XLvB69SYrdg0aXXx_8i-72IravC0eBUQ3yClmBux9bsK0Yhym-7amwXc3vyt3pDywWuTOrUBMQE2xiY_Rg
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8705509105161355&output=html&h=280&adk=594683318&adf=3056025636&pi=t.aa~a.299964388~rp.4&w=350&fwrn=4&fwrnh=100&lmt=1641316365&rafmt=1&to=qs&pwprc=3717380529&psa=0&format=350x280&url=http%3A%2F%2Fwww.4k8k.xyz%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1641316365933&bpp=2&bdt=584&idt=2&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc525264f51e0a682-22a1352d15cd0034%3AT%3D1641316365%3ART%3D1641316365%3AS%3DALNI_MYhi7IBg97Vm3njujZ0F72d1rLQzQ&prev_fmts=0x0&nras=2&correlator=978902132689&frm=20&pv=1&ga_vid=276829651.1641316365&ga_sid=1641316366&ga_hid=438854099&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1005&ady=1374&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063859%2C31063247&oid=2&pvsid=3198287763256968&pem=400&tmod=48&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=UmpzC4cEbY&p=http%3A//www.4k8k.xyz&dtd=12
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 103.252.227.35.bc.googleusercontent.com
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 04 Jan 2022 17:12:46 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-request-id: t6il7s3g92e7lb906m0tk2dgvj58dcg5

