www.secretchina.com Open in urlscan Pro
2606:4700:10::6814:4e9d Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://secretchina.com/
Effective URL:
https://www.secretchina.com/
Submission Tags: falconsandbox
Submission: On September 22 via api (September 22nd 2022, 4:15:19 pm UTC) from US — Scanned from DE

Summary HTTP 433 Redirects Links 14 Behaviour Indicators

Summary

This website contacted 43 IPs in 8 countries across 42 domains to perform 433 HTTP transactions. The main IP is 2606:4700:10::6814:4e9d, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.secretchina.com. The Cisco Umbrella rank of the primary domain is 551445.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 13th 2022. Valid for: a year.

This is the only time www.secretchina.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2606:4700:10:... 2606:4700:10::ac43:3a4	13335 (CLOUDFLAR...) (CLOUDFLARENET)
78	2606:4700:10:... 2606:4700:10::6814:4e9d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2a00:1450:400... 2a00:1450:4001:806::2008	15169 (GOOGLE) (GOOGLE)
17	2a00:1450:400... 2a00:1450:400d:805::2002	15169 (GOOGLE) (GOOGLE)
21	2a00:1450:400... 2a00:1450:400d:80d::2002	15169 (GOOGLE) (GOOGLE)
1	142.250.180.226 142.250.180.226	15169 (GOOGLE) (GOOGLE)
23	2a00:1450:400... 2a00:1450:400d:807::2002	15169 (GOOGLE) (GOOGLE)
2	2001:4860:480... 2001:4860:4802:36::178	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
4 17	2a00:1450:400... 2a00:1450:400d:80d::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80f::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c06::9c	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:801::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400d:806::2002	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:400d:804::2001	15169 (GOOGLE) (GOOGLE)
1	142.250.185.226 142.250.185.226	15169 (GOOGLE) (GOOGLE)
10	2a00:1450:400... 2a00:1450:400d:806::2001	15169 (GOOGLE) (GOOGLE)
36	2a00:1450:400... 2a00:1450:4001:810::2001	15169 (GOOGLE) (GOOGLE)
6	2600:1901:0:7... 2600:1901:0:76b9::	15169 (GOOGLE) (GOOGLE)
72	2606:4700:20:... 2606:4700:20::681a:bd1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5 7	2620:116:800d... 2620:116:800d:21:b314:a0ef:ab7c:d546	16509 (AMAZON-02) (AMAZON-02)
4	34.98.67.61 34.98.67.61	15169 (GOOGLE) (GOOGLE)
6	35.227.252.103 35.227.252.103	15169 (GOOGLE) (GOOGLE)
7	185.64.190.78 185.64.190.78	62713 (AS-PUBMATIC) (AS-PUBMATIC)
7 7	69.173.144.138 69.173.144.138	26667 (RUBICONPR...) (RUBICONPROJECT)
35	216.58.212.162 216.58.212.162	15169 (GOOGLE) (GOOGLE)
8 8	104.18.18.126 104.18.18.126	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7 7	23.7.201.234 23.7.201.234	16625 (AKAMAI-AS) (AKAMAI-AS)
6	2606:4700:20:... 2606:4700:20::681a:71b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a02:fa8:8806... 2a02:fa8:8806:12::1370	41041 (VCLK-EU-SE) (VCLK-EU-SE)
1 1	169.50.137.190 169.50.137.190	36351 (SOFTLAYER) (SOFTLAYER)
1	15.197.193.217 15.197.193.217	16509 (AMAZON-02) (AMAZON-02)
1 1	35.186.193.173 35.186.193.173	15169 (GOOGLE) (GOOGLE)
1	34.96.105.8 34.96.105.8	15169 (GOOGLE) (GOOGLE)
1 1	2600:9000:210... 2600:9000:2104:9c00:1b:5138:8a40:93a1	16509 (AMAZON-02) (AMAZON-02)
2 2	76.223.111.18 76.223.111.18	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:813::200a	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:400d:80a::2003	15169 (GOOGLE) (GOOGLE)
4	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
12	2606:4700:20:... 2606:4700:20::ac43:4a81	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a05:d01c:1d8... 2a05:d01c:1d8:8101:fce4:7d96:66d4:9311	16509 (AMAZON-02) (AMAZON-02)
10 10	142.250.185.134 142.250.185.134	15169 (GOOGLE) (GOOGLE)
7 11	92.123.17.141 92.123.17.141	16625 (AKAMAI-AS) (AKAMAI-AS)
3	148.251.139.77 148.251.139.77	24940 (HETZNER-AS) (HETZNER-AS)
2	2606:4700::68... 2606:4700::6812:7f05	13335 (CLOUDFLAR...) (CLOUDFLARENET)
9	3.11.195.34 3.11.195.34	16509 (AMAZON-02) (AMAZON-02)
4 4	84.200.5.215 84.200.5.215	44066 (DE-FIRSTC...) (DE-FIRSTCOLO www.first-colo.net)
1	88.99.63.132 88.99.63.132	24940 (HETZNER-AS) (HETZNER-AS)
1	78.46.85.162 78.46.85.162	24940 (HETZNER-AS) (HETZNER-AS)
6	18.66.15.79 18.66.15.79	16509 (AMAZON-02) (AMAZON-02)
5	18.66.15.50 18.66.15.50	16509 (AMAZON-02) (AMAZON-02)
14	18.133.56.86 18.133.56.86	16509 (AMAZON-02) (AMAZON-02)
433	43

1 2606:4700:10::ac43:3a4 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

secretchina.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

78 2606:4700:10::6814:4e9d (United States)

ASN13335 (CLOUDFLARENET, US)

www.secretchina.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
img5.secretchina.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
img3.secretchina.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
counter.secretchina.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:806::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2a00:1450:400d:805::2002 (Ireland)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 2a00:1450:400d:80d::2002 (Ireland)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.180.226 (United States)

ASN15169 (GOOGLE, US)
PTR: bud02s34-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 2a00:1450:400d:807::2002 (Ireland)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:36::178 (United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2a00:1450:400d:80d::2004 (Ireland) 4 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c06::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400d:806::2002 (Ireland)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:400d:804::2001 (Ireland)

ASN15169 (GOOGLE, US)

82949896b9ac300f85ab93d8e62ae5e8.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:400d:806::2001 (Ireland)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

36 2a00:1450:4001:810::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2600:1901:0:76b9:: (Kansas City, United States)

ASN15169 (GOOGLE, US)

prod-rtb.ad4mat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

72 2606:4700:20::681a:bd1 (United States)

ASN13335 (CLOUDFLARENET, US)

as.ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
assets.ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2620:116:800d:21:b314:a0ef:ab7c:d546 (United States) 5 redirects

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 34.98.67.61 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 61.67.98.34.bc.googleusercontent.com

odr.mookie1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 35.227.252.103 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 103.252.227.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 185.64.190.78 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 69.173.144.138 (Frankfurt am Main, Germany) 7 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

35 216.58.212.162 (United States)

ASN15169 (GOOGLE, US)
PTR: ams15s22-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 104.18.18.126 (None, ) 8 redirects

ASN13335 (CLOUDFLARENET, US)

ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 23.7.201.234 (Vienna, Austria) 7 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-7-201-234.deploy.static.akamaitechnologies.com

e.dlx.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700:20::681a:71b (United States)

ASN13335 (CLOUDFLARENET, US)

static-de.ad4mat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:fa8:8806:12::1370 (Singapore)

ASN41041 (VCLK-EU-SE, US)

dclk-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 169.50.137.190 (United States) 1 redirects

ASN36351 (SOFTLAYER, US)
PTR: be.89.32a9.ip4.static.sl-reverse.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 15.197.193.217 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.193.173 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com

gcm.ctnsnet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.96.105.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.105.96.34.bc.googleusercontent.com

tr.blismedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2104:9c00:1b:5138:8a40:93a1 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

s.ad.smaato.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 76.223.111.18 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:400d:80a::2003 (Ireland)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

id.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2606:4700:20::ac43:4a81 (United States)

ASN13335 (CLOUDFLARENET, US)

ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a05:d01c:1d8:8101:fce4:7d96:66d4:9311 (London, United Kingdom)

ASN16509 (AMAZON-02, US)

ag.innovid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 142.250.185.134 (United States) 10 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 92.123.17.141 (Vienna, Austria) 7 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a92-123-17-141.deploy.static.akamaitechnologies.com

www.awin1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.zenaps.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 148.251.139.77 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.77.139.251.148.clients.your-server.de

banner.congstar.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:7f05 (United States)

ASN13335 (CLOUDFLARENET, US)

www.conrad.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 3.11.195.34 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-11-195-34.eu-west-2.compute.amazonaws.com

track.webgains.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 84.200.5.215 (Germany) 4 redirects

ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE)

www.telefonica-partner.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.lead-alliance.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 88.99.63.132 (Nuremberg, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: nonstopads3.sunbonet.de

partner.o2online.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 78.46.85.162 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: nonstopads1.sunbonet.de

partner.blau.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 18.66.15.79 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-15-79.vie50.r.cloudfront.net

analytics.webgains.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 18.66.15.50 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-15-50.vie50.r.cloudfront.net

cdn.track.production.webgains.team	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 18.133.56.86 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-133-56-86.eu-west-2.compute.amazonaws.com

api.webgains.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
84	ad4m.at as.ad4m.at — Cisco Umbrella Rank: 27692 ad4m.at — Cisco Umbrella Rank: 2111 assets.ad4m.at — Cisco Umbrella Rank: 34810	3 MB
79	secretchina.com 1 redirects secretchina.com — Cisco Umbrella Rank: 446772 www.secretchina.com — Cisco Umbrella Rank: 551445 img5.secretchina.com img3.secretchina.com — Cisco Umbrella Rank: 995320 counter.secretchina.com — Cisco Umbrella Rank: 941783	2 MB
76	doubleclick.net 10 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 180 googleads.g.doubleclick.net — Cisco Umbrella Rank: 41 stats.g.doubleclick.net — Cisco Umbrella Rank: 79 cm.g.doubleclick.net — Cisco Umbrella Rank: 210 ad.doubleclick.net — Cisco Umbrella Rank: 178	337 KB
63	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 105 82949896b9ac300f85ab93d8e62ae5e8.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 142	549 KB
20	webgains.io analytics.webgains.io — Cisco Umbrella Rank: 23027 api.webgains.io — Cisco Umbrella Rank: 59421	511 KB
19	google.com 4 redirects www.google.com — Cisco Umbrella Rank: 2 adservice.google.com — Cisco Umbrella Rank: 75	2 KB
12	ad4mat.net prod-rtb.ad4mat.net — Cisco Umbrella Rank: 120642 static-de.ad4mat.net — Cisco Umbrella Rank: 157656	24 KB
10	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 359	217 KB
9	webgains.com track.webgains.com — Cisco Umbrella Rank: 48798	63 KB
9	awin1.com 5 redirects www.awin1.com — Cisco Umbrella Rank: 16122	6 KB
9	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 190	376 KB
8	casalemedia.com 8 redirects ssum-sec.casalemedia.com — Cisco Umbrella Rank: 438	8 KB
7	addthis.com 7 redirects e.dlx.addthis.com — Cisco Umbrella Rank: 1728	5 KB
7	rubiconproject.com 7 redirects pixel.rubiconproject.com — Cisco Umbrella Rank: 335	3 KB
7	pubmatic.com image6.pubmatic.com — Cisco Umbrella Rank: 648	412 B
7	quantserve.com 5 redirects cms.quantserve.com — Cisco Umbrella Rank: 1020	2 KB
6	gstatic.com www.gstatic.com	37 KB
6	openx.net rtb.openx.net — Cisco Umbrella Rank: 1505	740 B
5	webgains.team cdn.track.production.webgains.team — Cisco Umbrella Rank: 69591	272 KB
5	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 62	247 KB
4	rlcdn.com id.rlcdn.com — Cisco Umbrella Rank: 561	158 B
4	mookie1.com odr.mookie1.com — Cisco Umbrella Rank: 947	584 B
4	google.de www.google.de — Cisco Umbrella Rank: 6352 adservice.google.de — Cisco Umbrella Rank: 9081	2 KB
3	congstar.de banner.congstar.de — Cisco Umbrella Rank: 82540	2 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 27 region1.google-analytics.com — Cisco Umbrella Rank: 2989	20 KB
2	lead-alliance.net 2 redirects www.lead-alliance.net — Cisco Umbrella Rank: 67557	663 B
2	telefonica-partner.de 2 redirects www.telefonica-partner.de — Cisco Umbrella Rank: 66793	429 B
2	conrad.de www.conrad.de — Cisco Umbrella Rank: 73156	1 KB
2	zenaps.com 2 redirects www.zenaps.com — Cisco Umbrella Rank: 20138	1 KB
2	innovid.com ag.innovid.com — Cisco Umbrella Rank: 1423	591 B
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 40	2 KB
2	3lift.com 2 redirects eb2.3lift.com — Cisco Umbrella Rank: 407	950 B
2	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 128 partner.googleadservices.com — Cisco Umbrella Rank: 857	16 KB
1	blau.de partner.blau.de — Cisco Umbrella Rank: 87243	1 KB
1	o2online.de partner.o2online.de — Cisco Umbrella Rank: 78892	1 KB
1	smaato.net 1 redirects s.ad.smaato.net — Cisco Umbrella Rank: 696	442 B
1	blismedia.com tr.blismedia.com — Cisco Umbrella Rank: 2350	173 B
1	ctnsnet.com 1 redirects gcm.ctnsnet.com — Cisco Umbrella Rank: 45393	612 B
1	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 342	265 B
1	simpli.fi 1 redirects um.simpli.fi — Cisco Umbrella Rank: 833	713 B
1	dotomi.com dclk-match.dotomi.com — Cisco Umbrella Rank: 3005	104 B
0	gemius.pl Failed googlecm.hit.gemius.pl Failed
433	42

	Domain	Requested by
46	www.secretchina.com	www.secretchina.com
36	assets.ad4m.at	as.ad4m.at
36	tpc.googlesyndication.com	www.secretchina.com 82949896b9ac300f85ab93d8e62ae5e8.safeframe.googlesyndication.com googleads.g.doubleclick.net securepubads.g.doubleclick.net tpc.googlesyndication.com
35	cm.g.doubleclick.net	82949896b9ac300f85ab93d8e62ae5e8.safeframe.googlesyndication.com googleads.g.doubleclick.net www.secretchina.com
29	img5.secretchina.com	www.secretchina.com
24	ad4m.at	as.ad4m.at ad4m.at
24	as.ad4m.at	82949896b9ac300f85ab93d8e62ae5e8.safeframe.googlesyndication.com googleads.g.doubleclick.net as.ad4m.at ad4m.at
21	pagead2.googlesyndication.com	www.secretchina.com pagead2.googlesyndication.com 82949896b9ac300f85ab93d8e62ae5e8.safeframe.googlesyndication.com googleads.g.doubleclick.net securepubads.g.doubleclick.net tpc.googlesyndication.com
17	www.google.com	4 redirects www.secretchina.com 82949896b9ac300f85ab93d8e62ae5e8.safeframe.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com
17	securepubads.g.doubleclick.net	www.secretchina.com securepubads.g.doubleclick.net
14	api.webgains.io	analytics.webgains.io
13	googleads.g.doubleclick.net	pagead2.googlesyndication.com www.googleadservices.com googleads.g.doubleclick.net www.secretchina.com
10	ad.doubleclick.net	10 redirects
10	cdn.ampproject.org	securepubads.g.doubleclick.net
9	track.webgains.com	as.ad4m.at
9	www.awin1.com	5 redirects as.ad4m.at
9	www.googletagservices.com	www.secretchina.com 82949896b9ac300f85ab93d8e62ae5e8.safeframe.googlesyndication.com googleads.g.doubleclick.net
8	ssum-sec.casalemedia.com	8 redirects
7	e.dlx.addthis.com	7 redirects
7	pixel.rubiconproject.com	7 redirects
7	image6.pubmatic.com	82949896b9ac300f85ab93d8e62ae5e8.safeframe.googlesyndication.com googleads.g.doubleclick.net
7	cms.quantserve.com	5 redirects 82949896b9ac300f85ab93d8e62ae5e8.safeframe.googlesyndication.com
6	analytics.webgains.io	track.webgains.com
6	www.gstatic.com	googleads.g.doubleclick.net
6	static-de.ad4mat.net	as.ad4m.at
6	rtb.openx.net	82949896b9ac300f85ab93d8e62ae5e8.safeframe.googlesyndication.com googleads.g.doubleclick.net
6	prod-rtb.ad4mat.net	www.secretchina.com googleads.g.doubleclick.net
6	82949896b9ac300f85ab93d8e62ae5e8.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
5	cdn.track.production.webgains.team	as.ad4m.at track.webgains.com
5	www.googletagmanager.com	www.secretchina.com www.googletagmanager.com
4	id.rlcdn.com	82949896b9ac300f85ab93d8e62ae5e8.safeframe.googlesyndication.com googleads.g.doubleclick.net
4	odr.mookie1.com	82949896b9ac300f85ab93d8e62ae5e8.safeframe.googlesyndication.com googleads.g.doubleclick.net
3	banner.congstar.de	as.ad4m.at
2	www.lead-alliance.net	2 redirects
2	www.telefonica-partner.de	2 redirects
2	www.conrad.de	as.ad4m.at
2	www.zenaps.com	2 redirects
2	ag.innovid.com	82949896b9ac300f85ab93d8e62ae5e8.safeframe.googlesyndication.com googleads.g.doubleclick.net
2	fonts.googleapis.com	googleads.g.doubleclick.net
2	eb2.3lift.com	2 redirects
2	adservice.google.com	securepubads.g.doubleclick.net pagead2.googlesyndication.com
2	adservice.google.de	securepubads.g.doubleclick.net pagead2.googlesyndication.com
2	www.google.de	www.secretchina.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	img3.secretchina.com	www.secretchina.com
1	partner.blau.de	as.ad4m.at
1	partner.o2online.de	as.ad4m.at
1	s.ad.smaato.net	1 redirects
1	tr.blismedia.com	82949896b9ac300f85ab93d8e62ae5e8.safeframe.googlesyndication.com
1	gcm.ctnsnet.com	1 redirects
1	match.adsrvr.org	82949896b9ac300f85ab93d8e62ae5e8.safeframe.googlesyndication.com
1	um.simpli.fi	1 redirects
1	dclk-match.dotomi.com	82949896b9ac300f85ab93d8e62ae5e8.safeframe.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	region1.google-analytics.com	www.googletagmanager.com
1	www.googleadservices.com	www.googletagmanager.com
1	counter.secretchina.com	www.secretchina.com
1	secretchina.com	1 redirects
0	googlecm.hit.gemius.pl Failed	82949896b9ac300f85ab93d8e62ae5e8.safeframe.googlesyndication.com
433	60

This site contains links to these domains. Also see Links.

Domain
www.youtube.com
m.secretchina.com
e-paper.kanzhongguo.com
account.secretchina.com
www.shenyuncreations.com
www.tuidang.org
trad.cn.rfi.fr
eepurl.com
zh-cn.shenyun.org
www.ganjingworld.com
justgoodluck.com
dongtaiwang.com
wujieliulan.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-13` - `2023-06-13`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-08-29` - `2022-11-21`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-08-29` - `2022-11-21`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2022-09-05` - `2022-11-28`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-08-29` - `2022-11-21`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-09-05` - `2022-11-28`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-08-29` - `2022-11-21`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-09-05` - `2022-11-28`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-08-29` - `2022-11-21`	3 months	crt.sh
misc-sni.google.com GTS CA 1C3	`2022-09-05` - `2022-11-28`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-09-05` - `2022-11-28`	3 months	crt.sh
prod-rtb.ad4mat.net GTS CA 1D4	`2022-08-16` - `2022-11-14`	3 months	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2022-08-09` - `2023-09-09`	a year	crt.sh
*.mookie1.com DigiCert TLS RSA SHA256 2020 CA1	`2022-02-24` - `2023-03-27`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2022-07-21` - `2023-08-21`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2022-06-13` - `2023-07-14`	a year	crt.sh
*.dotomi.com GlobalSign RSA OV SSL CA 2018	`2022-08-09` - `2023-09-10`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2022-03-31` - `2023-05-02`	a year	crt.sh
tr.blismedia.com GTS CA 1D4	`2022-08-18` - `2022-11-16`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-08-29` - `2022-11-21`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-09-05` - `2022-11-28`	3 months	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2022-02-03` - `2023-02-25`	a year	crt.sh
*.innovid.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2022-03-15` - `2023-04-15`	a year	crt.sh
www.awin1.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-04-18` - `2023-04-19`	a year	crt.sh
*.webgains.com Amazon	`2022-06-14` - `2023-07-13`	a year	crt.sh
*.webgains.io Amazon	`2022-08-23` - `2023-09-21`	a year	crt.sh
cdn.track.production.webgains.team Amazon	`2022-08-08` - `2023-09-06`	a year	crt.sh

This page contains 47 frames:

Primary Page: https://www.secretchina.com/
Frame ID: 8DF547759B08B648F37AE02513CE1F43
Requests: 117 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220919/r20190131/zrt_lookup.html
Frame ID: 9C9C2F3FCC0C76EE758882DBE69AD0B6
Requests: 1 HTTP requests in this frame

Frame: https://82949896b9ac300f85ab93d8e62ae5e8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 452217325E5AA8AB39A0FBA997862465
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1276641434651360&output=html&adk=1812271804&adf=3025194257&lmt=1663863309&plat=1%3A16777216%2C9%3A32904%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.secretchina.com%2F&ea=0&pra=5&wgl=1&easpi=0&asntp=0&asntpv=0&asntpl=0&asntpm=0&asntpc=0&asna=5&asnd=5&asnp=5&asns=5&asmat=1&asptt=-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663863309073&bpp=5&bdt=841&idt=409&shv=r20220919&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4919006936931&frm=20&pv=2&ga_vid=1254467972.1663863309&ga_sid=1663863309&ga_hid=40775171&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44767667%2C44771548%2C21066434%2C31062931&oid=2&pvsid=1944477135176017&tmod=126481747&uas=0&nvt=1&fsapi=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=435
Frame ID: 4E4B2B49CF9F7D86E9306F25CC4748CA
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1276641434651360&output=html&h=250&slotname=8643744899&adk=4247685595&adf=2077365685&pi=t.ma~as.8643744899&w=300&lmt=1663863309&psa=0&format=300x250&url=https%3A%2F%2Fwww.secretchina.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663863309078&bpp=2&bdt=846&idt=441&shv=r20220919&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4919006936931&frm=20&pv=1&ga_vid=1254467972.1663863309&ga_sid=1663863309&ga_hid=40775171&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=832&ady=3983&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44767667%2C44771548%2C21066434%2C31062931&oid=2&pvsid=1944477135176017&tmod=126481747&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=JcYJJHeZW2&p=https%3A//www.secretchina.com&dtd=448
Frame ID: E7EFF889386DBF80385F5BAF98E5255B
Requests: 8 HTTP requests in this frame

Frame: https://82949896b9ac300f85ab93d8e62ae5e8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: E6B34872F48876416B9C2A65A366F369
Requests: 9 HTTP requests in this frame

Frame: https://82949896b9ac300f85ab93d8e62ae5e8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 6733F54D04EE594F1FF28DF2CD6E63DD
Requests: 9 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012209072154000/amp4ads-v0.mjs
Frame ID: 85B97045DA258EA222365312C6D2DE70
Requests: 13 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1k18xfz2q6qky9x7phpjs314xay6barkah7ycbj4b2pk2yzr26dmfxecr4tw5qstbw1dxrsd2388ed6kw7f36yetxgb4kt8f01mfqs98sqjvq05fcpjtp143d22x4rkzrqmjgkpk9v54eyn396c3ewnnbfh2dn30g3ccf7x7b31kg9bgvnhmzv4bp5mkcya3snjf0rnwkj4m6g62g2zkf2qf00bpfj5x03z0x4n5y3qph5skc33f57y0wjr5zq88nbn29qch4gez1p3b3k9ym4hr4a0jbqway3keg353rf8ypb3zhxay33st3zhbg8sfycgdqmbntd3tmv2q65c5ej1scd301ch8h0xcs2k73sdm41871t7ypa8bhy53393e4hq8ypnk2zs0786kcb9sfs69eqnh94p1&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCLk-BDYosY_b-H4zu3gOFj7yYCJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTEyNzY2NDE0MzQ2NTEzNjCgAcKu6N0DyAEJqQJytCsqX4mwPuACAKgDAaoEkwJP0NzPBm30HQzy1Ho9kFRPUhjh2lIQDxjcauTEsDDAmkvTJxe0wHz_B-JJxcP0MNQGyWXEHKWnRSwW3QlK8OyS0y3FMEy4g7kbveaCf4Hrz71go-2ZMPYTqZbRkZLe7kEO51fOnw7pY3105GWkHuwbXuMgeTnLHOcocUwcSI2etyUKgMdSmoqbX2rqXAkk3pMqqn0GSGQcACEteaK1EigxTGs_ramlV2JtZZIsM9Cty5Z3yG4R1D0K_JtJ9Z2ZPlT9Auwj-Zac5X7vF_A5Q0V3oupuRQdUy24owghuvcY_LUtj9-_HkkXzfQ-NZEXqc2I4g90SrMUaVFKXSyQQtT0qS7F90gTYkf9cc1eOc0VjONX66OAEAYAGv8uJxrfT-dFboAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2jJRgiVXjgZri6ziBY-Q12dASoWw%26client%3Dca-pub-1276641434651360%26adurl%3D
Frame ID: A95885A61E19B4F6BD7E7BBE845D2F82
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: C879DE42AAED5A9F0023B3342CFBFCAD
Requests: 9 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1kph083wevzmw8x96t6bprv2jt8s98hdv0yasw1sxb6mrck2pqf76fvfcfqsdqbrz37cm6e4q579z0rxm7zymfft5mend32t9717aaajrm8jt3ptszswva2p5k99qsrxcqhxd3mdx38re6v053jv6b63h5qm4md1h2n6k3cb507zr9xz2h5sdhc7b2j2zj9xptksvzq455zyj5dpx4wac67he3mx60s0mzfc80c6vt878gbq1xds153dwjpp0hdgtqswghgt8mmbzce5apz1tbh06cr25c962mshyae6n1kbszqbeacd81y9dpjag5tbadz2j08amzdexyeg403hw4y8mr6qmv2x085200ktamp9x9stss1dcjq7p3mq4d50r2mm1pdcxgfsca7cs69j33ema6z7dztkyg&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCo8u0DYosY-GGKKeQ78EPp6KvmAuQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0xMjc2NjQxNDM0NjUxMzYwoAHCrujdA8gBCakCLi0QhmKOsD6oAwGqBOoBT9ARCigLB4Ud3VwMcxQqWZKT9eM4d3gP9FOWz16aOKhPNB0_OhZFkAUkzhHvuUq3at-aOa-le-Ldq3kjK1nzVbj1iNJKHLwtiHltELYT10UcrmlDykeNAXtg5GAO8thcoYYrZJGKvuhooYf__0zkGWxFvpnux3GBoLje9ECqcECZXq9DhKOKJ8PsWBlWOjClD9PWrBU5SGUB2hT5cT8x0fzWeWglAO3ws6qOgTWvptBXW-qho7jIKRjaYurCzPb3ZS7tp1JmxAD2frSUpLG2MOLZTvYHygm12GBB2cCLJ2W-TnhmS3ZJqzeVgAbxur7BzIOftfwBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3p4uolVJNVC0aDHq4ngYT2MOQ4sg%26client%3Dca-pub-1276641434651360%26adurl%3D
Frame ID: 38CD8622CC064BD2526D3B7601572C4C
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 7FA56277B5275CA03649EC2B124E65DB
Requests: 9 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012209072154000/amp4ads-v0.mjs
Frame ID: 8F293A4B057BE178C19682070AA6D852
Requests: 13 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1je9vfr3hk2n943dhw7v4rc98mmfb2srxd27avm7qmvypjf5mns5kd7zm69gsv1a910j54mv0smfbxfqdvbzrr132647ng12n8yv52k4d6smvc17d606qggwqrf5qg5r7a9nfa9zj786jv3n3w0sghn5hmcv63thazt0qj6r080hch6rjvc1mkbaezpvfc2mc78swee4gmag1yz84vxd6bt64cj7er9yzw2vhtevh22j6pjsvv0sym51byb0fzpx2px7hfm54jfz3bdewg4gcg8y9ht5hynn3q2rnaw2tjwzhvenb661bwtr4rhqwpsy2maxynfmkmqx77kb6229h8v74g7cx6waebqph8vfk9tcyj6282av3wxtg87s97mng9dzytmj85dzxnpm12jf84tg3061bnmg&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCnjuKDYosY-i1H9Gi3gPUyJ_wDpDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTEyNzY2NDE0MzQ2NTEzNjCgAcKu6N0DyAEJqQIuLRCGYo6wPuACAKgDAaoEkwJP0D6CFnPu0-BEOcw3E6RU9jjxixi3W4aGGMhhWe5UJZowSi1stQAeVmQZKx310VPNYx89TQdOnlGnKUTGwvzB_Wbs2C2pLiFEXVkdxYoX3AVEC2dYLUk8cvlL2_LL_YJrxEk7lYuBXIiFkRMIqjq6rnoGmwiilgfjnyGiQMGWNM9MEHM0YTSJShVJS5uQKdNjcaP_RohowQ-dJruu-WtNDCb3XuivPplAh7AwhcLSelKrGU3H8ON0DRGveKk895pgq34ukE_1GqwfXWL4jZm3wJOJhy28O1ZTqD-mgfEWZQFdsqFnI5M29C5tiL3Iz6UjEVBrevtPsJmmSmG0il4HfbRcjxuQdtNq6GNTvboW_2dihOAEAYAGv8uJxrfT-dFboAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0qa8hWRsRMYyzO_Dkf2k12ejc1wA%26client%3Dca-pub-1276641434651360%26adurl%3D
Frame ID: 54B967DE4EE26C34682F7BF536AFEACF
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 7A912469ED4E9F7EAF1C7D9E1EEC80DC
Requests: 9 HTTP requests in this frame

Frame: https://82949896b9ac300f85ab93d8e62ae5e8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: DD7C2B5C54A025B448C4C21980506AE9
Requests: 9 HTTP requests in this frame

Frame: https://82949896b9ac300f85ab93d8e62ae5e8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 1CF51C0CB03079ED5DDEA4471FFE7C56
Requests: 9 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: 0CAC9D8C38A35D57D0AABF362FB39A95
Requests: 1 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: F5ECA8AFCA71D7515C0C48FE471EB06A
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220919/r20110914/zrt_lookup.html?fsb=1
Frame ID: E01C80417819F1D1CE58128AB43E40ED
Requests: 6 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220919/r20110914/zrt_lookup.html?fsb=1
Frame ID: 36C197AA87BC45E4F4A4869F47662B70
Requests: 10 HTTP requests in this frame

Frame: https://82949896b9ac300f85ab93d8e62ae5e8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: CD7DC70F959EEA1EC2B408C0ADAD613D
Requests: 9 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1kjtg790vfj0tv3860ntyzxsmzjfqsvf2pft7f6wf0jxqnpymscwh958hp37kxdektj3ecn3t7pndbg6tmc3z048xyms8xhmqjmdncwpmcd6agcwb41djnstpjk225stkw03pdfq9mass3ct81dk436b0qnsd2v5kwea1vd9hd2q7wb6pqhzyr9jjhbq1vkv7kx45r4bj84vx7c7f3tktvs289ryfysk4w3wp467ek9zem5vt4tc8yje9tskn1t576ckz5afpq14yjmeym2vttxw1rz78n0jk6hcf9nyrmf4rnzd3g27zr27zgrvkqrqhk6c3vpr0cyffj5qdy72ffmbskkdzvhtzav1zcxy56pbb1bg8kzzh0f61hswpymkb1jp7fan7ps8v0d7t3g88a7ysyya2444&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCHWK4DYosY_KzL9KprASw-rvABJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTEyNzY2NDE0MzQ2NTEzNjCgAcKu6N0DyAEJqQIuLRCGYo6wPuACAKgDAaoEkAJP0HuRmZSdj-T_urpqJeAzggjDUDltRPbxmp0Jc1Q-burtz8rc0707FVZ_MAwjwfcI9eT6lNeUnC_9T1wPiUv62fHOIzzxiwsi_9pip_8X78tESeEcKWScWQ3rtcWLLJ31uXl2j8GJ2ynpOs-EPVm17YYW7GFshEafdx4Dlha8kX7ls9kgZjyxnNci2z3Gi8PpViUc5xDfAl_ezbxAii_4NvehnKPgyANViCt2c-j2Fbufc2sRGtREkq_3dkYO-kekEyBhJXz7e0KBi-Lb8uXWzw8Dw5WsfBMZ3esD0TdLWoIGQnmPxZKSxqecLloWFRYLiKKjW4ZHEaLpwfBLIUZV6exdzuVVBMmCGaCtvDTCBOAEAYAGv8uJxrfT-dFboAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0rg4TMi1rEWj0fpEc_p4_XmWQMXw%26client%3Dca-pub-1276641434651360%26adurl%3D
Frame ID: CF93CFC0098F9B08706333E35D2DBFED
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: E21DC77E3DB7E17EDE862DBEBB76A68A
Requests: 9 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1g5jfej2kvdnxfg0mzfadv1c713wq36ds2mcjq7ygspkkhfmfmjma49pze6haxrx366gpye7gh0te5ymbqvrgz73by0zft3bxdv4wm54v3gynsbxwwbj71xhsg9jbwhhgxkxwmjha7b5scywwtw2cwvqx43sgj2eqc7ev01w4anzc5tzsdtr6191p1e8rfvqqfrejte0f15f3msa498x103p832x2p8qkj5v6bpct00vjznaf0xhf5axg0552gpkx6w6rq0j4ns448f5g5x2hvb2fmywh2vr8rgbc73r3henpqbjd04edan33d64mp4225xh836b4z7x96v5zqgw5fe2jg991p5e5h3zm1xv9bg2ykky374aeyp2s1a9r6hyhh1b778ct0dy9ydqkpg8p3pf00a2rkkz&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC3lCADoosY6jpBqXH3gOZ5JWIBJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTEyNzY2NDE0MzQ2NTEzNjCgAcKu6N0DyAEJqQIuLRCGYo6wPuACAKgDAaoEkQJP0NoYi9FYHQWhNM3Wn_xvJlS210HholWBIvR6IZzwTBZD1CJLYV0sjWU2tmXdHDgC81NjgYIQrOfE9X1kX23Dc9ylCWviynz8A0W2EK9kN1MKK-xk8U3adznRfS2ver8CB_vc0VaAzwkz6MBI3_zDH7tBMzt0HoZSHdbxILdqQsEdzFWLNiX16enGjHpsz2wLtPagfk3gmlDhwHuDUXyDQCZ3WHmHuyYa7KvULI77BeqECi9gtguOz1PHLj8NNq1KSwNS9wZNfgxytqhm9sA0MByAeAj1fFx4msWXmKX7NuyDcRR7GawymQoK8OjWm-LPF66II7_gZFimXgPFzh8Gh8HpXMMVAuKfA_HP4W93WSbgBAGABr_Lica30_nRW6AGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1XAk5I2W0F_xNOk2wvfC2j7UuKWQ%26client%3Dca-pub-1276641434651360%26adurl%3D
Frame ID: 98891FB13D3FB65A258E05A67BD75FE5
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 72F9AB02AB4DC9229EEBB741AE75AD58
Requests: 9 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: 14EDB854D183CB23AFF31F00ADD6FD68
Requests: 1 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1h9dk1w51bkkpw38tv98bb6a8jtk513rfqvq51sbe7s4ewnak40k2h9z4vc5texe79q4nydgb1j45nvm6dq7sqyhxaasq1axrssk0c58g13zdhwfhp9464vhvv16ebv14wkck58tzvkrm4vmj9vaf4rtc5wthnynafck3sfhx8336xf7rtvrh1fdbf3cwccnt73k9t2yzrmscqn0h56vy92mqrg3x8vcrsbqj0b54d9a4vjgxjpwvthvp1s6x9081tb022jrhp2n20h8abjy1r2w8gpg6k13pyny1b0b4dgtvgt4sh0veh4w4477temerkeh9zvzz5mvvrw4pbwee3dhd0dkhenqs7tqcs5gbmatxj0y160rrkn7d3jtymf5y1nrhgk7a4zvwpp0fg1ab7rx8c8fv4a6&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCHD-JDoosY__uEteGjuwP3oaSkAqQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0xMjc2NjQxNDM0NjUxMzYwoAHCrujdA8gBCakCLi0QhmKOsD7gAgCoAwGqBJACT9BmouPZbLVQ9ib4JGHIeWIHB1gRCfQGzI4U37WJT7mSE1E3sI4VOroH2CcIK0NASODSRekDHLB18Xylws3j0KQdwmlVQvpDd7X7LEQrU-ywaM1rH4NIZdQ7reu77EK7ZZnspKUx-fnDaKBOlQxfHnMVOsyMl07uzFE_ghyHhV6F6RFJ8Tb-aeSHTkOQQ5sKdrDdGMtfLhU8HiDYCGl-8VB4OBvY-9UgyUYjWQtpJ6oKZlcUN_DgbtkY6KVU8JsOQEZX4rlXjUk7MJ8nqLfGOSEmiwu3sSQQqw9hAGY_1whS-yXIA8saspuLAudO51Frd_IH3QNZR5VnUDS8fZW_iF0B54thoxEpNXoyPLtAIAXgBAGABr_Lica30_nRW6AGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2CPKrYPM6QwJIIZ3wICQOCLldv1g%26client%3Dca-pub-1276641434651360%26adurl%3D
Frame ID: 0ADC1EF1468AB69948EF4249E24AB4D4
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 9E0943FFAC252043D57CC8E40AC3DC08
Requests: 9 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: D3008A19D45B53ED5874A47F2E0ED1ED
Requests: 1 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: 6B6F8D436C47D0D51FC098740415E68A
Requests: 8 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: 74BE05690815AE00D7CAC777FF3185C7
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: EB9C01208FBB5BECDFD7F1890B40D1A1
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: FAB1023F6B4C14A835C83252B88E1974
Requests: 9 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=186460%2C24673%2C14019&b=q4VSmfWfJWr1TZHgHDtJtZG5UeSgTA2ja3%2C4rehEf5fRAzhGH9HdtAtmJAsbSpTr6XuK%2CRx6fgfQfZx7TkHwH3tQtdWgf9SzTmqbF7&f=Rx6fgfQfG6wACkHwH3tzCPzJu9SzTmqbF7%2Cr2GcQf9fd3jTAH7HjtJCBwxuYS8TKxdhd%2CQxef4fjfbV7txH5HYt9CZekh6S4T5qBcV&c=300&d=250&e=&g=3154fa04860da739017c7ddf52715584%2F14494824074150942501&i=25174%2C20430%2C21596&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1663863310983&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kz9qtkvq5t5z66amjqjj4ecm8dfesrdz6fjnckqqnkepcv3gm32w48507fzgreaq1ve2d02y9c4f8p78rxs0wd423vp84ptp043cpwe74hdb0kx5jss1mk8bsqr5edrnk0saht594q5ax68wer6frm2c2e6pv507s6s5ynpv3fnz8g2v8se1966nhh3cb31sy38fwr856te6kzwnzcn1e7ztfgdhxzp6x81s9qqqrscp0sv52ghxvbrqp42mh6wtsmyd1nw3fgkm%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCo8u0DYosY-GGKKeQ78EPp6KvmAuQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0xMjc2NjQxNDM0NjUxMzYwoAHCrujdA8gBCakCLi0QhmKOsD6oAwGqBOoBT9ARCigLB4Ud3VwMcxQqWZKT9eM4d3gP9FOWz16aOKhPNB0_OhZFkAUkzhHvuUq3at-aOa-le-Ldq3kjK1nzVbj1iNJKHLwtiHltELYT10UcrmlDykeNAXtg5GAO8thcoYYrZJGKvuhooYf__0zkGWxFvpnux3GBoLje9ECqcECZXq9DhKOKJ8PsWBlWOjClD9PWrBU5SGUB2hT5cT8x0fzWeWglAO3ws6qOgTWvptBXW-qho7jIKRjaYurCzPb3ZS7tp1JmxAD2frSUpLG2MOLZTvYHygm12GBB2cCLJ2W-TnhmS3ZJqzeVgAbxur7BzIOftfwBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3p4uolVJNVC0aDHq4ngYT2MOQ4sg%2526client%253Dca-pub-1276641434651360%2526adurl%253D&y=1&s=&z=0
Frame ID: 3FEB135CCAAAC32019437419B35D37C8
Requests: 14 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=22451%2C24673%2C14019&b=PxefBfbfM5Qa9HjHbtMtR5KaJS9TPM7Fp%2C4rehEf5fRAzhGH9HdtAtmJAsbSpTr6XuK%2CRx6fgfQfZx7TkHwH3tQtdWgf9SzTmqbF7&f=bM4CQfZfmzVaYHbHzt8Cpb1tbSJT5WecJ%2Cr2GcQf9fd3jTAH7HjtJCBwxuYS8TKxdhd%2CQxef4fjfbV7txH5HYt9CZekh6S4T5qBcV&c=728&d=90&e=&g=f53bc385ba76b587a9b1ea518d216ed6%2F2103268502690185678&i=25174%2C20430%2C21596&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1663863311004&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gq8c2cmhqqbpxm1qjekdb316k1rp6e547x9gke81njgn4tsvybjshefdgasq35ajnermq8bfxjdk9d0h9x1cag2tcf5f7r9fb57b3m87sex2fsrbpx5yw4sm9zb40tggzb3twv9nfpeakagvgz6k9j9f8kbasakg4sf53da2kzxr3bc5vqa0nc3xq4847s3kw9wqsc3hephcvcw1g6etbt632tn3gk2axfn18skxswr5e59pk4xfstp1g091xc2tsdgx9rgsymzj%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCLk-BDYosY_b-H4zu3gOFj7yYCJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTEyNzY2NDE0MzQ2NTEzNjCgAcKu6N0DyAEJqQJytCsqX4mwPuACAKgDAaoEkwJP0NzPBm30HQzy1Ho9kFRPUhjh2lIQDxjcauTEsDDAmkvTJxe0wHz_B-JJxcP0MNQGyWXEHKWnRSwW3QlK8OyS0y3FMEy4g7kbveaCf4Hrz71go-2ZMPYTqZbRkZLe7kEO51fOnw7pY3105GWkHuwbXuMgeTnLHOcocUwcSI2etyUKgMdSmoqbX2rqXAkk3pMqqn0GSGQcACEteaK1EigxTGs_ramlV2JtZZIsM9Cty5Z3yG4R1D0K_JtJ9Z2ZPlT9Auwj-Zac5X7vF_A5Q0V3oupuRQdUy24owghuvcY_LUtj9-_HkkXzfQ-NZEXqc2I4g90SrMUaVFKXSyQQtT0qS7F90gTYkf9cc1eOc0VjONX66OAEAYAGv8uJxrfT-dFboAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_2jJRgiVXjgZri6ziBY-Q12dASoWw%2526client%253Dca-pub-1276641434651360%2526adurl%253D&y=1&s=&z=0
Frame ID: 4DAD2F43F9741FE8B1BE20A0E425D31A
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 3B9ECF0E1E70D61D5CAB95F775177499
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 31A54647226F0F4BC5E2390A91DD3954
Requests: 9 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=117569%2C61651%2C14044&b=r2GcQf9f8qB2CAH7Hjtqt8DYtYS8TKxdhd%2CwA3SdfjfD5b6hEHRH2tXtxVEUzSATDzRT5%2CXxVfzfrfqw7U6H4HetqtxD7UQSkTXKPfJ&f=PxefBfbf4YMAU9HjHbtgCYqGUJS9TPM7Fp%2CgVXF8frfkpAGaPHbH8txCzDPhmSQTm7VFe%2Ce7RC3fVfxBVcjHZHet2CeW3swSQTx8Ja1&c=728&d=90&e=&g=69aa324510f6aa54839a9c7fcf68e131%2F95487472883052983&i=29981%2C24905%2C25007&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1663863311157&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1j9pg95j96tzkbn5j53br27ndfx9a77pht56h2zsve15zv55jqvscxt47h9xmvvcw9fnjkzy6mns1te3320vxbxh7412hm1x8xfsprfzqzprzn20pamg60x77r7grstv0s27jnpw5pkgqk7vhtw6r5e0e680989mhc071jc47cyr1c40as4x09mp3014mqxw9asvq2cb9akbbbx3c851waka72666zkw7jfwqgjfjbj8ww12bnk69f5y9en78h4b2q0m0jt81vg9w%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCnjuKDYosY-i1H9Gi3gPUyJ_wDpDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTEyNzY2NDE0MzQ2NTEzNjCgAcKu6N0DyAEJqQIuLRCGYo6wPuACAKgDAaoEkwJP0D6CFnPu0-BEOcw3E6RU9jjxixi3W4aGGMhhWe5UJZowSi1stQAeVmQZKx310VPNYx89TQdOnlGnKUTGwvzB_Wbs2C2pLiFEXVkdxYoX3AVEC2dYLUk8cvlL2_LL_YJrxEk7lYuBXIiFkRMIqjq6rnoGmwiilgfjnyGiQMGWNM9MEHM0YTSJShVJS5uQKdNjcaP_RohowQ-dJruu-WtNDCb3XuivPplAh7AwhcLSelKrGU3H8ON0DRGveKk895pgq34ukE_1GqwfXWL4jZm3wJOJhy28O1ZTqD-mgfEWZQFdsqFnI5M29C5tiL3Iz6UjEVBrevtPsJmmSmG0il4HfbRcjxuQdtNq6GNTvboW_2dihOAEAYAGv8uJxrfT-dFboAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_0qa8hWRsRMYyzO_Dkf2k12ejc1wA%2526client%253Dca-pub-1276641434651360%2526adurl%253D&y=1&s=&z=0
Frame ID: 9B98903FDEC974DB9211E89112D64CA3
Requests: 14 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: 62D19BBC09C91B2B0056BC9CCFAFBD2B
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/6BYXhZMCT46-9MEs0mF7PtO-2LtaEInKrtcRBPC9dKM.js
Frame ID: 58D5AA5E49E39490205DDBAD0B245D6C
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/6BYXhZMCT46-9MEs0mF7PtO-2LtaEInKrtcRBPC9dKM.js
Frame ID: 5E8887BB497C30015897C642E216F9D5
Requests: 1 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=183975%2C22925%2C195017&b=e7RC3fVfrkRMajHZHet1t4jXTwSQTx8Ja1%2CMxefzfrfw4QsWHEHGtDt66BTBS4Tb6ku3%2C2beH6fqfjA7xtVHWHkt8txx5FxS7T7G4fg&f=DjeT3fwfGA3rF3HmH9twCZ3kTxSmTk8rFV%2C62Zcef3fK8VueHmHYtECWW8aYS1T2qJs7%2C4rehEf5fAQEZcGH9HdtzCmm7abSpTr6XuK&c=728&d=90&e=&g=8eaa81d6dc3b3952bcd66cbf65e3be14%2F13756239879287092410&i=20597%2C20774%2C20773&j=21%2C14%2C14&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1663863311421&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jg0nnn2qhhrmw7dgzfk8xjxk7yqb1ymapf5sp08vtzz5k2fvnyg6spqfnwd33z7s1p9jb2dr05mzm45am4vvvfay6ab8vnhz5vdwb8gkmc2h96ag8ja3hg66tmv9s1192j70fkm1v148zxk389wpdxavf9hgkx05k1hddbpda8yd01y98byr2zyjmwrn1y4harwmff7hz0ex6y7kbk49e4jnyp0xeaa6pcysyxa0zyygwqw8ne1vq2vt1mf11yag1bs5jwwr8bby%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCHWK4DYosY_KzL9KprASw-rvABJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTEyNzY2NDE0MzQ2NTEzNjCgAcKu6N0DyAEJqQIuLRCGYo6wPuACAKgDAaoEkAJP0HuRmZSdj-T_urpqJeAzggjDUDltRPbxmp0Jc1Q-burtz8rc0707FVZ_MAwjwfcI9eT6lNeUnC_9T1wPiUv62fHOIzzxiwsi_9pip_8X78tESeEcKWScWQ3rtcWLLJ31uXl2j8GJ2ynpOs-EPVm17YYW7GFshEafdx4Dlha8kX7ls9kgZjyxnNci2z3Gi8PpViUc5xDfAl_ezbxAii_4NvehnKPgyANViCt2c-j2Fbufc2sRGtREkq_3dkYO-kekEyBhJXz7e0KBi-Lb8uXWzw8Dw5WsfBMZ3esD0TdLWoIGQnmPxZKSxqecLloWFRYLiKKjW4ZHEaLpwfBLIUZV6exdzuVVBMmCGaCtvDTCBOAEAYAGv8uJxrfT-dFboAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_0rg4TMi1rEWj0fpEc_p4_XmWQMXw%2526client%253Dca-pub-1276641434651360%2526adurl%253D&y=1&s=&z=0
Frame ID: F4125E199AAB91165415F4F5ABC83233
Requests: 14 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=43784%2C13833%2C56666&b=jpBHEfGfjp9hYHEH2t6tx1WsZSzTDRGT9%2C7QZTqfzfzeKSrHXHgtAtX71H4S1Tr9ZuM%2CZxJfwfBfJJ8DumHDHDt3tkBjC6SXTx3qaJ&f=xEbfQfAf6gJUPHdHztDC3jqh7S6TqkxSA%2CEjeTDfEfAJktzHAHjt6CQXYuKSVTZAGT7%2C9jeTMfmf11YBaKHBH2tzCG5zS9SmTZY2Td&c=728&d=90&e=&g=c2a8357628d38ee2f46d2d57bceb7cb6%2F15360957782537916248&i=27720%2C17743%2C22427&j=21%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1663863311464&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jf3mkc71hjdf4nyyrw9b89n2jbf5xdnncxj76fsb6frdb7wkmr2xqfr1sg3tmf9962vag9jpyr6b0d64heajcchw04pxwpqe9mmsx5k47s2dw0kabrhgwnhdedvvhbkwqvp9z7gk85b84srkkwasg4xksth4274mjhwf01g2kmfq818xfjt93q66ckfr2cdbz70c94w8sctp18mwpqfr8wbr6nepts8x3has9f4tgsbm64fyz8rj7pqxhc7p4b403n4qch8mb4et%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC3lCADoosY6jpBqXH3gOZ5JWIBJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTEyNzY2NDE0MzQ2NTEzNjCgAcKu6N0DyAEJqQIuLRCGYo6wPuACAKgDAaoEkQJP0NoYi9FYHQWhNM3Wn_xvJlS210HholWBIvR6IZzwTBZD1CJLYV0sjWU2tmXdHDgC81NjgYIQrOfE9X1kX23Dc9ylCWviynz8A0W2EK9kN1MKK-xk8U3adznRfS2ver8CB_vc0VaAzwkz6MBI3_zDH7tBMzt0HoZSHdbxILdqQsEdzFWLNiX16enGjHpsz2wLtPagfk3gmlDhwHuDUXyDQCZ3WHmHuyYa7KvULI77BeqECi9gtguOz1PHLj8NNq1KSwNS9wZNfgxytqhm9sA0MByAeAj1fFx4msWXmKX7NuyDcRR7GawymQoK8OjWm-LPF66II7_gZFimXgPFzh8Gh8HpXMMVAuKfA_HP4W93WSbgBAGABr_Lica30_nRW6AGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1XAk5I2W0F_xNOk2wvfC2j7UuKWQ%2526client%253Dca-pub-1276641434651360%2526adurl%253D&y=1&s=&z=0
Frame ID: DAD7D4B9C569374C6ACE7CB3C76C2681
Requests: 16 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=19840%2C196439%2C24673&b=Vx7fwfmf7p4TVHbHAtRtDJxaBSzTzQkTQ%2CJBeszf5f3drKCBH6H7tptrjQtxSgTbWguX%2C4rehEf5fRAzhGH9HdtAtmJAsbSpTr6XuK&f=m3AsefGfARbfmHZHZtQC6rQtKSwTX8AfA%2CGjeTBfpfXwxkcKHeHGtBC31dHZSYTeA9tE%2Cr2GcQf9fd3jTAH7HjtJCBwxuYS8TKxdhd&c=728&d=90&e=&g=16c2e55e4a9590aea04ea0fb6b0c5928%2F7858400548227888840&i=22610%2C25174%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1663863311551&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hdn96kc1nkcej93ptzah8jbm3pz5f9hkptcnsbe1bjj9t7y7mtt6zbjkemkfr7w116y0bkg38e4svzsmxekhbfx3tf8kgspm5r1ac7125rhtp9b48gpwbv6ayxp84k7c9s7rhqw9bqp257tb9wk65w70p30ce9wkzxp2w4vanszkqpm630gawhfkabgkyqmrea0x9315csgnzx1sx62rs6fj2x14snxeyr5hsn010g9mz1d9591bt4g87bxhn0jhqeyfrp5bspbc%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCHD-JDoosY__uEteGjuwP3oaSkAqQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0xMjc2NjQxNDM0NjUxMzYwoAHCrujdA8gBCakCLi0QhmKOsD7gAgCoAwGqBJACT9BmouPZbLVQ9ib4JGHIeWIHB1gRCfQGzI4U37WJT7mSE1E3sI4VOroH2CcIK0NASODSRekDHLB18Xylws3j0KQdwmlVQvpDd7X7LEQrU-ywaM1rH4NIZdQ7reu77EK7ZZnspKUx-fnDaKBOlQxfHnMVOsyMl07uzFE_ghyHhV6F6RFJ8Tb-aeSHTkOQQ5sKdrDdGMtfLhU8HiDYCGl-8VB4OBvY-9UgyUYjWQtpJ6oKZlcUN_DgbtkY6KVU8JsOQEZX4rlXjUk7MJ8nqLfGOSEmiwu3sSQQqw9hAGY_1whS-yXIA8saspuLAudO51Frd_IH3QNZR5VnUDS8fZW_iF0B54thoxEpNXoyPLtAIAXgBAGABr_Lica30_nRW6AGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_2CPKrYPM6QwJIIZ3wICQOCLldv1g%2526client%253Dca-pub-1276641434651360%2526adurl%253D&y=1&s=&z=0
Frame ID: EEB326A938EDA4B6EBEDBA08C692F74F
Requests: 14 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: B65640B2075231AFBE46EE7116CBB665
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 84F42703D6A018FAA737767B6A83EB7D
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