GET

pixel
cm.g.doubleclick.net/ Frame E22C
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEJZ1AOHUkiZOjk6-oHpxhZ8&google_cver=1&googl...
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEJZ1AOHUkiZOjk6-oHpxhZ8&google_push=AY...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YdSADxpzy9vvhxt1fdPBkAAABJcAAAAB&google_push=AYg5qPLRFeTnsq__mvaHbOYURcAaEQ_2KTRJCDVAj0lCm1ikujhTYZ8GVGbvt5r78Sektkm8PiBSjZ68dhgmt9PB8f...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YdSADxpzy9vvhxt1fdPBkAAABJcAAAAB&google_push=AYg5qPLRFeTnsq__mvaHbOYURcAaEQ_2KTRJCDVAj0lCm1ikujhTYZ8GVGbvt5r78Sektkm8PiBSjZ68dhgmt9PB8f...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YdSADxpzy9vvhxt1fdPBkAAABJcAAAAB&google_push=AYg5qPLRFeTnsq__mvaHbOYURcAaEQ_2KTRJCDVAj0lCm1ikujhTYZ8GVGbvt5r78Sektkm8PiBSjZ68dhgmt9PB8f...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YdSADxpzy9vvhxt1fdPBkAAABJcAAAAB&google_push=AYg5qPLRFeTnsq__mvaHbOYURcAaEQ_2KTRJCDVAj0lCm1ikujhTYZ8GVGbvt5r78Sektkm8PiBSjZ68dhgmt9PB8f...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YdSADxpzy9vvhxt1fdPBkAAABJcAAAAB&google_push=AYg5qPLRFeTnsq__mvaHbOYURcAaEQ_2KTRJCDVAj0lCm1ikujhTYZ8GVGbvt5r78Sektkm8PiBSjZ68dhgmt9PB8f...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YdSADxpzy9vvhxt1fdPBkAAABJcAAAAB&google_push=AYg5qPLRFeTnsq__mvaHbOYURcAaEQ_2KTRJCDVAj0lCm1ikujhTYZ8GVGbvt5r78Sektkm8PiBSjZ68dhgmt9PB8f...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YdSADxpzy9vvhxt1fdPBkAAABJcAAAAB&google_push=AYg5qPLRFeTnsq__mvaHbOYURcAaEQ_2KTRJCDVAj0lCm1ikujhTYZ8GVGbvt5r78Sektkm8PiBSjZ68dhgmt9PB8f...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YdSADxpzy9vvhxt1fdPBkAAABJcAAAAB&google_push=AYg5qPLRFeTnsq__mvaHbOYURcAaEQ_2KTRJCDVAj0lCm1ikujhTYZ8GVGbvt5r78Sektkm8PiBSjZ68dhgmt9PB8f...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YdSADxpzy9vvhxt1fdPBkAAABJcAAAAB&google_push=AYg5qPLRFeTnsq__mvaHbOYURcAaEQ_2KTRJCDVAj0lCm1ikujhTYZ8GVGbvt5r78Sektkm8PiBSjZ68dhgmt9PB8f...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YdSADxpzy9vvhxt1fdPBkAAABJcAAAAB&google_push=AYg5qPLRFeTnsq__mvaHbOYURcAaEQ_2KTRJCDVAj0lCm1ikujhTYZ8GVGbvt5r78Sektkm8PiBSjZ68dhgmt9PB8f...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YdSADxpzy9vvhxt1fdPBkAAABJcAAAAB&google_push=AYg5qPLRFeTnsq__mvaHbOYURcAaEQ_2KTRJCDVAj0lCm1ikujhTYZ8GVGbvt5r78Sektkm8PiBSjZ68dhgmt9PB8f...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YdSADxpzy9vvhxt1fdPBkAAABJcAAAAB&google_push=AYg5qPLRFeTnsq__mvaHbOYURcAaEQ_2KTRJCDVAj0lCm1ikujhTYZ8GVGbvt5r78Sektkm8PiBSjZ68dhgmt9PB8f...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YdSADxpzy9vvhxt1fdPBkAAABJcAAAAB&google_push=AYg5qPLRFeTnsq__mvaHbOYURcAaEQ_2KTRJCDVAj0lCm1ikujhTYZ8GVGbvt5r78Sektkm8PiBSjZ68dhgmt9PB8f...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YdSADxpzy9vvhxt1fdPBkAAABJcAAAAB&google_push=AYg5qPLRFeTnsq__mvaHbOYURcAaEQ_2KTRJCDVAj0lCm1ikujhTYZ8GVGbvt5r78Sektkm8PiBSjZ68dhgmt9PB8f...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YdSADxpzy9vvhxt1fdPBkAAABJcAAAAB&google_push=AYg5qPLRFeTnsq__mvaHbOYURcAaEQ_2KTRJCDVAj0lCm1ikujhTYZ8GVGbvt5r78Sektkm8PiBSjZ68dhgmt9PB8f...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YdSADxpzy9vvhxt1fdPBkAAABJcAAAAB&google_push=AYg5qPLRFeTnsq__mvaHbOYURcAaEQ_2KTRJCDVAj0lCm1ikujhTYZ8GVGbvt5r78Sektkm8PiBSjZ68dhgmt9PB8f...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YdSADxpzy9vvhxt1fdPBkAAABJcAAAAB&google_push=AYg5qPLRFeTnsq__mvaHbOYURcAaEQ_2KTRJCDVAj0lCm1ikujhTYZ8GVGbvt5r78Sektkm8PiBSjZ68dhgmt9PB8f...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YdSADxpzy9vvhxt1fdPBkAAABJcAAAAB&google_push=AYg5qPLRFeTnsq__mvaHbOYURcAaEQ_2KTRJCDVAj0lCm1ikujhTYZ8GVGbvt5r78Sektkm8PiBSjZ68dhgmt9PB8f...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YdSADxpzy9vvhxt1fdPBkAAABJcAAAAB&google_push=AYg5qPLRFeTnsq__mvaHbOYURcAaEQ_2KTRJCDVAj0lCm1ikujhTYZ8GVGbvt5r78Sektkm8PiBSjZ68dhgmt9PB8f...

0
0

GET
H2 200 trk
ag.innovid.com/ Frame E22C 43 B
296 B 118ms
22ms Image
image/gif 2a05:d01c:1d8:8101:bbdc:e89a:212:4373
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ag.innovid.com/trk?tid=11711&google_gid=CAESEPJ_52Nq1u8EoANgrVmjA6E&google_cver=1&google_push=AYg5qPLMzYVFZe4baQRngAPqbnTQjQmoXkGQbVnP0g9bOy7sw9lTXqSnVwGfCfA-sHzCFt-MMNMTvRKOOOGRfHE5_VsBdBM9yzPBBpx9tAxcoo8u5VP9u8TSVOhPRvVNhBmrOvSeV_d0xi7lXCvCtrjqBso
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8705509105161355&output=html&h=280&adk=594683318&adf=3056025636&pi=t.aa~a.299964388~rp.4&w=350&fwrn=4&fwrnh=100&lmt=1641316365&rafmt=1&to=qs&pwprc=3717380529&psa=0&format=350x280&url=http%3A%2F%2Fwww.4k8k.xyz%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1641316365933&bpp=2&bdt=584&idt=2&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc525264f51e0a682-22a1352d15cd0034%3AT%3D1641316365%3ART%3D1641316365%3AS%3DALNI_MYhi7IBg97Vm3njujZ0F72d1rLQzQ&prev_fmts=0x0&nras=2&correlator=978902132689&frm=20&pv=1&ga_vid=276829651.1641316365&ga_sid=1641316366&ga_hid=438854099&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1005&ady=1374&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063859%2C31063247&oid=2&pvsid=3198287763256968&pem=400&tmod=48&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=UmpzC4cEbY&p=http%3A//www.4k8k.xyz&dtd=12
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a05:d01c:1d8:8101:bbdc:e89a:212:4373 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 04 Jan 2022 17:12:47 GMT
cache-control: no-cache
content-type: image/gif
content-length: 43
request-time: 0
expires: -1

GET
H2

200

dot.gif
googlecm.hit.gemius.pl/ Frame E22C
Redirect Chain

https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEP5-9m0ZsMRaF0zFOsmOPro&google_cver=1&google_push=AYg5qPJdAKBewOxFgzN6fT5E...
https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AYg5qPJdAKBewOxFgzN6fT5EzRUX5Nq55vdBrCzi7Xe0ot_opkXlwGPgeEy4AJoU1hssr4Bko_eOF3hI4l0ceIveILmBJYt6yupeRuDg5iv7P2RwnYJY6-IWAg&googl...
https://googlecm.hit.gemius.pl/dot.gif?id=pyM1l.MgAY658jQJ4ykHpoYhP_hR_2_qZ3eEDY6uHMX.C7&google_error=5

43 B
190 B

36ms
36ms

Image
image/gif

79.137.69.120
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googlecm.hit.gemius.pl/dot.gif?id=pyM1l.MgAY658jQJ4ykHpoYhP_hR_2_qZ3eEDY6uHMX.C7&google_error=5
Requested by: Host: www.4k8k.xyz
URL: http://www.4k8k.xyz/
Protocol: H2
Server: 79.137.69.120 , France, ASN16276 (OVH, FR),
Reverse DNS: gcm10.host.hit.gemius.pl
Software: GHC /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 04 Jan 2022 17:12:47 GMT
server: GHC
p3p: CP="NOI DSP COR NID PSAo OUR IND"
cache-control: no-store, no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-type: image/gif
content-length: 43
expires: Mon, 03 Jan 2022 17:12:47 GMT

Redirect headers

pragma: no-cache
date: Tue, 04 Jan 2022 17:12:47 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://googlecm.hit.gemius.pl/dot.gif?id=pyM1l.MgAY658jQJ4ykHpoYhP_hR_2_qZ3eEDY6uHMX.C7&google_error=5
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 304
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame E22C 0
223 B 51ms
15ms Image
text/html 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KUQPf1Hig8F_XhQJZ2nFwEyT-syKnTuZ5m-NRW14U9c-ueWpCGjsAhRnb3bNDd1uKh2AoJJw

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 17:12:47 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H/1.1 200
OK S-336x280.gif
cdn.contentspread.net/24i/content/soberfb/DE/ Frame 7EE7 77 KB
77 KB 106ms
35ms Image
image/gif 51.75.147.170
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.contentspread.net/24i/content/soberfb/DE/S-336x280.gif
Requested by: Host: hal90001.redintelligence.net
URL: https://hal90001.redintelligence.net/request_content.php?s=18005100294213900951407011829001&a=88357a94
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 51.75.147.170 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3133977.ip-51-75-147.eu
Software: nginx /
Resource Hash: 389fea323237b8da675f0c2ab8b701a9a0637ec1e4bb3d4b6cc9ce5440abc1a5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal90001.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Tue, 04 Jan 2022 17:12:47 GMT
Last-Modified: Mon, 23 Jul 2018 15:19:51 GMT
Server: nginx
ETag: "5b55f217-1348d"
Content-Type: image/gif
Connection: close
Accept-Ranges: bytes
Content-Length: 78989