看中国新闻网 - 即时新闻 - 中国新闻 - 海外华人 - 内幕新闻 - 历史秘闻

Page URL History Show full URLs

http://secretchina.com/ HTTP 301
https://www.secretchina.com/ Page URL

Detected technologies

DoubleClick Ad Exchange (AdX) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

tpc\.googlesyndication\.com/safeframe

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Webgains (Affiliate programs) Expand

Overall confidence: 100%
Detected patterns

analytics\.webgains\.io

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery UI (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

([\d.]+)/jquery-ui(?:\.min)?\.js
jquery-ui.*\.js

Page Statistics

433
Requests

91 %
HTTPS

52 %
IPv6

42
Domains

60
Subdomains

43
IPs

8
Countries

7525 kB
Transfer

12278 kB
Size

49
Cookies

14 Outgoing links

These are links going to different origins than the main page.

URL: https://www.youtube.com/channel/UCLJYH0o60tlyAdy3g5GNrKw
Title: 视频

Search URL Search Domain Scan URL

URL: https://m.secretchina.com/
Title: 手机版

Search URL Search Domain Scan URL

URL: http://e-paper.kanzhongguo.com/
Title: 电子报

Search URL Search Domain Scan URL

URL: https://account.secretchina.com/login.php?code=gb
Title: 1 新一期特刊已经发表请荣誉会员登陆下载

Search URL Search Domain Scan URL

URL: https://account.secretchina.com/login.php

Search URL Search Domain Scan URL

URL: https://www.shenyuncreations.com/zh_tw?utm_source=BrotherMedia&utm_medium=SecretChina&utm_campaign=sy22-get-to-know-more-campaign

Search URL Search Domain Scan URL

URL: https://www.tuidang.org/

Search URL Search Domain Scan URL

URL: http://trad.cn.rfi.fr/

Search URL Search Domain Scan URL

URL: http://eepurl.com/duR6JL
Title: 注册新闻简报

Search URL Search Domain Scan URL

URL: https://zh-cn.shenyun.org/
Title: 神韵艺术团

Search URL Search Domain Scan URL

URL: https://www.ganjingworld.com/zh-CN
Title: 干净世界

Search URL Search Domain Scan URL

URL: https://justgoodluck.com/index.php?code=b5
Title: 福瑞寶

Search URL Search Domain Scan URL

URL: http://dongtaiwang.com/
Title: 动态网

Search URL Search Domain Scan URL

URL: http://wujieliulan.com/
Title: 无界

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://secretchina.com/ HTTP 301
https://www.secretchina.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 163

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEDkp7yMdcaatrXw5YZ87YUk&google_cver=1&google_push=AZmPxg9mnQJJ2rKzGBWR6c-ztPnfhpqTU1z14o8Pcc0nnuT5SDRNRg0WwyGw8cbFL7qkkI2hLCLp7VGiQl9VRYrXuBTq_v8x52c HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDhEOTk2UjQtUS1GMERU&google_push=AZmPxg9mnQJJ2rKzGBWR6c-ztPnfhpqTU1z14o8Pcc0nnuT5SDRNRg0WwyGw8cbFL7qkkI2hLCLp7VGiQl9VRYrXuBTq_v8x52c

Request Chain 164

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEHxOQkhyZmXHREglKrkut1I&google_cver=1&google_push=AZmPxg-itqxRXXpvQDTXvuHUP6RpY4ijqinxae8TDGchw-w1XD_QokrVX2-lZw_dvtREcPIcUJhmaM2pJWJuW9bLIl4YxIw6EFQS HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEHxOQkhyZmXHREglKrkut1I&google_push=AZmPxg-itqxRXXpvQDTXvuHUP6RpY4ijqinxae8TDGchw-w1XD_QokrVX2-lZw_dvtREcPIcUJhmaM2pJWJuW9bLIl4YxIw6EFQS&s=184023&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEHxOQkhyZmXHREglKrkut1I&google_hm=YyyKDpjq3SH2WD84L9GHAgAAFDwAAAAB&google_nid=index&google_push=AZmPxg-itqxRXXpvQDTXvuHUP6RpY4ijqinxae8TDGchw-w1XD_QokrVX2-lZw_dvtREcPIcUJhmaM2pJWJuW9bLIl4YxIw6EFQS

Request Chain 178

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEAMOygEeJS_5SDV8Bkfnktc&google_cver=1&google_push=AZmPxg_Z5KbgwLeI6ENdwBdjp5cPNEH5UL9eaL9tF_oh2RSlWMQsmt58MXwmg1ecUqchewyoWCKcSBNLvx0M_QhelVZTT5O4RrE HTTP 302
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AZmPxg_Z5KbgwLeI6ENdwBdjp5cPNEH5UL9eaL9tF_oh2RSlWMQsmt58MXwmg1ecUqchewyoWCKcSBNLvx0M_QhelVZTT5O4RrE&google_hm=he2TnCE9fC4_Hy5y3Tqvmw

Request Chain 179

https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAZmPxg8W03Gf_Y2OQ3hRbk0xvUXJk0EjnwAavt6GU581znyRznbIftk2qW-Yer7NCxFkIAuSWgFV-6telJG_hz0CyVJYBOglHqM&google_gid=CAESEGdSAUDOKTUjIgPzSgE5a-8&google_cver=1 HTTP 302
https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAZmPxg8W03Gf_Y2OQ3hRbk0xvUXJk0EjnwAavt6GU581znyRznbIftk2qW-Yer7NCxFkIAuSWgFV-6telJG_hz0CyVJYBOglHqM&google_gid=CAESEGdSAUDOKTUjIgPzSgE5a-8&google_cver=1&rd=Y HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjA5MjIxNjE1MTEwMDA4NjY5NjA5NzI2MA%3D%3D&google_push=AZmPxg8W03Gf_Y2OQ3hRbk0xvUXJk0EjnwAavt6GU581znyRznbIftk2qW-Yer7NCxFkIAuSWgFV-6telJG_hz0CyVJYBOglHqM

Request Chain 183

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESECIGsexYgy0sK_0czo2pZzk&google_cver=1&google_push=AZmPxg_BWi-upForYM-6qqtOG76d3POtna0Be9OS7BvyDWl9nvZ5xeCPWG6Be4nHYwBEvWgJkMia5eQBPehh6X9gLbOjbwyTvQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDhEOTk2VTAtNy1LVzRV&google_push=AZmPxg_BWi-upForYM-6qqtOG76d3POtna0Be9OS7BvyDWl9nvZ5xeCPWG6Be4nHYwBEvWgJkMia5eQBPehh6X9gLbOjbwyTvQ

Request Chain 184

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEDYT7m_OQe6cZiGDNlXky4c&google_cver=1&google_push=AZmPxg_QA7EFb8HoV9EAG519KFud6Yz-kfzYJhbsZw1gqkqqFM8tTjkPlFkkiDeZmCVD_XP85wIN1Q4SdgBg154BwpkLqZUat0s HTTP 302
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEDYT7m_OQe6cZiGDNlXky4c&google_hm=YyyKDpjq3SH2WD84L9GHAgAAFDwAAAAB&google_nid=index&google_push=AZmPxg_QA7EFb8HoV9EAG519KFud6Yz-kfzYJhbsZw1gqkqqFM8tTjkPlFkkiDeZmCVD_XP85wIN1Q4SdgBg154BwpkLqZUat0s

Request Chain 188

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 194

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 203

https://um.simpli.fi/gp_match?google_gid=CAESEM4WHv5IdwBQleU3ndp60hY&google_cver=1&google_push=AZmPxg_x_rK56Asetvrm36Mgh3DjApMXAnDmWSLrQZpq12OCS7Q5qB1QLJX7gtOWXRqmY2_wgY8A6bcGu5i8r-fIJ6ZLDY7uDaI4fd8 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=D31F31B4462D4913BE88CADC94B18DF1&google_push=AZmPxg_x_rK56Asetvrm36Mgh3DjApMXAnDmWSLrQZpq12OCS7Q5qB1QLJX7gtOWXRqmY2_wgY8A6bcGu5i8r-fIJ6ZLDY7uDaI4fd8

Request Chain 205

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEA9Tbgxh8K_DaYNPTzH4bkk&google_cver=1&google_push=AZmPxg8qWMXwiUTerBRZai_XpzbxCv5ZlTA6acFOl4sqg_UPD-xcl387X2DvjZpjTIqNfT3b0vrnVHYPjkPNkEPGw9Jv0vlCR3Hvfpc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AZmPxg8qWMXwiUTerBRZai_XpzbxCv5ZlTA6acFOl4sqg_UPD-xcl387X2DvjZpjTIqNfT3b0vrnVHYPjkPNkEPGw9Jv0vlCR3Hvfpc&google_hm=wJdlXjrMTsmSx8PnQSXR9aU

Request Chain 207

https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEHkVMr-xzDySk8l-c4IDyC8&google_cver=1&google_push=AZmPxg_EkuZEw1z9dDIoarMJS1c7FY3oYfG_HAWW3s5Z5_u-opPpXUeG0wGvmSXPjh-oipUjtT-z3BtdXzVQr4uQ4ZgdGhZ33Bcp1gs HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AZmPxg_EkuZEw1z9dDIoarMJS1c7FY3oYfG_HAWW3s5Z5_u-opPpXUeG0wGvmSXPjh-oipUjtT-z3BtdXzVQr4uQ4ZgdGhZ33Bcp1gs

Request Chain 208

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEF4LfMkc3yG_eBETmjyGUNw&google_cver=1&google_push=AZmPxg_Gwhg93t1UFzTqCvMSddqJSNe1klGz87ADq-ldDavmjCYz9aSkT1RcSrpmowhXhgq2wq2c1kd-yDfKtjn8dj3RNxCCiQCjzw HTTP 302
https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=AZmPxg_Gwhg93t1UFzTqCvMSddqJSNe1klGz87ADq-ldDavmjCYz9aSkT1RcSrpmowhXhgq2wq2c1kd-yDfKtjn8dj3RNxCCiQCjzw&google_gid=CAESEF4LfMkc3yG_eBETmjyGUNw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NzcyMTQ3NDA5NTQ4NTc4OTI0Mzg4&google_push=AZmPxg_Gwhg93t1UFzTqCvMSddqJSNe1klGz87ADq-ldDavmjCYz9aSkT1RcSrpmowhXhgq2wq2c1kd-yDfKtjn8dj3RNxCCiQCjzw

Request Chain 260

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEGQbx9D2mq7cNM9HjCkRSH0&google_cver=1&google_push=AZmPxg_W80HouBSl4PT6_Jo0LYNpd-4gVeBp9i-CaxJaDqYBfatMAk_KodnpIJZrwA4T2mSyQ4QBqYBnI9KzP8xt6uintpIulwW62Q HTTP 302
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AZmPxg_W80HouBSl4PT6_Jo0LYNpd-4gVeBp9i-CaxJaDqYBfatMAk_KodnpIJZrwA4T2mSyQ4QBqYBnI9KzP8xt6uintpIulwW62Q&google_hm=he2TnCE9fC4_Hy5y3Tqvmw

Request Chain 262

https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAZmPxg--b8MEQvM-SJgArcBUD_AB-oF4LT5PS4ACT0CgOKw1ttlquPPuXzRMTX67mEzJDSduAV8Bk8bEz4uLsvsVhlzO1bq3u3e7Kg&google_gid=CAESEMCgFMpMIwE-bsmR4LzPzF4&google_cver=1 HTTP 302
https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAZmPxg--b8MEQvM-SJgArcBUD_AB-oF4LT5PS4ACT0CgOKw1ttlquPPuXzRMTX67mEzJDSduAV8Bk8bEz4uLsvsVhlzO1bq3u3e7Kg&google_gid=CAESEMCgFMpMIwE-bsmR4LzPzF4&google_cver=1&rd=Y HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjA5MjIxNjE1MTEwMDAxNzIwNTM5Nzg2Ng%3D%3D&google_push=AZmPxg--b8MEQvM-SJgArcBUD_AB-oF4LT5PS4ACT0CgOKw1ttlquPPuXzRMTX67mEzJDSduAV8Bk8bEz4uLsvsVhlzO1bq3u3e7Kg

Request Chain 265

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEBd-KJNbejDfnWKNO3iFwdU&google_cver=1&google_push=AZmPxg8yhhj4JXACi7gTCUi_FzTxw6lwZkNQAzdgwSl7jL5D08OA95cflipVKfOPdpHeTgH-0WOGxuZLAHMOBzvRFZ0xaePd2CzwoA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDhEOTk3OVAtUy1KUk1a&google_push=AZmPxg8yhhj4JXACi7gTCUi_FzTxw6lwZkNQAzdgwSl7jL5D08OA95cflipVKfOPdpHeTgH-0WOGxuZLAHMOBzvRFZ0xaePd2CzwoA

Request Chain 266

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEFfuT8fUG5kWOF03WewSXVI&google_cver=1&google_push=AZmPxg_QCQKgFMAz91Gxty5IPR6U1v5kqizbrvmIcUzxmzjeFSKS-Zr0nQ_ftlyrAteXau67fsxfT0vatWPcUHjnhPd4fCzXee4h HTTP 302
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEFfuT8fUG5kWOF03WewSXVI&google_hm=YyyKDpjq3SH2WD84L9GHAgAAFDwAAAAB&google_nid=index&google_push=AZmPxg_QCQKgFMAz91Gxty5IPR6U1v5kqizbrvmIcUzxmzjeFSKS-Zr0nQ_ftlyrAteXau67fsxfT0vatWPcUHjnhPd4fCzXee4h

Request Chain 275

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEO31QZW6XYm6T2Zb11IghQY&google_cver=1&google_push=AZmPxg9-Bd6lUYmd5PPsoRKUClQqSdr6KVbvXjVqvy0sqazj--up1aOawuG3OLwMDhoj6lSCm7d6rmsFx7lDWH_kZ5c_IE7tG54 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDhEOTk3QjktMjgtMlk1NA==&google_push=AZmPxg9-Bd6lUYmd5PPsoRKUClQqSdr6KVbvXjVqvy0sqazj--up1aOawuG3OLwMDhoj6lSCm7d6rmsFx7lDWH_kZ5c_IE7tG54

Request Chain 276

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESELavPKFVq77-mjFbcWoHFHc&google_cver=1&google_push=AZmPxg8sWoXGXx8fmuUIwMwX8-5w6JEg614EmKSkslBnob-xMyBr_k-2nUCIO8OP-b7MXdNTLFscZzFtMtHqO52nkfpUjId3kIg HTTP 302
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESELavPKFVq77-mjFbcWoHFHc&google_hm=YyyKDpjq3SH2WD84L9GHAgAAFDwAAAAB&google_nid=index&google_push=AZmPxg8sWoXGXx8fmuUIwMwX8-5w6JEg614EmKSkslBnob-xMyBr_k-2nUCIO8OP-b7MXdNTLFscZzFtMtHqO52nkfpUjId3kIg

Request Chain 285

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEBxlj1La05JCAgsiBba9jJk&google_cver=1&google_push=AZmPxg9EfvnTsi8gNAdgfbH6g4JjgJQRUFswry67fHetYyKMHScxfhc2q-6S217iO_RBVgf2-XWW-mSZB_Zix9c4wvrhs60q8pJn HTTP 302
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AZmPxg9EfvnTsi8gNAdgfbH6g4JjgJQRUFswry67fHetYyKMHScxfhc2q-6S217iO_RBVgf2-XWW-mSZB_Zix9c4wvrhs60q8pJn&google_hm=he2TnCE9fC4_Hy5y3Tqvmw

Request Chain 286

https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAZmPxg_HWVcdJcCapBYxSSGFe2Hi68gLMMc-avtDjTQCab-tn99CH21BvpNDZx8es2TzGn5PhTPHYA521e5b6YG4YhriThuSUjc-&google_gid=CAESEPnUWdMkD9VIHqfhnLqH_lY&google_cver=1 HTTP 302
https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAZmPxg_HWVcdJcCapBYxSSGFe2Hi68gLMMc-avtDjTQCab-tn99CH21BvpNDZx8es2TzGn5PhTPHYA521e5b6YG4YhriThuSUjc-&google_gid=CAESEPnUWdMkD9VIHqfhnLqH_lY&google_cver=1&rd=Y HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjA5MjIxNjE1MTEwMDAxMDcyMDUyNjc5Nw%3D%3D&google_push=AZmPxg_HWVcdJcCapBYxSSGFe2Hi68gLMMc-avtDjTQCab-tn99CH21BvpNDZx8es2TzGn5PhTPHYA521e5b6YG4YhriThuSUjc-

Request Chain 289

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEMsprMkqq8CY15EJwtZbKr8&google_cver=1&google_push=AZmPxg-V2Srk26BDSF7gT_Vm8Tnj6_Xv5pXgq1pth9LXPxqoJfT0CL062RdObozo-SGKfdfCdyaZQqnF3pd2f3r8wMkjUTNqV7Ib HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDhEOTk3Qk0tMVUtS1k0SQ==&google_push=AZmPxg-V2Srk26BDSF7gT_Vm8Tnj6_Xv5pXgq1pth9LXPxqoJfT0CL062RdObozo-SGKfdfCdyaZQqnF3pd2f3r8wMkjUTNqV7Ib

Request Chain 290

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEBa_wxMUICgMXds8enwK4UY&google_cver=1&google_push=AZmPxg-nML1fhprM1zjbnek-e9ZZXoAqc8w_2dnKkQ1216rIEjRy3eaOYyijVmcDfO4NfAobdTUwisVkftCRvmmDOEcisQjzRio HTTP 302
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEBa_wxMUICgMXds8enwK4UY&google_hm=YyyKDpjq3SH2WD84L9GHAgAAFDwAAAAB&google_nid=index&google_push=AZmPxg-nML1fhprM1zjbnek-e9ZZXoAqc8w_2dnKkQ1216rIEjRy3eaOYyijVmcDfO4NfAobdTUwisVkftCRvmmDOEcisQjzRio

Request Chain 317

https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?https%3A%2F%2Fwww.awin1.com%2Fcawshow.php%3Fv=11938&s=2542680&q=367022&r=412871&pv=1&pref3=mm_SUBIDTEST_view HTTP 302
https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_pre=COzmg-3lqPoCFbSW_QcdpxgIsQ;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?https%3A%2F%2Fwww.awin1.com%2Fcawshow.php%3Fv=11938&s=2542680&q=367022&r=412871&pv=1&pref3=mm_SUBIDTEST_view HTTP 302
https://www.awin1.com/cawshow.php?v=11938&s=2542680&q=367022&r=412871&pv=1&pref3=mm_SUBIDTEST_view HTTP 302
https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1663863311_bbf8b121-3a91-11ed-9471-2264f100ad21

Request Chain 322

https://www.awin1.com/cshow.php?s=2470185&v=11354&q=377129&r=412871&pv=1&pref3=oneidRx6fgfQfZx7TkHwH3tQtdWgf9SzTmqbF7oneid__dc_reach_suite02wkz&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://www.zenaps.com/cshow.php?pvr=bbecca41-3a91-11ed-945d-2266f18be32e&v=11354&r=412871&q=377129&s=2470185&viewref3=oneidRx6fgfQfZx7TkHwH3tQtdWgf9SzTmqbF7oneid__dc_reach_suite02wkz&pv=1&gdpr=0&gdpr_consent= HTTP 302
https://www.conrad.de/ztpv.php?awc=11354_412871_1663863311_bbecca41-3a91-11ed-945d-2266f18be32e&insert=AW&&gdpr=0&gdpr_consent=

Request Chain 326

https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?https%3A%2F%2Fwww.awin1.com%2Fcawshow.php%3Fv=11938&s=2542680&q=367022&r=412871&pv=1&pref3=oneidPxefBfbfM5Qa9HjHbtMtR5KaJS9TPM7Fponeid__dc_reach_suite02wkz&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_pre=CNnvg-3lqPoCFbic_QcdFwoH4w;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?https%3A%2F%2Fwww.awin1.com%2Fcawshow.php%3Fv=11938&s=2542680&q=367022&r=412871&pv=1&pref3=oneidPxefBfbfM5Qa9HjHbtMtR5KaJS9TPM7Fponeid__dc_reach_suite02wkz&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://www.awin1.com/cawshow.php?v=11938&s=2542680&q=367022&r=412871&pv=1&pref3=oneidPxefBfbfM5Qa9HjHbtMtR5KaJS9TPM7Fponeid__dc_reach_suite02wkz&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1663863311_bbf9c290-3a91-11ed-8c43-2239a2f90a87

Request Chain 331

https://www.awin1.com/cshow.php?s=2470185&v=11354&q=377129&r=412871&pv=1&pref3=oneidRx6fgfQfZx7TkHwH3tQtdWgf9SzTmqbF7oneid__dc_reach_suite02wkz&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://www.zenaps.com/cshow.php?pvr=bbfc3390-3a91-11ed-945d-2266f18be32e&v=11354&r=412871&q=377129&s=2470185&viewref3=oneidRx6fgfQfZx7TkHwH3tQtdWgf9SzTmqbF7oneid__dc_reach_suite02wkz&pv=1&gdpr=0&gdpr_consent= HTTP 302
https://www.conrad.de/ztpv.php?awc=11354_412871_1663863311_bbfc3390-3a91-11ed-945d-2266f18be32e&insert=AW&&gdpr=0&gdpr_consent=

Request Chain 332

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEBu5XcCh06pTKP2dFo0luXc&google_cver=1&google_push=AZmPxg_jqB818wLsFjcMkBsavZWZj2Z3TTJfrB-h5C6kNi75PKdlIal12bzysZO1OLxSfKTdbAI21l-0V87-beJfrA998UgoCAqD HTTP 302
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AZmPxg_jqB818wLsFjcMkBsavZWZj2Z3TTJfrB-h5C6kNi75PKdlIal12bzysZO1OLxSfKTdbAI21l-0V87-beJfrA998UgoCAqD&google_hm=he2TnCE9fC4_Hy5y3Tqvmw

Request Chain 334

https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAZmPxg-StSNGMCc0zsg5ozTOCtbqsJGOZUGFFU8mAd-6rw389V9sZKA2fpyiCRihaAv0ifjMTC7YPloMWa5S0CGri5UugCEz7Izk&google_gid=CAESELduXykusxsJrd1t98b-F48&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjA5MjIxNjE1MTEwMDA0OTg3NjA2MzQwMw%3D%3D&google_push=AZmPxg-StSNGMCc0zsg5ozTOCtbqsJGOZUGFFU8mAd-6rw389V9sZKA2fpyiCRihaAv0ifjMTC7YPloMWa5S0CGri5UugCEz7Izk

Request Chain 337

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEPWv-McE6LJGWi76lH2wJlU&google_cver=1&google_push=AZmPxg9o4rz8xPvmZj9jDAy5w6_951KWm03iLKRT1Tc0NOEaY8hDtu50uNJ_iU9j6UhsHjab0yiMxT2JicipKEjx2HzgHTQ0JuXv HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDhEOTk3TDYtRS1GQlE5&google_push=AZmPxg9o4rz8xPvmZj9jDAy5w6_951KWm03iLKRT1Tc0NOEaY8hDtu50uNJ_iU9j6UhsHjab0yiMxT2JicipKEjx2HzgHTQ0JuXv

Request Chain 338

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEHPH7ZO1ZI8GVCIc62wftTw&google_cver=1&google_push=AZmPxg8HnF3PvFE5yJMy2dzqVKkQrwsdB0RA9q65HE32nWMTkbcIMrjlvbHZsmpPi5wdUiqEmk271NsDrKVp2N7g72ty4VsXTpo HTTP 302
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEHPH7ZO1ZI8GVCIc62wftTw&google_hm=YyyKDpjq3SH2WD84L9GHAgAAFDwAAAAB&google_nid=index&google_push=AZmPxg8HnF3PvFE5yJMy2dzqVKkQrwsdB0RA9q65HE32nWMTkbcIMrjlvbHZsmpPi5wdUiqEmk271NsDrKVp2N7g72ty4VsXTpo

Request Chain 340

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 353

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEBu5XcCh06pTKP2dFo0luXc&google_cver=1&google_push=AZmPxg-fvfTNkiPACa3HPhkzvMmOs_5pjn_SxAn3G5_zuIW9746_se3e0s2v1EZiZ9cohtHqJx3S9gCHkfKRohzvWso0d3hLlSiF HTTP 302
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AZmPxg-fvfTNkiPACa3HPhkzvMmOs_5pjn_SxAn3G5_zuIW9746_se3e0s2v1EZiZ9cohtHqJx3S9gCHkfKRohzvWso0d3hLlSiF&google_hm=he2TnCE9fC4_Hy5y3Tqvmw

Request Chain 357

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEPWv-McE6LJGWi76lH2wJlU&google_cver=1&google_push=AZmPxg_w6ZeYz9kPv8YLjOvT8thAl1TlmC_QnqQWDi8Vqdt4PJgZr40KXA-oFzNki-laFbtMyes_JbSiB-PxMb2H6hrwBBtUn7Do HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDhEOTk3TVItTS1MMlNS&google_push=AZmPxg_w6ZeYz9kPv8YLjOvT8thAl1TlmC_QnqQWDi8Vqdt4PJgZr40KXA-oFzNki-laFbtMyes_JbSiB-PxMb2H6hrwBBtUn7Do

Request Chain 358

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEHPH7ZO1ZI8GVCIc62wftTw&google_cver=1&google_push=AZmPxg-wvfKWuzjAoPXhs-IA8twkyeXcRsYIa7dTt_fp9daEYvfGdnoXd85YqKMNG_HD2arxtmEtIKFJXqvCJ52UctR-SYj6QN6S HTTP 302
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEHPH7ZO1ZI8GVCIc62wftTw&google_hm=YyyKDpjq3SH2WD84L9GHAgAAFDwAAAAB&google_nid=index&google_push=AZmPxg-wvfKWuzjAoPXhs-IA8twkyeXcRsYIa7dTt_fp9daEYvfGdnoXd85YqKMNG_HD2arxtmEtIKFJXqvCJ52UctR-SYj6QN6S

Request Chain 362

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 377

https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?https%3A%2F%2Fwww.telefonica-partner.de%2Ftpv.php%3Ft%3D117679V1226132702M%26subid%3DviewoneidMxefzfrfw4QsWHEHGtDt66BTBS4Tb6ku3oneid__dc_reach_suite02wkz%26gdpr_consent=%26gdpr=0%26gdpr_pd=0 HTTP 302
https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_pre=CIu-kO3lqPoCFTTLuwgdd-MK0g;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?https%3A%2F%2Fwww.telefonica-partner.de%2Ftpv.php%3Ft%3D117679V1226132702M%26subid%3DviewoneidMxefzfrfw4QsWHEHGtDt66BTBS4Tb6ku3oneid__dc_reach_suite02wkz%26gdpr_consent=%26gdpr=0%26gdpr_pd=0 HTTP 302
https://www.telefonica-partner.de/tpv.php?t=117679V1226132702M&subid=viewoneidMxefzfrfw4QsWHEHGtDt66BTBS4Tb6ku3oneid__dc_reach_suite02wkz&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://www.lead-alliance.net/tpv.php?t=117679V1226132702M&subid=viewoneidMxefzfrfw4QsWHEHGtDt66BTBS4Tb6ku3oneid__dc_reach_suite02wkz&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117679&s_id=2022092218151176705956409X117679V1226132702MSviewoneidMxefzfrfw4QsWHEHGtDt66BTBS4Tb6ku3oneid__dc_reach_suite02wkz&gdpr_consent=&gdpr=0&cons=0&spid=2022092218151176705956409X117679V1226132702MSviewoneidMxefzfrfw4QsWHEHGtDt66BTBS4Tb6ku3oneid__dc_reach_suite02wkz&wfid=117679&partnerid=12218

Request Chain 380

https://ad.doubleclick.net/ddm/trackimp/N773418.3163536BLAU_AFFILIATE/B25532621.345088000;dc_trk_aid=536454876;dc_trk_cid=177082088;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?https%3A%2F%2Fwww.telefonica-partner.de%2Ftpv.php%3Ft%3D117663V1225131106M%26subid%3Dmm_SUBIDTEST_view HTTP 302
https://ad.doubleclick.net/ddm/trackimp/N773418.3163536BLAU_AFFILIATE/B25532621.345088000;dc_pre=CNDAkO3lqPoCFXyd_QcdqA8FkQ;dc_trk_aid=536454876;dc_trk_cid=177082088;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?https%3A%2F%2Fwww.telefonica-partner.de%2Ftpv.php%3Ft%3D117663V1225131106M%26subid%3Dmm_SUBIDTEST_view HTTP 302
https://www.telefonica-partner.de/tpv.php?t=117663V1225131106M&subid=mm_SUBIDTEST_view HTTP 302
https://www.lead-alliance.net/tpv.php?t=117663V1225131106M&subid=mm_SUBIDTEST_view HTTP 302
https://partner.blau.de/a/?i=pview&client=blau&camp=pview&l=de&nw=lea1&affiliate=117663&s_id=2022092218151176705956407X117663V1225131106MSmm_SUBIDTEST_view&gdpr_consent=&gdpr=0&cons=0

Request Chain 404

https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=%3Fhttps%3A%2F%2Fwww.awin1.com%2Fcawshow.php%3Fv=11938&s=2542680&q=367022&r=412871&pv=1&pref3=pv_oneidJBeszf5f3drKCBH6H7tptrjQtxSgTbWguXoneid__dc_reach_suite02wkz&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_pre=CKOHle3lqPoCFTTDuwgdpH0O5Q;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=%3Fhttps%3A%2F%2Fwww.awin1.com%2Fcawshow.php%3Fv=11938&s=2542680&q=367022&r=412871&pv=1&pref3=pv_oneidJBeszf5f3drKCBH6H7tptrjQtxSgTbWguXoneid__dc_reach_suite02wkz&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://www.awin1.com/cawshow.php?v=11938&s=2542680&q=367022&r=412871&pv=1&pref3=pv_oneidJBeszf5f3drKCBH6H7tptrjQtxSgTbWguXoneid__dc_reach_suite02wkz&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1663863311_bc0b9ce1-3a91-11ed-94c6-223782b38f54

433 HTTP transactions
8 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.secretchina.com/
Redirect Chain

http://secretchina.com/
https://www.secretchina.com/

135 KB
29 KB

442ms
390ms

Document
text/html

2606:4700:10::6814:4e9d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.secretchina.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:4e9d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3d94de70e22272f5ca28a2235cc6bba15ad236cbd0f297f5c3e615800318468f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cf-cache-status: DYNAMIC
cf-ray: 74ec5669feb39951-FRA
content-encoding: gzip
content-type: text/html;charset=UTF-8
date: Thu, 22 Sep 2022 16:15:08 GMT
server: cloudflare
strict-transport-security: max-age=31536000; includeSubdomains; preload

Redirect headers

CF-Cache-Status: DYNAMIC
CF-RAY: 74ec566858869202-FRA
Connection: keep-alive
Content-Type: text/html
Date: Thu, 22 Sep 2022 16:15:07 GMT
Location: https://www.secretchina.com/
Server: cloudflare
Transfer-Encoding: chunked

GET
H2 200 homecommon_v20.css
www.secretchina.com/2017/css/ 29 KB
6 KB 20ms
20ms Stylesheet
text/css 2606:4700:10::6814:4e9d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.secretchina.com/2017/css/homecommon_v20.css

Requested by

Host: www.secretchina.com
URL: https://www.secretchina.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:4e9d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

db78a901e8db319d248a5eace31f8782f75fc74933daf07e8e6dcae93b0ce3f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.secretchina.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 16:15:08 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 22 Apr 2022 19:50:41 GMT
server: cloudflare
age: 1443
etag: W/"62630711-a94c"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=1800
cf-polished: origSize=43340
strict-transport-security: max-age=31536000; includeSubdomains; preload
cf-ray: 74ec566c7b3a9951-FRA
cf-bgj: minify

GET
H2 200 font-awesome.min.css
www.secretchina.com/fontawesome/css/ 26 KB
6 KB 29ms
28ms Stylesheet
text/css 2606:4700:10::6814:4e9d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.secretchina.com/fontawesome/css/font-awesome.min.css
Requested by: Host: www.secretchina.com
URL: https://www.secretchina.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:4e9d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 768686e989a8f39ac9cf934d0c967d218feef8319e8cd4b73ad5dc38631a2451

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.secretchina.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: public
date: Thu, 22 Sep 2022 16:15:08 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 24 Jul 2019 05:24:15 GMT
server: cloudflare
age: 4198604
etag: W/"5d37eb7f-685b"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=315360000
cf-ray: 74ec566c7b3d9951-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 115 KB
46 KB 164ms
65ms Script
application/javascript 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-940314145

Requested by

Host: www.secretchina.com
URL: https://www.secretchina.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

bbf537ba4b0de439c28e5a5224e0bf6a3adf935c721032367e46b9f6e9ee5ace

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.secretchina.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 16:15:08 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 46596
x-xss-protection: 0
last-modified: Thu, 22 Sep 2022 15:32:51 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 22 Sep 2022 16:15:08 GMT

GET
H2 200 bg_banner_h1.jpg
www.secretchina.com/2017/images/ 67 KB
67 KB 22ms
19ms Image
image/jpeg 2606:4700:10::6814:4e9d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.secretchina.com/2017/images/bg_banner_h1.jpg

Requested by

Host: www.secretchina.com
URL: https://www.secretchina.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:4e9d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cb89e64898f73c735a6127109782b3674029fa3473b746685ba428a8e54d5766

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.secretchina.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 16:15:08 GMT
cf-cache-status: HIT
last-modified: Wed, 24 Jul 2019 05:24:15 GMT
server: cloudflare
age: 1443
etag: "5d37eb7f-1a910"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=1800
cf-polished: degrade=85, origSize=108816, status=webp_bigger
strict-transport-security: max-age=31536000; includeSubdomains; preload
accept-ranges: bytes
cf-ray: 74ec566cab889951-FRA
content-length: 68440
cf-bgj: imgq:85,h2pri

GET
H2 200 p3217732a657625215-ss.jpg
img5.secretchina.com/pic/2022/9-22/ 16 KB
16 KB 42ms
24ms Image
image/webp 2606:4700:10::6814:4e9d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img5.secretchina.com/pic/2022/9-22/p3217732a657625215-ss.jpg

Requested by

Host: www.secretchina.com
URL: https://www.secretchina.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:4e9d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6bd6868432be69f0993949e38005e2b8ad544210bdc32aabe680fd6bd7ac0c72

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.secretchina.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 16:15:08 GMT
vary: Accept
cf-cache-status: HIT
age: 1320
cf-polished: qual=85, origFmt=jpeg, origSize=26557
content-disposition: inline; filename="p3217732a657625215-ss.webp"
content-length: 16186
last-modified: Thu, 22 Sep 2022 15:46:38 GMT
server: cloudflare
etag: "632c835e-67bd"
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-type: image/webp
expires: Wed, 19 Jul 2023 15:50:35 GMT
cache-control: max-age=25920000
accept-ranges: bytes
cf-ray: 74ec566ccbb69951-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 p3105783a256801980-ss.jpg
img5.secretchina.com/pic/2022/3-3/ 34 KB
34 KB 50ms
32ms Image
image/webp 2606:4700:10::6814:4e9d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img5.secretchina.com/pic/2022/3-3/p3105783a256801980-ss.jpg

Requested by

Host: www.secretchina.com
URL: https://www.secretchina.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:4e9d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0daa7a72d33617c769fcf92b8f1a13dcc3bd95fb1306d3cccbd4cf8d3168ebf6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.secretchina.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 16:15:08 GMT
vary: Accept
cf-cache-status: HIT
age: 9307
cf-polished: qual=85, origFmt=jpeg, origSize=122173
content-disposition: inline; filename="p3105783a256801980-ss.webp"
content-length: 34508
last-modified: Thu, 03 Mar 2022 08:37:51 GMT
server: cloudflare
etag: "62207e5f-1dd3d"
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-type: image/webp
expires: Wed, 19 Jul 2023 13:33:11 GMT
cache-control: max-age=25920000
accept-ranges: bytes
cf-ray: 74ec566ccbb99951-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 p3217652a730155693-ss.jpg
img5.secretchina.com/pic/2022/9-22/ 24 KB
24 KB 44ms
26ms Image
image/webp 2606:4700:10::6814:4e9d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img5.secretchina.com/pic/2022/9-22/p3217652a730155693-ss.jpg

Requested by

Host: www.secretchina.com
URL: https://www.secretchina.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:4e9d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

35139e52e8748e48ba6cc57b279cbd9d520f163fca5456f1ba492fb670ff3284

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.secretchina.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 16:15:08 GMT
vary: Accept
cf-cache-status: HIT
age: 13131
cf-polished: qual=85, origFmt=jpeg, origSize=47333
content-disposition: inline; filename="p3217652a730155693-ss.webp"
content-length: 24426
last-modified: Thu, 22 Sep 2022 12:21:52 GMT
server: cloudflare
etag: "632c5360-b8e5"
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-type: image/webp
expires: Wed, 19 Jul 2023 12:22:40 GMT
cache-control: max-age=25920000
accept-ranges: bytes
cf-ray: 74ec566ccbba9951-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 p3216972a701793332-ss.jpg
img5.secretchina.com/pic/2022/9-21/ 44 KB
44 KB 49ms
31ms Image
image/webp 2606:4700:10::6814:4e9d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img5.secretchina.com/pic/2022/9-21/p3216972a701793332-ss.jpg

Requested by

Host: www.secretchina.com
URL: https://www.secretchina.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:4e9d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

94731a704ac58784dd892e856d3469593ef02ea3e1eeabdc34abdf584c0d50a7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.secretchina.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 16:15:08 GMT
vary: Accept
cf-cache-status: HIT
age: 62948
cf-polished: qual=85, origFmt=jpeg, origSize=69700
content-disposition: inline; filename="p3216972a701793332-ss.webp"
content-length: 44798
last-modified: Wed, 21 Sep 2022 00:24:27 GMT
server: cloudflare
etag: "632a59bb-11044"
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-type: image/webp
expires: Tue, 18 Jul 2023 22:30:41 GMT
cache-control: max-age=25920000
accept-ranges: bytes
cf-ray: 74ec566ccbb89951-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 font-awesome.min.css
www.secretchina.com/fontawesome/css/ 0
6 KB 28ms
27ms Other
text/css 2606:4700:10::6814:4e9d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.secretchina.com/fontawesome/css/font-awesome.min.css
Requested by: Host: www.secretchina.com
URL: https://www.secretchina.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:4e9d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.secretchina.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: public
date: Thu, 22 Sep 2022 16:15:08 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 24 Jul 2019 05:24:15 GMT
server: cloudflare
age: 4198604
etag: W/"5d37eb7f-685b"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=315360000
cf-ray: 74ec566cab8a9951-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 sprite2.png
www.secretchina.com/2017/images/ 202 KB
203 KB 25ms
25ms Image
image/webp 2606:4700:10::6814:4e9d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.secretchina.com/2017/images/sprite2.png

Requested by

Host: www.secretchina.com
URL: https://www.secretchina.com/2017/css/homecommon_v20.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:4e9d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5017ad29559d761bb429ea2085e4aff5e28f65c78d1effefed01a60c45753f33

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.secretchina.com/2017/css/homecommon_v20.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 16:15:08 GMT
vary: Accept
cf-cache-status: HIT
age: 1443
cf-polished: origFmt=png, origSize=278631
content-disposition: inline; filename="sprite2.webp"
content-length: 207268
last-modified: Wed, 24 Jul 2019 05:24:15 GMT
server: cloudflare
etag: "5d37eb7f-44067"
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-type: image/webp
cache-control: max-age=1800
accept-ranges: bytes
cf-ray: 74ec566cbb8f9951-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 bg_banner_h2.png
www.secretchina.com/2017/images/ 8 KB
8 KB 25ms
25ms Image
image/webp 2606:4700:10::6814:4e9d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.secretchina.com/2017/images/bg_banner_h2.png

Requested by

Host: www.secretchina.com
URL: https://www.secretchina.com/2017/css/homecommon_v20.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:4e9d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7076af8edcc49cb9dcd89531128333710112f3ba1dc9223fcc2b4b4a4c7547fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.secretchina.com/2017/css/homecommon_v20.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 16:15:08 GMT
vary: Accept
cf-cache-status: HIT
age: 3541
cf-polished: origFmt=png, origSize=12179
content-disposition: inline; filename="bg_banner_h2.webp"
content-length: 8398
last-modified: Wed, 24 Jul 2019 05:24:15 GMT
server: cloudflare
etag: "5d37eb7f-2f93"
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-type: image/webp
cache-control: max-age=1800
accept-ranges: bytes
cf-ray: 74ec566cbb909951-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 p3217641a803797746-ss.jpg
img5.secretchina.com/pic/2022/9-22/ 36 KB
36 KB 28ms
24ms Image
image/webp 2606:4700:10::6814:4e9d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img5.secretchina.com/pic/2022/9-22/p3217641a803797746-ss.jpg

Requested by

Host: www.secretchina.com
URL: https://www.secretchina.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:4e9d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5a80b6106ad076c28110bd576bb5371b7aa92160509a8779daa934bea64f0712

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.secretchina.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 16:15:08 GMT
vary: Accept
cf-cache-status: HIT
age: 13977
cf-polished: qual=85, origFmt=jpeg, origSize=114594
content-disposition: inline; filename="p3217641a803797746-ss.webp"
content-length: 36570
last-modified: Thu, 22 Sep 2022 12:00:13 GMT
server: cloudflare
etag: "632c4e4d-1bfa2"
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-type: image/webp
expires: Wed, 19 Jul 2023 12:01:03 GMT
cache-control: max-age=25920000
accept-ranges: bytes
cf-ray: 74ec566dad299951-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 p3217622a900840657-ss.jpg
img5.secretchina.com/pic/2022/9-22/ 20 KB
20 KB 92ms
88ms Image
image/webp 2606:4700:10::6814:4e9d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img5.secretchina.com/pic/2022/9-22/p3217622a900840657-ss.jpg

Requested by

Host: www.secretchina.com
URL: https://www.secretchina.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:4e9d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

48fc4c6cbcf1e761e48b4af0c0ec6fc0c6690874aaf73cc488288a0215792414

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.secretchina.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 16:15:08 GMT
vary: Accept
cf-cache-status: HIT
age: 17988
cf-polished: qual=85, origFmt=jpeg, origSize=32804
content-disposition: inline; filename="p3217622a900840657-ss.webp"
content-length: 20330
last-modified: Thu, 22 Sep 2022 11:06:31 GMT
server: cloudflare
etag: "632c41b7-8024"
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-type: image/webp
expires: Wed, 19 Jul 2023 11:09:57 GMT
cache-control: max-age=25920000
accept-ranges: bytes
cf-ray: 74ec566dad2a9951-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 p3000181a64210830-ss.jpg
img3.secretchina.com/pic/2021/9-5/ 31 KB
31 KB 134ms
41ms Image
image/jpeg 2606:4700:10::6814:4e9d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img3.secretchina.com/pic/2021/9-5/p3000181a64210830-ss.jpg

Requested by

Host: www.secretchina.com
URL: https://www.secretchina.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:4e9d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e70ad80d1c3f67c5a927df30171b129fe3a633e8f25bde20424a364c5fb358da

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.secretchina.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 16:15:08 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 53113
cf-polished: degrade=85, origSize=36951, status=webp_bigger
content-length: 31350
last-modified: Sat, 04 Sep 2021 19:32:40 GMT
server: cloudflare
etag: "6133c9d8-9057"
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-type: image/jpeg
expires: Wed, 19 Jul 2023 01:19:26 GMT
cache-control: max-age=25920000
accept-ranges: bytes
cf-ray: 74ec566e3e299951-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 p2967712a341811772-ss.jpg
img3.secretchina.com/pic/2021/7-8/ 25 KB
25 KB 133ms
40ms Image
image/webp 2606:4700:10::6814:4e9d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img3.secretchina.com/pic/2021/7-8/p2967712a341811772-ss.jpg

Requested by

Host: www.secretchina.com
URL: https://www.secretchina.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:4e9d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ce0dc340e76e902222017578b86f00381a97a3c54aa1ac433b18f1c34675e634

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.secretchina.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 16:15:08 GMT
vary: Accept
cf-cache-status: HIT
age: 58563
cf-polished: qual=85, origFmt=jpeg, origSize=131564
content-disposition: inline; filename="p2967712a341811772-ss.webp"
content-length: 25260
last-modified: Thu, 08 Jul 2021 06:16:05 GMT
server: cloudflare
etag: "60e69825-201ec"
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-type: image/webp
expires: Tue, 18 Jul 2023 23:31:15 GMT
cache-control: max-age=25920000
accept-ranges: bytes
cf-ray: 74ec566e3e2c9951-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 p3137382a945586109-ss.jpg
img5.secretchina.com/pic/2022/4-26/ 37 KB
37 KB 56ms
52ms Image
image/webp 2606:4700:10::6814:4e9d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img5.secretchina.com/pic/2022/4-26/p3137382a945586109-ss.jpg

Requested by

Host: www.secretchina.com
URL: https://www.secretchina.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:4e9d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f581f89ff823429c2034395ed6a4fa2aad86916aebad46e4cc96dc6f126954f4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.secretchina.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 16:15:08 GMT
vary: Accept
cf-cache-status: HIT
age: 49334
cf-polished: qual=85, origFmt=jpeg, origSize=65046
content-disposition: inline; filename="p3137382a945586109-ss.webp"
content-length: 37672
last-modified: Tue, 26 Apr 2022 10:19:11 GMT
server: cloudflare
etag: "6267c71f-fe16"
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-type: image/webp
expires: Wed, 19 Jul 2023 01:28:15 GMT
cache-control: max-age=25920000
accept-ranges: bytes
cf-ray: 74ec566dad2c9951-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 p3215772a5708254-ss.jpg
img5.secretchina.com/pic/2022/9-18/ 64 KB
64 KB 28ms
25ms Image
image/webp 2606:4700:10::6814:4e9d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img5.secretchina.com/pic/2022/9-18/p3215772a5708254-ss.jpg

Requested by

Host: www.secretchina.com
URL: https://www.secretchina.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:4e9d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6ee06f62f16850514e81466ef3b01ce9a0d76e7a699274d76a0421420c400b5b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.secretchina.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 16:15:08 GMT
vary: Accept
cf-cache-status: HIT
age: 11401
cf-polished: qual=85, origFmt=jpeg, origSize=86861
content-disposition: inline; filename="p3215772a5708254-ss.webp"
content-length: 65046
last-modified: Sun, 18 Sep 2022 09:11:21 GMT
server: cloudflare
etag: "6326e0b9-1534d"
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-type: image/webp
expires: Wed, 19 Jul 2023 10:00:32 GMT
cache-control: max-age=25920000
accept-ranges: bytes
cf-ray: 74ec566dad349951-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 p3212901a638902569-ss.jpg
img5.secretchina.com/pic/2022/9-12/ 18 KB
18 KB 26ms
23ms Image
image/webp 2606:4700:10::6814:4e9d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img5.secretchina.com/pic/2022/9-12/p3212901a638902569-ss.jpg

Requested by

Host: www.secretchina.com
URL: https://www.secretchina.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:4e9d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

928f6b3bbf417ce97e1c9445a39c11ddcff59e586f257cdb4910f3da8d85e23f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.secretchina.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 16:15:08 GMT
vary: Accept
cf-cache-status: HIT
age: 110731
cf-polished: qual=85, origFmt=jpeg, origSize=119040
content-disposition: inline; filename="p3212901a638902569-ss.webp"
content-length: 18446
last-modified: Mon, 12 Sep 2022 09:26:37 GMT
server: cloudflare
etag: "631efb4d-1d100"
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-type: image/webp
expires: Tue, 18 Jul 2023 09:23:18 GMT
cache-control: max-age=25920000
accept-ranges: bytes
cf-ray: 74ec566dad379951-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 p3200691a477859962-ss.jpg
img5.secretchina.com/pic/2022/8-19/ 18 KB
19 KB 82ms
79ms Image
image/webp 2606:4700:10::6814:4e9d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img5.secretchina.com/pic/2022/8-19/p3200691a477859962-ss.jpg

Requested by

Host: www.secretchina.com
URL: https://www.secretchina.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:4e9d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ab43b82750f08cb0e29eb04770d88b2db804b2e0afec33600c5ca860b0aff8e7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.secretchina.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 16:15:08 GMT
vary: Accept
cf-cache-status: HIT
age: 53835
cf-polished: qual=85, origFmt=jpeg, origSize=40632
content-disposition: inline; filename="p3200691a477859962-ss.webp"
content-length: 18856
last-modified: Fri, 19 Aug 2022 05:21:33 GMT
server: cloudflare
etag: "62ff1ddd-9eb8"
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-type: image/webp
expires: Wed, 19 Jul 2023 01:15:16 GMT
cache-control: max-age=25920000
accept-ranges: bytes
cf-ray: 74ec566dad399951-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 pixel.gif
www.secretchina.com/styles/drupal/images/ 34 B
238 B 30ms
27ms Image
image/webp 2606:4700:10::6814:4e9d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.secretchina.com/styles/drupal/images/pixel.gif
Requested by: Host: www.secretchina.com
URL: https://www.secretchina.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:4e9d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 86be52bdb7547413cafb3ed175a806a798c65de98b40849e0b974c47d187de65

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.secretchina.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 16:15:08 GMT
cf-cache-status: HIT
age: 653079
cf-polished: origFmt=gif, origSize=43
content-disposition: inline; filename="pixel.webp"
content-length: 34
pragma: public
last-modified: Wed, 24 Jul 2019 05:24:16 GMT
server: cloudflare
etag: "5d37eb80-2b"
vary: Accept
content-type: image/webp
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
accept-ranges: bytes
cf-ray: 74ec566dad3a9951-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 bg_headlines_h2.png
www.secretchina.com/2017/images/ 2 KB
2 KB 28ms
26ms Image
image/webp 2606:4700:10::6814:4e9d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.secretchina.com/2017/images/bg_headlines_h2.png

Requested by

Host: www.secretchina.com
URL: https://www.secretchina.com/2017/css/homecommon_v20.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:4e9d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c3e97d1c4bccb2f5e94904254a1e2abfbf473a59ff424076faafd4a0908f64c5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.secretchina.com/2017/css/homecommon_v20.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 16:15:08 GMT
vary: Accept
cf-cache-status: HIT
age: 1443
cf-polished: origFmt=png, origSize=13119
content-disposition: inline; filename="bg_headlines_h2.webp"
content-length: 1882
last-modified: Wed, 24 Jul 2019 05:24:15 GMT
server: cloudflare
etag: "5d37eb7f-333f"
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-type: image/webp
cache-control: max-age=1800
accept-ranges: bytes
cf-ray: 74ec566dad3d9951-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 bg_video_h22.jpg
www.secretchina.com/2017/images/ 2 KB
2 KB 33ms
32ms Image
image/jpeg 2606:4700:10::6814:4e9d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.secretchina.com/2017/images/bg_video_h22.jpg

Requested by

Host: www.secretchina.com
URL: https://www.secretchina.com/2017/css/homecommon_v20.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:4e9d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d2c15578d402aa9cfd3ebe10dc36b95090fad5a4f81344e0b77ffd0e1d1a2d31

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.secretchina.com/2017/css/homecommon_v20.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 16:15:08 GMT
cf-cache-status: HIT
last-modified: Wed, 24 Jul 2019 05:24:15 GMT
server: cloudflare
age: 1761
etag: "5d37eb7f-6ccd"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=1800
cf-polished: degrade=85, origSize=27853, status=webp_bigger
strict-transport-security: max-age=31536000; includeSubdomains; preload
accept-ranges: bytes
cf-ray: 74ec566dbd4a9951-FRA
content-length: 1555
cf-bgj: imgq:85,h2pri

GET
H2 200 fontawesome-webfont.woff2
www.secretchina.com/fontawesome/fonts/ 63 KB
63 KB 33ms
32ms Font
application/font-woff2 2606:4700:10::6814:4e9d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.secretchina.com/fontawesome/fonts/fontawesome-webfont.woff2?v=4.4.0
Requested by: Host: www.secretchina.com
URL: https://www.secretchina.com/fontawesome/css/font-awesome.min.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:4e9d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3c4a1bb7ce3234407184f0d80cc4dec075e4ad616b44dcc5778e1cfb1bc24019

Request headers

Referer: https://www.secretchina.com/fontawesome/css/font-awesome.min.css
Origin: https://www.secretchina.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: public
date: Thu, 22 Sep 2022 16:15:08 GMT
cf-cache-status: HIT
last-modified: Wed, 24 Jul 2019 05:24:15 GMT
server: cloudflare
age: 4196277
etag: "5d37eb7f-fbd0"
vary: Accept-Encoding
content-type: application/font-woff2
cache-control: public, max-age=315360000
accept-ranges: bytes
cf-ray: 74ec566dad3f9951-FRA
content-length: 64464
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 fontello.woff2
www.secretchina.com/2017/fonts/ 3 KB
3 KB 72ms
71ms Font
application/font-woff2 2606:4700:10::6814:4e9d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.secretchina.com/2017/fonts/fontello.woff2?26716866

Requested by

Host: www.secretchina.com
URL: https://www.secretchina.com/2017/css/homecommon_v20.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:4e9d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8ebc05861d6690e4e588f21d7eddd3538267931a4599dea310b5fb535ebe9602

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload

Request headers

Referer: https://www.secretchina.com/2017/css/homecommon_v20.css
Origin: https://www.secretchina.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 16:15:08 GMT
cf-cache-status: HIT
last-modified: Wed, 24 Jul 2019 05:24:15 GMT
server: cloudflare
age: 1442
etag: "5d37eb7f-cd8"
vary: Accept-Encoding
content-type: application/font-woff2
cache-control: max-age=1800
strict-transport-security: max-age=31536000; includeSubdomains; preload
accept-ranges: bytes
cf-ray: 74ec566dad419951-FRA
content-length: 3288

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 80 KB
28 KB 296ms
152ms Script
text/javascript 2a00:1450:400d:805::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.secretchina.com
URL: https://www.secretchina.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:805::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0ffcf3aff7299466635b70c8562870bd1853a859a488ad86d51b9a9da1e93a7a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.secretchina.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 16:15:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27800
x-xss-protection: 0
server: sffe
etag: "1341 / 506 of 1000 / last-modified: 1663845016"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 22 Sep 2022 16:15:08 GMT

GET
H2 200 1d.jpg
www.secretchina.com/2017/images/ 3 KB
3 KB 49ms
41ms Image
image/webp 2606:4700:10::6814:4e9d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.secretchina.com/2017/images/1d.jpg

Requested by

Host: www.secretchina.com
URL: https://www.secretchina.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:4e9d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2868d4a79fc4f9f4cf79e69bf6a0e5f60e9a205259075f096514be26b17333bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.secretchina.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 16:15:08 GMT
vary: Accept
cf-cache-status: HIT
age: 1762
cf-polished: qual=85, origFmt=jpeg, origSize=32623
content-disposition: inline; filename="1d.webp"
content-length: 2628
last-modified: Wed, 24 Jul 2019 05:24:15 GMT
server: cloudflare
etag: "5d37eb7f-7f6f"
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-type: image/webp
cache-control: max-age=1800
accept-ranges: bytes
cf-ray: 74ec566e3e2f9951-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 2.jpg
www.secretchina.com/2017/images/ 3 KB
3 KB 48ms
40ms Image
image/webp 2606:4700:10::6814:4e9d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.secretchina.com/2017/images/2.jpg?new.jpg

Requested by

Host: www.secretchina.com
URL: https://www.secretchina.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:4e9d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a6c0660a534027da674ddc11f8c2970c17dd96bf111649103b9f5c089eba4e61

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.secretchina.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 16:15:08 GMT
vary: Accept
cf-cache-status: HIT
age: 453
cf-polished: qual=85, origFmt=jpeg, origSize=9308
content-disposition: inline; filename="2.webp"
content-length: 2918
last-modified: Wed, 24 Jul 2019 05:24:15 GMT
server: cloudflare
etag: "5d37eb7f-245c"
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-type: image/webp
cache-control: max-age=1800
accept-ranges: bytes
cf-ray: 74ec566e3e329951-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 20037.jpg
www.secretchina.com/2017/images/ 3 KB
3 KB 53ms
28ms Image
image/webp 2606:4700:10::6814:4e9d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.secretchina.com/2017/images/20037.jpg?new.jpg

Requested by

Host: www.secretchina.com
URL: https://www.secretchina.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:4e9d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0b585a57221f6a06c9fc8f387c50521ce3ccd93f4cae528ba0bbfdde9cc59dbe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.secretchina.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 16:15:08 GMT
vary: Accept
cf-cache-status: HIT
age: 5949
cf-polished: qual=85, origFmt=jpeg, origSize=8732
content-disposition: inline; filename="20037.webp"
content-length: 2906
last-modified: Wed, 24 Jul 2019 05:24:15 GMT
server: cloudflare
etag: "5d37eb7f-221c"
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-type: image/webp
cache-control: max-age=1800
accept-ranges: bytes
cf-ray: 74ec566e9f149951-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 20164.jpg
www.secretchina.com/2017/images/ 3 KB
3 KB 53ms
29ms Image
image/webp 2606:4700:10::6814:4e9d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.secretchina.com/2017/images/20164.jpg?new.jpg

Requested by

Host: www.secretchina.com
URL: https://www.secretchina.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:4e9d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ff472beb03fc419e846da81d972be74882579ffbd1ee920a404b145acdf1f57d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.secretchina.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 16:15:08 GMT
vary: Accept
cf-cache-status: HIT
age: 1762
cf-polished: qual=85, origFmt=jpeg, origSize=5398
content-disposition: inline; filename="20164.webp"
content-length: 2830
last-modified: Sat, 13 Nov 2021 18:20:44 GMT
server: cloudflare
etag: "619001fc-1516"
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-type: image/webp
cache-control: max-age=1800
accept-ranges: bytes
cf-ray: 74ec566e9f169951-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 20036.jpg
www.secretchina.com/2017/images/ 2 KB
3 KB 53ms
29ms Image
image/webp 2606:4700:10::6814:4e9d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.secretchina.com/2017/images/20036.jpg?new.jpg

Requested by

Host: www.secretchina.com
URL: https://www.secretchina.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:4e9d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

127166833879114664cdae4a72863088d40084c4145837a58d13021bf4af57ad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.secretchina.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 16:15:08 GMT
vary: Accept
cf-cache-status: HIT
age: 4639
cf-polished: qual=85, origFmt=jpeg, origSize=5250
content-disposition: inline; filename="20036.webp"
content-length: 2448
last-modified: Sat, 13 Nov 2021 18:20:44 GMT
server: cloudflare
etag: "619001fc-1482"
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-type: image/webp
cache-control: max-age=1800
accept-ranges: bytes
cf-ray: 74ec566e9f1a9951-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 5.jpg
www.secretchina.com/2017/images/ 3 KB
3 KB 53ms
32ms Image
image/webp 2606:4700:10::6814:4e9d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.secretchina.com/2017/images/5.jpg?new.jpg

Requested by

Host: www.secretchina.com
URL: https://www.secretchina.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:4e9d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

438be98bf60b7696afd59fba0aa8ec03b2890af7986e0a2d0c99d96669bed764

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.secretchina.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 16:15:08 GMT
vary: Accept
cf-cache-status: HIT
age: 453
cf-polished: qual=85, origFmt=jpeg, origSize=10202
content-disposition: inline; filename="5.webp"
content-length: 3330
last-modified: Wed, 24 Jul 2019 05:24:15 GMT
server: cloudflare
etag: "5d37eb7f-27da"
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-type: image/webp
cache-control: max-age=1800
accept-ranges: bytes
cf-ray: 74ec566e9f1e9951-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 9.jpg
www.secretchina.com/2017/images/ 3 KB
3 KB 52ms
30ms Image
image/webp 2606:4700:10::6814:4e9d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.secretchina.com/2017/images/9.jpg?new.jpg

Requested by

Host: www.secretchina.com
URL: https://www.secretchina.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:4e9d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

538f7c7752504def5c4903458449025d0827ada6ee25ffe0f9cc8efd9038452a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.secretchina.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 16:15:08 GMT
vary: Accept
cf-cache-status: HIT
age: 1761
cf-polished: qual=85, origFmt=jpeg, origSize=8640
content-disposition: inline; filename="9.webp"
content-length: 2596
last-modified: Wed, 24 Jul 2019 05:24:15 GMT
server: cloudflare
etag: "5d37eb7f-21c0"
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-type: image/webp
cache-control: max-age=1800
accept-ranges: bytes
cf-ray: 74ec566e9f1f9951-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 4.jpg
www.secretchina.com/2017/images/ 3 KB
3 KB 80ms
59ms Image
image/webp 2606:4700:10::6814:4e9d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.secretchina.com/2017/images/4.jpg?new.jpg

Requested by

Host: www.secretchina.com
URL: https://www.secretchina.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:4e9d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

79fd3c4a612676cfe51b579104ff56ee024be43f14c51a6c84ca569f2799a20f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.secretchina.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 16:15:08 GMT
vary: Accept
cf-cache-status: HIT
age: 1761
cf-polished: qual=85, origFmt=jpeg, origSize=9058
content-disposition: inline; filename="4.webp"
content-length: 2868
last-modified: Wed, 24 Jul 2019 05:24:15 GMT
server: cloudflare
etag: "5d37eb7f-2362"
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-type: image/webp
cache-control: max-age=1800
accept-ranges: bytes
cf-ray: 74ec566e9f209951-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 6.jpg
www.secretchina.com/2017/images/ 3 KB
3 KB 48ms
31ms Image
image/webp 2606:4700:10::6814:4e9d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.secretchina.com/2017/images/6.jpg?new.jpg

Requested by

Host: www.secretchina.com
URL: https://www.secretchina.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:4e9d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

566cf6379f6dd5e58f7630de3285135f945ba08376cc76f0be3c8966fc2e7ce9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.secretchina.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 16:15:08 GMT
vary: Accept
cf-cache-status: HIT
age: 1761
cf-polished: qual=85, origFmt=jpeg, origSize=9371
content-disposition: inline; filename="6.webp"
content-length: 2744
last-modified: Wed, 24 Jul 2019 05:24:15 GMT
server: cloudflare
etag: "5d37eb7f-249b"
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-type: image/webp
cache-control: max-age=1800
accept-ranges: bytes
cf-ray: 74ec566e9f229951-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 8.jpg
www.secretchina.com/2017/images/ 3 KB
3 KB 47ms
31ms Image
image/webp 2606:4700:10::6814:4e9d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.secretchina.com/2017/images/8.jpg?new.jpg

Requested by

Host: www.secretchina.com
URL: https://www.secretchina.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:4e9d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

739cd6e87c765fb38da617ec950af02f81a65828da89c59089dda152524982d9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.secretchina.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 16:15:08 GMT
vary: Accept
cf-cache-status: HIT
age: 4638
cf-polished: qual=85, origFmt=jpeg, origSize=10410
content-disposition: inline; filename="8.webp"
content-length: 3144
last-modified: Wed, 24 Jul 2019 05:24:15 GMT
server: cloudflare
etag: "5d37eb7f-28aa"
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-type: image/webp
cache-control: max-age=1800
accept-ranges: bytes
cf-ray: 74ec566e9f379951-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 10.jpg
www.secretchina.com/2017/images/ 3 KB
3 KB 45ms
30ms Image
image/webp 2606:4700:10::6814:4e9d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.secretchina.com/2017/images/10.jpg?new.jpg

Requested by

Host: www.secretchina.com
URL: https://www.secretchina.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:4e9d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

42f1100954ec9fe34190bd640e4f72ae70707be29020cb9b9162eca77ade1540

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.secretchina.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 16:15:08 GMT
vary: Accept
cf-cache-status: HIT
age: 1761
cf-polished: qual=85, origFmt=jpeg, origSize=9893
content-disposition: inline; filename="10.webp"
content-length: 3004
last-modified: Wed, 24 Jul 2019 05:24:15 GMT
server: cloudflare
etag: "5d37eb7f-26a5"
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-type: image/webp
cache-control: max-age=1800
accept-ranges: bytes
cf-ray: 74ec566e9f3b9951-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 7.jpg
www.secretchina.com/2017/images/ 3 KB
3 KB 53ms
37ms Image
image/webp 2606:4700:10::6814:4e9d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.secretchina.com/2017/images/7.jpg?new.jpg

Requested by

Host: www.secretchina.com
URL: https://www.secretchina.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:4e9d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c6aca523f474928696e86017d3937e7994a04f3b643a9ead4b1306466a30c65f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.secretchina.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 16:15:08 GMT
vary: Accept
cf-cache-status: HIT
age: 4637
cf-polished: qual=85, origFmt=jpeg, origSize=8910
content-disposition: inline; filename="7.webp"
content-length: 2664
last-modified: Wed, 24 Jul 2019 05:24:15 GMT
server: cloudflare
etag: "5d37eb7f-22ce"
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-type: image/webp
cache-control: max-age=1800
accept-ranges: bytes
cf-ray: 74ec566e9f3c9951-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 11.jpg
www.secretchina.com/2017/images/ 3 KB
3 KB 83ms
68ms Image
image/webp 2606:4700:10::6814:4e9d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.secretchina.com/2017/images/11.jpg?new.jpg

Requested by

Host: www.secretchina.com
URL: https://www.secretchina.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:4e9d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3d350a927fe3af2e47158c3e76ba2c08e93e9f90f20bed535dc87a80c6ecfca9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.secretchina.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 16:15:08 GMT
vary: Accept
cf-cache-status: HIT
age: 1761
cf-polished: qual=85, origFmt=jpeg, origSize=8854
content-disposition: inline; filename="11.webp"
content-length: 2714
last-modified: Wed, 24 Jul 2019 05:24:15 GMT
server: cloudflare
etag: "5d37eb7f-2296"
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-type: image/webp
cache-control: max-age=1800
accept-ranges: bytes
cf-ray: 74ec566e9f3d9951-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 12.jpg
www.secretchina.com/2017/images/ 2 KB
3 KB 44ms
30ms Image
image/webp 2606:4700:10::6814:4e9d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.secretchina.com/2017/images/12.jpg?new.jpg

Requested by

Host: www.secretchina.com
URL: https://www.secretchina.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:4e9d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4570ddb70e94ca42497663daeb0352356c137ccde1bac94bc2cd9375869b220d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.secretchina.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 16:15:08 GMT
vary: Accept
cf-cache-status: HIT
age: 1761
cf-polished: qual=85, origFmt=jpeg, origSize=8216
content-disposition: inline; filename="12.webp"
content-length: 2492
last-modified: Wed, 24 Jul 2019 05:24:15 GMT
server: cloudflare
etag: "5d37eb7f-2018"
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-type: image/webp
cache-control: max-age=1800
accept-ranges: bytes
cf-ray: 74ec566e9f3e9951-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 168 KB
57 KB 248ms
99ms Script
text/javascript 2a00:1450:400d:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1276641434651360

Requested by

Host: www.secretchina.com
URL: https://www.secretchina.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

48d3f1eea8eb991be984e7df1530f50765552a8c003c5b0a067faf3b8072cc3f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.secretchina.com/
Origin: https://www.secretchina.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 16:15:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 58077
x-xss-protection: 0
server: cafe
etag: 7826035665191316123
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 22 Sep 2022 16:15:08 GMT

GET
H2 200 kzgmembership_20210704-300x250.gif
www.secretchina.com/kzgd/ad/ 42 KB
42 KB 49ms
36ms Image
image/webp 2606:4700:10::6814:4e9d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.secretchina.com/kzgd/ad/kzgmembership_20210704-300x250.gif

Requested by

Host: www.secretchina.com
URL: https://www.secretchina.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:4e9d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cd5afed888d1c2c1ee7e27e82bb125a2e7bad609f8dbab2e82ea3b39263f846a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.secretchina.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 16:15:08 GMT
vary: Accept
cf-cache-status: HIT
age: 4918
cf-polished: origFmt=gif, origSize=52256
content-disposition: inline; filename="kzgmembership_20210704-300x250.webp"
content-length: 42768
last-modified: Fri, 02 Jul 2021 00:45:07 GMT
server: cloudflare
etag: "60de6193-cc20"
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-type: image/webp
cache-control: max-age=1800
accept-ranges: bytes
cf-ray: 74ec566e9f3f9951-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 SYZP-ch-campaign2-300x250-v3.jpg
www.secretchina.com/ad/shenyun/2022/ 14 KB
14 KB 45ms
33ms Image
image/webp 2606:4700:10::6814:4e9d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.secretchina.com/ad/shenyun/2022/SYZP-ch-campaign2-300x250-v3.jpg
Requested by: Host: www.secretchina.com
URL: https://www.secretchina.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:4e9d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9ea9e22c698cd73d76b50c68568bbc7d45b27befcaa78b18eed190317ab7124d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.secretchina.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 16:15:08 GMT
cf-cache-status: HIT
age: 475395
cf-polished: qual=85, origFmt=jpeg, origSize=65668
content-disposition: inline; filename="SYZP-ch-campaign2-300x250-v3.webp"
content-length: 13984
pragma: public
last-modified: Sat, 17 Sep 2022 03:58:55 GMT
server: cloudflare
etag: "632545ff-10084"
vary: Accept
content-type: image/webp
expires: Fri, 14 Jul 2023 04:11:53 GMT
cache-control: public, max-age=25920000
accept-ranges: bytes
cf-ray: 74ec566eaf589951-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 tuidang2020.jpg
www.secretchina.com/ad/ 21 KB
21 KB 48ms
37ms Image
image/webp 2606:4700:10::6814:4e9d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.secretchina.com/ad/tuidang2020.jpg
Requested by: Host: www.secretchina.com
URL: https://www.secretchina.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:4e9d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2ad91c6bb69d1ee823cec3995bb19ca816f03a26453354b3cc40adced338269d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.secretchina.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 16:15:08 GMT
cf-cache-status: HIT
age: 245581
cf-polished: qual=85, origFmt=jpeg, origSize=40875
content-disposition: inline; filename="tuidang2020.webp"
content-length: 21516
pragma: public
last-modified: Thu, 20 Aug 2020 04:28:02 GMT
server: cloudflare
etag: "5f3dfbd2-9fab"
vary: Accept
content-type: image/webp
expires: Sun, 16 Jul 2023 20:02:07 GMT
cache-control: public, max-age=25920000
accept-ranges: bytes
cf-ray: 74ec566eaf5b9951-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 RFI_chinois-traditionel-rvb.png
www.secretchina.com/ad/ 1 KB
1 KB 57ms
46ms Image
image/webp 2606:4700:10::6814:4e9d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.secretchina.com/ad/RFI_chinois-traditionel-rvb.png
Requested by: Host: www.secretchina.com
URL: https://www.secretchina.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:4e9d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 733207f5e543350f025af0bdc9887a602e96ab4b509b04fc1e897430274bd533

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.secretchina.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 16:15:08 GMT
cf-cache-status: HIT
age: 1807415
cf-polished: origFmt=png, origSize=4199
content-disposition: inline; filename="RFI_chinois-traditionel-rvb.webp"
content-length: 1344
pragma: public
last-modified: Wed, 24 Jul 2019 05:24:15 GMT
server: cloudflare
etag: "5d37eb7f-1067"
vary: Accept
content-type: image/webp
expires: Wed, 28 Jun 2023 18:11:33 GMT
cache-control: public, max-age=25920000
accept-ranges: bytes
cf-ray: 74ec566eaf5c9951-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 hadsgbb5.jpg
www.secretchina.com/2017/images/ 5 KB
5 KB 63ms
51ms Image
image/webp 2606:4700:10::6814:4e9d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.secretchina.com/2017/images/hadsgbb5.jpg

Requested by

Host: www.secretchina.com
URL: https://www.secretchina.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:4e9d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

86508c980dd7b8d5b446adf730b076703676dd73e018418fa28eab8bd806fe4f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.secretchina.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 16:15:08 GMT
vary: Accept
cf-cache-status: HIT
age: 2952
cf-polished: qual=85, origFmt=jpeg, origSize=45323
content-disposition: inline; filename="hadsgbb5.webp"
content-length: 5248
last-modified: Wed, 24 Jul 2019 05:24:15 GMT
server: cloudflare
etag: "5d37eb7f-b10b"
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-type: image/webp
cache-control: max-age=1800
accept-ranges: bytes
cf-ray: 74ec566eaf5e9951-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 dn3010-300.jpg
www.secretchina.com/2017/ad2017/ 6 KB
6 KB 64ms
52ms Image
image/webp 2606:4700:10::6814:4e9d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.secretchina.com/2017/ad2017/dn3010-300.jpg

Requested by

Host: www.secretchina.com
URL: https://www.secretchina.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:4e9d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1857569588d94b9d98ce5b638553d93053bd19eb4366c93b51439b03ddbf7fcd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.secretchina.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 16:15:08 GMT
vary: Accept
cf-cache-status: HIT
age: 5949
cf-polished: qual=85, origFmt=jpeg, origSize=23541
content-disposition: inline; filename="dn3010-300.webp"
content-length: 5878
last-modified: Sat, 14 Dec 2019 16:26:28 GMT
server: cloudflare
etag: "5df50d34-5bf5"
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-type: image/webp
cache-control: max-age=1800
accept-ranges: bytes
cf-ray: 74ec566eaf609951-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 blank.gif
counter.secretchina.com/ 43 B
145 B 336ms
316ms Image
image/gif 2606:4700:10::6814:4e9d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://counter.secretchina.com/blank.gif
Requested by: Host: www.secretchina.com
URL: https://www.secretchina.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:4e9d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.secretchina.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 16:15:08 GMT
cf-cache-status: DYNAMIC
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: cloudflare
content-type: image/gif
cache-control: no-store
cf-ray: 74ec566ebf759951-FRA
content-length: 43