GET
H/1.1 200
OK viewability Show response
hal90001.redintelligence.net/ Frame 7EE7 0
150 B 34ms
13ms Script
text/html 46.4.10.49
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal90001.redintelligence.net/viewability?s=18005100294213900951407011829001&a=7ba6337b&vb=m
Requested by: Host: hal90001.redintelligence.net
URL: https://hal90001.redintelligence.net/request_content.php?s=18005100294213900951407011829001&a=88357a94
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 46.4.10.49 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.49.10.4.46.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal90001.redintelligence.net/request_content.php?s=18005100294213900951407011829001&a=88357a94
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Tue, 04 Jan 2022 17:12:47 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
DATA 200
OK truncated
/ Frame 7EE7 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type: image/gif

GET
H3 200 dc_pre=CI2nmfjLmPUCFX0hBgAdLAoKqg;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=869393637257.8115
adservice.google.com/ddm/fls/z/ Frame 1D83 42 B
63 B 42ms
41ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CI2nmfjLmPUCFX0hBgAdLAoKqg;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=869393637257.8115

Requested by

Host: 5994599.fls.doubleclick.net
URL: https://5994599.fls.doubleclick.net/activityi;dc_pre=CI2nmfjLmPUCFX0hBgAdLAoKqg;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=869393637257.8115?

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://5994599.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 04 Jan 2022 17:12:47 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK hm.gif
hm.baidu.com/ 43 B
299 B 357ms
357ms Image
image/gif 103.235.46.191
BAIDU Beijing Bai...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1600x1200&vl=1200&et=0&ja=0&ln=en-us&lo=0&rnd=1992869225&si=1d3747cc5d2651b9ecf7f427156bbe34&v=1.2.89&lv=1&sn=57827&r=0&ww=1600&ct=!!&u=http%3A%2F%2Fwww.4k8k.xyz%2F&tt=%E7%A8%8B%E5%BA%8F%E5%91%98%E8%B5%84%E6%96%99

Requested by

Host: www.4k8k.xyz
URL: http://www.4k8k.xyz/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),

Reverse DNS

Software

apache /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=172800
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.4k8k.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 04 Jan 2022 17:12:47 GMT
X-Content-Type-Options: nosniff
Server: apache
Strict-Transport-Security: max-age=172800
Content-Type: image/gif
Cache-Control: private, max-age=0, no-cache
Content-Length: 43

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 11 KB
8 KB 36ms
21ms XHR
application/json 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20211207&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b6c378ae10fd91f5cb998ec1cce5537b9ce076786fbbeb546caf3fc895cd1a5e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.4k8k.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 04 Jan 2022 17:12:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8565
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 41ms
41ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.4k8k.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 17:12:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
expires: Tue, 04 Jan 2022 17:12:50 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 59F9 13 KB
5 KB 7ms
6ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://www.4k8k.xyz/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5046
date: Tue, 04 Jan 2022 16:57:58 GMT
expires: Wed, 04 Jan 2023 16:57:58 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 892
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 111C 783 B
535 B 17ms
17ms Document
text/html 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

ae807b4a00e74abb6f7c5c73d67fa54a4d10cf5052c3da4b9e7bd65a13b3a4a2

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-SdtSgtBjV54g0b6Mye10qA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://www.4k8k.xyz/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Tue, 04 Jan 2022 17:12:50 GMT
date: Tue, 04 Jan 2022 17:12:50 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-SdtSgtBjV54g0b6Mye10qA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 513
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 U_DPXy_vflqTjVU_YutWJm0axOJE633NQGMGFEhf2s0.js Show response
pagead2.googlesyndication.com/bg/ Frame 59F9 35 KB
13 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/U_DPXy_vflqTjVU_YutWJm0axOJE633NQGMGFEhf2s0.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