GET
H2 200 jquery.min.js Show response
www.secretchina.com/scripts/jquery/1.11.2/ 94 KB
33 KB 59ms
49ms Script
application/javascript 2606:4700:10::6814:4e9d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.secretchina.com/scripts/jquery/1.11.2/jquery.min.js
Requested by: Host: www.secretchina.com
URL: https://www.secretchina.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:4e9d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2ecd295d295bec062cedebe177e54b9d6b19fc0a841dc5c178c654c9ccff09c0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.secretchina.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: public
date: Thu, 22 Sep 2022 16:15:08 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 24 Jul 2019 05:24:15 GMT
server: cloudflare
age: 4198681
etag: W/"5d37eb7f-176bb"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=315360000
cf-ray: 74ec566eaf419951-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 jquery-ui.min.js Show response
www.secretchina.com/scripts/jqueryui/1.11.2/ 234 KB
63 KB 55ms
47ms Script
application/javascript 2606:4700:10::6814:4e9d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.secretchina.com/scripts/jqueryui/1.11.2/jquery-ui.min.js
Requested by: Host: www.secretchina.com
URL: https://www.secretchina.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:4e9d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7ab17d7c830048456601619d3a6422eb5e419b1d0bfef58d8b1c533435d2e054

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.secretchina.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: public
date: Thu, 22 Sep 2022 16:15:08 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 24 Jul 2019 05:24:15 GMT
server: cloudflare
age: 4198681
etag: W/"5d37eb7f-3a7cc"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=315360000
cf-ray: 74ec566eaf429951-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 plugin.js Show response
www.secretchina.com/2017/js/ 69 KB
18 KB 60ms
52ms Script
application/javascript 2606:4700:10::6814:4e9d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.secretchina.com/2017/js/plugin.js

Requested by

Host: www.secretchina.com
URL: https://www.secretchina.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:4e9d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e467476ba7643856db749705a0ed3d5e6d3ad96db189bf40ae48b85e74fe1fe0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.secretchina.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 16:15:08 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 24 Jul 2019 05:24:15 GMT
server: cloudflare
age: 1835
etag: W/"5d37eb7f-117a2"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=1800
cf-polished: origSize=71586
strict-transport-security: max-age=31536000; includeSubdomains; preload
cf-ray: 74ec566eaf459951-FRA
cf-bgj: minify

GET
H2 200 common.js Show response
www.secretchina.com/2017/js/ 3 KB
1 KB 39ms
31ms Script
application/javascript 2606:4700:10::6814:4e9d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.secretchina.com/2017/js/common.js

Requested by

Host: www.secretchina.com
URL: https://www.secretchina.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:4e9d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dce8abefd46a31ae13945b2f096b9a9f09459e4f78c9ebc0eb155a105f8c69c5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.secretchina.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 16:15:08 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 24 Jul 2019 05:24:15 GMT
server: cloudflare
age: 5950
etag: W/"5d37eb7f-118c"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=1800
cf-polished: origSize=4492
strict-transport-security: max-age=31536000; includeSubdomains; preload
cf-ray: 74ec566eaf489951-FRA
cf-bgj: minify

GET
H2 200 LAB-init-v1.4.js Show response
www.secretchina.com/scripts/common/ 6 KB
3 KB 39ms
31ms Script
application/javascript 2606:4700:10::6814:4e9d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.secretchina.com/scripts/common/LAB-init-v1.4.js
Requested by: Host: www.secretchina.com
URL: https://www.secretchina.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:4e9d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 198c146d1a283aee0829516325381542a20b0c7b969850f47fe73c787739e3f3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.secretchina.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: public
date: Thu, 22 Sep 2022 16:15:08 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 24 Jul 2019 05:24:15 GMT
server: cloudflare
age: 4198681
etag: W/"5d37eb7f-176e"
vary: Accept-Encoding
content-type: application/javascript
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
cf-polished: origSize=5998
cf-ray: 74ec566eaf499951-FRA
cf-bgj: minify

GET
H2 200 jquery.cookie.js Show response
www.secretchina.com/scripts/jquery/ 2 KB
945 B 65ms
58ms Script
application/javascript 2606:4700:10::6814:4e9d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.secretchina.com/scripts/jquery/jquery.cookie.js
Requested by: Host: www.secretchina.com
URL: https://www.secretchina.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:4e9d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 829ad186198b945e530eaed93d543ba37a3ee36c4bd5cd5002c383920f5da8c6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.secretchina.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: public
date: Thu, 22 Sep 2022 16:15:08 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 24 Jul 2019 05:24:15 GMT
server: cloudflare
age: 4198681
etag: W/"5d37eb7f-920"
vary: Accept-Encoding
content-type: application/javascript
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
cf-polished: origSize=2336
cf-ray: 74ec566eaf4a9951-FRA
cf-bgj: minify

GET
H2 200 jquery.lazy.js Show response
www.secretchina.com/scripts/jquery/ 4 KB
2 KB 61ms
53ms Script
application/javascript 2606:4700:10::6814:4e9d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.secretchina.com/scripts/jquery/jquery.lazy.js
Requested by: Host: www.secretchina.com
URL: https://www.secretchina.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:4e9d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8e93c7cb6294ff3894e9c613e07259cbea3e3087cbf6187e806f42ba34c8a6fc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.secretchina.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: public
date: Thu, 22 Sep 2022 16:15:08 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 24 Jul 2019 05:24:15 GMT
server: cloudflare
age: 4198681
etag: W/"5d37eb7f-2d1f"
vary: Accept-Encoding
content-type: application/javascript
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
cf-polished: origSize=11551
cf-ray: 74ec566eaf559951-FRA
cf-bgj: minify

GET
H2 200 application_v1.17.js Show response
www.secretchina.com/scripts/ 16 KB
5 KB 39ms
32ms Script
application/javascript 2606:4700:10::6814:4e9d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.secretchina.com/scripts/application_v1.17.js
Requested by: Host: www.secretchina.com
URL: https://www.secretchina.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:4e9d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c3d082e72e93441dc851b93e7a1a3bd60fa6485def0c7247d8f4a3d73fa69587

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.secretchina.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: public
date: Thu, 22 Sep 2022 16:15:08 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 14 Oct 2021 15:24:11 GMT
server: cloudflare
age: 4198681
etag: W/"61684b9b-7ca8"
vary: Accept-Encoding
content-type: application/javascript
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
cf-polished: origSize=31912
cf-ray: 74ec566eaf569951-FRA
cf-bgj: minify

GET
H2 200 ad_bottom_v2.js Show response
www.secretchina.com/2017/ads/3/ 3 KB
1 KB 52ms
45ms Script
application/javascript 2606:4700:10::6814:4e9d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.secretchina.com/2017/ads/3/ad_bottom_v2.js

Requested by

Host: www.secretchina.com
URL: https://www.secretchina.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:4e9d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d03da595c6c699e32cceb251c4e071f40100ffd8af54f4b6194fc23f0a475e20

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.secretchina.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 16:15:08 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 24 Jul 2019 05:24:15 GMT
server: cloudflare
age: 1443
etag: W/"5d37eb7f-11f8"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=1800
cf-polished: origSize=4600
strict-transport-security: max-age=31536000; includeSubdomains; preload
cf-ray: 74ec566eaf619951-FRA
cf-bgj: minify

GET
H2 200 ad_home7.js Show response
www.secretchina.com/2017/ads/3/ 4 KB
945 B 42ms
34ms Script
application/javascript 2606:4700:10::6814:4e9d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.secretchina.com/2017/ads/3/ad_home7.js

Requested by

Host: www.secretchina.com
URL: https://www.secretchina.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:4e9d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

902cdb5ec93a596170074a2b7323de782ad2b87f0ea0ffd02f8dd20684d36c40

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.secretchina.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 16:15:08 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Sun, 28 Jun 2020 20:47:56 GMT
server: cloudflare
age: 1762
etag: W/"5ef901fc-11dc"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=1800
cf-polished: origSize=4572
strict-transport-security: max-age=31536000; includeSubdomains; preload
cf-ray: 74ec566eaf639951-FRA
cf-bgj: minify

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 109 KB
42 KB 67ms
59ms Script
application/javascript 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-34047140-1

Requested by

Host: www.secretchina.com
URL: https://www.secretchina.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

00c754ef29dfe378afb1e05bc2f4425cbb65dd4d4a3e2b0ea0ff2e1a48d35418

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.secretchina.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 16:15:08 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43323
x-xss-protection: 0
expires: Thu, 22 Sep 2022 16:15:08 GMT

GET
H2 200 p3205981a547504920-ss.jpg
img5.secretchina.com/pic/2022/8-28/ 81 KB
81 KB 45ms
38ms Image
image/webp 2606:4700:10::6814:4e9d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img5.secretchina.com/pic/2022/8-28/p3205981a547504920-ss.jpg

Requested by

Host: www.secretchina.com
URL: https://www.secretchina.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:4e9d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e14ac1dde40c374c7e07ea437dac3a735936a947ebaec6ab0cdb0b8c7f456339

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.secretchina.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 16:15:08 GMT
vary: Accept
cf-cache-status: HIT
age: 44781
cf-polished: qual=85, origFmt=jpeg, origSize=109513
content-disposition: inline; filename="p3205981a547504920-ss.webp"
content-length: 82446
last-modified: Sat, 27 Aug 2022 16:23:56 GMT
server: cloudflare
etag: "630a451c-1abc9"
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-type: image/webp
expires: Wed, 19 Jul 2023 03:42:28 GMT
cache-control: max-age=25920000
accept-ranges: bytes
cf-ray: 74ec566eaf659951-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 p3217437a853544745-ss.jpg
img5.secretchina.com/pic/2022/9-22/ 26 KB
26 KB 53ms
46ms Image
image/webp 2606:4700:10::6814:4e9d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img5.secretchina.com/pic/2022/9-22/p3217437a853544745-ss.jpg

Requested by

Host: www.secretchina.com
URL: https://www.secretchina.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:4e9d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ad15f01955a4bac7a25be5b59162642cc0c0b03ec7dce7352d398e9ab51e0b58

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.secretchina.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 16:15:08 GMT
vary: Accept
cf-cache-status: HIT
age: 33209
cf-polished: qual=85, origFmt=jpeg, origSize=93057
content-disposition: inline; filename="p3217437a853544745-ss.webp"
content-length: 26458
last-modified: Thu, 22 Sep 2022 01:37:22 GMT
server: cloudflare
etag: "632bbc52-16b81"
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-type: image/webp
expires: Wed, 19 Jul 2023 06:07:38 GMT
cache-control: max-age=25920000
accept-ranges: bytes
cf-ray: 74ec566eaf699951-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 WLoginButton_Simple-238.png
www.secretchina.com/kzgd/ad/ 9 KB
9 KB 58ms
55ms Image
image/webp 2606:4700:10::6814:4e9d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.secretchina.com/kzgd/ad/WLoginButton_Simple-238.png

Requested by

Host: www.secretchina.com
URL: https://www.secretchina.com/2017/css/homecommon_v20.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:4e9d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cd0c6c7552e7604e37627effc9888c151bcc6ff6ecdcb693813c96e66fd1fdaa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.secretchina.com/2017/css/homecommon_v20.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 16:15:08 GMT
vary: Accept
cf-cache-status: HIT
age: 6752
cf-polished: origFmt=png, origSize=13448
content-disposition: inline; filename="WLoginButton_Simple-238.webp"
content-length: 8960
last-modified: Wed, 05 Aug 2020 01:50:39 GMT
server: cloudflare
etag: "5f2a106f-3488"
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-type: image/webp
cache-control: max-age=1800
accept-ranges: bytes
cf-ray: 74ec566eaf709951-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 bg_banner_h2_01.png
www.secretchina.com/2017/images/ 7 KB
7 KB 52ms
51ms Image
image/webp 2606:4700:10::6814:4e9d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.secretchina.com/2017/images/bg_banner_h2_01.png

Requested by

Host: www.secretchina.com
URL: https://www.secretchina.com/2017/css/homecommon_v20.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:4e9d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e808c8667c5e9214e0f4da8f409407221373ac3a86b62de782b13b1492aab028

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.secretchina.com/2017/css/homecommon_v20.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 16:15:08 GMT
vary: Accept
cf-cache-status: HIT
age: 4570
cf-polished: origFmt=png, origSize=20535
content-disposition: inline; filename="bg_banner_h2_01.webp"
content-length: 6726
last-modified: Wed, 24 Jul 2019 05:24:15 GMT
server: cloudflare
etag: "5d37eb7f-5037"
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-type: image/webp
cache-control: max-age=1800
accept-ranges: bytes
cf-ray: 74ec566eaf739951-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 41 KB
16 KB 264ms
113ms Script
text/javascript 142.250.180.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-940314145

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.180.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s34-in-f2.1e100.net

Software

cafe /

Resource Hash

7bcbe327243628310e84027b85bca98a20d208f66f64685d979c6ccfa587d2d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.secretchina.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 16:15:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15697
x-xss-protection: 0
server: cafe
etag: 1764007376392519731
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 22 Sep 2022 16:15:08 GMT

GET
H2 200 p3217691a621384250-sss.jpg
img5.secretchina.com/pic/2022/9-22/ 13 KB
13 KB 36ms
29ms Image
image/jpeg 2606:4700:10::6814:4e9d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img5.secretchina.com/pic/2022/9-22/p3217691a621384250-sss.jpg

Requested by

Host: www.secretchina.com
URL: https://www.secretchina.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:4e9d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1386f72c4762f5ca640ecd2be0306526d2ab07406ad7fca1ffc4c492d970d8d7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.secretchina.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 16:15:08 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 9305
cf-polished: degrade=85, origSize=16555, status=webp_bigger
content-length: 13352
last-modified: Thu, 22 Sep 2022 13:28:36 GMT
server: cloudflare
etag: "632c6304-40ab"
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-type: image/jpeg
expires: Wed, 19 Jul 2023 13:28:38 GMT
cache-control: max-age=25920000
accept-ranges: bytes
cf-ray: 74ec56703a7b9951-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 p3217681a839249893-sss.jpg
img5.secretchina.com/pic/2022/9-22/ 14 KB
14 KB 31ms
24ms Image
image/jpeg 2606:4700:10::6814:4e9d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img5.secretchina.com/pic/2022/9-22/p3217681a839249893-sss.jpg

Requested by

Host: www.secretchina.com
URL: https://www.secretchina.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:4e9d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6cafd00f0d8d407cbcdf16218b2f8ba83f57c830003875b114ab2e51006da4f9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.secretchina.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 16:15:08 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 12315
cf-polished: degrade=85, origSize=18421, status=webp_bigger
content-length: 14117
last-modified: Thu, 22 Sep 2022 12:32:49 GMT
server: cloudflare
etag: "632c55f1-47f5"
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-type: image/jpeg
expires: Wed, 19 Jul 2023 12:32:50 GMT
cache-control: max-age=25920000
accept-ranges: bytes
cf-ray: 74ec56703a7d9951-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 p3217671a396127471-sss.jpg
img5.secretchina.com/pic/2022/9-22/ 14 KB
15 KB 33ms
26ms Image
image/jpeg 2606:4700:10::6814:4e9d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img5.secretchina.com/pic/2022/9-22/p3217671a396127471-sss.jpg

Requested by

Host: www.secretchina.com
URL: https://www.secretchina.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:4e9d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

82a44d888b5ac1fb59510e918927655f721973faf02da75315d2675582f5f626

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.secretchina.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 16:15:08 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 12315
cf-polished: degrade=85, origSize=18476, status=webp_bigger
content-length: 14738
last-modified: Thu, 22 Sep 2022 12:32:40 GMT
server: cloudflare
etag: "632c55e8-482c"
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-type: image/jpeg
expires: Wed, 19 Jul 2023 12:32:41 GMT
cache-control: max-age=25920000
accept-ranges: bytes
cf-ray: 74ec56703a809951-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 p3217661a690689837-sss.jpg
img5.secretchina.com/pic/2022/9-22/ 15 KB
15 KB 32ms
25ms Image
image/jpeg 2606:4700:10::6814:4e9d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img5.secretchina.com/pic/2022/9-22/p3217661a690689837-sss.jpg

Requested by

Host: www.secretchina.com
URL: https://www.secretchina.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:4e9d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8db8a02c2c9339160146ebe57a345b1f5791a6076c14dfcaadef211935ff2117

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.secretchina.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 16:15:08 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 12984
cf-polished: degrade=85, origSize=18676, status=webp_bigger
content-length: 15014
last-modified: Thu, 22 Sep 2022 12:27:56 GMT
server: cloudflare
etag: "632c54cc-48f4"
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-type: image/jpeg
expires: Wed, 19 Jul 2023 12:27:57 GMT
cache-control: max-age=25920000
accept-ranges: bytes
cf-ray: 74ec56703a819951-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 p3217601a474817267-sss.jpg
img5.secretchina.com/pic/2022/9-22/ 10 KB
10 KB 37ms
31ms Image
image/webp 2606:4700:10::6814:4e9d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img5.secretchina.com/pic/2022/9-22/p3217601a474817267-sss.jpg

Requested by

Host: www.secretchina.com
URL: https://www.secretchina.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:4e9d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7a5cb930efcce8102297188813b8c2e1c7bea204a166f3a56ca3e193c6454d3b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.secretchina.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 16:15:08 GMT
vary: Accept
cf-cache-status: HIT
age: 19501
cf-polished: qual=85, origFmt=jpeg, origSize=18212
content-disposition: inline; filename="p3217601a474817267-sss.webp"
content-length: 10222
last-modified: Thu, 22 Sep 2022 10:37:04 GMT
server: cloudflare
etag: "632c3ad0-4724"
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-type: image/webp
expires: Wed, 19 Jul 2023 10:37:05 GMT
cache-control: max-age=25920000
accept-ranges: bytes
cf-ray: 74ec56703a849951-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 p3217591a39031691-sss.jpg
img5.secretchina.com/pic/2022/9-22/ 14 KB
14 KB 36ms
30ms Image
image/jpeg 2606:4700:10::6814:4e9d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img5.secretchina.com/pic/2022/9-22/p3217591a39031691-sss.jpg

Requested by

Host: www.secretchina.com
URL: https://www.secretchina.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:4e9d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

267bef73fd1873ec46f7a5827c2d313696a1acf7b38a192398ab38bc49982a7e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.secretchina.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 16:15:08 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 22530
cf-polished: degrade=85, origSize=17064, status=webp_bigger
content-length: 13828
last-modified: Thu, 22 Sep 2022 09:48:53 GMT
server: cloudflare
etag: "632c2f85-42a8"
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-type: image/jpeg
expires: Wed, 19 Jul 2023 09:48:54 GMT
cache-control: max-age=25920000
accept-ranges: bytes
cf-ray: 74ec56703a869951-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 p3217551a297757294-sss.jpg
img5.secretchina.com/pic/2022/9-22/ 12 KB
13 KB 51ms
27ms Image
image/jpeg 2606:4700:10::6814:4e9d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img5.secretchina.com/pic/2022/9-22/p3217551a297757294-sss.jpg

Requested by

Host: www.secretchina.com
URL: https://www.secretchina.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:4e9d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5af3e29a96c87ca5bbce0d15ee3cf0c58c2d16e65ca06447d4797d4908f91533

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.secretchina.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 16:15:08 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 24764
cf-polished: degrade=85, origSize=15617, status=webp_bigger
content-length: 12695
last-modified: Thu, 22 Sep 2022 09:12:50 GMT
server: cloudflare
etag: "632c2712-3d01"
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-type: image/jpeg
expires: Wed, 19 Jul 2023 09:12:51 GMT
cache-control: max-age=25920000
accept-ranges: bytes
cf-ray: 74ec56708b0d9951-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 p3217371a405311981-sss.jpg
img5.secretchina.com/pic/2022/9-22/ 11 KB
11 KB 51ms
27ms Image
image/webp 2606:4700:10::6814:4e9d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img5.secretchina.com/pic/2022/9-22/p3217371a405311981-sss.jpg

Requested by

Host: www.secretchina.com
URL: https://www.secretchina.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:4e9d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0f25bd55b3eb354ec37ee11a21c70fc84b2ef9ba91d66c1c3be0a6caa1768d8c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.secretchina.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 16:15:08 GMT
vary: Accept
cf-cache-status: HIT
age: 59073
cf-polished: qual=85, origFmt=jpeg, origSize=19424
content-disposition: inline; filename="p3217371a405311981-sss.webp"
content-length: 11076
last-modified: Wed, 21 Sep 2022 23:42:15 GMT
server: cloudflare
etag: "632ba157-4be0"
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-type: image/webp
expires: Tue, 18 Jul 2023 23:42:15 GMT
cache-control: max-age=25920000
accept-ranges: bytes
cf-ray: 74ec56708b119951-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 p3217231a630398815-sss.jpg
img5.secretchina.com/pic/2022/9-21/ 11 KB
11 KB 50ms
29ms Image
image/jpeg 2606:4700:10::6814:4e9d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img5.secretchina.com/pic/2022/9-21/p3217231a630398815-sss.jpg

Requested by

Host: www.secretchina.com
URL: https://www.secretchina.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:4e9d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc49c8638e9deb8d9bf42e600d6df0882c4ae92a12b89680a441495a603baaae

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.secretchina.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 16:15:08 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 90919
cf-polished: degrade=85, origSize=17688, status=webp_bigger
content-length: 11254
last-modified: Wed, 21 Sep 2022 14:43:51 GMT
server: cloudflare
etag: "632b2327-4518"
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-type: image/jpeg
expires: Tue, 18 Jul 2023 14:43:53 GMT
cache-control: max-age=25920000
accept-ranges: bytes
cf-ray: 74ec56709b219951-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 p3217081a121658696-sss.jpg
img5.secretchina.com/pic/2022/9-21/ 14 KB
14 KB 44ms
24ms Image
image/jpeg 2606:4700:10::6814:4e9d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img5.secretchina.com/pic/2022/9-21/p3217081a121658696-sss.jpg

Requested by

Host: www.secretchina.com
URL: https://www.secretchina.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:4e9d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

96a349b855f893db532ed1e918862f3ef7a7a2aa93646520e2259a063a71c53f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.secretchina.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 16:15:08 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 101515
cf-polished: degrade=85, origSize=18219, status=webp_bigger
content-length: 14589
last-modified: Wed, 21 Sep 2022 11:49:13 GMT
server: cloudflare
etag: "632afa39-472b"
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-type: image/jpeg
expires: Tue, 18 Jul 2023 11:49:14 GMT
cache-control: max-age=25920000
accept-ranges: bytes
cf-ray: 74ec56709b229951-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 p3217071a162711099-sss.jpg
img5.secretchina.com/pic/2022/9-21/ 14 KB
15 KB 39ms
19ms Image
image/jpeg 2606:4700:10::6814:4e9d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img5.secretchina.com/pic/2022/9-21/p3217071a162711099-sss.jpg

Requested by

Host: www.secretchina.com
URL: https://www.secretchina.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:4e9d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b8b272ebd77102be3d01933ba453145a96b7185b4907a3557bb61f6286cf95ce

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.secretchina.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 16:15:08 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 101795
cf-polished: degrade=85, origSize=18319, status=webp_bigger
content-length: 14666
last-modified: Wed, 21 Sep 2022 11:43:54 GMT
server: cloudflare
etag: "632af8fa-478f"
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-type: image/jpeg
expires: Tue, 18 Jul 2023 11:43:55 GMT
cache-control: max-age=25920000
accept-ranges: bytes
cf-ray: 74ec56709b279951-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 p3217061a155533570-sss.jpg
img5.secretchina.com/pic/2022/9-21/ 15 KB
15 KB 43ms
28ms Image
image/jpeg 2606:4700:10::6814:4e9d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img5.secretchina.com/pic/2022/9-21/p3217061a155533570-sss.jpg

Requested by

Host: www.secretchina.com
URL: https://www.secretchina.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:4e9d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

29c47a40d6072d5ef93b506714a9ae678e62cb5c57602d519dbbc0515cae1e3a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.secretchina.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 16:15:08 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 101795
cf-polished: degrade=85, origSize=18457, status=webp_bigger
content-length: 14848
last-modified: Wed, 21 Sep 2022 11:40:46 GMT
server: cloudflare
etag: "632af83e-4819"
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-type: image/jpeg
expires: Tue, 18 Jul 2023 11:40:47 GMT
cache-control: max-age=25920000
accept-ranges: bytes
cf-ray: 74ec56709b289951-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 p3217031a600431318-sss.jpg
img5.secretchina.com/pic/2022/9-21/ 13 KB
13 KB 30ms
25ms Image
image/jpeg 2606:4700:10::6814:4e9d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img5.secretchina.com/pic/2022/9-21/p3217031a600431318-sss.jpg

Requested by

Host: www.secretchina.com
URL: https://www.secretchina.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:4e9d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8c52d8201af3bcfb7245fad3aefb2d3503320b4c896cd4547aad215ad8063686

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.secretchina.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 16:15:08 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 111013
cf-polished: degrade=85, origSize=16996, status=webp_bigger
content-length: 13151
last-modified: Wed, 21 Sep 2022 09:10:54 GMT
server: cloudflare
etag: "632ad51e-4264"
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-type: image/jpeg
expires: Tue, 18 Jul 2023 09:10:55 GMT
cache-control: max-age=25920000
accept-ranges: bytes
cf-ray: 74ec5670cb809951-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 p3217021a554514288-sss.jpg
img5.secretchina.com/pic/2022/9-21/ 14 KB
14 KB 53ms
48ms Image
image/jpeg 2606:4700:10::6814:4e9d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img5.secretchina.com/pic/2022/9-21/p3217021a554514288-sss.jpg

Requested by

Host: www.secretchina.com
URL: https://www.secretchina.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:4e9d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

26b8bd6c401570a6b7af50e1df34c65c285d12303ac9b04c54481233b0afa638

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.secretchina.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 16:15:08 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 111459
cf-polished: degrade=85, origSize=17762, status=webp_bigger
content-length: 14278
last-modified: Wed, 21 Sep 2022 09:10:37 GMT
server: cloudflare
etag: "632ad50d-4562"
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-type: image/jpeg
expires: Tue, 18 Jul 2023 09:10:38 GMT
cache-control: max-age=25920000
accept-ranges: bytes
cf-ray: 74ec5670cb829951-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 p3217221a693928115-sss.jpg
img5.secretchina.com/pic/2022/9-21/ 9 KB
10 KB 29ms
26ms Image
image/jpeg 2606:4700:10::6814:4e9d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img5.secretchina.com/pic/2022/9-21/p3217221a693928115-sss.jpg

Requested by

Host: www.secretchina.com
URL: https://www.secretchina.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:4e9d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9fde4d4d6b7dd282a87c1897ff499d712a7e9d6d263f41651675ac43a3bc4f8c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.secretchina.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 16:15:08 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 89375
cf-polished: degrade=85, origSize=15473, status=webp_bigger
content-length: 9601
last-modified: Wed, 21 Sep 2022 14:36:22 GMT
server: cloudflare
etag: "632b2166-3c71"
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-type: image/jpeg
expires: Tue, 18 Jul 2023 14:36:23 GMT
cache-control: max-age=25920000
accept-ranges: bytes
cf-ray: 74ec5670cb869951-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 p3124561a904842192-sss.jpg
img5.secretchina.com/pic/2022/4-3/ 8 KB
9 KB 25ms
22ms Image
image/webp 2606:4700:10::6814:4e9d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img5.secretchina.com/pic/2022/4-3/p3124561a904842192-sss.jpg

Requested by

Host: www.secretchina.com
URL: https://www.secretchina.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:4e9d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

855b7c8b4b4aab871e9b6abc3d52078ae7573e5e46a945dbbb8fcb7727d93b9f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.secretchina.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 16:15:08 GMT
vary: Accept
cf-cache-status: HIT
age: 104059
cf-polished: qual=85, origFmt=jpeg, origSize=14116
content-disposition: inline; filename="p3124561a904842192-sss.webp"
content-length: 8540
last-modified: Sun, 03 Apr 2022 02:40:24 GMT
server: cloudflare
etag: "62490918-3724"
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-type: image/webp
expires: Tue, 18 Jul 2023 07:42:23 GMT
cache-control: max-age=25920000
accept-ranges: bytes
cf-ray: 74ec5670cb879951-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 p3216871a806876895-sss.jpg
img5.secretchina.com/pic/2022/9-21/ 10 KB
10 KB 28ms
25ms Image
image/webp 2606:4700:10::6814:4e9d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img5.secretchina.com/pic/2022/9-21/p3216871a806876895-sss.jpg

Requested by

Host: www.secretchina.com
URL: https://www.secretchina.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:4e9d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

472d12ac7eb0e516b0656fd74f66ee06ae5a8591e4ab040f35722b71ca6eea70

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.secretchina.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 16:15:08 GMT
vary: Accept
cf-cache-status: HIT
age: 158007
cf-polished: qual=85, origFmt=jpeg, origSize=16157
content-disposition: inline; filename="p3216871a806876895-sss.webp"
content-length: 10356
last-modified: Tue, 20 Sep 2022 20:03:53 GMT
server: cloudflare
etag: "632a1ca9-3f1d"
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-type: image/webp
expires: Mon, 17 Jul 2023 20:03:53 GMT
cache-control: max-age=25920000
accept-ranges: bytes
cf-ray: 74ec5670cb889951-FRA
cf-bgj: imgq:85,h2pri

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 106 KB
41 KB 84ms
82ms Script
application/javascript 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-34047140-1&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-940314145

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c4afd9aca73a61decc1adaf5ea0d8da19862ea1c088b5946fe78c51fd0061c49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.secretchina.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 16:15:08 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42283
x-xss-protection: 0
expires: Thu, 22 Sep 2022 16:15:08 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 115 KB
44 KB 57ms
54ms Script
application/javascript 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=GTM-WLDDBGZ&l=dataLayer

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-940314145

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

dce8bab583656b27d41ee90b6fcc33e5b38f7ec7b937ecee92fdfde5553e6119

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.secretchina.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 16:15:08 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 45234
x-xss-protection: 0
last-modified: Thu, 22 Sep 2022 15:32:51 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 22 Sep 2022 16:15:08 GMT

GET
H2 200 sprite.png
www.secretchina.com/2017/images/ 202 KB
203 KB 36ms
18ms Image
image/webp 2606:4700:10::6814:4e9d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.secretchina.com/2017/images/sprite.png

Requested by

Host: www.secretchina.com
URL: https://www.secretchina.com/2017/css/homecommon_v20.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:4e9d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5017ad29559d761bb429ea2085e4aff5e28f65c78d1effefed01a60c45753f33

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.secretchina.com/2017/css/homecommon_v20.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 16:15:08 GMT
vary: Accept
cf-cache-status: HIT
age: 4570
cf-polished: origFmt=png, origSize=278631
content-disposition: inline; filename="sprite.webp"
content-length: 207268
last-modified: Wed, 24 Jul 2019 05:24:15 GMT
server: cloudflare
etag: "5d37eb7f-44067"
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-type: image/webp
cache-control: max-age=1800
accept-ranges: bytes
cf-ray: 74ec56708b0b9951-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 agn.html Show response
www.secretchina.com/account/ 1 B
327 B 27ms
19ms XHR
text/plain 2606:4700:10::6814:4e9d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.secretchina.com/account/agn.html

Requested by

Host: www.secretchina.com
URL: https://www.secretchina.com/scripts/jquery/1.11.2/jquery.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:4e9d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept: */*
Referer: https://www.secretchina.com/
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 16:15:08 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1440
vary: Accept-Encoding
content-length: 1
last-modified: Thu, 22 Sep 2022 15:51:08 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubdomains; preload
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=1800
accept-ranges: bytes
cf-ray: 74ec5670cb7e9951-FRA
access-control-allow-headers: Accept, Content-Type, Content-Length, X-PINGOTHER, Accept-Encoding, X-CSRF-Token, Authorization
expires: Thu, 22 Sep 2022 16:01:08 GMT

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 80 KB
27 KB 216ms
82ms Script
text/javascript 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: www.secretchina.com
URL: https://www.secretchina.com/2017/ads/3/ad_bottom_v2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c1895630dd470cf7cec36822c5d6367191d530ee9979fc72f0bb96a79da4122c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.secretchina.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 16:15:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27800
x-xss-protection: 0
server: sffe
etag: "1341 / 607 of 1000 / last-modified: 1663845016"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 22 Sep 2022 16:15:09 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 210 KB
73 KB 63ms
62ms Script
application/javascript 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-REM371LJ0Y&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-34047140-1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

7e41fc1bae872b2a5362f6be4747810651d0d5a6451b060d77fdf753d706fdb9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.secretchina.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 16:15:09 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 75120
x-xss-protection: 0
expires: Thu, 22 Sep 2022 16:15:09 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 107ms
31ms Script
text/javascript 2001:4860:4802:36::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-34047140-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:36::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

9e25469f734732205f33dd80ff8ca12080406c18d2fa99a1f368103e51f7999f

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.secretchina.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Sun, 11 Sep 2022 13:50:09 GMT
server: Golfe2
age: 4389
date: Thu, 22 Sep 2022 15:02:00 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19826
expires: Thu, 22 Sep 2022 17:02:00 GMT

GET
H3 200 pubads_impl_2022092001.js Show response
securepubads.g.doubleclick.net/gpt/ 378 KB
128 KB 149ms
48ms Script
text/javascript 2a00:1450:400d:805::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092001.js?cb=31069792

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:805::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

47395347833919b1b83bb90b7487da0d9213502fb8f18af28230b9c4a199affa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.secretchina.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 11:01:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 105202
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131075
x-xss-protection: 0
last-modified: Tue, 20 Sep 2022 08:35:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 21 Sep 2023 11:01:47 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 214 B
159 B 168ms
71ms XHR
application/json 2a00:1450:400d:805::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.secretchina.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:805::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

803a9ee603cec5aa5667a1e2c519546306fd9c80e24bd2077ae4db3c6b1a3a89

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.secretchina.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 22 Sep 2022 16:15:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 134
x-xss-protection: 0
expires: Thu, 22 Sep 2022 16:15:09 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209080101/ 346 KB
122 KB 202ms
100ms Script
text/javascript 2a00:1450:400d:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1276641434651360&plah=www.secretchina.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1276641434651360

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

867c8a88d02e093991da07c498200ac5160e9eb8f7c1846b96b69dab46bc1fa2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.secretchina.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 16:15:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 124742
x-xss-protection: 0
server: cafe
etag: 13444213006216614941
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 22 Sep 2022 16:15:09 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220919/r20190131/ Frame 9C9C 10 KB
5 KB 75ms
51ms Document
text/html 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220919/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1276641434651360

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f7408c25067cd0a9d9fe835cb4c05e394a50751d3fcde0c461db19a309abb02a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.secretchina.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 67313
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4420
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 21 Sep 2022 21:33:16 GMT
etag: 9671129459699598864
expires: Wed, 05 Oct 2022 21:33:16 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/940314145/ 3 KB
1 KB 106ms
106ms Script
text/javascript 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/940314145/?random=1663863309117&cv=9&fst=1663863309117&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa9l0&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.secretchina.com%2F&tiba=%E7%9C%8B%E4%B8%AD%E5%9B%BD%E6%96%B0%E9%97%BB%E7%BD%91%20-%20%E5%8D%B3%E6%97%B6%E6%96%B0%E9%97%BB%20-%20%E4%B8%AD%E5%9B%BD%E6%96%B0%E9%97%BB%20-%20%E6%B5%B7%E5%A4%96%E5%8D%8E%E4%BA%BA%20-%20%E5%86%85%E5%B9%95%E6%96%B0%E9%97%BB%20-%20%E5%8E%86%E5%8F%B2&auid=226597933.1663863309&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

38537685dc69434985639cca9d6d200a2f3530f302c7863a2cd56bf46ead5b67

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.secretchina.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 22 Sep 2022 16:15:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1125
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 106ms
37ms XHR
text/plain 2001:4860:4802:36::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j97&a=40775171&t=pageview&_s=1&dl=https%3A%2F%2Fwww.secretchina.com%2F&ul=en-us&de=UTF-8&dt=%E7%9C%8B%E4%B8%AD%E5%9B%BD%E6%96%B0%E9%97%BB%E7%BD%91%20-%20%E5%8D%B3%E6%97%B6%E6%96%B0%E9%97%BB%20-%20%E4%B8%AD%E5%9B%BD%E6%96%B0%E9%97%BB%20-%20%E6%B5%B7%E5%A4%96%E5%8D%8E%E4%BA%BA%20-%20%E5%86%85%E5%B9%95%E6%96%B0%E9%97%BB%20-%20%E5%8E%86%E5%8F%B2%E7%A7%98%E9%97%BB&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=1719474603&gjid=1207041607&cid=1254467972.1663863309&tid=UA-34047140-1&_gid=1011911951.1663863309&_r=1&gtm=2ou9l0&z=1252088587

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2001:4860:4802:36::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.secretchina.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 22 Sep 2022 16:15:09 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.secretchina.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
341 B 128ms
41ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-REM371LJ0Y&gtm=2oe9l0&_p=40775171&cid=1254467972.1663863309&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_z=ccd.v9B&_s=1&sid=1663863309&sct=1&seg=0&dl=https%3A%2F%2Fwww.secretchina.com%2F&dt=%E7%9C%8B%E4%B8%AD%E5%9B%BD%E6%96%B0%E9%97%BB%E7%BD%91%20-%20%E5%8D%B3%E6%97%B6%E6%96%B0%E9%97%BB%20-%20%E4%B8%AD%E5%9B%BD%E6%96%B0%E9%97%BB%20-%20%E6%B5%B7%E5%A4%96%E5%8D%8E%E4%BA%BA%20-%20%E5%86%85%E5%B9%95%E6%96%B0%E9%97%BB%20-%20%E5%8E%86%E5%8F%B2%E7%A7%98%E9%97%BB&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-REM371LJ0Y&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.secretchina.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 22 Sep 2022 16:15:09 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.secretchina.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/940314145/ 42 B
548 B 191ms
74ms Image
image/gif 2a00:1450:400d:80d::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/940314145/?random=1663863309117&cv=9&fst=1663862400000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa9l0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.secretchina.com%2F&tiba=%E7%9C%8B%E4%B8%AD%E5%9B%BD%E6%96%B0%E9%97%BB%E7%BD%91%20-%20%E5%8D%B3%E6%97%B6%E6%96%B0%E9%97%BB%20-%20%E4%B8%AD%E5%9B%BD%E6%96%B0%E9%97%BB%20-%20%E6%B5%B7%E5%A4%96%E5%8D%8E%E4%BA%BA%20-%20%E5%86%85%E5%B9%95%E6%96%B0%E9%97%BB%20-%20%E5%8E%86%E5%8F%B2&async=1&fmt=3&is_vtc=1&random=2914759728&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: www.secretchina.com
URL: https://www.secretchina.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80d::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.secretchina.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 22 Sep 2022 16:15:09 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/940314145/ 42 B
548 B 139ms
51ms Image
image/gif 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/940314145/?random=1663863309117&cv=9&fst=1663862400000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa9l0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.secretchina.com%2F&tiba=%E7%9C%8B%E4%B8%AD%E5%9B%BD%E6%96%B0%E9%97%BB%E7%BD%91%20-%20%E5%8D%B3%E6%97%B6%E6%96%B0%E9%97%BB%20-%20%E4%B8%AD%E5%9B%BD%E6%96%B0%E9%97%BB%20-%20%E6%B5%B7%E5%A4%96%E5%8D%8E%E4%BA%BA%20-%20%E5%86%85%E5%B9%95%E6%96%B0%E9%97%BB%20-%20%E5%8E%86%E5%8F%B2&async=1&fmt=3&is_vtc=1&random=2914759728&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: www.secretchina.com
URL: https://www.secretchina.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.secretchina.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 22 Sep 2022 16:15:09 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
445 B 60ms
20ms XHR
text/plain 2a00:1450:400c:c06::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j97&tid=UA-34047140-1&cid=1254467972.1663863309&jid=1719474603&gjid=1207041607&_gid=1011911951.1663863309&_u=YEBAAUAAAAAAAC~&z=2137787325

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c06::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.secretchina.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Thu, 22 Sep 2022 16:15:09 GMT
content-type: text/plain
access-control-allow-origin: https://www.secretchina.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 132ms
85ms Image
image/gif 2a00:1450:400d:80d::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j97&tid=UA-34047140-1&cid=1254467972.1663863309&jid=1719474603&_u=YEBAAUAAAAAAAC~&z=264873327

Requested by

Host: www.secretchina.com
URL: https://www.secretchina.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80d::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.secretchina.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 22 Sep 2022 16:15:09 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 99ms
82ms Image
image/gif 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j97&tid=UA-34047140-1&cid=1254467972.1663863309&jid=1719474603&_u=YEBAAUAAAAAAAC~&z=264873327

Requested by

Host: www.secretchina.com
URL: https://www.secretchina.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.secretchina.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 22 Sep 2022 16:15:09 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 161ms
50ms Script
application/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.secretchina.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092001.js?cb=31069792

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.secretchina.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 22 Sep 2022 16:15:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 200ms
72ms Script
application/javascript 2a00:1450:400d:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.secretchina.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092001.js?cb=31069792

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.secretchina.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 22 Sep 2022 16:15:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 90ms
79ms Image
image/gif 2a00:1450:400d:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=gpt_paw&pvsid=1944477135176017&vrg=2022092001&nw_id=113758970&nslots=7&eid=31068928%2C31069792%2C31062931&pub_url=https%3A%2F%2Fwww.secretchina.com%2F&sig=0&req=0&req_cnt=7&dm=8

Requested by

Host: www.secretchina.com
URL: https://www.secretchina.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.secretchina.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 22 Sep 2022 16:15:09 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 41 KB
10 KB 401ms
388ms XHR
text/plain 2a00:1450:400d:805::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1944477135176017&correlator=2072666472021803&eid=31068928%2C31069792%2C31062931&output=ldjh&gdfp_req=1&vrg=2022092001&ptt=17&impl=fifs&iu_parts=113758970%2C226-index_mid_02_728x90&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&ifi=3&adks=3933966986&sfv=1-0-38&fsapi=false&sc=1&cookie_enabled=1&abxe=1&dt=1663863309399&lmt=1663863309&dlt=1663863308233&idt=1086&adxs=301&adys=224&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.secretchina.com%2F&frm=20&vis=1&psz=930x90&msz=930x90&fws=4&ohw=930&ga_vid=1254467972.1663863309&ga_sid=1663863309&ga_hid=40775171&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092001.js?cb=31069792

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:805::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3fdf01239a6b029934043e6139398024aa4c1423ca27e1a2e4f78b5d3f87b597

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.secretchina.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 16:15:09 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10591
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.secretchina.com
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 26 KB
12 KB 734ms
711ms XHR
text/plain 2a00:1450:400d:805::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1944477135176017&correlator=2072666472021803&eid=31068928%2C31069792%2C31062931&output=ldjh&gdfp_req=1&vrg=2022092001&ptt=17&impl=fifs&iu_parts=113758970%2C203_index_mid_01_728x90&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&ifi=4&adks=135232533&sfv=1-0-38&fsapi=false&sc=1&cookie_enabled=1&abxe=1&dt=1663863309412&lmt=1663863309&dlt=1663863308233&idt=1086&adxs=301&adys=1063&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.secretchina.com%2F&frm=20&vis=1&psz=930x90&msz=930x90&fws=4&ohw=930&ga_vid=1254467972.1663863309&ga_sid=1663863309&ga_hid=40775171&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092001.js?cb=31069792

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:805::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

23a45d2de13262a908d1fddee18d1bf78240c4772eeb660cb5e81608e18465b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.secretchina.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 16:15:10 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11984
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.secretchina.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 26 KB
12 KB 929ms
904ms XHR
text/plain 2a00:1450:400d:805::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1944477135176017&correlator=2072666472021803&eid=31068928%2C31069792%2C31062931&output=ldjh&gdfp_req=1&vrg=2022092001&ptt=17&impl=fifs&iu_parts=113758970%2Cindex-2021-mid-728&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&ifi=5&adks=1343324166&sfv=1-0-38&fsapi=false&sc=1&cookie_enabled=1&abxe=1&dt=1663863309419&lmt=1663863309&dlt=1663863308233&idt=1086&adxs=301&adys=2616&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.secretchina.com%2F&frm=20&vis=1&psz=930x90&msz=930x90&fws=4&ohw=930&ga_vid=1254467972.1663863309&ga_sid=1663863309&ga_hid=40775171&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092001.js?cb=31069792

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:805::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f5352ccf08f34afdab201e48bb1de006ed4321ecaeed67f4cb4defad85b3be7e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.secretchina.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 16:15:10 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11872
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.secretchina.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 26 KB
12 KB 1071ms
1047ms XHR
text/plain 2a00:1450:400d:805::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1944477135176017&correlator=2072666472021803&eid=31068928%2C31069792%2C31062931&output=ldjh&gdfp_req=1&vrg=2022092001&ptt=17&impl=fifs&iu_parts=113758970%2Cindex_2021_end728&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&ifi=6&adks=1828371246&sfv=1-0-38&fsapi=false&sc=1&cookie_enabled=1&abxe=1&dt=1663863309421&lmt=1663863309&dlt=1663863308233&idt=1086&adxs=301&adys=4593&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=2&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.secretchina.com%2F&frm=20&vis=1&psz=930x90&msz=930x90&fws=4&ohw=930&ga_vid=1254467972.1663863309&ga_sid=1663863309&ga_hid=40775171&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092001.js?cb=31069792

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:805::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

73a86c3613fe501f70617a18d4a156671f852fb75f8955b20d5e1e4837e9cfc9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.secretchina.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 16:15:10 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11968
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.secretchina.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 41 KB
10 KB 578ms
554ms XHR
text/plain 2a00:1450:400d:805::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1944477135176017&correlator=1240888925023581&eid=31068928%2C31069792%2C31062931&output=ldjh&gdfp_req=1&vrg=2022092001&ptt=17&impl=fifs&iu_parts=113758970%2CSC_29_Home_Top728x90&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90%7C970x90&ifi=7&adks=1129227376&sfv=1-0-38&fsapi=false&eri=1&cust_params=domain%3Dwww&sc=1&cookie_enabled=1&abxe=1&dt=1663863309423&lmt=1663863309&dlt=1663863308233&idt=1086&adxs=200&adys=224&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.secretchina.com%2F&frm=20&vis=1&psz=1200x4551&msz=1200x0&fws=0&ohw=0&ga_vid=1254467972.1663863309&ga_sid=1663863309&ga_hid=40775171&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092001.js?cb=31069792

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:805::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

491ab785d4783060084da7bea1a6b046ae825f9648a882829bde79e7879eb276

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.secretchina.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 16:15:09 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10610
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.secretchina.com
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 25 KB
11 KB 330ms
305ms XHR
text/plain 2a00:1450:400d:805::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1944477135176017&correlator=923987962484285&eid=31068928%2C31069792%2C31062931&output=ldjh&gdfp_req=1&vrg=2022092001&ptt=17&impl=fifs&iu_parts=113758970%2CSC_33_HomeBL_300x250&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&ifi=8&adks=2614889919&sfv=1-0-38&fsapi=false&eri=1&cust_params=domain%3Dwww&sc=1&cookie_enabled=1&abxe=1&dt=1663863309426&lmt=1663863309&dlt=1663863308233&idt=1086&adxs=301&adys=2416&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=3&ucis=6&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.secretchina.com%2F&frm=20&vis=1&psz=930x0&msz=930x0&fws=4&ohw=930&ga_vid=1254467972.1663863309&ga_sid=1663863309&ga_hid=40775171&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092001.js?cb=31069792

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:805::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

37b8ca5fafc31bb13e15cb7e25f6b75e803d3e37bd4553d1a0e09bbcefbf6328

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.secretchina.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 16:15:09 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11572
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.secretchina.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 26 KB
12 KB 305ms
281ms XHR
text/plain 2a00:1450:400d:805::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1944477135176017&correlator=132927873637631&eid=31068928%2C31069792%2C31062931&output=ldjh&gdfp_req=1&vrg=2022092001&ptt=17&impl=fifs&iu_parts=113758970%2CSC_57_footer_970x250&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90%7C970x90%7C970x250&ifi=9&adks=3143384693&sfv=1-0-38&fsapi=false&eri=1&cust_params=domain%3Dwww&sc=1&cookie_enabled=1&abxe=1&dt=1663863309428&lmt=1663863309&dlt=1663863308233&idt=1086&adxs=436&adys=4775&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=4&ucis=7&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.secretchina.com%2F&frm=20&vis=1&psz=1600x0&msz=0x0&fws=0&ohw=0&ga_vid=1254467972.1663863309&ga_sid=1663863309&ga_hid=40775171&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092001.js?cb=31069792

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:805::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

642ada83ca98d3d5b2b326999a9af8fabb7598d9bf50801411af313a6ef1aee3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.secretchina.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 16:15:09 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11929
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.secretchina.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
82949896b9ac300f85ab93d8e62ae5e8.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 4522 6 KB
4 KB 323ms
80ms Document
text/html 2a00:1450:400d:804::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://82949896b9ac300f85ab93d8e62ae5e8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092001.js?cb=31069792

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:804::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.secretchina.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 22 Sep 2022 16:15:09 GMT
expires: Fri, 22 Sep 2023 16:15:09 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 219 B
646 B 117ms
37ms Script
text/javascript 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.secretchina.com&callback=_gfp_s_&client=ca-pub-1276641434651360

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1276641434651360&plah=www.secretchina.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

fc2c758ce5e5368aec458bc18bb4d8c625b81d1048ca01280830e9d438b371b5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.secretchina.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 16:15:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 202
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 80ms
79ms Image
image/gif 2a00:1450:400d:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Fwww.secretchina.com%2F&tn=DIV&id=cookieConsent&ign=false&pw=1600&ph=1200&x=1575&y=1175

Requested by

Host: www.secretchina.com
URL: https://www.secretchina.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.secretchina.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 22 Sep 2022 16:15:09 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 4E4B 276 KB
68 KB 554ms
454ms Document
text/html 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1276641434651360&output=html&adk=1812271804&adf=3025194257&lmt=1663863309&plat=1%3A16777216%2C9%3A32904%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.secretchina.com%2F&ea=0&pra=5&wgl=1&easpi=0&asntp=0&asntpv=0&asntpl=0&asntpm=0&asntpc=0&asna=5&asnd=5&asnp=5&asns=5&asmat=1&asptt=-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663863309073&bpp=5&bdt=841&idt=409&shv=r20220919&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4919006936931&frm=20&pv=2&ga_vid=1254467972.1663863309&ga_sid=1663863309&ga_hid=40775171&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44767667%2C44771548%2C21066434%2C31062931&oid=2&pvsid=1944477135176017&tmod=126481747&uas=0&nvt=1&fsapi=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=435

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3e26784d9a26af8520ef485c1040abb0d613063d08f5b4f01e9e4ab96a3ad1ab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.secretchina.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 70066
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 22 Sep 2022 16:15:09 GMT
expires: Thu, 22 Sep 2022 16:15:09 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame E7EF 26 KB
12 KB 429ms
347ms Document
text/html 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1276641434651360&output=html&h=250&slotname=8643744899&adk=4247685595&adf=2077365685&pi=t.ma~as.8643744899&w=300&lmt=1663863309&psa=0&format=300x250&url=https%3A%2F%2Fwww.secretchina.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663863309078&bpp=2&bdt=846&idt=441&shv=r20220919&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4919006936931&frm=20&pv=1&ga_vid=1254467972.1663863309&ga_sid=1663863309&ga_hid=40775171&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=832&ady=3983&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44767667%2C44771548%2C21066434%2C31062931&oid=2&pvsid=1944477135176017&tmod=126481747&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=JcYJJHeZW2&p=https%3A//www.secretchina.com&dtd=448

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ee06ac69de1f1b1b31908cab4c57ae12c5e94f8f38fcb6b1a1b740b1cb9df99a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.secretchina.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 11938
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 22 Sep 2022 16:15:09 GMT
expires: Thu, 22 Sep 2022 16:15:09 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 container.html Show response
82949896b9ac300f85ab93d8e62ae5e8.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame E6B3 6 KB
3 KB 49ms
49ms Document
text/html 2a00:1450:400d:804::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://82949896b9ac300f85ab93d8e62ae5e8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092001.js?cb=31069792

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:804::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.secretchina.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 22 Sep 2022 16:15:09 GMT
expires: Fri, 22 Sep 2023 16:15:09 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 container.html Show response
82949896b9ac300f85ab93d8e62ae5e8.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 6733 6 KB
3 KB 147ms
51ms Document
text/html 2a00:1450:400d:804::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://82949896b9ac300f85ab93d8e62ae5e8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092001.js?cb=31069792

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:804::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.secretchina.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 22 Sep 2022 16:15:09 GMT
expires: Fri, 22 Sep 2023 16:15:09 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012209072154000/ Frame 85B9 220 KB
61 KB 194ms
48ms Script
text/javascript 2a00:1450:400d:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012209072154000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092001.js?cb=31069792

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ab720224c1548ed676ca1a6e9f2ecbb3d92fe43ab4e573de9246e48f440a4636

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.secretchina.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 255974
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 61518
x-xss-protection: 0
server: sffe
date: Mon, 19 Sep 2022 17:08:56 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "b9e6b1d3ca7cc68d"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 19 Sep 2023 17:08:56 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012209072154000/v0/ Frame 85B9 14 KB
5 KB 278ms
134ms Script
text/javascript 2a00:1450:400d:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012209072154000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092001.js?cb=31069792

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

efff01c62418d6f4467c02e31f8c01ec7c4459e9310654f6dcbc30120a385209

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.secretchina.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 255974
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5208
x-xss-protection: 0
server: sffe
date: Mon, 19 Sep 2022 17:08:56 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "dcaf3864e0ab6b08"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 19 Sep 2023 17:08:56 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012209072154000/v0/ Frame 85B9 94 KB
28 KB 281ms
136ms Script
text/javascript 2a00:1450:400d:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012209072154000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092001.js?cb=31069792

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

527d0808216e24ce838e14ffd686947cd4a8719fd9562a21412ed08c8ac14614

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.secretchina.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 255974
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28888
x-xss-protection: 0
server: sffe
date: Mon, 19 Sep 2022 17:08:56 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "95b4b320f7966d1a"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 19 Sep 2023 17:08:56 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012209072154000/v0/ Frame 85B9 5 KB
2 KB 301ms
156ms Script
text/javascript 2a00:1450:400d:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012209072154000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092001.js?cb=31069792

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

607150d742ffb67d983e9bd23ab87e0d436f68776c67898c57db306319840cb5

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.secretchina.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 255974
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1908
x-xss-protection: 0
server: sffe
date: Mon, 19 Sep 2022 17:08:56 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "5561dff7c028bd87"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 19 Sep 2023 17:08:56 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012209072154000/v0/ Frame 85B9 40 KB
13 KB 302ms
158ms Script
text/javascript 2a00:1450:400d:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012209072154000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092001.js?cb=31069792

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dd22c52347ad42343ca4c6fa76a783715312f1f4a35e97f937611a5b26aa2354

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.secretchina.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 255974
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12958
x-xss-protection: 0
server: sffe
date: Mon, 19 Sep 2022 17:08:56 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "00747b471d2f1a24"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 19 Sep 2023 17:08:56 GMT

GET
DATA 200
OK truncated
/ Frame 85B9 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: eff806571321e3914780a7f927c7931c1a6844da3559aa4359ae3411cdbaa40f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 9698825634230782411
tpc.googlesyndication.com/simgad/ Frame 85B9 37 KB
37 KB 131ms
44ms Image
image/jpeg 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/9698825634230782411?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qk5SRLv3h7RBvWwgZNLXGdob7kqNw

Requested by

Host: www.secretchina.com
URL: https://www.secretchina.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9933db16b59d87e8491b38586122494440569cd29bbcab8977e3679cb494e98f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.secretchina.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 08:03:02 GMT
x-content-type-options: nosniff
age: 29527
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37391
x-xss-protection: 0
last-modified: Thu, 09 Jun 2022 16:35:29 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 22 Sep 2023 08:03:02 GMT

GET
H2 200 zh_cn.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 85B9 3 KB
3 KB 176ms
89ms Image
image/png 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/zh_cn.png

Requested by

Host: www.secretchina.com
URL: https://www.secretchina.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b287987abdcc38e98f8d96f5fcff98d98460c0002b2fec0f0b625b77f2948055

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.secretchina.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 21:01:49 GMT
x-content-type-options: nosniff
server: cafe
age: 69200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag: 12051390396603846657
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3217
x-xss-protection: 0
expires: Thu, 22 Sep 2022 21:01:49 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 85B9 344 B
474 B 175ms
88ms Image
image/png 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: www.secretchina.com
URL: https://www.secretchina.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.secretchina.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 09:36:15 GMT
x-content-type-options: nosniff
server: cafe
age: 23934
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag: 6766994032117382215
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 344
x-xss-protection: 0
expires: Fri, 23 Sep 2022 09:36:15 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 85B9 0
0 168ms
68ms Image
text/html 2a00:1450:400d:80d::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRDZW7UCIh6BL_pKa3LfKvjQtwXUjDQGXIfG8MRoe12gi60XfadicunO2mCbJvqZLpojFc1kSIGmk72Kszrbz5ysmW-Hw
Requested by: Host: www.secretchina.com
URL: https://www.secretchina.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400d:80d::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.secretchina.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 85B9 0
0 94ms
93ms Image
text/html 2a00:1450:400d:805::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CiRDrDYosY-6-HqPJ3gOxxqCIBN7nu5Rs8fDd_qEQ6Kq2lYsDEAEghLWYF2CV4pCCoAegAY2h05kDyAEC4AIAqAMByAMIqgSKAk_QdRvt3FajZ5V9vYWXlW6geYCQXEeArj20bmWOS8kw6FtJKalT_Z9qFd7DYNxNzRz2Zk52j6gMFnzu4a6hdqwjQ22lNuRzdRqV5wzcoGZtDuZ1crUNdLr-3L7xnQKZOmM3xyhUlyU1INfNC3qSh6p3IDF7jCHZ1y9jee6BMpC1I1SBgA57qpzu_ZmDFhwv710eUuict0mNaDYkkgCxWOP6HW0rFwalKFXZrA3TlzJFLrh41MBdVOWKl2Jsg1p3keJ-Ye5SLmxysNEpnEREzNfbHjXbiQZF4umtxNxeCaN2evEubKh00IQKBq89g_VtmhzAOYmNLiiWrqdCz9NhPLOsgBj_dws4vuXIwASQqaT3lATgBAGSBQQIBBgBkgUECAUYBKAGAoAH296sZqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcEEIGlAtIIEQiA4YAQEAEYHTICqgI6AoBAgAoByAsB2BMN0BUBgBcBshceChwIABIUcHViLTEyNzY2NDE0MzQ2NTEzNjAY6qMa&sigh=MjgCHFXXxMU&uach_m=[UACH]
Requested by: Host: www.secretchina.com
URL: https://www.secretchina.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400d:805::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.secretchina.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame E6B3 0
0 110ms
109ms Fetch
text/html 2a00:1450:400d:805::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CsKuCDYosY_b-H4zu3gOFj7yYCJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTEyNzY2NDE0MzQ2NTEzNjCgAcKu6N0DyAEJqQJytCsqX4mwPuACAKgDAaoEkAJP0NzPBm30HQzy1Ho9kFRPUhjh2lIQDxjcauTEsDDAmkvTJxe0wHz_B-JJxcP0MNQGyWXEHKWnRSwW3QlK8OyS0y3FMEy4g7kbveaCf4Hrz71go-2ZMPYTqZbRkZLe7kEO51fOnw7pY3105GWkHuwbXuMgeTnLHOcocUwcSI2etyUKgMdSmoqbX2rqXAkk3pMqqn0GSGQcACEteaK1EigxTGs_ramlV2JtZZIsM9Cty5Z3yG4R1D0K_JtJ9Z2ZPlT9Auwj-Zac5X7vF_A5Q0V3oupuRQdUy24owghuvcY_LUtj9-_HkkXzfQ_PZmR4pJu_wxWV5FPAHcBlcjAaGDcEU2z9EE1KaWtCX09br9oj8OAEAYAGv8uJxrfT-dFboAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQIAKAfoLAggBgAwB0BUBgBcBshccChoSFHB1Yi0xMjc2NjQxNDM0NjUxMzYwGOqjGg&sigh=9TK2jHnB_To&uach_m=[UACH]&cid=CAQSOwCsnQUxpnpxDu5SUHwdhOe6qspGlGlGbHFpQssSxSKqupjT4g26hPh_OCBuxq4hgT3C-dL_gxXjg6ApGAE
Requested by: Host: www.secretchina.com
URL: https://www.secretchina.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400d:805::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://82949896b9ac300f85ab93d8e62ae5e8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

GET
H2 204 winResponse
prod-rtb.ad4mat.net/ Frame E6B3 0
0 230ms
148ms Fetch
image/gif 2600:1901:0:76b9::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://prod-rtb.ad4mat.net/winResponse?a=1h40a7f1scm4eys9rxsx8nqrsdyny65gabd7z12rvgp7whqsfc7xd6xkgam9w7v9c8s2zth0x6adr4exwv1tgf4x2mafatfw5p5rvyaheq4897vqcz62xqz3md4w37ryznj4sxj35shdhzedpqj84jvp92cxph6vq68v5dmk8csrjrnknbyxwkarrfyywx456rx4k5hdaft1safmh6dj33xveda286nzww993x53k9e8rn6qp7e03cvw60w3cpq5w412w7bh4erdfmrh8ccee36f81xd3z2vhab2bq82x2m164b2wrg88ecnv4f0y8skv78xkd304p3sph2h3shdercen0vzxs405ra6ahrfwf0zjt2brqjrj7zj2tvaksqr33gt4a6bs6y05w203sa643r&b=YyyKDQAH_3YKd7cMAA8HhRUnkW32iVjjTQekww
Requested by: Host: www.secretchina.com
URL: https://www.secretchina.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://82949896b9ac300f85ab93d8e62ae5e8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 22 Sep 2022 16:15:10 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: image/gif

GET
H2 200 dr Show response
as.ad4m.at/ad/ Frame A958 2 KB
3 KB 96ms
40ms Document
text/html 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/dr?ed=1k18xfz2q6qky9x7phpjs314xay6barkah7ycbj4b2pk2yzr26dmfxecr4tw5qstbw1dxrsd2388ed6kw7f36yetxgb4kt8f01mfqs98sqjvq05fcpjtp143d22x4rkzrqmjgkpk9v54eyn396c3ewnnbfh2dn30g3ccf7x7b31kg9bgvnhmzv4bp5mkcya3snjf0rnwkj4m6g62g2zkf2qf00bpfj5x03z0x4n5y3qph5skc33f57y0wjr5zq88nbn29qch4gez1p3b3k9ym4hr4a0jbqway3keg353rf8ypb3zhxay33st3zhbg8sfycgdqmbntd3tmv2q65c5ej1scd301ch8h0xcs2k73sdm41871t7ypa8bhy53393e4hq8ypnk2zs0786kcb9sfs69eqnh94p1&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCLk-BDYosY_b-H4zu3gOFj7yYCJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTEyNzY2NDE0MzQ2NTEzNjCgAcKu6N0DyAEJqQJytCsqX4mwPuACAKgDAaoEkwJP0NzPBm30HQzy1Ho9kFRPUhjh2lIQDxjcauTEsDDAmkvTJxe0wHz_B-JJxcP0MNQGyWXEHKWnRSwW3QlK8OyS0y3FMEy4g7kbveaCf4Hrz71go-2ZMPYTqZbRkZLe7kEO51fOnw7pY3105GWkHuwbXuMgeTnLHOcocUwcSI2etyUKgMdSmoqbX2rqXAkk3pMqqn0GSGQcACEteaK1EigxTGs_ramlV2JtZZIsM9Cty5Z3yG4R1D0K_JtJ9Z2ZPlT9Auwj-Zac5X7vF_A5Q0V3oupuRQdUy24owghuvcY_LUtj9-_HkkXzfQ-NZEXqc2I4g90SrMUaVFKXSyQQtT0qS7F90gTYkf9cc1eOc0VjONX66OAEAYAGv8uJxrfT-dFboAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2jJRgiVXjgZri6ziBY-Q12dASoWw%26client%3Dca-pub-1276641434651360%26adurl%3D

Requested by

Host: 82949896b9ac300f85ab93d8e62ae5e8.safeframe.googlesyndication.com
URL: https://82949896b9ac300f85ab93d8e62ae5e8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8b5b42dcee2d01db3cc335da9dec2039688f8278014a7b876faec10248a676be

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-ancestors * data:;frame-src ;img-src data:;manifest-src 'none';media-src 'none';navigate-to ;object-src 'none';prefetch-src 'none';script-src 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://82949896b9ac300f85ab93d8e62ae5e8.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 74ec56777fb4bbcd-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Thu, 22 Sep 2022 16:15:10 GMT
expires: 0
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220919/r20110914/client/ Frame E6B3 3 KB
2 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220919/r20110914/client/window_focus_fy2021.js

Requested by

Host: 82949896b9ac300f85ab93d8e62ae5e8.safeframe.googlesyndication.com
URL: https://82949896b9ac300f85ab93d8e62ae5e8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://82949896b9ac300f85ab93d8e62ae5e8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 16:07:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 451
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 06 Oct 2022 16:07:38 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame C879 1 KB
749 B 49ms
48ms Document
text/html 2a00:1450:400d:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 82949896b9ac300f85ab93d8e62ae5e8.safeframe.googlesyndication.com
URL: https://82949896b9ac300f85ab93d8e62ae5e8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://82949896b9ac300f85ab93d8e62ae5e8.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 31477
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: gzip
content-length: 724
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 22 Sep 2022 07:30:32 GMT
etag: 48472445140208031
expires: Fri, 23 Sep 2022 07:30:32 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220919/r20110914/client/ Frame E6B3 17 KB
7 KB 95ms
93ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220919/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 82949896b9ac300f85ab93d8e62ae5e8.safeframe.googlesyndication.com
URL: https://82949896b9ac300f85ab93d8e62ae5e8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

343e8bb1ac79eaf674b71ae9b5da8696724016649576600cdeaf11b69704ea40

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://82949896b9ac300f85ab93d8e62ae5e8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 16:12:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 163
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7568
x-xss-protection: 0
server: cafe
etag: 16266204680973569043
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 06 Oct 2022 16:12:26 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame E6B3 0
0 81ms
69ms Image
text/html 2a00:1450:400d:80d::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSXfYoZzVpWK5QFeP5Z3y5V7BaZTL72PDY8kkwONxLptIcERzaf8r-bK3XZOUw3dIzpKooug5Ge1Rd-8G1Nvm86luR27Q
Requested by: Host: 82949896b9ac300f85ab93d8e62ae5e8.safeframe.googlesyndication.com
URL: https://82949896b9ac300f85ab93d8e62ae5e8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400d:80d::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://82949896b9ac300f85ab93d8e62ae5e8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

GET
H2 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame E6B3 22 KB
7 KB 96ms
95ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js

Requested by

Host: 82949896b9ac300f85ab93d8e62ae5e8.safeframe.googlesyndication.com
URL: https://82949896b9ac300f85ab93d8e62ae5e8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://82949896b9ac300f85ab93d8e62ae5e8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 07:13:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 118915
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7022
x-xss-protection: 0
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 21 Sep 2023 07:13:14 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame E6B3 140 KB
44 KB 118ms
117ms Script
text/javascript 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 82949896b9ac300f85ab93d8e62ae5e8.safeframe.googlesyndication.com
URL: https://82949896b9ac300f85ab93d8e62ae5e8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0d71b1f9bb2c1439edff9c640fedc7e649eeaa3a1d5b5b08199a6877b3328a71

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://82949896b9ac300f85ab93d8e62ae5e8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 16:15:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44544
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1663587528796173"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 22 Sep 2022 16:15:09 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220919/r20110914/client/ Frame E7EF 3 KB
1 KB 82ms
80ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220919/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1276641434651360&output=html&h=250&slotname=8643744899&adk=4247685595&adf=2077365685&pi=t.ma~as.8643744899&w=300&lmt=1663863309&psa=0&format=300x250&url=https%3A%2F%2Fwww.secretchina.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663863309078&bpp=2&bdt=846&idt=441&shv=r20220919&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4919006936931&frm=20&pv=1&ga_vid=1254467972.1663863309&ga_sid=1663863309&ga_hid=40775171&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=832&ady=3983&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44767667%2C44771548%2C21066434%2C31062931&oid=2&pvsid=1944477135176017&tmod=126481747&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=JcYJJHeZW2&p=https%3A//www.secretchina.com&dtd=448

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 16:07:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 451
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 06 Oct 2022 16:07:38 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220919/r20110914/client/ Frame E7EF 17 KB
7 KB 71ms
70ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220919/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

343e8bb1ac79eaf674b71ae9b5da8696724016649576600cdeaf11b69704ea40

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 16:12:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 163
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7568
x-xss-protection: 0
server: cafe
etag: 16266204680973569043
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 06 Oct 2022 16:12:26 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame E7EF 0
0 88ms
87ms Image
text/html 2a00:1450:400d:80d::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRWboOqB__JrwU1PI_M_hWXBHgXNKIK2jn3koHZyhLr-PYma4Kbl3-Gg_7JeJ6dGGhy07_YpFR0EYf9ZDfMFhmQhZ6L_g
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1276641434651360&output=html&h=250&slotname=8643744899&adk=4247685595&adf=2077365685&pi=t.ma~as.8643744899&w=300&lmt=1663863309&psa=0&format=300x250&url=https%3A%2F%2Fwww.secretchina.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663863309078&bpp=2&bdt=846&idt=441&shv=r20220919&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4919006936931&frm=20&pv=1&ga_vid=1254467972.1663863309&ga_sid=1663863309&ga_hid=40775171&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=832&ady=3983&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44767667%2C44771548%2C21066434%2C31062931&oid=2&pvsid=1944477135176017&tmod=126481747&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=JcYJJHeZW2&p=https%3A//www.secretchina.com&dtd=448
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400d:80d::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame E7EF 140 KB
44 KB 202ms
201ms Script
text/javascript 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0d71b1f9bb2c1439edff9c640fedc7e649eeaa3a1d5b5b08199a6877b3328a71

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 16:15:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44544
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1663587528796173"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 22 Sep 2022 16:15:10 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame E7EF 0
0 153ms
153ms Fetch
text/html 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C00fWDYosY-GGKKeQ78EPp6KvmAuQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0xMjc2NjQxNDM0NjUxMzYwoAHCrujdA8gBCakCLi0QhmKOsD6oAwGqBOcBT9ARCigLB4Ud3VwMcxQqWZKT9eM4d3gP9FOWz16aOKhPNB0_OhZFkAUkzhHvuUq3at-aOa-le-Ldq3kjK1nzVbj1iNJKHLwtiHltELYT10UcrmlDykeNAXtg5GAO8thcoYYrZJGKvuhooYf__0zkGWxFvpnux3GBoLje9ECqcECZXq9DhKOKJ8PsWBlWOjClD9PWrBU5SGUB2hT5cT8x0fzWeWglAO3ws6qOgTWvptBXW-qho7jIKRjaYurCzPb3ZWzvhsCxPYe2tjPcMmv_ohDgWvyqwCetBeCDkFJzs3uSVq261DaBgAbxur7BzIOftfwBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQIAKAfoLAggBgAwB0BUBgBcBshcaChgSFHB1Yi0xMjc2NjQxNDM0NjUxMzYwGAA&sigh=2QFWcdsCIq4&uach_m=[UACH]&cid=CAQSKQCsnQUx7qfWqnrUpAMou8bVTarJ05xuLvn1vxlP2gZ2RBYW66xnpFB9GAE

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1276641434651360&output=html&h=250&slotname=8643744899&adk=4247685595&adf=2077365685&pi=t.ma~as.8643744899&w=300&lmt=1663863309&psa=0&format=300x250&url=https%3A%2F%2Fwww.secretchina.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663863309078&bpp=2&bdt=846&idt=441&shv=r20220919&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4919006936931&frm=20&pv=1&ga_vid=1254467972.1663863309&ga_sid=1663863309&ga_hid=40775171&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=832&ady=3983&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44767667%2C44771548%2C21066434%2C31062931&oid=2&pvsid=1944477135176017&tmod=126481747&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=JcYJJHeZW2&p=https%3A//www.secretchina.com&dtd=448
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Thu, 22 Sep 2022 16:15:10 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 204 winResponse
prod-rtb.ad4mat.net/ Frame E7EF 0
0 159ms
116ms Fetch
image/gif 2600:1901:0:76b9::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://prod-rtb.ad4mat.net/winResponse?a=1h7xwvtv1py3hxtx7b92es9egvzyzbfe4faqk1gw955a60tzy3abgbwrbtmh21t7bhapdsa4ts8x9gzrwy3ckvm5mv207pw97603fmcsf802nxcw5v15tq85wyha93xnzrkbe410v1qtxs6b4tqd0jnqbgm2xp9h2reshh7dr7sr12qf7a293dq18s2rqmdcchbkn2k9bepfwmam5bk4k32dnkwtq4vgmb3pcjt01k1vp7vjhe7n05zdfgvfe8nffppz34a52dmvsckvvh6jh0ch9mpjnv1dnbjf28tvcgaq3e61weszqh805smecmr9vevv53ewesmxgzhweypzndhpwfz8gtb864ds1jm0chd8qatrgarayy7yrrwwpjn0rmg2x8aqp2qbw1njcjqpe90&b=YyyKDQAKA2ECO8gnAAvRJ7TO-f6VMSeEgKXukA
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1276641434651360&output=html&h=250&slotname=8643744899&adk=4247685595&adf=2077365685&pi=t.ma~as.8643744899&w=300&lmt=1663863309&psa=0&format=300x250&url=https%3A%2F%2Fwww.secretchina.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663863309078&bpp=2&bdt=846&idt=441&shv=r20220919&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4919006936931&frm=20&pv=1&ga_vid=1254467972.1663863309&ga_sid=1663863309&ga_hid=40775171&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=832&ady=3983&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44767667%2C44771548%2C21066434%2C31062931&oid=2&pvsid=1944477135176017&tmod=126481747&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=JcYJJHeZW2&p=https%3A//www.secretchina.com&dtd=448
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 22 Sep 2022 16:15:10 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: image/gif

GET
H2 200 dr Show response
as.ad4m.at/ad/ Frame 38CD 2 KB
1 KB 56ms
43ms Document
text/html 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/dr?ed=1kph083wevzmw8x96t6bprv2jt8s98hdv0yasw1sxb6mrck2pqf76fvfcfqsdqbrz37cm6e4q579z0rxm7zymfft5mend32t9717aaajrm8jt3ptszswva2p5k99qsrxcqhxd3mdx38re6v053jv6b63h5qm4md1h2n6k3cb507zr9xz2h5sdhc7b2j2zj9xptksvzq455zyj5dpx4wac67he3mx60s0mzfc80c6vt878gbq1xds153dwjpp0hdgtqswghgt8mmbzce5apz1tbh06cr25c962mshyae6n1kbszqbeacd81y9dpjag5tbadz2j08amzdexyeg403hw4y8mr6qmv2x085200ktamp9x9stss1dcjq7p3mq4d50r2mm1pdcxgfsca7cs69j33ema6z7dztkyg&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCo8u0DYosY-GGKKeQ78EPp6KvmAuQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0xMjc2NjQxNDM0NjUxMzYwoAHCrujdA8gBCakCLi0QhmKOsD6oAwGqBOoBT9ARCigLB4Ud3VwMcxQqWZKT9eM4d3gP9FOWz16aOKhPNB0_OhZFkAUkzhHvuUq3at-aOa-le-Ldq3kjK1nzVbj1iNJKHLwtiHltELYT10UcrmlDykeNAXtg5GAO8thcoYYrZJGKvuhooYf__0zkGWxFvpnux3GBoLje9ECqcECZXq9DhKOKJ8PsWBlWOjClD9PWrBU5SGUB2hT5cT8x0fzWeWglAO3ws6qOgTWvptBXW-qho7jIKRjaYurCzPb3ZS7tp1JmxAD2frSUpLG2MOLZTvYHygm12GBB2cCLJ2W-TnhmS3ZJqzeVgAbxur7BzIOftfwBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3p4uolVJNVC0aDHq4ngYT2MOQ4sg%26client%3Dca-pub-1276641434651360%26adurl%3D

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a80508bf63af592a7c7c949686613cc9c1b448fa22e2b4ce8c695bf7a6bcaee6

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-ancestors * data:;frame-src ;img-src data:;manifest-src 'none';media-src 'none';navigate-to ;object-src 'none';prefetch-src 'none';script-src 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 74ec56777fb7bbcd-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Thu, 22 Sep 2022 16:15:10 GMT
expires: 0
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 7FA5 1 KB
749 B 73ms
71ms Document
text/html 2a00:1450:400d:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 31478
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: gzip
content-length: 724
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 22 Sep 2022 07:30:32 GMT
etag: 48472445140208031
expires: Fri, 23 Sep 2022 07:30:32 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012209072154000/ Frame 8F29 220 KB
60 KB 169ms
53ms Script
text/javascript 2a00:1450:400d:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012209072154000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092001.js?cb=31069792

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ab720224c1548ed676ca1a6e9f2ecbb3d92fe43ab4e573de9246e48f440a4636

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.secretchina.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 255974
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 61518
x-xss-protection: 0
server: sffe
date: Mon, 19 Sep 2022 17:08:56 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "b9e6b1d3ca7cc68d"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 19 Sep 2023 17:08:56 GMT

GET
H3 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012209072154000/v0/ Frame 8F29 14 KB
5 KB 261ms
145ms Script
text/javascript 2a00:1450:400d:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012209072154000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092001.js?cb=31069792

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

efff01c62418d6f4467c02e31f8c01ec7c4459e9310654f6dcbc30120a385209

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.secretchina.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 255974
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5208
x-xss-protection: 0
server: sffe
date: Mon, 19 Sep 2022 17:08:56 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "dcaf3864e0ab6b08"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 19 Sep 2023 17:08:56 GMT

GET
H3 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012209072154000/v0/ Frame 8F29 94 KB
28 KB 167ms
52ms Script
text/javascript 2a00:1450:400d:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012209072154000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092001.js?cb=31069792

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

527d0808216e24ce838e14ffd686947cd4a8719fd9562a21412ed08c8ac14614

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.secretchina.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 255974
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28888
x-xss-protection: 0
server: sffe
date: Mon, 19 Sep 2022 17:08:56 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "95b4b320f7966d1a"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 19 Sep 2023 17:08:56 GMT

GET
H3 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012209072154000/v0/ Frame 8F29 5 KB
2 KB 258ms
143ms Script
text/javascript 2a00:1450:400d:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012209072154000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092001.js?cb=31069792

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

607150d742ffb67d983e9bd23ab87e0d436f68776c67898c57db306319840cb5

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.secretchina.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 255974
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1908
x-xss-protection: 0
server: sffe
date: Mon, 19 Sep 2022 17:08:56 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "5561dff7c028bd87"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 19 Sep 2023 17:08:56 GMT

GET
H3 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012209072154000/v0/ Frame 8F29 40 KB
13 KB 231ms
116ms Script
text/javascript 2a00:1450:400d:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012209072154000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092001.js?cb=31069792

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dd22c52347ad42343ca4c6fa76a783715312f1f4a35e97f937611a5b26aa2354

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.secretchina.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 255974
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12958
x-xss-protection: 0
server: sffe
date: Mon, 19 Sep 2022 17:08:56 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "00747b471d2f1a24"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 19 Sep 2023 17:08:56 GMT

GET
H3 200 zh_cn.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 8F29 3 KB
3 KB 138ms
39ms Image
image/png 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/zh_cn.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092001.js?cb=31069792

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b287987abdcc38e98f8d96f5fcff98d98460c0002b2fec0f0b625b77f2948055

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.secretchina.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 21:01:49 GMT
x-content-type-options: nosniff
server: cafe
age: 69201
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag: 12051390396603846657
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3217
x-xss-protection: 0
expires: Thu, 22 Sep 2022 21:01:49 GMT

GET
H3 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 8F29 344 B
368 B 136ms
38ms Image
image/png 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092001.js?cb=31069792

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.secretchina.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 09:36:15 GMT
x-content-type-options: nosniff
server: cafe
age: 23935
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag: 6766994032117382215
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 344
x-xss-protection: 0
expires: Fri, 23 Sep 2022 09:36:15 GMT

GET
DATA 200
OK truncated
/ Frame 8F29 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 20c10df6a16228d9258ba2a1eb43cb582df169e05b1ab0bbbaa97348602034a5

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 9851493550472167152
tpc.googlesyndication.com/simgad/ Frame 8F29 38 KB
38 KB 137ms
43ms Image
image/png 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/9851493550472167152?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qkMzOqy1rbpbFd0TZUAxNbdacm7oA

Requested by

Host: www.secretchina.com
URL: https://www.secretchina.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

de3e48d53dbda70907592005c1b2cde635d692ecdee8e4acdc96af21f2c59c58

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.secretchina.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 11:08:46 GMT
x-content-type-options: nosniff
age: 18384
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38911
x-xss-protection: 0
last-modified: Thu, 09 Jun 2022 16:34:52 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 22 Sep 2023 11:08:46 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 8F29 0
0 82ms
71ms Image
text/html 2a00:1450:400d:80d::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSaOyIOQ1aFo45Ii7m08g3_MUlj1ap4c8Qp3TcRVBrJulWq1g-J8E6caTy_v62qxlt8Fqx9TWLHH74T0dgYIx6wKENa6Q
Requested by: Host: www.secretchina.com
URL: https://www.secretchina.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400d:80d::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.secretchina.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 8F29 0
0 110ms
100ms Image
text/html 2a00:1450:400d:805::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CiGM3DYosY669H5mt3wPAmaWAD97nu5RsmdPd_qEQiJT4h7MCEAEghLWYF2CV4pCCoAegAY2h05kDyAEC4AIAqAMByAMIqgSKAk_Q6om4S-P0-2BwhAFlU2sW2aFDeeVhpBsBlPAHS5yWU_7rJwdPf5y59ZPxbvb3MMZb2iBKWUiX5mU52WnIMGIF38wUAGcp-n5ZgkCRh2SIsEZGrkHXWN8bocdqugYLjK3PbldjVj30U-JGyelxrkOfmt8ZQYGnTnyAZLJP6VgQmmP4Zqalm7lLgGqdAhK20O73AagypPki2HpyFX4ouQ4F5bhBbeAONov3-e41mSmWOF5RUuDS9_7Zg449wHvM56C2TcrObVWSsMACVJRgIlbsmhcTFNzlDfJrVYDcgr54Z2JEJd3fbmaY6tYjvr8MRarpP3_SiQ0UmhpwFbieA65j9qQpsLwlInfHwASQqaT3lATgBAGSBQQIBBgBkgUECAUYBKAGAoAH296sZqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcEEPjmCNIIEQiA4YAQEAEYHTICqgI6AoBAgAoByAsB2BMN0BUBgBcBshceChwIABIUcHViLTEyNzY2NDE0MzQ2NTEzNjAY6qMa&sigh=1omsOkh9udA&uach_m=[UACH]
Requested by: Host: www.secretchina.com
URL: https://www.secretchina.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400d:805::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.secretchina.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.23/one-ad/ Frame A958 85 KB
11 KB 53ms
31ms Stylesheet
text/css 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/style/0.1.23/one-ad/default.css

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1k18xfz2q6qky9x7phpjs314xay6barkah7ycbj4b2pk2yzr26dmfxecr4tw5qstbw1dxrsd2388ed6kw7f36yetxgb4kt8f01mfqs98sqjvq05fcpjtp143d22x4rkzrqmjgkpk9v54eyn396c3ewnnbfh2dn30g3ccf7x7b31kg9bgvnhmzv4bp5mkcya3snjf0rnwkj4m6g62g2zkf2qf00bpfj5x03z0x4n5y3qph5skc33f57y0wjr5zq88nbn29qch4gez1p3b3k9ym4hr4a0jbqway3keg353rf8ypb3zhxay33st3zhbg8sfycgdqmbntd3tmv2q65c5ej1scd301ch8h0xcs2k73sdm41871t7ypa8bhy53393e4hq8ypnk2zs0786kcb9sfs69eqnh94p1&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCLk-BDYosY_b-H4zu3gOFj7yYCJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTEyNzY2NDE0MzQ2NTEzNjCgAcKu6N0DyAEJqQJytCsqX4mwPuACAKgDAaoEkwJP0NzPBm30HQzy1Ho9kFRPUhjh2lIQDxjcauTEsDDAmkvTJxe0wHz_B-JJxcP0MNQGyWXEHKWnRSwW3QlK8OyS0y3FMEy4g7kbveaCf4Hrz71go-2ZMPYTqZbRkZLe7kEO51fOnw7pY3105GWkHuwbXuMgeTnLHOcocUwcSI2etyUKgMdSmoqbX2rqXAkk3pMqqn0GSGQcACEteaK1EigxTGs_ramlV2JtZZIsM9Cty5Z3yG4R1D0K_JtJ9Z2ZPlT9Auwj-Zac5X7vF_A5Q0V3oupuRQdUy24owghuvcY_LUtj9-_HkkXzfQ-NZEXqc2I4g90SrMUaVFKXSyQQtT0qS7F90gTYkf9cc1eOc0VjONX66OAEAYAGv8uJxrfT-dFboAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2jJRgiVXjgZri6ziBY-Q12dASoWw%26client%3Dca-pub-1276641434651360%26adurl%3D