53f0cf5f2fef7e5a938d553f62eb56266d1ac4e244eb7dcd40630614485fdacd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 03 Jan 2022 03:41:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 135061
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13577
x-xss-protection: 0
last-modified: Mon, 06 Dec 2021 19:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 03 Jan 2023 03:41:49 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 111C 0
0 47ms
46ms Image
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20211207&jk=3198287763256968&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 42ms
41ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gda_r20211207&jk=3198287763256968&bg=!OjmlOX3NAAZKWFskSlg7ACkAdvg8WpgY7QWTrkjYqeEsZXyPYiIocIL-QYc2B0IOsiz5fdVJZkg5GAIAAAA-UgAAAAloAQcKAGylAGRM8n73DCS4sOAiqrarRquAWq7dok2KyMl8QW1pG7xryXtRV7BPM2q7q8hNdzttkmQlvdRmTcGabczTRTip7PKG60KbwFFDiF8yByvF3NGkP6vYIfLfoXQlQCwt5yiA9y1w8gBZIJiFoW2ZAqGpKPti22lIehUsgA5Gwh7vvkXYfihAPRAwOIST7ioV14ditkZPlUhm88FdzCiLi4ldG7OsvQVN6V_eEz8P-ZnukTXzcZHflIAahClUzTc9BRwjwHmKdVQuFEhiZGpkE5euG16lhxCCQnpxmXDIjWBKPiqXoq7CLL0vsCn4eU2CI4KTaPh4EnwlMAPfvtg9BXWmHYhGsCKUbD8FgZ7zucPxGfeQHd-rhdUEi4QYsgngrF3R_YyZXOHKjaTl_9kVN08koZH1QV6xE5iO5d3078ZZEYSXH1Wh1tjyg4WlOHAowOmbZyyC_-XKWK0pWYPURj_CRtb7qWzWW5AyUqbywWM42WE47ArcA2TMK-eZPPrCI09OT4wnqwnw87LbAHdCPl7RI7x2Nf7QuemFra8ry_8ryBSWXnzz9QW4P-8-IPkGOgNesDlLSNJsFBTk70viVN9TntXXJfBMwk7bOTyplxsPd_tG25WScMLwqwnHYFFKp0PCU9y13W2dKEPB7BwOdnp-YHb0Cyarys3xEoFwq_p4b_yJoK6uGcLOLcLGtBjdUyJG1GNIRgB-DDmQD0H_22OVAbLhW300PaEjhrzmNqaHT9F8tRDtKSQhK0SyMMEEV0qMsSfo9x4WfOJUc1IIaMJAEySK4BRQE_haY6whdA_6jcPEH4_n9AOiuIrz4RiTiw2-rvQ3BE3QP1iBvQWcKujwFxUrMACirGUVOabPBuW-P9ZSfG6xiGjBMmrhule7_NMaJSDDx85fiNNg1ZeiKYbqVD9WZChpAYRKewmbG2i6qvN6UuKNM0BlnqNIfBdSiv8WmqmEkTwnCHKDhggF_VZnTRPIS2YwawD3eswkrS3oUr_pBO8HH4lzxyckjS-9HdusGyS9tRxeoJc-Ce0SQLX6

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.4k8k.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 04 Jan 2022 17:12:50 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: sync.adtelligent.com
URL: https://sync.adtelligent.com/csync?t=a&ep=319130&extuid=9a4b8b79-ae1c-47a3-a090-c95a4d8aa9d6

Domain: sync.adtelligent.com
URL: https://sync.adtelligent.com/csync?&redir=https%3A%2F%2Ft.trafmag.com%2Fimages%2Fimages%2F1px-matching-adtelligent.gif%3Fid%3D%7Buid%7D

Domain: cm.g.doubleclick.net
URL: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YdSADxpzy9vvhxt1fdPBkAAABJcAAAAB&google_push=AYg5qPLRFeTnsq__mvaHbOYURcAaEQ_2KTRJCDVAj0lCm1ikujhTYZ8GVGbvt5r78Sektkm8PiBSjZ68dhgmt9PB8fjRBr7alwznDaejCy6lWnL4AcxAz5qFEUUIjt9JbkUKqA3rGVZm4EOEMa-mKQxQ7QU&google_gid=CAESEJZ1AOHUkiZOjk6-oHpxhZ8&google_cver=1

Verdicts & Comments Add Verdict or Comment

114 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

22 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.4k8k.xyz/	1970-01-20 17:26:28	Name: _ga_0PD9QC2HVB Value: GS1.1.1641316365.1.0.1641316365.0
.4k8k.xyz/	1970-01-20 17:26:28	Name: _ga Value: GA1.1.276829651.1641316365
.4k8k.xyz/	1970-01-20 09:16:52	Name: __gads Value: ID=c525264f51e0a682-22a1352d15cd0034:T=1641316365:RT=1641316365:S=ALNI_MYhi7IBg97Vm3njujZ0F72d1rLQzQ
.4k8k.xyz/	1970-01-20 17:26:28	Name: _ga_28FYVDFLZ1 Value: GS1.1.1641316365.1.0.1641316365.0
.adtelligent.com/	1970-01-20 02:09:11	Name: vmuid Value: 4e3e7df50115f2a9
.doubleclick.net/	1970-01-19 23:55:19	Name: DSID Value: NO_DATA
.doubleclick.net/	1970-01-20 09:16:52	Name: IDE Value: AHWqTUlJILnsFhddk6MzyLK9IcpYYcHSLrW79LWjMrjtcqcdcaf-ajsffNc93XGuUao
.hm.baidu.com/	1970-01-25 20:29:45	Name: HMACCOUNT_BFESS Value: 530681EC4A14915F
.mathtag.com/	1970-01-20 08:40:52	Name: uuid Value: f3bc61d4-800e-4901-b7b4-66be01c016a2
.redintelligence.net/	1970-01-20 02:04:52	Name: 8lcfmzhxc8d6_uid Value: 00b85bc9a85fc503
.quantserve.com/	1970-01-20 02:04:52	Name: d Value: EDIBCQGPJYEA
.quantserve.com/	1970-01-20 09:25:30	Name: mc Value: 61d4800f-17e2a-8c83a-c5cc6
.casalemedia.com/	1970-01-20 08:40:52	Name: CMID Value: YdSADxpzy9vvhxt1fdPBkAAA
.casalemedia.com/	1970-01-20 02:04:52	Name: CMPS Value: 5212
.agkn.com/	1970-01-20 08:40:52	Name: ab Value: 0001%3AQ3etJoLzmiAEf9ooTo8sJ93wMg6Khg1h
.agkn.com/	1970-01-20 08:40:52	Name: u Value: C\|0CEApZzyPKWc8jwAAAAAAAQ13AQCAAQpAAAAAAA
.casalemedia.com/	1970-01-20 02:04:52	Name: CMPRO Value: 1175
.casalemedia.com/	1970-01-19 23:56:42	Name: CMST Value: YdSAD2HUgA8A
.innovid.com/	1970-01-20 02:04:52	Name: uuid Value: edfbae1e-65ed-473d-88fd-56d758ba23ca-20220104 12:12:47
.4k8k.xyz/	1970-01-20 08:40:52	Name: Hm_lvt_1d3747cc5d2651b9ecf7f427156bbe34 Value: 1641316367
.4k8k.xyz/	1969-12-31 23:59:59	Name: Hm_lpvt_1d3747cc5d2651b9ecf7f427156bbe34 Value: 1641316367
.hit.gemius.pl/	1970-01-20 00:05:21	Name: Gtest Value: KlGTERXGQMGGE6OvqWFGmnoissGMXP8cXRbG

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YdSADxpzy9vvhxt1fdPBkAAABJcAAAAB&google_push=AYg5qPLRFeTnsq__mvaHbOYURcAaEQ_2KTRJCDVAj0lCm1ikujhTYZ8GVGbvt5r78Sektkm8PiBSjZ68dhgmt9PB8fjRBr7alwznDaejCy6lWnL4AcxAz5qFEUUIjt9JbkUKqA3rGVZm4EOEMa-mKQxQ7QU&google_gid=CAESEJZ1AOHUkiZOjk6-oHpxhZ8&google_cver=1 Message: Failed to load resource: net::ERR_TOO_MANY_REDIRECTS
network	error	URL: https://sync.adtelligent.com/csync?&redir=https%3A%2F%2Ft.trafmag.com%2Fimages%2Fimages%2F1px-matching-adtelligent.gif%3Fid%3D%7Buid%7D Message: Failed to load resource: net::ERR_CONNECTION_RESET