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

34c3ae81cd958df09f8912557b0a7c53fea002cc24b4d6058d852da53811e414

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/dr?ed=1k18xfz2q6qky9x7phpjs314xay6barkah7ycbj4b2pk2yzr26dmfxecr4tw5qstbw1dxrsd2388ed6kw7f36yetxgb4kt8f01mfqs98sqjvq05fcpjtp143d22x4rkzrqmjgkpk9v54eyn396c3ewnnbfh2dn30g3ccf7x7b31kg9bgvnhmzv4bp5mkcya3snjf0rnwkj4m6g62g2zkf2qf00bpfj5x03z0x4n5y3qph5skc33f57y0wjr5zq88nbn29qch4gez1p3b3k9ym4hr4a0jbqway3keg353rf8ypb3zhxay33st3zhbg8sfycgdqmbntd3tmv2q65c5ej1scd301ch8h0xcs2k73sdm41871t7ypa8bhy53393e4hq8ypnk2zs0786kcb9sfs69eqnh94p1&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCLk-BDYosY_b-H4zu3gOFj7yYCJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTEyNzY2NDE0MzQ2NTEzNjCgAcKu6N0DyAEJqQJytCsqX4mwPuACAKgDAaoEkwJP0NzPBm30HQzy1Ho9kFRPUhjh2lIQDxjcauTEsDDAmkvTJxe0wHz_B-JJxcP0MNQGyWXEHKWnRSwW3QlK8OyS0y3FMEy4g7kbveaCf4Hrz71go-2ZMPYTqZbRkZLe7kEO51fOnw7pY3105GWkHuwbXuMgeTnLHOcocUwcSI2etyUKgMdSmoqbX2rqXAkk3pMqqn0GSGQcACEteaK1EigxTGs_ramlV2JtZZIsM9Cty5Z3yG4R1D0K_JtJ9Z2ZPlT9Auwj-Zac5X7vF_A5Q0V3oupuRQdUy24owghuvcY_LUtj9-_HkkXzfQ-NZEXqc2I4g90SrMUaVFKXSyQQtT0qS7F90gTYkf9cc1eOc0VjONX66OAEAYAGv8uJxrfT-dFboAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2jJRgiVXjgZri6ziBY-Q12dASoWw%26client%3Dca-pub-1276641434651360%26adurl%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 16:15:10 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
age: 871074
cross-origin-embedder-policy: unsafe-none
cf-polished: origSize=86781
surrogate-control: no-store
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=86400; includeSubDomains; preload
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: same-origin
last-modified: Mon, 12 Sep 2022 14:17:16 GMT
server: cloudflare
cross-origin-opener-policy: unsafe-none
x-download-options: noopen
vary: accept-encoding
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
content-type: text/css; charset=utf-8
expires: 0
cache-control: max-age=3600, must-revalidate, proxy-revalidate
cf-ray: 74ec56786f839bb0-FRA
cf-bgj: minify

GET
H2 200 fxpcopuw.js Show response
ad4m.at/ Frame A958 36 KB
12 KB 61ms
33ms Script
application/javascript 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/fxpcopuw.js
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1k18xfz2q6qky9x7phpjs314xay6barkah7ycbj4b2pk2yzr26dmfxecr4tw5qstbw1dxrsd2388ed6kw7f36yetxgb4kt8f01mfqs98sqjvq05fcpjtp143d22x4rkzrqmjgkpk9v54eyn396c3ewnnbfh2dn30g3ccf7x7b31kg9bgvnhmzv4bp5mkcya3snjf0rnwkj4m6g62g2zkf2qf00bpfj5x03z0x4n5y3qph5skc33f57y0wjr5zq88nbn29qch4gez1p3b3k9ym4hr4a0jbqway3keg353rf8ypb3zhxay33st3zhbg8sfycgdqmbntd3tmv2q65c5ej1scd301ch8h0xcs2k73sdm41871t7ypa8bhy53393e4hq8ypnk2zs0786kcb9sfs69eqnh94p1&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCLk-BDYosY_b-H4zu3gOFj7yYCJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTEyNzY2NDE0MzQ2NTEzNjCgAcKu6N0DyAEJqQJytCsqX4mwPuACAKgDAaoEkwJP0NzPBm30HQzy1Ho9kFRPUhjh2lIQDxjcauTEsDDAmkvTJxe0wHz_B-JJxcP0MNQGyWXEHKWnRSwW3QlK8OyS0y3FMEy4g7kbveaCf4Hrz71go-2ZMPYTqZbRkZLe7kEO51fOnw7pY3105GWkHuwbXuMgeTnLHOcocUwcSI2etyUKgMdSmoqbX2rqXAkk3pMqqn0GSGQcACEteaK1EigxTGs_ramlV2JtZZIsM9Cty5Z3yG4R1D0K_JtJ9Z2ZPlT9Auwj-Zac5X7vF_A5Q0V3oupuRQdUy24owghuvcY_LUtj9-_HkkXzfQ-NZEXqc2I4g90SrMUaVFKXSyQQtT0qS7F90gTYkf9cc1eOc0VjONX66OAEAYAGv8uJxrfT-dFboAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2jJRgiVXjgZri6ziBY-Q12dASoWw%26client%3Dca-pub-1276641434651360%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 22cadce4f1aad2a4af3657f90efa02d4e3d32217fdf307ff69512771d1fb08ab

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 16:15:10 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 192889
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 27 Jul 2022 10:39:36 GMT
server: cloudflare
etag: W/"1a2552545a3303319c45b19addfd8947"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bEH4rkH%2FCnfOKTMENvNvpAufduLS%2Bg7YsYS0KZiUEarDG6nTa%2FJeQ8y7v9YVzkQMecgB3o8IGyeSiCtt598uvhbwjNBJEGqm%2B%2FabLWcpwRa3xc0gg52tHsAOxTnM6Ak0I7Buky0%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
expires: Wed, 14 Sep 2022 13:04:27 GMT
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray: 74ec567879ccbbcd-FRA
cf-bgj: minify

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.23/one-ad/ Frame 38CD 85 KB
11 KB 56ms
37ms Stylesheet
text/css 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/style/0.1.23/one-ad/default.css

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1kph083wevzmw8x96t6bprv2jt8s98hdv0yasw1sxb6mrck2pqf76fvfcfqsdqbrz37cm6e4q579z0rxm7zymfft5mend32t9717aaajrm8jt3ptszswva2p5k99qsrxcqhxd3mdx38re6v053jv6b63h5qm4md1h2n6k3cb507zr9xz2h5sdhc7b2j2zj9xptksvzq455zyj5dpx4wac67he3mx60s0mzfc80c6vt878gbq1xds153dwjpp0hdgtqswghgt8mmbzce5apz1tbh06cr25c962mshyae6n1kbszqbeacd81y9dpjag5tbadz2j08amzdexyeg403hw4y8mr6qmv2x085200ktamp9x9stss1dcjq7p3mq4d50r2mm1pdcxgfsca7cs69j33ema6z7dztkyg&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCo8u0DYosY-GGKKeQ78EPp6KvmAuQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0xMjc2NjQxNDM0NjUxMzYwoAHCrujdA8gBCakCLi0QhmKOsD6oAwGqBOoBT9ARCigLB4Ud3VwMcxQqWZKT9eM4d3gP9FOWz16aOKhPNB0_OhZFkAUkzhHvuUq3at-aOa-le-Ldq3kjK1nzVbj1iNJKHLwtiHltELYT10UcrmlDykeNAXtg5GAO8thcoYYrZJGKvuhooYf__0zkGWxFvpnux3GBoLje9ECqcECZXq9DhKOKJ8PsWBlWOjClD9PWrBU5SGUB2hT5cT8x0fzWeWglAO3ws6qOgTWvptBXW-qho7jIKRjaYurCzPb3ZS7tp1JmxAD2frSUpLG2MOLZTvYHygm12GBB2cCLJ2W-TnhmS3ZJqzeVgAbxur7BzIOftfwBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3p4uolVJNVC0aDHq4ngYT2MOQ4sg%26client%3Dca-pub-1276641434651360%26adurl%3D

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

34c3ae81cd958df09f8912557b0a7c53fea002cc24b4d6058d852da53811e414

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/dr?ed=1kph083wevzmw8x96t6bprv2jt8s98hdv0yasw1sxb6mrck2pqf76fvfcfqsdqbrz37cm6e4q579z0rxm7zymfft5mend32t9717aaajrm8jt3ptszswva2p5k99qsrxcqhxd3mdx38re6v053jv6b63h5qm4md1h2n6k3cb507zr9xz2h5sdhc7b2j2zj9xptksvzq455zyj5dpx4wac67he3mx60s0mzfc80c6vt878gbq1xds153dwjpp0hdgtqswghgt8mmbzce5apz1tbh06cr25c962mshyae6n1kbszqbeacd81y9dpjag5tbadz2j08amzdexyeg403hw4y8mr6qmv2x085200ktamp9x9stss1dcjq7p3mq4d50r2mm1pdcxgfsca7cs69j33ema6z7dztkyg&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCo8u0DYosY-GGKKeQ78EPp6KvmAuQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0xMjc2NjQxNDM0NjUxMzYwoAHCrujdA8gBCakCLi0QhmKOsD6oAwGqBOoBT9ARCigLB4Ud3VwMcxQqWZKT9eM4d3gP9FOWz16aOKhPNB0_OhZFkAUkzhHvuUq3at-aOa-le-Ldq3kjK1nzVbj1iNJKHLwtiHltELYT10UcrmlDykeNAXtg5GAO8thcoYYrZJGKvuhooYf__0zkGWxFvpnux3GBoLje9ECqcECZXq9DhKOKJ8PsWBlWOjClD9PWrBU5SGUB2hT5cT8x0fzWeWglAO3ws6qOgTWvptBXW-qho7jIKRjaYurCzPb3ZS7tp1JmxAD2frSUpLG2MOLZTvYHygm12GBB2cCLJ2W-TnhmS3ZJqzeVgAbxur7BzIOftfwBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3p4uolVJNVC0aDHq4ngYT2MOQ4sg%26client%3Dca-pub-1276641434651360%26adurl%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 16:15:10 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
age: 871074
cross-origin-embedder-policy: unsafe-none
cf-polished: origSize=86781
surrogate-control: no-store
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=86400; includeSubDomains; preload
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: same-origin
last-modified: Mon, 12 Sep 2022 14:17:16 GMT
server: cloudflare
cross-origin-opener-policy: unsafe-none
x-download-options: noopen
vary: accept-encoding
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
content-type: text/css; charset=utf-8
expires: 0
cache-control: max-age=3600, must-revalidate, proxy-revalidate
cf-ray: 74ec56786f869bb0-FRA
cf-bgj: minify

GET
H2 200 fxpcopuw.js Show response
ad4m.at/ Frame 38CD 36 KB
13 KB 58ms
32ms Script
application/javascript 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/fxpcopuw.js
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1kph083wevzmw8x96t6bprv2jt8s98hdv0yasw1sxb6mrck2pqf76fvfcfqsdqbrz37cm6e4q579z0rxm7zymfft5mend32t9717aaajrm8jt3ptszswva2p5k99qsrxcqhxd3mdx38re6v053jv6b63h5qm4md1h2n6k3cb507zr9xz2h5sdhc7b2j2zj9xptksvzq455zyj5dpx4wac67he3mx60s0mzfc80c6vt878gbq1xds153dwjpp0hdgtqswghgt8mmbzce5apz1tbh06cr25c962mshyae6n1kbszqbeacd81y9dpjag5tbadz2j08amzdexyeg403hw4y8mr6qmv2x085200ktamp9x9stss1dcjq7p3mq4d50r2mm1pdcxgfsca7cs69j33ema6z7dztkyg&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCo8u0DYosY-GGKKeQ78EPp6KvmAuQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0xMjc2NjQxNDM0NjUxMzYwoAHCrujdA8gBCakCLi0QhmKOsD6oAwGqBOoBT9ARCigLB4Ud3VwMcxQqWZKT9eM4d3gP9FOWz16aOKhPNB0_OhZFkAUkzhHvuUq3at-aOa-le-Ldq3kjK1nzVbj1iNJKHLwtiHltELYT10UcrmlDykeNAXtg5GAO8thcoYYrZJGKvuhooYf__0zkGWxFvpnux3GBoLje9ECqcECZXq9DhKOKJ8PsWBlWOjClD9PWrBU5SGUB2hT5cT8x0fzWeWglAO3ws6qOgTWvptBXW-qho7jIKRjaYurCzPb3ZS7tp1JmxAD2frSUpLG2MOLZTvYHygm12GBB2cCLJ2W-TnhmS3ZJqzeVgAbxur7BzIOftfwBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3p4uolVJNVC0aDHq4ngYT2MOQ4sg%26client%3Dca-pub-1276641434651360%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 22cadce4f1aad2a4af3657f90efa02d4e3d32217fdf307ff69512771d1fb08ab

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 16:15:10 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 192889
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 27 Jul 2022 10:39:36 GMT
server: cloudflare
etag: W/"1a2552545a3303319c45b19addfd8947"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gosa4Wno0pT8GMmnapbuW%2F7q6Q8Vukwj7RFIJBEzgGSQn9GNlTdUSW3Rp30aYtEFjyIPTRgra1yNYiBimQfJxQfNU0rFx%2BNS3gjYShemU5CFtcLUWmVOX5GwVyv3FzZLysQq8Hw%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
expires: Wed, 14 Sep 2022 13:04:27 GMT
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray: 74ec567879cbbbcd-FRA
cf-bgj: minify

GET
H2 200 dpixel
cms.quantserve.com/ Frame C879 35 B
462 B 62ms
9ms Image
image/gif 2620:116:800d:21:b314:a0ef:ab7c:d546
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESENcOUr4LwOxdTNBijwfquk4&google_cver=1&google_push=AZmPxg8Iip2qdxuE_Dt8QVawuSTzCtp9n-7U0g1K3ymmLvXGQPsa5CACj9g6VE9chVcXMEhWt-f4bnTgoHF2MYCYP2t9ZBf1EUg

Requested by

Host: 82949896b9ac300f85ab93d8e62ae5e8.safeframe.googlesyndication.com
URL: https://82949896b9ac300f85ab93d8e62ae5e8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:b314:a0ef:ab7c:d546 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 22 Sep 2022 16:15:10 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 200 sync
odr.mookie1.com/t/v2/ Frame C879 43 B
106 B 154ms
21ms Image
image/gif 34.98.67.61
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://odr.mookie1.com/t/v2/sync?tagid=V2_4531&src.visitorid=CAESEGMdUMOrAgLVE8XdedUSNLc&google_push=AZmPxg8XzDTWGXbrwL0sKotOIz3PnRSMUTborA5OWRueChNTQq1E0utaSSF1CjSCon6HneTjpV1ns3fMKmESR0I9WtE3nGCqNNvh&google_cver=1
Requested by: Host: 82949896b9ac300f85ab93d8e62ae5e8.safeframe.googlesyndication.com
URL: https://82949896b9ac300f85ab93d8e62ae5e8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.67.61 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 61.67.98.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 22 Sep 2022 16:15:10 GMT
via: 1.1 google
server: Apache
p3p: CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif;charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-application-context: application
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 dds
rtb.openx.net/sync/ Frame C879 43 B
350 B 149ms
43ms Image
image/gif 35.227.252.103
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESEJV_2qvgj3VWiCg19PoFVlg&google_cver=1&google_push=AZmPxg_HWSwYeDJHkViGXPYPseIC38JULbsvTx0Ps-5D96C0bvnVsy3wNP62ikyQytA5tOewS0G9TQGOityTTtti7_fWmZ47-HLK
Requested by: Host: 82949896b9ac300f85ab93d8e62ae5e8.safeframe.googlesyndication.com
URL: https://82949896b9ac300f85ab93d8e62ae5e8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 103.252.227.35.bc.googleusercontent.com
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 22 Sep 2022 16:15:09 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-request-id: smbubqnach1c6drkl0adcid2kmjluor1

GET
H2 200 UCookieSetPug
image6.pubmatic.com/AdServer/ Frame C879 0
166 B 597ms
15ms Image
text/html 185.64.190.78
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEPXOVpn_1XzwFB0-GSJtBUw&google_cver=1&google_push=AZmPxg_c9fUAuEgcWGeBR9Fa73f2H6iCyhL4XTKGHlVPOJoA1vGTwV-kVYlr4GI9Egz84h7t6InHJzZ24iDStTfGzL4Zv4-J8b3Z
Requested by: Host: 82949896b9ac300f85ab93d8e62ae5e8.safeframe.googlesyndication.com
URL: https://82949896b9ac300f85ab93d8e62ae5e8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 16:15:09 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame C879
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEDkp7yMdcaatrXw5YZ87YUk&google_cver=1&google_push=AZmPxg9mnQJJ2rKzGBWR6c-ztPnfhpqTU1z14o8Pcc0nnuT5SDRNRg0WwyGw8cbFL7qkkI2hLCL...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDhEOTk2UjQtUS1GMERU&google_push=AZmPxg9mnQJJ2rKzGBWR6c-ztPnfhpqTU1z14o8Pcc0nnuT5SDRNRg0WwyGw8cbFL7qkkI2hLCLp7VGiQl9VRYrXuBTq_v8x52c

170 B
232 B

187ms
49ms

Image
image/png

216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDhEOTk2UjQtUS1GMERU&google_push=AZmPxg9mnQJJ2rKzGBWR6c-ztPnfhpqTU1z14o8Pcc0nnuT5SDRNRg0WwyGw8cbFL7qkkI2hLCLp7VGiQl9VRYrXuBTq_v8x52c

Requested by

Host: 82949896b9ac300f85ab93d8e62ae5e8.safeframe.googlesyndication.com
URL: https://82949896b9ac300f85ab93d8e62ae5e8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 22 Sep 2022 16:15:10 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDhEOTk2UjQtUS1GMERU&google_push=AZmPxg9mnQJJ2rKzGBWR6c-ztPnfhpqTU1z14o8Pcc0nnuT5SDRNRg0WwyGw8cbFL7qkkI2hLCLp7VGiQl9VRYrXuBTq_v8x52c
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
content-length: 0
X-RPHost: de8527bfa1ccfd6c1590da0d3b6cff52
Expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame C879
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEHxOQkhyZmXHREglKrkut1I&google_cver=1&googl...
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEHxOQkhyZmXHREglKrkut1I&google_push=AZ...
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEHxOQkhyZmXHREglKrkut1I&google_hm=YyyKDpjq3SH2WD84L9GHAgAAFDwAAAAB&google_nid=index&google_push=AZmPxg-itqxRXXpvQDTXvuHUP6RpY4ijqinxa...

170 B
188 B

136ms
53ms

Image
image/png

216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEHxOQkhyZmXHREglKrkut1I&google_hm=YyyKDpjq3SH2WD84L9GHAgAAFDwAAAAB&google_nid=index&google_push=AZmPxg-itqxRXXpvQDTXvuHUP6RpY4ijqinxae8TDGchw-w1XD_QokrVX2-lZw_dvtREcPIcUJhmaM2pJWJuW9bLIl4YxIw6EFQS

Requested by

Host: 82949896b9ac300f85ab93d8e62ae5e8.safeframe.googlesyndication.com
URL: https://82949896b9ac300f85ab93d8e62ae5e8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 22 Sep 2022 16:15:10 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 22 Sep 2022 16:15:10 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RBVeFkoQoIwwyxwI0vqW62IlAL68RhO6NckQaoJU2OYRlBzO9%2FCmqEP1rxloQTLZ5Nvat8vPXz%2B1A%2BQAUeonge0CHYEHdim8RcDGxhGnN8K6KXg0bwIhXArYVfEGK%2BmPqVAyyASsu%2BdXUw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEHxOQkhyZmXHREglKrkut1I&google_hm=YyyKDpjq3SH2WD84L9GHAgAAFDwAAAAB&google_nid=index&google_push=AZmPxg-itqxRXXpvQDTXvuHUP6RpY4ijqinxae8TDGchw-w1XD_QokrVX2-lZw_dvtREcPIcUJhmaM2pJWJuW9bLIl4YxIw6EFQS
cache-control: no-cache
cf-ray: 74ec567a29e59b86-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: 0

GET googleredir
googlecm.hit.gemius.pl/ Frame C879 0
0

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame C879 0
40 B 339ms
47ms Image
text/html 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LQn1V8owoN1e_aEZlVFAPXH8nfq-SiVkTvOIu_79L6ScBtn7hWsJZ-CCjVyXOUCnk3reGnHQ

Requested by

Host: 82949896b9ac300f85ab93d8e62ae5e8.safeframe.googlesyndication.com
URL: https://82949896b9ac300f85ab93d8e62ae5e8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 16:15:10 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
DATA 200
OK truncated
/ Frame E7EF 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ae242a93977473858caf65fefaa05deb7b88b2a53bf52021b0ee1861c385795e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame E6B3 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8167b3275adf51614740ced2eaac6a5f961c66a49c0dae19680009500b61b1e1

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 6733 0
0 99ms
93ms Fetch
text/html 2a00:1450:400d:805::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=C5cIdDYosY-i1H9Gi3gPUyJ_wDpDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTEyNzY2NDE0MzQ2NTEzNjCgAcKu6N0DyAEJqQIuLRCGYo6wPuACAKgDAaoEkAJP0D6CFnPu0-BEOcw3E6RU9jjxixi3W4aGGMhhWe5UJZowSi1stQAeVmQZKx310VPNYx89TQdOnlGnKUTGwvzB_Wbs2C2pLiFEXVkdxYoX3AVEC2dYLUk8cvlL2_LL_YJrxEk7lYuBXIiFkRMIqjq6rnoGmwiilgfjnyGiQMGWNM9MEHM0YTSJShVJS5uQKdNjcaP_RohowQ-dJruu-WtNDCb3XuivPplAh7AwhcLSelKrGU3H8ON0DRGveKk895pgq34ukE_1GqwfXWL4jZm3wJOJhy28O1ZTqD-mgfEWZQFdsqFnI5M29C4vipxaGFykUZjsMm2V-QtUc3W-J1QpZWncTVICjkd0xHuGYSVWN-AEAYAGv8uJxrfT-dFboAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQIAKAfoLAggBgAwB0BUBgBcBshccChoSFHB1Yi0xMjc2NjQxNDM0NjUxMzYwGOqjGg&sigh=vNtcyzrNR7s&uach_m=[UACH]&cid=CAQSOwCsnQUxU5UfpDkSoQf8wArgIGXluQ5TMOD7qd_B6Gb2L-i56EgE9yi_o9zx6TZSaLc1WULjsuDvtegYGAE
Requested by: Host: www.secretchina.com
URL: https://www.secretchina.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400d:805::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://82949896b9ac300f85ab93d8e62ae5e8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

GET
H3 204 winResponse
prod-rtb.ad4mat.net/ Frame 6733 0
0 117ms
46ms Fetch
image/gif 2600:1901:0:76b9::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://prod-rtb.ad4mat.net/winResponse?a=1kcyj1nw45y6w60cbc6cvkwjwd22qz8h5xrgg3s482t52d34w1h81njjscg2e3gk54pw154mz1d0b9av5cq11yb8ahb0n9ccxg5tzkhk548yaaqt1pntebb9gbznmkf7b6r1nst2qgyhzp1vx45y2ffk8srksb2gqkkabswwvtqcy3bq0magryapstep7a80mvrdp95h00aqymd65qvdc23cx1j6ksb1r5bnk20a4ak791q2gnkdt13skt778m7krjyj5e6tgccq04w1stak50ygq5aenwm6cx5nkfg24yezvthp9t6j50kcqgjg7ccs1g5p54n38nb7qt5n0vq62qkr3tnk9wxb690r3yvvjgkdh9rmj5wf8t9fwpw7mjkkj0gpmsqkn85s52d2f76py9r&b=YyyKDQAH2ugKd5FRAAfkVLqRxs8qK5EjyCKJxg
Requested by: Host: www.secretchina.com
URL: https://www.secretchina.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://82949896b9ac300f85ab93d8e62ae5e8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 22 Sep 2022 16:15:10 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: image/gif

GET
H3 200 dr Show response
as.ad4m.at/ad/ Frame 54B9 2 KB
2 KB 33ms
27ms Document
text/html 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/dr?ed=1je9vfr3hk2n943dhw7v4rc98mmfb2srxd27avm7qmvypjf5mns5kd7zm69gsv1a910j54mv0smfbxfqdvbzrr132647ng12n8yv52k4d6smvc17d606qggwqrf5qg5r7a9nfa9zj786jv3n3w0sghn5hmcv63thazt0qj6r080hch6rjvc1mkbaezpvfc2mc78swee4gmag1yz84vxd6bt64cj7er9yzw2vhtevh22j6pjsvv0sym51byb0fzpx2px7hfm54jfz3bdewg4gcg8y9ht5hynn3q2rnaw2tjwzhvenb661bwtr4rhqwpsy2maxynfmkmqx77kb6229h8v74g7cx6waebqph8vfk9tcyj6282av3wxtg87s97mng9dzytmj85dzxnpm12jf84tg3061bnmg&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCnjuKDYosY-i1H9Gi3gPUyJ_wDpDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTEyNzY2NDE0MzQ2NTEzNjCgAcKu6N0DyAEJqQIuLRCGYo6wPuACAKgDAaoEkwJP0D6CFnPu0-BEOcw3E6RU9jjxixi3W4aGGMhhWe5UJZowSi1stQAeVmQZKx310VPNYx89TQdOnlGnKUTGwvzB_Wbs2C2pLiFEXVkdxYoX3AVEC2dYLUk8cvlL2_LL_YJrxEk7lYuBXIiFkRMIqjq6rnoGmwiilgfjnyGiQMGWNM9MEHM0YTSJShVJS5uQKdNjcaP_RohowQ-dJruu-WtNDCb3XuivPplAh7AwhcLSelKrGU3H8ON0DRGveKk895pgq34ukE_1GqwfXWL4jZm3wJOJhy28O1ZTqD-mgfEWZQFdsqFnI5M29C5tiL3Iz6UjEVBrevtPsJmmSmG0il4HfbRcjxuQdtNq6GNTvboW_2dihOAEAYAGv8uJxrfT-dFboAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0qa8hWRsRMYyzO_Dkf2k12ejc1wA%26client%3Dca-pub-1276641434651360%26adurl%3D

Requested by

Host: 82949896b9ac300f85ab93d8e62ae5e8.safeframe.googlesyndication.com
URL: https://82949896b9ac300f85ab93d8e62ae5e8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

952cd46d81b99b263cb2d0fbe2316e64d330cfbba54e1d599508087ab25b8547

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-ancestors * data:;frame-src ;img-src data:;manifest-src 'none';media-src 'none';navigate-to ;object-src 'none';prefetch-src 'none';script-src 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://82949896b9ac300f85ab93d8e62ae5e8.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 74ec56789ff79bb0-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Thu, 22 Sep 2022 16:15:10 GMT
expires: 0
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220919/r20110914/client/ Frame 6733 3 KB
1 KB 75ms
69ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220919/r20110914/client/window_focus_fy2021.js

Requested by

Host: 82949896b9ac300f85ab93d8e62ae5e8.safeframe.googlesyndication.com
URL: https://82949896b9ac300f85ab93d8e62ae5e8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://82949896b9ac300f85ab93d8e62ae5e8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 15:52:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1334
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 06 Oct 2022 15:52:56 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 7A91 1 KB
749 B 52ms
47ms Document
text/html 2a00:1450:400d:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 82949896b9ac300f85ab93d8e62ae5e8.safeframe.googlesyndication.com
URL: https://82949896b9ac300f85ab93d8e62ae5e8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://82949896b9ac300f85ab93d8e62ae5e8.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 31478
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: gzip
content-length: 724
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 22 Sep 2022 07:30:32 GMT
etag: 48472445140208031
expires: Fri, 23 Sep 2022 07:30:32 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220919/r20110914/client/ Frame 6733 17 KB
7 KB 58ms
52ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220919/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 82949896b9ac300f85ab93d8e62ae5e8.safeframe.googlesyndication.com
URL: https://82949896b9ac300f85ab93d8e62ae5e8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

343e8bb1ac79eaf674b71ae9b5da8696724016649576600cdeaf11b69704ea40

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://82949896b9ac300f85ab93d8e62ae5e8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 15:28:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2811
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7568
x-xss-protection: 0
server: cafe
etag: 16266204680973569043
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 06 Oct 2022 15:28:19 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 6733 0
0 84ms
79ms Image
text/html 2a00:1450:400d:80d::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSE9x9DUSRnvNWQLFgaUrB9yp691JkjY94qfURErdvlNlpw2ySO9uTJsRWXees5SvG4uZHpdruJlRlkBq5EhMgZFXI5tg
Requested by: Host: 82949896b9ac300f85ab93d8e62ae5e8.safeframe.googlesyndication.com
URL: https://82949896b9ac300f85ab93d8e62ae5e8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400d:80d::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://82949896b9ac300f85ab93d8e62ae5e8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame 6733 22 KB
7 KB 65ms
59ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js

Requested by

Host: 82949896b9ac300f85ab93d8e62ae5e8.safeframe.googlesyndication.com
URL: https://82949896b9ac300f85ab93d8e62ae5e8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://82949896b9ac300f85ab93d8e62ae5e8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 07:13:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 118916
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7022
x-xss-protection: 0
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 21 Sep 2023 07:13:14 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 6733 140 KB
44 KB 104ms
97ms Script
text/javascript 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 82949896b9ac300f85ab93d8e62ae5e8.safeframe.googlesyndication.com
URL: https://82949896b9ac300f85ab93d8e62ae5e8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0d71b1f9bb2c1439edff9c640fedc7e649eeaa3a1d5b5b08199a6877b3328a71

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://82949896b9ac300f85ab93d8e62ae5e8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 16:15:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44544
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1663587528796173"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 22 Sep 2022 16:15:10 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 7FA5
Redirect Chain

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEAMOygEeJS_5SDV8Bkfnktc&google_cver=1&google_push=AZmPxg_Z5KbgwLeI6ENdwBdjp5cPNEH5UL9eaL9tF_oh2RSlWMQsmt58MX...
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AZmPxg_Z5KbgwLeI6ENdwBdjp5cPNEH5UL9eaL9tF_oh2RSlWMQsmt58MXwmg1ecUqchewyoWCKcSBNLvx0M_QhelVZTT5O4RrE&google_hm=he2TnCE9fC4_H...

170 B
232 B

126ms
48ms

Image
image/png

216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AZmPxg_Z5KbgwLeI6ENdwBdjp5cPNEH5UL9eaL9tF_oh2RSlWMQsmt58MXwmg1ecUqchewyoWCKcSBNLvx0M_QhelVZTT5O4RrE&google_hm=he2TnCE9fC4_Hy5y3Tqvmw

Requested by

Protocol

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 22 Sep 2022 16:15:10 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AZmPxg_Z5KbgwLeI6ENdwBdjp5cPNEH5UL9eaL9tF_oh2RSlWMQsmt58MXwmg1ecUqchewyoWCKcSBNLvx0M_QhelVZTT5O4RrE&google_hm=he2TnCE9fC4_Hy5y3Tqvmw
pragma: no-cache
date: Thu, 22 Sep 2022 16:15:10 GMT
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
strict-transport-security: max-age=86400
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 7FA5
Redirect Chain

https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAZmPxg8W03Gf...
https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAZmPxg8W03Gf...
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjA5MjIxNjE1MTEwMDA4NjY5NjA5NzI2MA%3D%3D&google_push=AZmPxg8W03Gf_Y2OQ3hRbk0xvUXJk0EjnwAavt6GU581znyRznbIftk2qW-Yer7NCxFkIA...

170 B
188 B

69ms
65ms

Image
image/png

216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjA5MjIxNjE1MTEwMDA4NjY5NjA5NzI2MA%3D%3D&google_push=AZmPxg8W03Gf_Y2OQ3hRbk0xvUXJk0EjnwAavt6GU581znyRznbIftk2qW-Yer7NCxFkIAuSWgFV-6telJG_hz0CyVJYBOglHqM

Requested by

Host: www.secretchina.com
URL: https://www.secretchina.com/

Protocol

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 22 Sep 2022 16:15:11 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjA5MjIxNjE1MTEwMDA4NjY5NjA5NzI2MA%3D%3D&google_push=AZmPxg8W03Gf_Y2OQ3hRbk0xvUXJk0EjnwAavt6GU581znyRznbIftk2qW-Yer7NCxFkIAuSWgFV-6telJG_hz0CyVJYBOglHqM
pragma: no-cache
date: Thu, 22 Sep 2022 16:15:11 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0
strict-transport-security: max-age=2628000
expires: Thu, 22 Sep 2022 16:15:11 GMT

GET
H2 200 sync
odr.mookie1.com/t/v2/ Frame 7FA5 43 B
356 B 34ms
18ms Image
image/gif 34.98.67.61
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://odr.mookie1.com/t/v2/sync?tagid=V2_4531&src.visitorid=CAESELJ1nwyDAdMn1TcjTRIIto8&google_push=AZmPxg9cOsDw-vzlR_hmmEA-2w-nB62rjtGjQcB1k8a1WWBdLPrtKhhqIowl6dtjXwjv8clLpckfd8o0ijPuh9-geqGBNS7fYg&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1276641434651360&output=html&h=250&slotname=8643744899&adk=4247685595&adf=2077365685&pi=t.ma~as.8643744899&w=300&lmt=1663863309&psa=0&format=300x250&url=https%3A%2F%2Fwww.secretchina.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663863309078&bpp=2&bdt=846&idt=441&shv=r20220919&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4919006936931&frm=20&pv=1&ga_vid=1254467972.1663863309&ga_sid=1663863309&ga_hid=40775171&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=832&ady=3983&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44767667%2C44771548%2C21066434%2C31062931&oid=2&pvsid=1944477135176017&tmod=126481747&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=JcYJJHeZW2&p=https%3A//www.secretchina.com&dtd=448
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.67.61 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 61.67.98.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 22 Sep 2022 16:15:10 GMT
via: 1.1 google
server: Apache
p3p: CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif;charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-application-context: application
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 dds
rtb.openx.net/sync/ Frame 7FA5 43 B
134 B 54ms
42ms Image
image/gif 35.227.252.103
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESEHzxlGwK654mAc7tRIgaaN4&google_cver=1&google_push=AZmPxg_V4Gn_Q3tS1_np5tpGq2IfEdTZJYWJAsDv8f-3rUm9xopg0bMyxb--nV1lnPo088Lwyk5bvyl5qGcOxMM7l-nqZ1crdZQ
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1276641434651360&output=html&h=250&slotname=8643744899&adk=4247685595&adf=2077365685&pi=t.ma~as.8643744899&w=300&lmt=1663863309&psa=0&format=300x250&url=https%3A%2F%2Fwww.secretchina.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663863309078&bpp=2&bdt=846&idt=441&shv=r20220919&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4919006936931&frm=20&pv=1&ga_vid=1254467972.1663863309&ga_sid=1663863309&ga_hid=40775171&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=832&ady=3983&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44767667%2C44771548%2C21066434%2C31062931&oid=2&pvsid=1944477135176017&tmod=126481747&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=JcYJJHeZW2&p=https%3A//www.secretchina.com&dtd=448
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 103.252.227.35.bc.googleusercontent.com
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 22 Sep 2022 16:15:10 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-request-id: lovci28kq6cp7s36i3m601dbr59mpe17

GET
H2 200 UCookieSetPug
image6.pubmatic.com/AdServer/ Frame 7FA5 0
41 B 476ms
15ms Image
text/html 185.64.190.78
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEBiAvl0BI5zoPLUmV5gOs7I&google_cver=1&google_push=AZmPxg_yMDVwSVhxItz4_v16WNnL1YxjHEjYA6PQKT1JGlNf9sCsRgE6eq51KW0zIwj5hrKFQh8xFniqtIXz8iHBUEJQsXa3R4g
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1276641434651360&output=html&h=250&slotname=8643744899&adk=4247685595&adf=2077365685&pi=t.ma~as.8643744899&w=300&lmt=1663863309&psa=0&format=300x250&url=https%3A%2F%2Fwww.secretchina.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663863309078&bpp=2&bdt=846&idt=441&shv=r20220919&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4919006936931&frm=20&pv=1&ga_vid=1254467972.1663863309&ga_sid=1663863309&ga_hid=40775171&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=832&ady=3983&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44767667%2C44771548%2C21066434%2C31062931&oid=2&pvsid=1944477135176017&tmod=126481747&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=JcYJJHeZW2&p=https%3A//www.secretchina.com&dtd=448
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 16:15:09 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 7FA5
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESECIGsexYgy0sK_0czo2pZzk&google_cver=1&google_push=AZmPxg_BWi-upForYM-6qqtOG76d3POtna0Be9OS7BvyDWl9nvZ5xeCPWG6Be4nHYwBEvWgJkMi...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDhEOTk2VTAtNy1LVzRV&google_push=AZmPxg_BWi-upForYM-6qqtOG76d3POtna0Be9OS7BvyDWl9nvZ5xeCPWG6Be4nHYwBEvWgJkMia5eQBPehh6X9gLbOjbwyTvQ

170 B
329 B

114ms
48ms

Image
image/png

216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDhEOTk2VTAtNy1LVzRV&google_push=AZmPxg_BWi-upForYM-6qqtOG76d3POtna0Be9OS7BvyDWl9nvZ5xeCPWG6Be4nHYwBEvWgJkMia5eQBPehh6X9gLbOjbwyTvQ

Requested by

Protocol

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 22 Sep 2022 16:15:10 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDhEOTk2VTAtNy1LVzRV&google_push=AZmPxg_BWi-upForYM-6qqtOG76d3POtna0Be9OS7BvyDWl9nvZ5xeCPWG6Be4nHYwBEvWgJkMia5eQBPehh6X9gLbOjbwyTvQ
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
content-length: 0
X-RPHost: de8527bfa1ccfd6c1590da0d3b6cff52
Expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 7FA5
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEDYT7m_OQe6cZiGDNlXky4c&google_cver=1&googl...
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEDYT7m_OQe6cZiGDNlXky4c&google_hm=YyyKDpjq3SH2WD84L9GHAgAAFDwAAAAB&google_nid=index&google_push=AZmPxg_QA7EFb8HoV9EAG519KFud6Yz-kfzYJ...