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

5994599.fls.doubleclick.net
adservice.google.co.uk
adservice.google.com
ag.innovid.com
cdn.contentspread.net
cm.g.doubleclick.net
cms.quantserve.com
d.agkn.com
dm.hybrid.ai
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
ghb.adtelligent.com
googleads.g.doubleclick.net
googlecm.hit.gemius.pl
googletagmanager.com
hal9000.redintelligence.net
hal90001.redintelligence.net
hm.baidu.com
pagead2.googlesyndication.com
papayads.net
partner.googleadservices.com
pixel.everesttech.net
pixel.mathtag.com
player.adtcdn.com
player.adtelligent.com
rtb.openx.net
securepubads.g.doubleclick.net
sync.adtelligent.com
tags.mathtag.com
tpc.googlesyndication.com
www.4k8k.xyz
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
cm.g.doubleclick.net
sync.adtelligent.com
103.235.46.191
142.250.184.230
142.250.185.162
142.250.185.66
18.196.159.27
185.29.132.242
2.18.233.201
2606:4700:3036::6815:456b
2606:4700:3037::6815:135b
2606:4700:3037::6815:3471
2620:116:800d:21:fcb8:22d2:d390:5f1b
2a00:1450:4001:808::200e
2a00:1450:4001:80e::2002
2a00:1450:4001:80e::2004
2a00:1450:4001:80e::2008
2a00:1450:4001:80f::200e
2a00:1450:4001:811::2002
2a00:1450:4001:811::2003
2a00:1450:4001:827::200a
2a00:1450:4001:82a::2008
2a00:1450:4001:82b::2003
2a00:1450:4001:82f::2001
2a00:1450:4001:830::2002
2a00:1450:4001:831::2002
2a05:d01c:1d8:8101:bbdc:e89a:212:4373
2a0c:5c81:5142::2
35.227.252.103
37.18.16.21
45.133.44.4
46.4.10.49
51.75.147.170
52.210.94.59
79.137.69.120
94.130.102.164
039177970b8453c8c7ed77c8e42b141366caa85c84ecb630e72cee7def232718
09d680df9435218ae5d842467aeddb4f64508b54c9d9ddf1f75c0c9cc957af9f
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
101ca499126798c16415d9649b1d4f8c036220129aecce42879f0a94ee4539e9
1037f1e0d1ae470df705a7179a41aa2c969aec5ff56771a7438edc74fc46a9f5
159413a4b8750494bbb5e668402c7298f1669e8bac8d9d8d250069026a988313
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
2656c507df9f1758610069bc09a3ff5aa77d41165fe22c91780a2c6affcef905
2d5ae5a515a688823dc98d032242c2ed6f490a74c4281bdd599567898f9fa675
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
316aae19d2184fe52ec31be241b7f05ad3c12e91c8bc39a38921bedd27317c72
33c7755e8b80e74dceea798df724a24b50b5c3d6208f6facc080735f6e468f92
35d6d73eec5b9cc5739d5d4c1d045fc691fd0c7bd527761ece95dc92839f3b09
36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627
389fea323237b8da675f0c2ab8b701a9a0637ec1e4bb3d4b6cc9ce5440abc1a5
4089060fef41304410d48a8638247f08e8f5858ff048c5c46ce30c6fe3c25879
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
5113c00934648617898af9a41c0afa5c24bfe7ee5ea8bd694d67231aa729a46a
53f0cf5f2fef7e5a938d553f62eb56266d1ac4e244eb7dcd40630614485fdacd
5446b28cda839e6bd15e6a852d14fdfe160f25284b766bb03c288ac60b16e7c4
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5750e404dee79ec463531c5b93847bbada31f7e3c6d88bfc48d8b09b8812f543
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5ca8b6d2614de2a82616dfe7e6236f94fe26ae0c8c61a8f9387aaf94c778b463
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6250b248f76811db2ba2882dbf7b7f4fceb79939f0caf532db1e0d24073c6dc5