170 B
188 B

84ms
77ms

Image
image/png

216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEDYT7m_OQe6cZiGDNlXky4c&google_hm=YyyKDpjq3SH2WD84L9GHAgAAFDwAAAAB&google_nid=index&google_push=AZmPxg_QA7EFb8HoV9EAG519KFud6Yz-kfzYJhbsZw1gqkqqFM8tTjkPlFkkiDeZmCVD_XP85wIN1Q4SdgBg154BwpkLqZUat0s

Requested by

Protocol

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 22 Sep 2022 16:15:10 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 22 Sep 2022 16:15:10 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5ki4KTsIeL6Fkng89S%2FXQsmtPlBuvgFhcaCJQKDNjSDrnf9YnLkdyHc2z668ma4n1o1qYPr4I7BktnSNNC7ofNDmGc8obMC8PMKHPw06WqPAQLUa2iqtCHQoBCFCtRSG3n7fqWVv6XiyCw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEDYT7m_OQe6cZiGDNlXky4c&google_hm=YyyKDpjq3SH2WD84L9GHAgAAFDwAAAAB&google_nid=index&google_push=AZmPxg_QA7EFb8HoV9EAG519KFud6Yz-kfzYJhbsZw1gqkqqFM8tTjkPlFkkiDeZmCVD_XP85wIN1Q4SdgBg154BwpkLqZUat0s
cache-control: no-cache
cf-ray: 74ec567a29e09b86-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: 0

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 7FA5 0
223 B 219ms
47ms Image
text/html 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JplAJrSWrwsUaINp_80c6Q1sCx-ouQb0y-z4KUOhX8dK_RQFKis20e7SyDBWIZdbAxo3P3

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 16:15:10 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209080101/ 149 KB
53 KB 107ms
97ms Script
text/javascript 2a00:1450:400d:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209080101/reactive_library_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

de3b6f1ff5b8b679e0e54d395a0550c598f92a72c6c800d3f4cc8197a9e72d56

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.secretchina.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 16:15:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 54572
x-xss-protection: 0
server: cafe
etag: 466377793310845801
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Thu, 22 Sep 2022 16:15:10 GMT

GET
H3 200 container.html Show response
82949896b9ac300f85ab93d8e62ae5e8.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame DD7C 6 KB
3 KB 179ms
47ms Document
text/html 2a00:1450:400d:804::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://82949896b9ac300f85ab93d8e62ae5e8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092001.js?cb=31069792

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:804::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.secretchina.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 22 Sep 2022 16:15:09 GMT
expires: Fri, 22 Sep 2023 16:15:09 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame 85B9
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
0

102ms
101ms

Image
text/html

2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by: Host: www.secretchina.com
URL: https://www.secretchina.com/
Protocol: H3
Server: 2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Redirect headers

date: Thu, 22 Sep 2022 16:15:10 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 container.html Show response
82949896b9ac300f85ab93d8e62ae5e8.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 1CF5 6 KB
3 KB 57ms
49ms Document
text/html 2a00:1450:400d:804::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://82949896b9ac300f85ab93d8e62ae5e8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092001.js?cb=31069792

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:804::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.secretchina.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 22 Sep 2022 16:15:09 GMT
expires: Fri, 22 Sep 2023 16:15:09 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame 38CD 3 KB
4 KB 95ms
41ms Image
image/png 2606:4700:20::681a:71b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/style/0.1.23/one-ad/default.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:71b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-goog-hash: crc32c=v7nNsg==, md5=eUyE0w4hPsahRNZCFfB1UQ==
date: Thu, 22 Sep 2022 16:15:10 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 20767592
x-guploader-uploadid: ADPycdvwP-NwgXqNEbyI2qkcz3h5-Ehsvrbo1BzPr2w5R7YEx4A4494G82MbZGb67-CgTESrTtVZjLf5PX4N9CeItuw
x-goog-storage-class: STANDARD
x-goog-custom-time: 1970-01-01T00:00:00Z
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3262
x-goog-meta-
last-modified: Wed, 09 Jun 2021 12:35:14 GMT
server: cloudflare
etag: "794c84d30e213ec6a144d64215f07551"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HDaNdPxFd5ub%2B8DVmy73wyg8HW1eDUXMzk60Ffhz2r4vTpAFjK9SBIzXeJ1udvCYRqQ7nZZ96wNQNXaVG%2FMyLAJnCoRnIvv%2FPmzmFXRahuCW9yfUEjbweOTTO2zPG3hwk2YxhaLLISOgMdSNLr3IHcrJ"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1623242114099744
content-type: image/png
cache-control: public, max-age=31536000, immutable
x-goog-stored-content-length: 3262
accept-ranges: bytes
cf-ray: 74ec567a89059079-FRA
expires: Wed, 25 Jan 2023 07:28:38 GMT

GET
H2 200 adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame A958 3 KB
3 KB 105ms
52ms Image
image/png 2606:4700:20::681a:71b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/style/0.1.23/one-ad/default.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:71b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-goog-hash: crc32c=v7nNsg==, md5=eUyE0w4hPsahRNZCFfB1UQ==
date: Thu, 22 Sep 2022 16:15:10 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 20767592
x-guploader-uploadid: ADPycdvwP-NwgXqNEbyI2qkcz3h5-Ehsvrbo1BzPr2w5R7YEx4A4494G82MbZGb67-CgTESrTtVZjLf5PX4N9CeItuw
x-goog-storage-class: STANDARD
x-goog-custom-time: 1970-01-01T00:00:00Z
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3262
x-goog-meta-
last-modified: Wed, 09 Jun 2021 12:35:14 GMT
server: cloudflare
etag: "794c84d30e213ec6a144d64215f07551"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9jfayeijlfRwU9BRCwoYo38u7NztQuPubxvsL1duXgqjnRtxLKak9oTBvp%2BFCVL2oECaRL7Bzke0IT4M36j3nWK7N9Mafye5ngoVX9OwRCNG4GUY%2FM6oYuC4fb46uBrxpRePrZNB3aNDnfHCd2lUQTet"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1623242114099744
content-type: image/png
cache-control: public, max-age=31536000, immutable
x-goog-stored-content-length: 3262
accept-ranges: bytes
cf-ray: 74ec567a89079079-FRA
expires: Wed, 25 Jan 2023 07:28:38 GMT

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.23/one-ad/ Frame 54B9 85 KB
11 KB 33ms
32ms Stylesheet
text/css 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/style/0.1.23/one-ad/default.css

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1je9vfr3hk2n943dhw7v4rc98mmfb2srxd27avm7qmvypjf5mns5kd7zm69gsv1a910j54mv0smfbxfqdvbzrr132647ng12n8yv52k4d6smvc17d606qggwqrf5qg5r7a9nfa9zj786jv3n3w0sghn5hmcv63thazt0qj6r080hch6rjvc1mkbaezpvfc2mc78swee4gmag1yz84vxd6bt64cj7er9yzw2vhtevh22j6pjsvv0sym51byb0fzpx2px7hfm54jfz3bdewg4gcg8y9ht5hynn3q2rnaw2tjwzhvenb661bwtr4rhqwpsy2maxynfmkmqx77kb6229h8v74g7cx6waebqph8vfk9tcyj6282av3wxtg87s97mng9dzytmj85dzxnpm12jf84tg3061bnmg&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCnjuKDYosY-i1H9Gi3gPUyJ_wDpDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTEyNzY2NDE0MzQ2NTEzNjCgAcKu6N0DyAEJqQIuLRCGYo6wPuACAKgDAaoEkwJP0D6CFnPu0-BEOcw3E6RU9jjxixi3W4aGGMhhWe5UJZowSi1stQAeVmQZKx310VPNYx89TQdOnlGnKUTGwvzB_Wbs2C2pLiFEXVkdxYoX3AVEC2dYLUk8cvlL2_LL_YJrxEk7lYuBXIiFkRMIqjq6rnoGmwiilgfjnyGiQMGWNM9MEHM0YTSJShVJS5uQKdNjcaP_RohowQ-dJruu-WtNDCb3XuivPplAh7AwhcLSelKrGU3H8ON0DRGveKk895pgq34ukE_1GqwfXWL4jZm3wJOJhy28O1ZTqD-mgfEWZQFdsqFnI5M29C5tiL3Iz6UjEVBrevtPsJmmSmG0il4HfbRcjxuQdtNq6GNTvboW_2dihOAEAYAGv8uJxrfT-dFboAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0qa8hWRsRMYyzO_Dkf2k12ejc1wA%26client%3Dca-pub-1276641434651360%26adurl%3D

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

34c3ae81cd958df09f8912557b0a7c53fea002cc24b4d6058d852da53811e414

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/dr?ed=1je9vfr3hk2n943dhw7v4rc98mmfb2srxd27avm7qmvypjf5mns5kd7zm69gsv1a910j54mv0smfbxfqdvbzrr132647ng12n8yv52k4d6smvc17d606qggwqrf5qg5r7a9nfa9zj786jv3n3w0sghn5hmcv63thazt0qj6r080hch6rjvc1mkbaezpvfc2mc78swee4gmag1yz84vxd6bt64cj7er9yzw2vhtevh22j6pjsvv0sym51byb0fzpx2px7hfm54jfz3bdewg4gcg8y9ht5hynn3q2rnaw2tjwzhvenb661bwtr4rhqwpsy2maxynfmkmqx77kb6229h8v74g7cx6waebqph8vfk9tcyj6282av3wxtg87s97mng9dzytmj85dzxnpm12jf84tg3061bnmg&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCnjuKDYosY-i1H9Gi3gPUyJ_wDpDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTEyNzY2NDE0MzQ2NTEzNjCgAcKu6N0DyAEJqQIuLRCGYo6wPuACAKgDAaoEkwJP0D6CFnPu0-BEOcw3E6RU9jjxixi3W4aGGMhhWe5UJZowSi1stQAeVmQZKx310VPNYx89TQdOnlGnKUTGwvzB_Wbs2C2pLiFEXVkdxYoX3AVEC2dYLUk8cvlL2_LL_YJrxEk7lYuBXIiFkRMIqjq6rnoGmwiilgfjnyGiQMGWNM9MEHM0YTSJShVJS5uQKdNjcaP_RohowQ-dJruu-WtNDCb3XuivPplAh7AwhcLSelKrGU3H8ON0DRGveKk895pgq34ukE_1GqwfXWL4jZm3wJOJhy28O1ZTqD-mgfEWZQFdsqFnI5M29C5tiL3Iz6UjEVBrevtPsJmmSmG0il4HfbRcjxuQdtNq6GNTvboW_2dihOAEAYAGv8uJxrfT-dFboAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0qa8hWRsRMYyzO_Dkf2k12ejc1wA%26client%3Dca-pub-1276641434651360%26adurl%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 16:15:10 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
age: 871074
cross-origin-embedder-policy: unsafe-none
cf-polished: origSize=86781
surrogate-control: no-store
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=86400; includeSubDomains; preload
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: same-origin
last-modified: Mon, 12 Sep 2022 14:17:16 GMT
server: cloudflare
cross-origin-opener-policy: unsafe-none
x-download-options: noopen
vary: accept-encoding
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
content-type: text/css; charset=utf-8
expires: 0
cache-control: max-age=3600, must-revalidate, proxy-revalidate
cf-ray: 74ec567a3b559bb0-FRA
cf-bgj: minify

GET
H3 200 fxpcopuw.js Show response
ad4m.at/ Frame 54B9 36 KB
13 KB 43ms
43ms Script
application/javascript 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/fxpcopuw.js
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1je9vfr3hk2n943dhw7v4rc98mmfb2srxd27avm7qmvypjf5mns5kd7zm69gsv1a910j54mv0smfbxfqdvbzrr132647ng12n8yv52k4d6smvc17d606qggwqrf5qg5r7a9nfa9zj786jv3n3w0sghn5hmcv63thazt0qj6r080hch6rjvc1mkbaezpvfc2mc78swee4gmag1yz84vxd6bt64cj7er9yzw2vhtevh22j6pjsvv0sym51byb0fzpx2px7hfm54jfz3bdewg4gcg8y9ht5hynn3q2rnaw2tjwzhvenb661bwtr4rhqwpsy2maxynfmkmqx77kb6229h8v74g7cx6waebqph8vfk9tcyj6282av3wxtg87s97mng9dzytmj85dzxnpm12jf84tg3061bnmg&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCnjuKDYosY-i1H9Gi3gPUyJ_wDpDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTEyNzY2NDE0MzQ2NTEzNjCgAcKu6N0DyAEJqQIuLRCGYo6wPuACAKgDAaoEkwJP0D6CFnPu0-BEOcw3E6RU9jjxixi3W4aGGMhhWe5UJZowSi1stQAeVmQZKx310VPNYx89TQdOnlGnKUTGwvzB_Wbs2C2pLiFEXVkdxYoX3AVEC2dYLUk8cvlL2_LL_YJrxEk7lYuBXIiFkRMIqjq6rnoGmwiilgfjnyGiQMGWNM9MEHM0YTSJShVJS5uQKdNjcaP_RohowQ-dJruu-WtNDCb3XuivPplAh7AwhcLSelKrGU3H8ON0DRGveKk895pgq34ukE_1GqwfXWL4jZm3wJOJhy28O1ZTqD-mgfEWZQFdsqFnI5M29C5tiL3Iz6UjEVBrevtPsJmmSmG0il4HfbRcjxuQdtNq6GNTvboW_2dihOAEAYAGv8uJxrfT-dFboAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0qa8hWRsRMYyzO_Dkf2k12ejc1wA%26client%3Dca-pub-1276641434651360%26adurl%3D
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 22cadce4f1aad2a4af3657f90efa02d4e3d32217fdf307ff69512771d1fb08ab

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 16:15:10 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 192889
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 27 Jul 2022 10:39:36 GMT
server: cloudflare
etag: W/"1a2552545a3303319c45b19addfd8947"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AP%2Fl1WzJHgdF%2FZlVccC7%2Fr%2F0Oj%2B7TK25W05Pp6Cks4Pt0MTez089Q%2BvO7XdXU6HvELG72Lzs5OilATEqo%2FhIGQ9%2F0inZ4CHOgTpYrCXzrpAyfMxzr2GTsN4sXgb7ud1wZOAaj7g%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray: 74ec567a3b579bb0-FRA
expires: Wed, 14 Sep 2022 13:04:27 GMT

GET
H3

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame 8F29
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
0

117ms
115ms

Image
text/html

2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by: Host: www.secretchina.com
URL: https://www.secretchina.com/
Protocol: H3
Server: 2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Redirect headers

date: Thu, 22 Sep 2022 16:15:10 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 6733 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 29bb765f4277c81b96213b3915a0bc7b7fa8489dc9d02a1c67854de2db8144e7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 frame.html Show response
ad4m.at/ Frame 0CAC 2 KB
1 KB 41ms
40ms Document
text/html 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/frame.html
Requested by: Host: ad4m.at
URL: https://ad4m.at/fxpcopuw.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 2405399
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: public, max-age=3600
cf-cache-status: HIT
cf-ray: 74ec567a9c119bb0-FRA
content-encoding: br
content-language: en
content-type: text/html; charset=utf-8
date: Thu, 22 Sep 2022 16:15:10 GMT
expires: Thu, 25 Aug 2022 20:10:16 GMT
last-modified: Thu, 25 Aug 2022 14:12:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N%2FYMJXl2yI84KI6STC5%2B0eDDkQZMCzGlCBOe2eRW8gPoRaFpQpcrsfwgTE02BRZzmZzgb5l0CFstHL4A8lyiIKH1CeDW4K9AEj3v0yR3uiW7A1L1N2rBhK70UN2FNJ%2BmluFAsrk%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H3 200 frame.html Show response
ad4m.at/ Frame F5EC 2 KB
1 KB 35ms
34ms Document
text/html 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/frame.html
Requested by: Host: ad4m.at
URL: https://ad4m.at/fxpcopuw.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 2405399
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: public, max-age=3600
cf-cache-status: HIT
cf-ray: 74ec567a9c159bb0-FRA
content-encoding: br
content-language: en
content-type: text/html; charset=utf-8
date: Thu, 22 Sep 2022 16:15:10 GMT
expires: Thu, 25 Aug 2022 20:10:16 GMT
last-modified: Thu, 25 Aug 2022 14:12:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uq4%2BtVOF9fPYnbLvEWHyAYY6dfKzHUBdgS9gb0Vnp%2BWFmKTcdbtBK0SzNR7A5dxsAQ49TDjDs%2BOr6MbsW2sFdrcMF9Thg%2B3IyjtCI3XAj%2B2hHjLdcakCF%2BP110Fe0SMShRxkNVI%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 189ms
74ms Script
application/javascript 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.secretchina.com

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.secretchina.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 22 Sep 2022 16:15:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 183ms
70ms Script
application/javascript 2a00:1450:400d:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.secretchina.com

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.secretchina.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 22 Sep 2022 16:15:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220919/r20110914/ Frame E01C 10 KB
4 KB 51ms
51ms Document
text/html 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220919/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f7408c25067cd0a9d9fe835cb4c05e394a50751d3fcde0c461db19a309abb02a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.secretchina.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 38061
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4420
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 22 Sep 2022 05:40:49 GMT
etag: 9671129459699598864
expires: Thu, 06 Oct 2022 05:40:49 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220919/r20110914/ Frame 36C1 10 KB
4 KB 48ms
48ms Document
text/html 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220919/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f7408c25067cd0a9d9fe835cb4c05e394a50751d3fcde0c461db19a309abb02a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.secretchina.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 38061
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4420
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 22 Sep 2022 05:40:49 GMT
etag: 9671129459699598864
expires: Thu, 06 Oct 2022 05:40:49 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 204 current
dclk-match.dotomi.com/match/bounce/ Frame 7A91 0
104 B 145ms
27ms Image
text/plain 2a02:fa8:8806:12::1370
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEKnGc-yFfIUl1QaAa08cQQo&google_cver=1&google_push=AZmPxg8HwRDyEZgv8YsFRqX6p37sv23sn5f3QEHoYQkUx8n3aZnPw-hBdiJwm127wh9rN6vhYli_CVTTcdB3vVQ5--okdrjp6oyy6w
Requested by: Host: 82949896b9ac300f85ab93d8e62ae5e8.safeframe.googlesyndication.com
URL: https://82949896b9ac300f85ab93d8e62ae5e8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:12::1370 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 22 Sep 2022 16:15:10 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 7A91
Redirect Chain

https://um.simpli.fi/gp_match?google_gid=CAESEM4WHv5IdwBQleU3ndp60hY&google_cver=1&google_push=AZmPxg_x_rK56Asetvrm36Mgh3DjApMXAnDmWSLrQZpq12OCS7Q5qB1QLJX7gtOWXRqmY2_wgY8A6bcGu5i8r-fIJ6ZLDY7uDaI4fd8
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=D31F31B4462D4913BE88CADC94B18DF1&google_push=AZmPxg_x_rK56Asetvrm36Mgh3DjApMXAnDmWSLrQZpq12OCS7Q5qB1QLJX7gtOWXRqmY2_wgY8A6bcGu5i8r-f...

170 B
188 B

56ms
52ms

Image
image/png

216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=D31F31B4462D4913BE88CADC94B18DF1&google_push=AZmPxg_x_rK56Asetvrm36Mgh3DjApMXAnDmWSLrQZpq12OCS7Q5qB1QLJX7gtOWXRqmY2_wgY8A6bcGu5i8r-fIJ6ZLDY7uDaI4fd8

Requested by

Host: 82949896b9ac300f85ab93d8e62ae5e8.safeframe.googlesyndication.com
URL: https://82949896b9ac300f85ab93d8e62ae5e8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 22 Sep 2022 16:15:10 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Thu, 22 Sep 2022 16:15:10 GMT
x-content-type-options: nosniff
server: nginx
location: https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=D31F31B4462D4913BE88CADC94B18DF1&google_push=AZmPxg_x_rK56Asetvrm36Mgh3DjApMXAnDmWSLrQZpq12OCS7Q5qB1QLJX7gtOWXRqmY2_wgY8A6bcGu5i8r-fIJ6ZLDY7uDaI4fd8
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 138
expires: Wed, 21 Sep 2022 16:15:10 GMT

GET
H2 200 google
match.adsrvr.org/track/cmf/ Frame 7A91 70 B
265 B 121ms
32ms Image
image/gif 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/google?google_gid=CAESEH8AIFrkpOLPlbdjjjsBpTE&google_cver=1&google_push=AZmPxg9EJ1OeZadnMcpVaDNDu3ZRinWz0uYROHk93pVcRAyVRLD9yQGj5h1urWkWEhieAczmwY3-FiPUgHwYH4J9bRozMON5DlgdFg
Requested by: Host: 82949896b9ac300f85ab93d8e62ae5e8.safeframe.googlesyndication.com
URL: https://82949896b9ac300f85ab93d8e62ae5e8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 22 Sep 2022 16:15:10 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 7A91
Redirect Chain

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEA9Tbgxh8K_DaYNPTzH4bkk&google_cver=1&google_push=AZmPxg8qWMXwiUTerBRZai_XpzbxCv5ZlTA6acFOl4sqg_UPD-xcl387X2DvjZpjTIqNfT3b0vrnVHYPjkP...
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AZmPxg8qWMXwiUTerBRZai_XpzbxCv5ZlTA6acFOl4sqg_UPD-xcl387X2DvjZpjTIqNfT3b0vrnVHYPjkPNkEPGw9Jv0vlCR3Hvfpc&google_hm=wJdlXjrMTsmSx8PnQ...

170 B
188 B

61ms
55ms

Image
image/png

216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AZmPxg8qWMXwiUTerBRZai_XpzbxCv5ZlTA6acFOl4sqg_UPD-xcl387X2DvjZpjTIqNfT3b0vrnVHYPjkPNkEPGw9Jv0vlCR3Hvfpc&google_hm=wJdlXjrMTsmSx8PnQSXR9aU

Requested by

Host: 82949896b9ac300f85ab93d8e62ae5e8.safeframe.googlesyndication.com
URL: https://82949896b9ac300f85ab93d8e62ae5e8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 22 Sep 2022 16:15:10 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 22 Sep 2022 16:15:10 GMT
via: 1.1 google
server: Apache-Coyote/1.1
status: 302
p3p: CP="NOI DSP COR NID CUR OUR NOR"
location: https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AZmPxg8qWMXwiUTerBRZai_XpzbxCv5ZlTA6acFOl4sqg_UPD-xcl387X2DvjZpjTIqNfT3b0vrnVHYPjkPNkEPGw9Jv0vlCR3Hvfpc&google_hm=wJdlXjrMTsmSx8PnQSXR9aU
cache-control: no-cache, must-revalidate
content-type: text/html;charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 AdxPixel
tr.blismedia.com/v1/api/sync/ Frame 7A91 0
173 B 107ms
19ms Image
text/plain 34.96.105.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESENeULiTMR5wTdunh3aXZivc&google_cver=1&google_push=AZmPxg9Y7kuKZeh4k_ElWLgMWPf-1MUySNzA09fyE0SZMb4c4u7jVJWOC1vo3mJf5jUEZOUcfBw1P3TDGIr0Y8E2hbzDBiGkC9GCGuA
Requested by: Host: 82949896b9ac300f85ab93d8e62ae5e8.safeframe.googlesyndication.com
URL: https://82949896b9ac300f85ab93d8e62ae5e8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.105.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.105.96.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 16:15:10 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 7A91
Redirect Chain

https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEHkVMr-xzDySk8l-c4IDyC8&google_cver=1&google_push=AZmPxg_EkuZEw1z9dDIoarMJS1c7FY3oYfG_HAWW3s5Z5_u-opPpXUeG0wGvmSXPjh-oipUjtT-z3BtdXzVQr4uQ...
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AZmPxg_EkuZEw1z9dDIoarMJS1c7FY3oYfG_HAWW3s5Z5_u-opPpXUeG0wGvmSXPjh-oipUjtT-z3BtdXzVQr4uQ4ZgdGhZ33Bcp1gs

170 B
188 B

53ms
49ms

Image
image/png

216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AZmPxg_EkuZEw1z9dDIoarMJS1c7FY3oYfG_HAWW3s5Z5_u-opPpXUeG0wGvmSXPjh-oipUjtT-z3BtdXzVQr4uQ4ZgdGhZ33Bcp1gs

Requested by

Host: 82949896b9ac300f85ab93d8e62ae5e8.safeframe.googlesyndication.com
URL: https://82949896b9ac300f85ab93d8e62ae5e8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 22 Sep 2022 16:15:10 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Thu, 22 Sep 2022 16:15:10 GMT
via: 1.1 043fc2faaa02eeb59193e3fa300adb6a.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: AMS1-C1
x-cache: FunctionGeneratedResponse from cloudfront
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AZmPxg_EkuZEw1z9dDIoarMJS1c7FY3oYfG_HAWW3s5Z5_u-opPpXUeG0wGvmSXPjh-oipUjtT-z3BtdXzVQr4uQ4ZgdGhZ33Bcp1gs
cache-control: no-cache, must-revalidate
content-length: 0
x-amz-cf-id: JH1VS6ttH7c7nzhd1Cka6kjpEz-YLCSLkBzCtFI1GuPN_fGfgfSBDQ==

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 7A91
Redirect Chain

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEF4LfMkc3yG_eBETmjyGUNw&google_cver=1&google_push=AZmPxg_Gwhg93t1UFzTqCvMSddqJSNe1klGz87ADq-ldDavmjCYz9aSkT1RcSrpmowhXhgq2wq2c1kd-yDfKtjn8dj3RNxCCiQ...
https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=AZmPxg_Gwhg93t1UFzTqCvMSddqJSNe1klGz87ADq-ldDavmjCYz9aSkT1RcSrpmowhXhgq2wq2c1kd-yDfKtjn8dj3RNxCCiQC...
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NzcyMTQ3NDA5NTQ4NTc4OTI0Mzg4&google_push=AZmPxg_Gwhg93t1UFzTqCvMSddqJSNe1klGz87ADq-ldDavmjCYz9aSkT1RcSrpm...

170 B
188 B

53ms
51ms

Image
image/png

216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NzcyMTQ3NDA5NTQ4NTc4OTI0Mzg4&google_push=AZmPxg_Gwhg93t1UFzTqCvMSddqJSNe1klGz87ADq-ldDavmjCYz9aSkT1RcSrpmowhXhgq2wq2c1kd-yDfKtjn8dj3RNxCCiQCjzw

Requested by

Host: 82949896b9ac300f85ab93d8e62ae5e8.safeframe.googlesyndication.com
URL: https://82949896b9ac300f85ab93d8e62ae5e8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 22 Sep 2022 16:15:10 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NzcyMTQ3NDA5NTQ4NTc4OTI0Mzg4&google_push=AZmPxg_Gwhg93t1UFzTqCvMSddqJSNe1klGz87ADq-ldDavmjCYz9aSkT1RcSrpmowhXhgq2wq2c1kd-yDfKtjn8dj3RNxCCiQCjzw
date: Thu, 22 Sep 2022 16:15:10 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 7A91 0
12 B 50ms
48ms Image
text/html 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Jeu1bF0TmEs8cXMQ7dw34FdCFGUxnkZuk1H49DarT32z1ypRoKVU20GeoINOXWeIH8iJHN

Requested by

Host: 82949896b9ac300f85ab93d8e62ae5e8.safeframe.googlesyndication.com
URL: https://82949896b9ac300f85ab93d8e62ae5e8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 16:15:10 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 container.html Show response
82949896b9ac300f85ab93d8e62ae5e8.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame CD7D 6 KB
3 KB 61ms
56ms Document
text/html 2a00:1450:400d:804::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://82949896b9ac300f85ab93d8e62ae5e8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092001.js?cb=31069792

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:804::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.secretchina.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 22 Sep 2022 16:15:09 GMT
expires: Fri, 22 Sep 2023 16:15:09 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame DD7C 0
0 93ms
92ms Fetch
text/html 2a00:1450:400d:805::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CXSOIDYosY_KzL9KprASw-rvABJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTEyNzY2NDE0MzQ2NTEzNjCgAcKu6N0DyAEJqQIuLRCGYo6wPuACAKgDAaoEjQJP0HuRmZSdj-T_urpqJeAzggjDUDltRPbxmp0Jc1Q-burtz8rc0707FVZ_MAwjwfcI9eT6lNeUnC_9T1wPiUv62fHOIzzxiwsi_9pip_8X78tESeEcKWScWQ3rtcWLLJ31uXl2j8GJ2ynpOs-EPVm17YYW7GFshEafdx4Dlha8kX7ls9kgZjyxnNci2z3Gi8PpViUc5xDfAl_ezbxAii_4NvehnKPgyANViCt2c-j2Fbufc2sRGtREkq_3dkYO-kekEyBhJXz7e0KBi-Lb8uXWzw8Dw5WsfBMZ3esD0TdLWoIGQnmPxZLQxIYO-aORVd6MwDR5EhS1KLbjbPplOZvVK6XPNnFLKNFXxT_tdOAEAYAGv8uJxrfT-dFboAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQIAKAfoLAggBgAwB0BUBgBcBshccChoSFHB1Yi0xMjc2NjQxNDM0NjUxMzYwGOqjGg&sigh=ai4X0CSseHw&uach_m=[UACH]&cid=CAQSPACsnQUxbJYzfkFdidkhZXpyqaRLUKc1fzxOdcHx5KuPxXQd2Tzds5hwixapPbHRJmZpuMPT5-FzuYqGxRgB
Requested by: Host: www.secretchina.com
URL: https://www.secretchina.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400d:805::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://82949896b9ac300f85ab93d8e62ae5e8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

GET
H3 204 winResponse
prod-rtb.ad4mat.net/ Frame DD7C 0
0 52ms
51ms Fetch
image/gif 2600:1901:0:76b9::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://prod-rtb.ad4mat.net/winResponse?a=1h75xv629354nngh8akmez1tfvw3bv1mfa3nby8r3t878dyf4c5a08smnvr8gmy25me6tzwpzw85nxcz6jygwmvw0fn80w6ec6y9tjp273yk3e60nm7y31f91xmy6mw8vgavyp3ccrpks10zkjabwxv8cxxjjjk9srdkzjq64g7xbweeh8q2yq6zfvnn3jtzyhmqk5ns83e88w1jpt7722brzha0vp8cdcvxa60t0d02c9fcfxr7xjeq8j9vyyk8sxmea211a0qgkjny3jfz0jdpa6f77czdk585n66g8g72y2e9e1hkkapdrwf9k9ht19amthhmtn8nkp8zq7kgq91g3s552p5nqehmgkh2p7p5nr7txnnher7vtyc0mhmsedcgyd0fd0b4ret9ecnay1r&b=YyyKDQAL2fIKixTSAA79MIbe5tM-v28_ffPXDg
Requested by: Host: www.secretchina.com
URL: https://www.secretchina.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://82949896b9ac300f85ab93d8e62ae5e8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 22 Sep 2022 16:15:10 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: image/gif

GET
H3 200 dr Show response
as.ad4m.at/ad/ Frame CF93 2 KB
2 KB 52ms
29ms Document
text/html 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/dr?ed=1kjtg790vfj0tv3860ntyzxsmzjfqsvf2pft7f6wf0jxqnpymscwh958hp37kxdektj3ecn3t7pndbg6tmc3z048xyms8xhmqjmdncwpmcd6agcwb41djnstpjk225stkw03pdfq9mass3ct81dk436b0qnsd2v5kwea1vd9hd2q7wb6pqhzyr9jjhbq1vkv7kx45r4bj84vx7c7f3tktvs289ryfysk4w3wp467ek9zem5vt4tc8yje9tskn1t576ckz5afpq14yjmeym2vttxw1rz78n0jk6hcf9nyrmf4rnzd3g27zr27zgrvkqrqhk6c3vpr0cyffj5qdy72ffmbskkdzvhtzav1zcxy56pbb1bg8kzzh0f61hswpymkb1jp7fan7ps8v0d7t3g88a7ysyya2444&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCHWK4DYosY_KzL9KprASw-rvABJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTEyNzY2NDE0MzQ2NTEzNjCgAcKu6N0DyAEJqQIuLRCGYo6wPuACAKgDAaoEkAJP0HuRmZSdj-T_urpqJeAzggjDUDltRPbxmp0Jc1Q-burtz8rc0707FVZ_MAwjwfcI9eT6lNeUnC_9T1wPiUv62fHOIzzxiwsi_9pip_8X78tESeEcKWScWQ3rtcWLLJ31uXl2j8GJ2ynpOs-EPVm17YYW7GFshEafdx4Dlha8kX7ls9kgZjyxnNci2z3Gi8PpViUc5xDfAl_ezbxAii_4NvehnKPgyANViCt2c-j2Fbufc2sRGtREkq_3dkYO-kekEyBhJXz7e0KBi-Lb8uXWzw8Dw5WsfBMZ3esD0TdLWoIGQnmPxZKSxqecLloWFRYLiKKjW4ZHEaLpwfBLIUZV6exdzuVVBMmCGaCtvDTCBOAEAYAGv8uJxrfT-dFboAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0rg4TMi1rEWj0fpEc_p4_XmWQMXw%26client%3Dca-pub-1276641434651360%26adurl%3D

Requested by

Host: 82949896b9ac300f85ab93d8e62ae5e8.safeframe.googlesyndication.com
URL: https://82949896b9ac300f85ab93d8e62ae5e8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

651ac4f16a5ffc3729754a695afb26d4909b0d75a8a3a08d4e5e4ebd356fa510

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-ancestors * data:;frame-src ;img-src data:;manifest-src 'none';media-src 'none';navigate-to ;object-src 'none';prefetch-src 'none';script-src 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://82949896b9ac300f85ab93d8e62ae5e8.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 74ec567bae3d9bb0-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Thu, 22 Sep 2022 16:15:10 GMT
expires: 0
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220919/r20110914/client/ Frame DD7C 3 KB
1 KB 48ms
47ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220919/r20110914/client/window_focus_fy2021.js

Requested by

Host: 82949896b9ac300f85ab93d8e62ae5e8.safeframe.googlesyndication.com
URL: https://82949896b9ac300f85ab93d8e62ae5e8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://82949896b9ac300f85ab93d8e62ae5e8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 15:52:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1334
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 06 Oct 2022 15:52:56 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame E21D 1 KB
749 B 65ms
47ms Document
text/html 2a00:1450:400d:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 82949896b9ac300f85ab93d8e62ae5e8.safeframe.googlesyndication.com
URL: https://82949896b9ac300f85ab93d8e62ae5e8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://82949896b9ac300f85ab93d8e62ae5e8.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 31478
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: gzip
content-length: 724
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 22 Sep 2022 07:30:32 GMT
etag: 48472445140208031
expires: Fri, 23 Sep 2022 07:30:32 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220919/r20110914/client/ Frame DD7C 17 KB
7 KB 67ms
44ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220919/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 82949896b9ac300f85ab93d8e62ae5e8.safeframe.googlesyndication.com
URL: https://82949896b9ac300f85ab93d8e62ae5e8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

343e8bb1ac79eaf674b71ae9b5da8696724016649576600cdeaf11b69704ea40

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://82949896b9ac300f85ab93d8e62ae5e8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 15:28:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2811
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7568
x-xss-protection: 0
server: cafe
etag: 16266204680973569043
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 06 Oct 2022 15:28:19 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame DD7C 0
0 98ms
75ms Image
text/html 2a00:1450:400d:80d::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTjppoOGJgVwx2Ajtbr0aBPxy81uj-ncYmwbTRW1hjwefv2kIBtmisfcp8F9Ojxpgv5QUgisJMSFvNst8T9bKDL8Lw0Hg
Requested by: Host: 82949896b9ac300f85ab93d8e62ae5e8.safeframe.googlesyndication.com
URL: https://82949896b9ac300f85ab93d8e62ae5e8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400d:80d::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://82949896b9ac300f85ab93d8e62ae5e8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame DD7C 22 KB
7 KB 68ms
45ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js

Requested by

Host: 82949896b9ac300f85ab93d8e62ae5e8.safeframe.googlesyndication.com
URL: https://82949896b9ac300f85ab93d8e62ae5e8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://82949896b9ac300f85ab93d8e62ae5e8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 07:13:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 118916
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7022
x-xss-protection: 0
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 21 Sep 2023 07:13:14 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame DD7C 140 KB
44 KB 259ms
240ms Script
text/javascript 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 82949896b9ac300f85ab93d8e62ae5e8.safeframe.googlesyndication.com
URL: https://82949896b9ac300f85ab93d8e62ae5e8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0d71b1f9bb2c1439edff9c640fedc7e649eeaa3a1d5b5b08199a6877b3328a71

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://82949896b9ac300f85ab93d8e62ae5e8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 16:15:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44544
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1663587528796173"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 22 Sep 2022 16:15:10 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 1CF5 0
0 105ms
92ms Fetch
text/html 2a00:1450:400d:805::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CFSRrDoosY6jpBqXH3gOZ5JWIBJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTEyNzY2NDE0MzQ2NTEzNjCgAcKu6N0DyAEJqQIuLRCGYo6wPuACAKgDAaoEjgJP0NoYi9FYHQWhNM3Wn_xvJlS210HholWBIvR6IZzwTBZD1CJLYV0sjWU2tmXdHDgC81NjgYIQrOfE9X1kX23Dc9ylCWviynz8A0W2EK9kN1MKK-xk8U3adznRfS2ver8CB_vc0VaAzwkz6MBI3_zDH7tBMzt0HoZSHdbxILdqQsEdzFWLNiX16enGjHpsz2wLtPagfk3gmlDhwHuDUXyDQCZ3WHmHuyYa7KvULI77BeqECi9gtguOz1PHLj8NNq1KSwNS9wZNfgxytqhm9sA0MByAeAj1fFx4msWXmKX7NuyDcRR7Gawy2wgrYj8vHKIHkOYe-fZylmGyVK7P4AfbBwOgzjuBHM6H1i1QoafgBAGABr_Lica30_nRW6AGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgECACgH6CwIIAYAMAdAVAYAXAbIXHAoaEhRwdWItMTI3NjY0MTQzNDY1MTM2MBjqoxo&sigh=qPOCPQuc1uM&uach_m=[UACH]&cid=CAQSOwCsnQUxZQ_9m86Cy3LLBFuamD_9JmwjLCAg8IpnhN1tIaBPd-KgpOipgj_JpW-3nF3yF7X0PNGDDVtUGAE
Requested by: Host: www.secretchina.com
URL: https://www.secretchina.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400d:805::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://82949896b9ac300f85ab93d8e62ae5e8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

GET
H3 204 winResponse
prod-rtb.ad4mat.net/ Frame 1CF5 0
0 104ms
91ms Fetch
image/gif 2600:1901:0:76b9::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://prod-rtb.ad4mat.net/winResponse?a=1jnd5112rs22nrsx7th8dcag4m17grsqz8qsv176fhpf17qzsxrrcn3gn6y08sxcxbpwhvs9nhn9gw3dygmr81c1repv85rb5sat9yevxxk92zxyeykttbfk13cswb940xscdymd4sza6vfqwzvd4y2m7xmy5d4z8fwzg5gkpxq3v3z5wf3by6zexgj0ngy8s48x0tgdzsd2hgxr2kyz8a8hznkk1tq6cx1sfkxw3avex7qgkj50j8qpr10n83q22nbyshy0ferkt4aafavra76emnmqrmfyy3b7q6wssmwxshgfwg05ezcwaeynqgf2pak5266d8648qe3syqms2gbxkaryr09trm338ktdd5addh6qsf017b7a0rxj982s5p8s3fpeehjvegkxyj1sagg&b=YyyKDgABtKgKd6OlAAVyGX24HONYckrlZ68Xjw
Requested by: Host: www.secretchina.com
URL: https://www.secretchina.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://82949896b9ac300f85ab93d8e62ae5e8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 22 Sep 2022 16:15:10 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: image/gif

GET
H3 200 dr Show response
as.ad4m.at/ad/ Frame 9889 2 KB
2 KB 41ms
30ms Document
text/html 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/dr?ed=1g5jfej2kvdnxfg0mzfadv1c713wq36ds2mcjq7ygspkkhfmfmjma49pze6haxrx366gpye7gh0te5ymbqvrgz73by0zft3bxdv4wm54v3gynsbxwwbj71xhsg9jbwhhgxkxwmjha7b5scywwtw2cwvqx43sgj2eqc7ev01w4anzc5tzsdtr6191p1e8rfvqqfrejte0f15f3msa498x103p832x2p8qkj5v6bpct00vjznaf0xhf5axg0552gpkx6w6rq0j4ns448f5g5x2hvb2fmywh2vr8rgbc73r3henpqbjd04edan33d64mp4225xh836b4z7x96v5zqgw5fe2jg991p5e5h3zm1xv9bg2ykky374aeyp2s1a9r6hyhh1b778ct0dy9ydqkpg8p3pf00a2rkkz&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC3lCADoosY6jpBqXH3gOZ5JWIBJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTEyNzY2NDE0MzQ2NTEzNjCgAcKu6N0DyAEJqQIuLRCGYo6wPuACAKgDAaoEkQJP0NoYi9FYHQWhNM3Wn_xvJlS210HholWBIvR6IZzwTBZD1CJLYV0sjWU2tmXdHDgC81NjgYIQrOfE9X1kX23Dc9ylCWviynz8A0W2EK9kN1MKK-xk8U3adznRfS2ver8CB_vc0VaAzwkz6MBI3_zDH7tBMzt0HoZSHdbxILdqQsEdzFWLNiX16enGjHpsz2wLtPagfk3gmlDhwHuDUXyDQCZ3WHmHuyYa7KvULI77BeqECi9gtguOz1PHLj8NNq1KSwNS9wZNfgxytqhm9sA0MByAeAj1fFx4msWXmKX7NuyDcRR7GawymQoK8OjWm-LPF66II7_gZFimXgPFzh8Gh8HpXMMVAuKfA_HP4W93WSbgBAGABr_Lica30_nRW6AGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1XAk5I2W0F_xNOk2wvfC2j7UuKWQ%26client%3Dca-pub-1276641434651360%26adurl%3D

Requested by

Host: 82949896b9ac300f85ab93d8e62ae5e8.safeframe.googlesyndication.com
URL: https://82949896b9ac300f85ab93d8e62ae5e8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e1ff2845f11ddcc05e0ad3c383c375bf618611b2c0a46755d06cda1b93b51f85

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-ancestors * data:;frame-src ;img-src data:;manifest-src 'none';media-src 'none';navigate-to ;object-src 'none';prefetch-src 'none';script-src 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://82949896b9ac300f85ab93d8e62ae5e8.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 74ec567bde8a9bb0-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Thu, 22 Sep 2022 16:15:10 GMT
expires: 0
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220919/r20110914/client/ Frame 1CF5 3 KB
1 KB 52ms
39ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220919/r20110914/client/window_focus_fy2021.js

Requested by

Host: 82949896b9ac300f85ab93d8e62ae5e8.safeframe.googlesyndication.com
URL: https://82949896b9ac300f85ab93d8e62ae5e8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://82949896b9ac300f85ab93d8e62ae5e8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 15:52:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1334
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 06 Oct 2022 15:52:56 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 72F9 1 KB
749 B 65ms
54ms Document
text/html 2a00:1450:400d:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 82949896b9ac300f85ab93d8e62ae5e8.safeframe.googlesyndication.com
URL: https://82949896b9ac300f85ab93d8e62ae5e8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://82949896b9ac300f85ab93d8e62ae5e8.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 31478
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: gzip
content-length: 724
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 22 Sep 2022 07:30:32 GMT
etag: 48472445140208031
expires: Fri, 23 Sep 2022 07:30:32 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220919/r20110914/client/ Frame 1CF5 17 KB
7 KB 52ms
39ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220919/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 82949896b9ac300f85ab93d8e62ae5e8.safeframe.googlesyndication.com
URL: https://82949896b9ac300f85ab93d8e62ae5e8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

343e8bb1ac79eaf674b71ae9b5da8696724016649576600cdeaf11b69704ea40

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://82949896b9ac300f85ab93d8e62ae5e8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 15:28:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2811
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7568
x-xss-protection: 0
server: cafe
etag: 16266204680973569043
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 06 Oct 2022 15:28:19 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 1CF5 0
0 83ms
70ms Image
text/html 2a00:1450:400d:80d::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQ6dcgP35PnTR5FCaLXflhOPsAE5n4A4IjYRYpMBXwsUm1UrgH3aCEZj6K65DNT0NDDb0dMzvdCoa6QX9uRWXuwenGtPQ
Requested by: Host: 82949896b9ac300f85ab93d8e62ae5e8.safeframe.googlesyndication.com
URL: https://82949896b9ac300f85ab93d8e62ae5e8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400d:80d::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://82949896b9ac300f85ab93d8e62ae5e8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame 1CF5 22 KB
7 KB 54ms
41ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js

Requested by

Host: 82949896b9ac300f85ab93d8e62ae5e8.safeframe.googlesyndication.com
URL: https://82949896b9ac300f85ab93d8e62ae5e8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://82949896b9ac300f85ab93d8e62ae5e8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 07:13:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 118916
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7022
x-xss-protection: 0
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 21 Sep 2023 07:13:14 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 1CF5 140 KB
44 KB 202ms
189ms Script
text/javascript 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 82949896b9ac300f85ab93d8e62ae5e8.safeframe.googlesyndication.com
URL: https://82949896b9ac300f85ab93d8e62ae5e8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0d71b1f9bb2c1439edff9c640fedc7e649eeaa3a1d5b5b08199a6877b3328a71

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://82949896b9ac300f85ab93d8e62ae5e8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 16:15:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44544
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1663587528796173"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 22 Sep 2022 16:15:10 GMT

GET
H3 200 adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame 54B9 3 KB
4 KB 61ms
35ms Image
image/png 2606:4700:20::681a:71b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/style/0.1.23/one-ad/default.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:71b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-goog-hash: crc32c=v7nNsg==, md5=eUyE0w4hPsahRNZCFfB1UQ==
date: Thu, 22 Sep 2022 16:15:10 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 20767592
x-guploader-uploadid: ADPycdvuqSd5z7x-P6zciDvJguhfevnTZzPv-sFvdv4VVTj2cCVUndir5fZqBzjNPOlq80uW-sAFhIkV33WDoT1aRSnwIseHrQ
x-goog-storage-class: STANDARD
x-goog-custom-time: 1970-01-01T00:00:00Z
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3262
x-goog-meta-
last-modified: Wed, 09 Jun 2021 12:35:14 GMT
server: cloudflare
etag: "794c84d30e213ec6a144d64215f07551"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FSOO6n8nrvSa2BoI74chvUMuIDm3%2BkC2mIgvARoneSdvIg2JbVI2XZ3t9sXE3Joi44cs2Tseo7uDDKO7wm1l4MEk4PbNqXzYD5LZWqjK19gInZCHpGCwkRUwFDSsi18Q8jO7UKKdPnXKqeq0gJ2sOopE"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1623242114099744
content-type: image/png
cache-control: public, max-age=31536000, immutable
x-goog-stored-content-length: 3262
accept-ranges: bytes
cf-ray: 74ec567c1d625be1-FRA
expires: Wed, 25 Jan 2023 07:28:38 GMT