66b4785335fee7e1ee6365b4d57f9b5671703a6b88a14f64468d722bcd0262e5
87f7f86b17eacf56e623a69be05e5f5487470d6b30347efe12742aefa3f5af48
88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96
8efff2d50d7174df851ad97f32145e5aff83173c342d10ac298f6c337a1b6078
94173610f20b407393b263e854b3947d670b28a9a7da3b5a6be2f6dd3694912a
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a2a49cd0233e350b9a97660c6f5112eda02f482168f4f08ac4612d53583db996
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4e4d0fdb133716022916f2cfcabfcb3b38dea7053404f16f19c535ece04f48b
a55ce131f1da7305649744a31712cf23da0d8914460754c3d8cca79d742a98de
ab0d063b4ff2827192c0e44103d3091457a1d2374c3b6243721c5679bb61eae2
ab7475d461d9f613ef90faa375ec3387987dd7536af23c13cacd6be9c0c0e370
ac443a266063eb2f00b23e057e3630574a9664098f90124a0570dca43a264bc4
ae807b4a00e74abb6f7c5c73d67fa54a4d10cf5052c3da4b9e7bd65a13b3a4a2
b138f0b28fe44581bebb03d0ff7046e4f8416deeb5d152ede640eaa3dc1c7872
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b261fc850bdb63a15c5fed88e38d232500d9c483ec5777afdee2f39a67f53be3
b4a25f11fbb1e2b547eaf848472f9c048824e307a945f3a0417aac7b09d0456e
b6c378ae10fd91f5cb998ec1cce5537b9ce076786fbbeb546caf3fc895cd1a5e
bc7731959f24eb86dc0127adfa88c91e71d68b5a0c958dae09aab1b34438256c
ca75d5b16e7d333d0004cde301e865d4aaf5675e33f6ed8d3525de6635c1c6a6
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cfe755927a343e6ee07bc2698c77072065d6c9e80a83c1ad5f339b9477c9aee6
d07717a66d37ee0f8988a0beb7b488f424941495083bdc0ac0a1fb54ff2ee05e
d853164105815c3ea423a95f095ee531f547ff1e12fba56a80be0f712c62929e
d9955b485ec10339d863941175c02572657bf9d4f6c5fa2e5603e7d803c1b8cf
dbea79f2df0b90afb4a54efb447d86eeb387be30ca8387fb69b069a46ae4896a
dc9735c5845867337a8fd01a6fdef5d8d12aa14d35eebb9104de461ef02030c5
de00b122423f369d5a67387814115e72e9712f9d86da43b9719991eb1008a88d
deb4cd0160f2989fdef85ae5782d0736e0e635b5d650c54edc801492ff14ddab
e2f43f6b7ddbd421caa2f283b114e810e158b5ed13d7fd35884b299303f3b464
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3f83665abf5c39a4fd6182bc8218c1a091bd71ac631354493de5ff119ee6fa0
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef471ae87ab2e7f3a54fead5fa77407cd7e2eb3ad9938dd91ecbec3cca433ef8
f0becff07a758ca2af13bd23de50285896df7294dcdaed3a1624105ffc5e4c38
f2d6839593a501d1337612b8c883c655a4609a5a865031249f05b8c9a0fa6c75
f2f530f531772f32853ab666257658968fd8b41e333eec8687749fa859d53364
f7e36640aa113de1f175df3b766701d50a0060c0149011bc9278ffd1f5c7f334
ffb89f1f1fa54e822805cddf1f6ec0492cd8b806b36a921eda855241d1eee914

www.4k8k.xyz Open in urlscan Pro 2606:4700:3036::6815:456b Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

97 Requests

79 %HTTPS

56 %IPv6

25 Domains

37 Subdomains

33 IPs

7 Countries

1397 kBTransfer

3794 kBSize

22 Cookies

0 Outgoing links

Redirected requests

97 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

www.4k8k.xyz Open in urlscan Pro
2606:4700:3036::6815:456b Public Scan

Screenshot
Live screenshot

Full Image

97
Requests

79 %
HTTPS

56 %
IPv6

25
Domains

37
Subdomains

33
IPs

7
Countries

1397 kB
Transfer

3794 kB
Size

22
Cookies

97 HTTP transactions
2 data transactions