GET
H2 200 css2
fonts.googleapis.com/ Frame E01C 4 KB
1 KB 150ms
55ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220919/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 22 Sep 2022 14:56:33 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 22 Sep 2022 16:15:10 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 22 Sep 2022 16:15:10 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame E01C 205 B
518 B 175ms
58ms Image
image/png 2a00:1450:400d:80a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220919/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 16:06:09 GMT
x-content-type-options: nosniff
age: 541
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 205
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Fri, 22 Sep 2023 16:06:09 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame E01C 604 B
694 B 211ms
94ms Image
image/png 2a00:1450:400d:80a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220919/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 16:05:26 GMT
x-content-type-options: nosniff
age: 584
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 604
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Fri, 22 Sep 2023 16:05:26 GMT

GET
H3 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220919/r20110914/elements/html/ Frame E01C 19 KB
8 KB 41ms
39ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220919/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220919/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ccd56192935bead3c190529fa8a4aa18908c58089a415adcd26bbbece8719548

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 16:13:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 104
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8229
x-xss-protection: 0
server: cafe
etag: 9754140552441161425
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 06 Oct 2022 16:13:26 GMT

GET
H3 200 fullscreen_api_adapter_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220919/r20110914/elements/html/ Frame E01C 12 KB
6 KB 45ms
39ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220919/r20110914/elements/html/fullscreen_api_adapter_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220919/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a99644bc91da89a412fed44f9c214bfbc6727daf9485edd3c8ab2c7b4006a623

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 03:31:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 45809
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5802
x-xss-protection: 0
server: cafe
etag: 3173403343623169035
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 06 Oct 2022 03:31:41 GMT

GET
H2 200 13f3f09bfb49b566c7b639b7608c1c0e.js Show response
www.gstatic.com/mysidia/ Frame 36C1 10 KB
5 KB 152ms
47ms Script
text/javascript 2a00:1450:400d:80a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/13f3f09bfb49b566c7b639b7608c1c0e.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220919/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c1f242c0ca41b5205d903c5e63adbfaea5caffe0961c686132e9db15f3d1e5a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 15 Sep 2022 21:18:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 586612
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4281
x-xss-protection: 0
last-modified: Thu, 15 Sep 2022 20:14:13 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 14 Dec 2022 21:18:18 GMT

GET
H2 200 5587343474cc56ee2b095ca803ffba7b.js Show response
www.gstatic.com/mysidia/ Frame 36C1 9 KB
4 KB 158ms
54ms Script
text/javascript 2a00:1450:400d:80a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/5587343474cc56ee2b095ca803ffba7b.js?tag=text/vanilla_highlight

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220919/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

97e6bda52130a8da7876cc4068cdd3eaf0a2f6a1e3420d27df0c3f8c057731ab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 15 Sep 2022 21:18:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 586612
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4266
x-xss-protection: 0
last-modified: Thu, 15 Sep 2022 20:14:13 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 14 Dec 2022 21:18:18 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220919/r20110914/client/ Frame 36C1 2 KB
902 B 65ms
50ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220919/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220919/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 16:05:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 593
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 875
x-xss-protection: 0
server: cafe
etag: 16974406330603315520
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 06 Oct 2022 16:05:17 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220919/r20110914/ Frame 36C1 23 KB
9 KB 66ms
51ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220919/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220919/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0c2d5358c7df05018004b5ff5434f854385d8fe8a64593901d9ae662564592d3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 15:59:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 970
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9574
x-xss-protection: 0
server: cafe
etag: 3447265524526809024
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 06 Oct 2022 15:59:00 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220919/r20110914/client/ Frame 36C1 3 KB
1 KB 66ms
52ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220919/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220919/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 15:52:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1334
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 06 Oct 2022 15:52:56 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220919/r20110914/client/ Frame 36C1 17 KB
7 KB 66ms
52ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220919/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220919/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

343e8bb1ac79eaf674b71ae9b5da8696724016649576600cdeaf11b69704ea40

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 15:28:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2811
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7568
x-xss-protection: 0
server: cafe
etag: 16266204680973569043
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 06 Oct 2022 15:28:19 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 36C1 0
0 84ms
69ms Image
text/html 2a00:1450:400d:80d::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTiUoV2u5kk3SruamN0Gs9Z1c-dqpWBE4E-KsniPrBLxteTtH9hD4Jbbprrr-tcgFCjjNC9gb3mW98hv3LBIYSJgVhUcg
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220919/r20110914/zrt_lookup.html?fsb=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400d:80d::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 36C1 140 KB
44 KB 147ms
133ms Script
text/javascript 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220919/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0d71b1f9bb2c1439edff9c640fedc7e649eeaa3a1d5b5b08199a6877b3328a71

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 16:15:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44544
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1663587528796173"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 22 Sep 2022 16:15:10 GMT

GET
H2 200 b6810b6596f7ed55ed76c68d0358aca1.js Show response
www.gstatic.com/mysidia/ Frame 36C1 33 KB
13 KB 161ms
59ms Script
text/javascript 2a00:1450:400d:80a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/b6810b6596f7ed55ed76c68d0358aca1.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220919/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e6480171803c66741b9d13c44e06e9817bb8f51479574044d5226cb2dc28a897

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 15 Sep 2022 21:18:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 586612
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13684
x-xss-protection: 0
last-modified: Thu, 15 Sep 2022 20:14:13 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 14 Dec 2022 21:18:18 GMT

GET
H3 200 frame.html Show response
ad4m.at/ Frame 14ED 2 KB
1 KB 30ms
24ms Document
text/html 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/frame.html
Requested by: Host: ad4m.at
URL: https://ad4m.at/fxpcopuw.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 2405399
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: public, max-age=3600
cf-cache-status: HIT
cf-ray: 74ec567c3f489bb0-FRA
content-encoding: br
content-language: en
content-type: text/html; charset=utf-8
date: Thu, 22 Sep 2022 16:15:10 GMT
expires: Thu, 25 Aug 2022 20:10:16 GMT
last-modified: Thu, 25 Aug 2022 14:12:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j%2F9iNj4uIC4WteDGL78MD6ePwqRbyNWRi7hOw4jTdIEt0uyK%2B5EpEJrNQChfW4XDy56BpF90iQf%2FeRtaS4p839AgSTvJW%2BM0m%2F3mr%2BX0LiuCdynyFt1Ia5AbEOFKzL2%2FbhnsqJM%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.23/one-ad/ Frame CF93 85 KB
11 KB 23ms
22ms Stylesheet
text/css 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/style/0.1.23/one-ad/default.css

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1kjtg790vfj0tv3860ntyzxsmzjfqsvf2pft7f6wf0jxqnpymscwh958hp37kxdektj3ecn3t7pndbg6tmc3z048xyms8xhmqjmdncwpmcd6agcwb41djnstpjk225stkw03pdfq9mass3ct81dk436b0qnsd2v5kwea1vd9hd2q7wb6pqhzyr9jjhbq1vkv7kx45r4bj84vx7c7f3tktvs289ryfysk4w3wp467ek9zem5vt4tc8yje9tskn1t576ckz5afpq14yjmeym2vttxw1rz78n0jk6hcf9nyrmf4rnzd3g27zr27zgrvkqrqhk6c3vpr0cyffj5qdy72ffmbskkdzvhtzav1zcxy56pbb1bg8kzzh0f61hswpymkb1jp7fan7ps8v0d7t3g88a7ysyya2444&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCHWK4DYosY_KzL9KprASw-rvABJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTEyNzY2NDE0MzQ2NTEzNjCgAcKu6N0DyAEJqQIuLRCGYo6wPuACAKgDAaoEkAJP0HuRmZSdj-T_urpqJeAzggjDUDltRPbxmp0Jc1Q-burtz8rc0707FVZ_MAwjwfcI9eT6lNeUnC_9T1wPiUv62fHOIzzxiwsi_9pip_8X78tESeEcKWScWQ3rtcWLLJ31uXl2j8GJ2ynpOs-EPVm17YYW7GFshEafdx4Dlha8kX7ls9kgZjyxnNci2z3Gi8PpViUc5xDfAl_ezbxAii_4NvehnKPgyANViCt2c-j2Fbufc2sRGtREkq_3dkYO-kekEyBhJXz7e0KBi-Lb8uXWzw8Dw5WsfBMZ3esD0TdLWoIGQnmPxZKSxqecLloWFRYLiKKjW4ZHEaLpwfBLIUZV6exdzuVVBMmCGaCtvDTCBOAEAYAGv8uJxrfT-dFboAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0rg4TMi1rEWj0fpEc_p4_XmWQMXw%26client%3Dca-pub-1276641434651360%26adurl%3D

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

34c3ae81cd958df09f8912557b0a7c53fea002cc24b4d6058d852da53811e414

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/dr?ed=1kjtg790vfj0tv3860ntyzxsmzjfqsvf2pft7f6wf0jxqnpymscwh958hp37kxdektj3ecn3t7pndbg6tmc3z048xyms8xhmqjmdncwpmcd6agcwb41djnstpjk225stkw03pdfq9mass3ct81dk436b0qnsd2v5kwea1vd9hd2q7wb6pqhzyr9jjhbq1vkv7kx45r4bj84vx7c7f3tktvs289ryfysk4w3wp467ek9zem5vt4tc8yje9tskn1t576ckz5afpq14yjmeym2vttxw1rz78n0jk6hcf9nyrmf4rnzd3g27zr27zgrvkqrqhk6c3vpr0cyffj5qdy72ffmbskkdzvhtzav1zcxy56pbb1bg8kzzh0f61hswpymkb1jp7fan7ps8v0d7t3g88a7ysyya2444&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCHWK4DYosY_KzL9KprASw-rvABJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTEyNzY2NDE0MzQ2NTEzNjCgAcKu6N0DyAEJqQIuLRCGYo6wPuACAKgDAaoEkAJP0HuRmZSdj-T_urpqJeAzggjDUDltRPbxmp0Jc1Q-burtz8rc0707FVZ_MAwjwfcI9eT6lNeUnC_9T1wPiUv62fHOIzzxiwsi_9pip_8X78tESeEcKWScWQ3rtcWLLJ31uXl2j8GJ2ynpOs-EPVm17YYW7GFshEafdx4Dlha8kX7ls9kgZjyxnNci2z3Gi8PpViUc5xDfAl_ezbxAii_4NvehnKPgyANViCt2c-j2Fbufc2sRGtREkq_3dkYO-kekEyBhJXz7e0KBi-Lb8uXWzw8Dw5WsfBMZ3esD0TdLWoIGQnmPxZKSxqecLloWFRYLiKKjW4ZHEaLpwfBLIUZV6exdzuVVBMmCGaCtvDTCBOAEAYAGv8uJxrfT-dFboAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0rg4TMi1rEWj0fpEc_p4_XmWQMXw%26client%3Dca-pub-1276641434651360%26adurl%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 16:15:10 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
age: 871074
cross-origin-embedder-policy: unsafe-none
cf-polished: origSize=86781
surrogate-control: no-store
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=86400; includeSubDomains; preload
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: same-origin
last-modified: Mon, 12 Sep 2022 14:17:16 GMT
server: cloudflare
cross-origin-opener-policy: unsafe-none
x-download-options: noopen
vary: accept-encoding
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
content-type: text/css; charset=utf-8
expires: 0
cache-control: max-age=3600, must-revalidate, proxy-revalidate
cf-ray: 74ec567c4f5c9bb0-FRA
cf-bgj: minify

GET
H3 200 fxpcopuw.js Show response
ad4m.at/ Frame CF93 36 KB
13 KB 25ms
24ms Script
application/javascript 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/fxpcopuw.js
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1kjtg790vfj0tv3860ntyzxsmzjfqsvf2pft7f6wf0jxqnpymscwh958hp37kxdektj3ecn3t7pndbg6tmc3z048xyms8xhmqjmdncwpmcd6agcwb41djnstpjk225stkw03pdfq9mass3ct81dk436b0qnsd2v5kwea1vd9hd2q7wb6pqhzyr9jjhbq1vkv7kx45r4bj84vx7c7f3tktvs289ryfysk4w3wp467ek9zem5vt4tc8yje9tskn1t576ckz5afpq14yjmeym2vttxw1rz78n0jk6hcf9nyrmf4rnzd3g27zr27zgrvkqrqhk6c3vpr0cyffj5qdy72ffmbskkdzvhtzav1zcxy56pbb1bg8kzzh0f61hswpymkb1jp7fan7ps8v0d7t3g88a7ysyya2444&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCHWK4DYosY_KzL9KprASw-rvABJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTEyNzY2NDE0MzQ2NTEzNjCgAcKu6N0DyAEJqQIuLRCGYo6wPuACAKgDAaoEkAJP0HuRmZSdj-T_urpqJeAzggjDUDltRPbxmp0Jc1Q-burtz8rc0707FVZ_MAwjwfcI9eT6lNeUnC_9T1wPiUv62fHOIzzxiwsi_9pip_8X78tESeEcKWScWQ3rtcWLLJ31uXl2j8GJ2ynpOs-EPVm17YYW7GFshEafdx4Dlha8kX7ls9kgZjyxnNci2z3Gi8PpViUc5xDfAl_ezbxAii_4NvehnKPgyANViCt2c-j2Fbufc2sRGtREkq_3dkYO-kekEyBhJXz7e0KBi-Lb8uXWzw8Dw5WsfBMZ3esD0TdLWoIGQnmPxZKSxqecLloWFRYLiKKjW4ZHEaLpwfBLIUZV6exdzuVVBMmCGaCtvDTCBOAEAYAGv8uJxrfT-dFboAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0rg4TMi1rEWj0fpEc_p4_XmWQMXw%26client%3Dca-pub-1276641434651360%26adurl%3D
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 22cadce4f1aad2a4af3657f90efa02d4e3d32217fdf307ff69512771d1fb08ab

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 16:15:10 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 192889
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 27 Jul 2022 10:39:36 GMT
server: cloudflare
etag: W/"1a2552545a3303319c45b19addfd8947"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mrKmqgthkIDIvFo%2FZUyMpiI7MkRgGASmhN7y5ugBcXtEjzRV%2FWp4Shsh%2FCIcXpmPU5E%2FbyJq7x0GWiMJHNOXDwZ9%2B0Que6vsAOecteQUi5FxKaWTRjKty8BeeWvtgAMtpXuV7KA%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray: 74ec567c4f629bb0-FRA
expires: Wed, 14 Sep 2022 13:04:27 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame CD7D 0
0 90ms
89ms Fetch
text/html 2a00:1450:400d:805::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=Cf_6tDoosY__uEteGjuwP3oaSkAqQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0xMjc2NjQxNDM0NjUxMzYwoAHCrujdA8gBCakCLi0QhmKOsD7gAgCoAwGqBI0CT9BmouPZbLVQ9ib4JGHIeWIHB1gRCfQGzI4U37WJT7mSE1E3sI4VOroH2CcIK0NASODSRekDHLB18Xylws3j0KQdwmlVQvpDd7X7LEQrU-ywaM1rH4NIZdQ7reu77EK7ZZnspKUx-fnDaKBOlQxfHnMVOsyMl07uzFE_ghyHhV6F6RFJ8Tb-aeSHTkOQQ5sKdrDdGMtfLhU8HiDYCGl-8VB4OBvY-9UgyUYjWQtpJ6oKZlcUN_DgbtkY6KVU8JsOQEZX4rlXjUk7MJ8nqLfGOSEmiwu3sSQQqw9hAGY_1whS-yXIA8sa8JmqkDC3YBGj8LqRB0rLtaxzWpm2U41iCJ9IdXP1vT0x4KatfHPgBAGABr_Lica30_nRW6AGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgECACgH6CwIIAYAMAdAVAYAXAbIXHAoaEhRwdWItMTI3NjY0MTQzNDY1MTM2MBjqoxo&sigh=BQx0fvlOJqE&uach_m=[UACH]&cid=CAQSOwCsnQUxrGK6G4WgCX_aRNvv5mpFaZchyYzEFozSHsY6Rx12EvjQb5ENd4PzeBr1rpnfKPOQuY6lkHuyGAE
Requested by: Host: www.secretchina.com
URL: https://www.secretchina.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400d:805::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://82949896b9ac300f85ab93d8e62ae5e8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

GET
H3 204 winResponse
prod-rtb.ad4mat.net/ Frame CD7D 0
0 41ms
41ms Fetch
image/gif 2600:1901:0:76b9::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://prod-rtb.ad4mat.net/winResponse?a=1j8btyjjdsawv407k26p9dxgv30r61wwky3pjjrf1v8r9s7kw4wqvap19vcpak3yabmxp0dd5vs27d24y85yqe3e33cvz75mt2nxwv9afts1nj19avx5r4hxtn9qnxe9g1cwm6trfmzqh6ex3wptv4bjj1k6tz4yxrx1fqrkp2enp1q74jqk9qfebvg3nzwbxr72b21qwvqehcjjf0csjsr3pnwh00yj52mv3ke2773j5z9fybaygehp1jd2fjckeqxey5v3gzsetv7v6aaeq9ez5krtyqd04t0jmrddr0aehxny260hvcj5mztezekb21sv9p9qw1t6z4qahp9zeezrc20z93tp6t3nc3qnyjjs3qbavgda3md29sadvh5zgbbjgg3jna3hfvxtsqvjng8&b=YyyKDgAEt38Hg4NXAASDXtt5CjA8q76X-iNT2A
Requested by: Host: www.secretchina.com
URL: https://www.secretchina.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://82949896b9ac300f85ab93d8e62ae5e8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 22 Sep 2022 16:15:10 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: image/gif

GET
H3 200 dr Show response
as.ad4m.at/ad/ Frame 0ADC 2 KB
2 KB 31ms
30ms Document
text/html 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/dr?ed=1h9dk1w51bkkpw38tv98bb6a8jtk513rfqvq51sbe7s4ewnak40k2h9z4vc5texe79q4nydgb1j45nvm6dq7sqyhxaasq1axrssk0c58g13zdhwfhp9464vhvv16ebv14wkck58tzvkrm4vmj9vaf4rtc5wthnynafck3sfhx8336xf7rtvrh1fdbf3cwccnt73k9t2yzrmscqn0h56vy92mqrg3x8vcrsbqj0b54d9a4vjgxjpwvthvp1s6x9081tb022jrhp2n20h8abjy1r2w8gpg6k13pyny1b0b4dgtvgt4sh0veh4w4477temerkeh9zvzz5mvvrw4pbwee3dhd0dkhenqs7tqcs5gbmatxj0y160rrkn7d3jtymf5y1nrhgk7a4zvwpp0fg1ab7rx8c8fv4a6&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCHD-JDoosY__uEteGjuwP3oaSkAqQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0xMjc2NjQxNDM0NjUxMzYwoAHCrujdA8gBCakCLi0QhmKOsD7gAgCoAwGqBJACT9BmouPZbLVQ9ib4JGHIeWIHB1gRCfQGzI4U37WJT7mSE1E3sI4VOroH2CcIK0NASODSRekDHLB18Xylws3j0KQdwmlVQvpDd7X7LEQrU-ywaM1rH4NIZdQ7reu77EK7ZZnspKUx-fnDaKBOlQxfHnMVOsyMl07uzFE_ghyHhV6F6RFJ8Tb-aeSHTkOQQ5sKdrDdGMtfLhU8HiDYCGl-8VB4OBvY-9UgyUYjWQtpJ6oKZlcUN_DgbtkY6KVU8JsOQEZX4rlXjUk7MJ8nqLfGOSEmiwu3sSQQqw9hAGY_1whS-yXIA8saspuLAudO51Frd_IH3QNZR5VnUDS8fZW_iF0B54thoxEpNXoyPLtAIAXgBAGABr_Lica30_nRW6AGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2CPKrYPM6QwJIIZ3wICQOCLldv1g%26client%3Dca-pub-1276641434651360%26adurl%3D

Requested by

Host: 82949896b9ac300f85ab93d8e62ae5e8.safeframe.googlesyndication.com
URL: https://82949896b9ac300f85ab93d8e62ae5e8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2fe2ea1dca949d6cba57e8b57f633943505ff2111a4a2786f7c7f92cac88cf6d

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-ancestors * data:;frame-src ;img-src data:;manifest-src 'none';media-src 'none';navigate-to ;object-src 'none';prefetch-src 'none';script-src 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://82949896b9ac300f85ab93d8e62ae5e8.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 74ec567c5f899bb0-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Thu, 22 Sep 2022 16:15:10 GMT
expires: 0
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220919/r20110914/client/ Frame CD7D 3 KB
1 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220919/r20110914/client/window_focus_fy2021.js

Requested by

Host: 82949896b9ac300f85ab93d8e62ae5e8.safeframe.googlesyndication.com
URL: https://82949896b9ac300f85ab93d8e62ae5e8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://82949896b9ac300f85ab93d8e62ae5e8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 15:52:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1334
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 06 Oct 2022 15:52:56 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 9E09 1 KB
749 B 50ms
47ms Document
text/html 2a00:1450:400d:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 82949896b9ac300f85ab93d8e62ae5e8.safeframe.googlesyndication.com
URL: https://82949896b9ac300f85ab93d8e62ae5e8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://82949896b9ac300f85ab93d8e62ae5e8.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 31478
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: gzip
content-length: 724
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 22 Sep 2022 07:30:32 GMT
etag: 48472445140208031
expires: Fri, 23 Sep 2022 07:30:32 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220919/r20110914/client/ Frame CD7D 17 KB
7 KB 42ms
37ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220919/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 82949896b9ac300f85ab93d8e62ae5e8.safeframe.googlesyndication.com
URL: https://82949896b9ac300f85ab93d8e62ae5e8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

343e8bb1ac79eaf674b71ae9b5da8696724016649576600cdeaf11b69704ea40

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://82949896b9ac300f85ab93d8e62ae5e8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 15:28:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2811
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7568
x-xss-protection: 0
server: cafe
etag: 16266204680973569043
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 06 Oct 2022 15:28:19 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame CD7D 0
0 71ms
68ms Image
text/html 2a00:1450:400d:80d::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSNLeKOMuFTpc1eM7oEpMHNL6jbLNqkJ8H-kFwUcnhlz6KE-q86fZ1vUL98DOCRQQ80gx3CBwSwDtBqMLUthUr2NP-_uw
Requested by: Host: 82949896b9ac300f85ab93d8e62ae5e8.safeframe.googlesyndication.com
URL: https://82949896b9ac300f85ab93d8e62ae5e8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400d:80d::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://82949896b9ac300f85ab93d8e62ae5e8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame CD7D 22 KB
7 KB 43ms
40ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js

Requested by

Host: 82949896b9ac300f85ab93d8e62ae5e8.safeframe.googlesyndication.com
URL: https://82949896b9ac300f85ab93d8e62ae5e8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://82949896b9ac300f85ab93d8e62ae5e8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 07:13:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 118916
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7022
x-xss-protection: 0
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 21 Sep 2023 07:13:14 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame CD7D 140 KB
44 KB 135ms
133ms Script
text/javascript 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 82949896b9ac300f85ab93d8e62ae5e8.safeframe.googlesyndication.com
URL: https://82949896b9ac300f85ab93d8e62ae5e8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0d71b1f9bb2c1439edff9c640fedc7e649eeaa3a1d5b5b08199a6877b3328a71

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://82949896b9ac300f85ab93d8e62ae5e8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 16:15:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44544
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1663587528796173"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 22 Sep 2022 16:15:10 GMT

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.23/one-ad/ Frame 9889 85 KB
11 KB 29ms
25ms Stylesheet
text/css 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/style/0.1.23/one-ad/default.css

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1g5jfej2kvdnxfg0mzfadv1c713wq36ds2mcjq7ygspkkhfmfmjma49pze6haxrx366gpye7gh0te5ymbqvrgz73by0zft3bxdv4wm54v3gynsbxwwbj71xhsg9jbwhhgxkxwmjha7b5scywwtw2cwvqx43sgj2eqc7ev01w4anzc5tzsdtr6191p1e8rfvqqfrejte0f15f3msa498x103p832x2p8qkj5v6bpct00vjznaf0xhf5axg0552gpkx6w6rq0j4ns448f5g5x2hvb2fmywh2vr8rgbc73r3henpqbjd04edan33d64mp4225xh836b4z7x96v5zqgw5fe2jg991p5e5h3zm1xv9bg2ykky374aeyp2s1a9r6hyhh1b778ct0dy9ydqkpg8p3pf00a2rkkz&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC3lCADoosY6jpBqXH3gOZ5JWIBJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTEyNzY2NDE0MzQ2NTEzNjCgAcKu6N0DyAEJqQIuLRCGYo6wPuACAKgDAaoEkQJP0NoYi9FYHQWhNM3Wn_xvJlS210HholWBIvR6IZzwTBZD1CJLYV0sjWU2tmXdHDgC81NjgYIQrOfE9X1kX23Dc9ylCWviynz8A0W2EK9kN1MKK-xk8U3adznRfS2ver8CB_vc0VaAzwkz6MBI3_zDH7tBMzt0HoZSHdbxILdqQsEdzFWLNiX16enGjHpsz2wLtPagfk3gmlDhwHuDUXyDQCZ3WHmHuyYa7KvULI77BeqECi9gtguOz1PHLj8NNq1KSwNS9wZNfgxytqhm9sA0MByAeAj1fFx4msWXmKX7NuyDcRR7GawymQoK8OjWm-LPF66II7_gZFimXgPFzh8Gh8HpXMMVAuKfA_HP4W93WSbgBAGABr_Lica30_nRW6AGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1XAk5I2W0F_xNOk2wvfC2j7UuKWQ%26client%3Dca-pub-1276641434651360%26adurl%3D

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

34c3ae81cd958df09f8912557b0a7c53fea002cc24b4d6058d852da53811e414

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/dr?ed=1g5jfej2kvdnxfg0mzfadv1c713wq36ds2mcjq7ygspkkhfmfmjma49pze6haxrx366gpye7gh0te5ymbqvrgz73by0zft3bxdv4wm54v3gynsbxwwbj71xhsg9jbwhhgxkxwmjha7b5scywwtw2cwvqx43sgj2eqc7ev01w4anzc5tzsdtr6191p1e8rfvqqfrejte0f15f3msa498x103p832x2p8qkj5v6bpct00vjznaf0xhf5axg0552gpkx6w6rq0j4ns448f5g5x2hvb2fmywh2vr8rgbc73r3henpqbjd04edan33d64mp4225xh836b4z7x96v5zqgw5fe2jg991p5e5h3zm1xv9bg2ykky374aeyp2s1a9r6hyhh1b778ct0dy9ydqkpg8p3pf00a2rkkz&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC3lCADoosY6jpBqXH3gOZ5JWIBJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTEyNzY2NDE0MzQ2NTEzNjCgAcKu6N0DyAEJqQIuLRCGYo6wPuACAKgDAaoEkQJP0NoYi9FYHQWhNM3Wn_xvJlS210HholWBIvR6IZzwTBZD1CJLYV0sjWU2tmXdHDgC81NjgYIQrOfE9X1kX23Dc9ylCWviynz8A0W2EK9kN1MKK-xk8U3adznRfS2ver8CB_vc0VaAzwkz6MBI3_zDH7tBMzt0HoZSHdbxILdqQsEdzFWLNiX16enGjHpsz2wLtPagfk3gmlDhwHuDUXyDQCZ3WHmHuyYa7KvULI77BeqECi9gtguOz1PHLj8NNq1KSwNS9wZNfgxytqhm9sA0MByAeAj1fFx4msWXmKX7NuyDcRR7GawymQoK8OjWm-LPF66II7_gZFimXgPFzh8Gh8HpXMMVAuKfA_HP4W93WSbgBAGABr_Lica30_nRW6AGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1XAk5I2W0F_xNOk2wvfC2j7UuKWQ%26client%3Dca-pub-1276641434651360%26adurl%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 16:15:10 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
age: 871074
cross-origin-embedder-policy: unsafe-none
cf-polished: origSize=86781
surrogate-control: no-store
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=86400; includeSubDomains; preload
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: same-origin
last-modified: Mon, 12 Sep 2022 14:17:16 GMT
server: cloudflare
cross-origin-opener-policy: unsafe-none
x-download-options: noopen
vary: accept-encoding
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
content-type: text/css; charset=utf-8
expires: 0
cache-control: max-age=3600, must-revalidate, proxy-revalidate
cf-ray: 74ec567c8fe19bb0-FRA
cf-bgj: minify

GET
H3 200 fxpcopuw.js Show response
ad4m.at/ Frame 9889 36 KB
13 KB 35ms
26ms Script
application/javascript 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/fxpcopuw.js
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1g5jfej2kvdnxfg0mzfadv1c713wq36ds2mcjq7ygspkkhfmfmjma49pze6haxrx366gpye7gh0te5ymbqvrgz73by0zft3bxdv4wm54v3gynsbxwwbj71xhsg9jbwhhgxkxwmjha7b5scywwtw2cwvqx43sgj2eqc7ev01w4anzc5tzsdtr6191p1e8rfvqqfrejte0f15f3msa498x103p832x2p8qkj5v6bpct00vjznaf0xhf5axg0552gpkx6w6rq0j4ns448f5g5x2hvb2fmywh2vr8rgbc73r3henpqbjd04edan33d64mp4225xh836b4z7x96v5zqgw5fe2jg991p5e5h3zm1xv9bg2ykky374aeyp2s1a9r6hyhh1b778ct0dy9ydqkpg8p3pf00a2rkkz&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC3lCADoosY6jpBqXH3gOZ5JWIBJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTEyNzY2NDE0MzQ2NTEzNjCgAcKu6N0DyAEJqQIuLRCGYo6wPuACAKgDAaoEkQJP0NoYi9FYHQWhNM3Wn_xvJlS210HholWBIvR6IZzwTBZD1CJLYV0sjWU2tmXdHDgC81NjgYIQrOfE9X1kX23Dc9ylCWviynz8A0W2EK9kN1MKK-xk8U3adznRfS2ver8CB_vc0VaAzwkz6MBI3_zDH7tBMzt0HoZSHdbxILdqQsEdzFWLNiX16enGjHpsz2wLtPagfk3gmlDhwHuDUXyDQCZ3WHmHuyYa7KvULI77BeqECi9gtguOz1PHLj8NNq1KSwNS9wZNfgxytqhm9sA0MByAeAj1fFx4msWXmKX7NuyDcRR7GawymQoK8OjWm-LPF66II7_gZFimXgPFzh8Gh8HpXMMVAuKfA_HP4W93WSbgBAGABr_Lica30_nRW6AGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1XAk5I2W0F_xNOk2wvfC2j7UuKWQ%26client%3Dca-pub-1276641434651360%26adurl%3D
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 22cadce4f1aad2a4af3657f90efa02d4e3d32217fdf307ff69512771d1fb08ab

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 16:15:10 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 192889
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 27 Jul 2022 10:39:36 GMT
server: cloudflare
etag: W/"1a2552545a3303319c45b19addfd8947"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ryQTGL12PB3fagy3xC7q3gpwdtbKbLgi77L4SZjZnTJY0ftn2KCm6qQfOddgp1xoEdrfLJl2S5L7hM%2FI1Y8%2F%2BOLh2s1jh0YxBndPvHtccx69nE5WY3byVA7JHDLPnRQt7LMjMmc%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray: 74ec567c8ff69bb0-FRA
expires: Wed, 14 Sep 2022 13:04:27 GMT

GET
DATA 200
OK truncated
/ Frame DD7C 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 84ffdf7e7dd4c44328f1217ba1f8b070f864cca12bbdd3d0025ced15f9ffea6f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 1CF5 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7d2a23d9da3ee5c2a2e38af67bf2bea7de91b63bb6c01c9436d7e4a4753f71d4

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame E21D
Redirect Chain

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEGQbx9D2mq7cNM9HjCkRSH0&google_cver=1&google_push=AZmPxg_W80HouBSl4PT6_Jo0LYNpd-4gVeBp9i-CaxJaDqYBfatMAk_Kod...
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AZmPxg_W80HouBSl4PT6_Jo0LYNpd-4gVeBp9i-CaxJaDqYBfatMAk_KodnpIJZrwA4T2mSyQ4QBqYBnI9KzP8xt6uintpIulwW62Q&google_hm=he2TnCE9fC...

170 B
188 B

86ms
56ms

Image
image/png

216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AZmPxg_W80HouBSl4PT6_Jo0LYNpd-4gVeBp9i-CaxJaDqYBfatMAk_KodnpIJZrwA4T2mSyQ4QBqYBnI9KzP8xt6uintpIulwW62Q&google_hm=he2TnCE9fC4_Hy5y3Tqvmw

Requested by

Host: 82949896b9ac300f85ab93d8e62ae5e8.safeframe.googlesyndication.com
URL: https://82949896b9ac300f85ab93d8e62ae5e8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 22 Sep 2022 16:15:10 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AZmPxg_W80HouBSl4PT6_Jo0LYNpd-4gVeBp9i-CaxJaDqYBfatMAk_KodnpIJZrwA4T2mSyQ4QBqYBnI9KzP8xt6uintpIulwW62Q&google_hm=he2TnCE9fC4_Hy5y3Tqvmw
pragma: no-cache
date: Thu, 22 Sep 2022 16:15:10 GMT
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
strict-transport-security: max-age=86400
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 451 466606.gif
id.rlcdn.com/ Frame E21D 0
98 B 172ms
40ms Image
text/plain 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://id.rlcdn.com/466606.gif?cparams=google_push%3DAZmPxg-A5HTXBCGNs6BAaUWBU_D6eD0foh0ZxTRA-7pQXJ38-OaRqVB2fB0gWRZq_v621tRT4yv6w2w0FOBbE70Y6uZy6fmJq74N&google_gid=CAESEI4MGrmE4f68IkKO6FuYPEY&google_cver=1
Requested by: Host: 82949896b9ac300f85ab93d8e62ae5e8.safeframe.googlesyndication.com
URL: https://82949896b9ac300f85ab93d8e62ae5e8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 16:15:10 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame E21D
Redirect Chain

https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAZmPxg--b8ME...
https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAZmPxg--b8ME...
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjA5MjIxNjE1MTEwMDAxNzIwNTM5Nzg2Ng%3D%3D&google_push=AZmPxg--b8MEQvM-SJgArcBUD_AB-oF4LT5PS4ACT0CgOKw1ttlquPPuXzRMTX67mEzJDS...

170 B
188 B

67ms
64ms

Image
image/png

216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjA5MjIxNjE1MTEwMDAxNzIwNTM5Nzg2Ng%3D%3D&google_push=AZmPxg--b8MEQvM-SJgArcBUD_AB-oF4LT5PS4ACT0CgOKw1ttlquPPuXzRMTX67mEzJDSduAV8Bk8bEz4uLsvsVhlzO1bq3u3e7Kg

Requested by

Host: www.secretchina.com
URL: https://www.secretchina.com/

Protocol

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 22 Sep 2022 16:15:11 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjA5MjIxNjE1MTEwMDAxNzIwNTM5Nzg2Ng%3D%3D&google_push=AZmPxg--b8MEQvM-SJgArcBUD_AB-oF4LT5PS4ACT0CgOKw1ttlquPPuXzRMTX67mEzJDSduAV8Bk8bEz4uLsvsVhlzO1bq3u3e7Kg
pragma: no-cache
date: Thu, 22 Sep 2022 16:15:11 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0
strict-transport-security: max-age=2628000
expires: Thu, 22 Sep 2022 16:15:11 GMT

GET
H3 200 dds
rtb.openx.net/sync/ Frame E21D 43 B
64 B 103ms
43ms Image
image/gif 35.227.252.103
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESEL7BvBuHJs_mRjRmjbSUZPo&google_cver=1&google_push=AZmPxg-4yJ88RKzGQ1BAoeF9UVwiXgcJK2g3atttBp17LL5WGKkXtNjUxvYbKxOWkOF5fTW-lUV2NnW-7hSG7R9eB4GFp-jMB10nrg
Requested by: Host: 82949896b9ac300f85ab93d8e62ae5e8.safeframe.googlesyndication.com
URL: https://82949896b9ac300f85ab93d8e62ae5e8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 103.252.227.35.bc.googleusercontent.com
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 22 Sep 2022 16:15:10 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-request-id: 4mhevoe2jij0lnf1i5pf5phq4at7g80v

GET
H2 200 UCookieSetPug
image6.pubmatic.com/AdServer/ Frame E21D 0
41 B 23ms
20ms Image
text/html 185.64.190.78
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEOQo_tqaF8RNCEVDPe1biyg&google_cver=1&google_push=AZmPxg8Kz9O2OAvVUJ6K66hngp31gT_WeJSo-dGiDButtWqs5xBRArhX-DNJti9mTrbaMsEo8NhsZgU3OUXI8jR-yDLD-el4uIC5yA
Requested by: Host: 82949896b9ac300f85ab93d8e62ae5e8.safeframe.googlesyndication.com
URL: https://82949896b9ac300f85ab93d8e62ae5e8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 16:15:10 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame E21D
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEBd-KJNbejDfnWKNO3iFwdU&google_cver=1&google_push=AZmPxg8yhhj4JXACi7gTCUi_FzTxw6lwZkNQAzdgwSl7jL5D08OA95cflipVKfOPdpHeTgH-0WO...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDhEOTk3OVAtUy1KUk1a&google_push=AZmPxg8yhhj4JXACi7gTCUi_FzTxw6lwZkNQAzdgwSl7jL5D08OA95cflipVKfOPdpHeTgH-0WOGxuZLAHMOBzvRFZ0xaePd2CzwoA

170 B
188 B

87ms
57ms

Image
image/png

216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDhEOTk3OVAtUy1KUk1a&google_push=AZmPxg8yhhj4JXACi7gTCUi_FzTxw6lwZkNQAzdgwSl7jL5D08OA95cflipVKfOPdpHeTgH-0WOGxuZLAHMOBzvRFZ0xaePd2CzwoA

Requested by

Host: 82949896b9ac300f85ab93d8e62ae5e8.safeframe.googlesyndication.com
URL: https://82949896b9ac300f85ab93d8e62ae5e8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 22 Sep 2022 16:15:10 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDhEOTk3OVAtUy1KUk1a&google_push=AZmPxg8yhhj4JXACi7gTCUi_FzTxw6lwZkNQAzdgwSl7jL5D08OA95cflipVKfOPdpHeTgH-0WOGxuZLAHMOBzvRFZ0xaePd2CzwoA
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
content-length: 0
X-RPHost: de8527bfa1ccfd6c1590da0d3b6cff52
Expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame E21D
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEFfuT8fUG5kWOF03WewSXVI&google_cver=1&googl...
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEFfuT8fUG5kWOF03WewSXVI&google_hm=YyyKDpjq3SH2WD84L9GHAgAAFDwAAAAB&google_nid=index&google_push=AZmPxg_QCQKgFMAz91Gxty5IPR6U1v5kqizbr...

170 B
188 B

54ms
49ms

Image
image/png

216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEFfuT8fUG5kWOF03WewSXVI&google_hm=YyyKDpjq3SH2WD84L9GHAgAAFDwAAAAB&google_nid=index&google_push=AZmPxg_QCQKgFMAz91Gxty5IPR6U1v5kqizbrvmIcUzxmzjeFSKS-Zr0nQ_ftlyrAteXau67fsxfT0vatWPcUHjnhPd4fCzXee4h

Requested by

Host: 82949896b9ac300f85ab93d8e62ae5e8.safeframe.googlesyndication.com
URL: https://82949896b9ac300f85ab93d8e62ae5e8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 22 Sep 2022 16:15:10 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 22 Sep 2022 16:15:10 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IFsOQVvlAKaTfp33NuI3nJhpXF82d4wGraoWsoblWSUkjC6PbiGDRpDtstS5LbxcNE%2B43BmE0XcK%2BvQWvMWK45BNmwUj6c081KqRYb2%2BgmyiTRZu%2Bm6hW9IMYf64Mv98x7jBQOZww5T%2FCg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEFfuT8fUG5kWOF03WewSXVI&google_hm=YyyKDpjq3SH2WD84L9GHAgAAFDwAAAAB&google_nid=index&google_push=AZmPxg_QCQKgFMAz91Gxty5IPR6U1v5kqizbrvmIcUzxmzjeFSKS-Zr0nQ_ftlyrAteXau67fsxfT0vatWPcUHjnhPd4fCzXee4h
cache-control: no-cache
cf-ray: 74ec567cdf899b86-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: 0

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame E21D 0
12 B 64ms
61ms Image
text/html 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KCYklVIibCenospPiXUx3giJlH7O83s_QjXAsB_rEMcCbpLNMnE2Rl8hYAKN3RRW41JW8N

Requested by

Host: 82949896b9ac300f85ab93d8e62ae5e8.safeframe.googlesyndication.com
URL: https://82949896b9ac300f85ab93d8e62ae5e8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 16:15:10 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.23/one-ad/ Frame 0ADC 85 KB
11 KB 54ms
45ms Stylesheet
text/css 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/style/0.1.23/one-ad/default.css

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1h9dk1w51bkkpw38tv98bb6a8jtk513rfqvq51sbe7s4ewnak40k2h9z4vc5texe79q4nydgb1j45nvm6dq7sqyhxaasq1axrssk0c58g13zdhwfhp9464vhvv16ebv14wkck58tzvkrm4vmj9vaf4rtc5wthnynafck3sfhx8336xf7rtvrh1fdbf3cwccnt73k9t2yzrmscqn0h56vy92mqrg3x8vcrsbqj0b54d9a4vjgxjpwvthvp1s6x9081tb022jrhp2n20h8abjy1r2w8gpg6k13pyny1b0b4dgtvgt4sh0veh4w4477temerkeh9zvzz5mvvrw4pbwee3dhd0dkhenqs7tqcs5gbmatxj0y160rrkn7d3jtymf5y1nrhgk7a4zvwpp0fg1ab7rx8c8fv4a6&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCHD-JDoosY__uEteGjuwP3oaSkAqQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0xMjc2NjQxNDM0NjUxMzYwoAHCrujdA8gBCakCLi0QhmKOsD7gAgCoAwGqBJACT9BmouPZbLVQ9ib4JGHIeWIHB1gRCfQGzI4U37WJT7mSE1E3sI4VOroH2CcIK0NASODSRekDHLB18Xylws3j0KQdwmlVQvpDd7X7LEQrU-ywaM1rH4NIZdQ7reu77EK7ZZnspKUx-fnDaKBOlQxfHnMVOsyMl07uzFE_ghyHhV6F6RFJ8Tb-aeSHTkOQQ5sKdrDdGMtfLhU8HiDYCGl-8VB4OBvY-9UgyUYjWQtpJ6oKZlcUN_DgbtkY6KVU8JsOQEZX4rlXjUk7MJ8nqLfGOSEmiwu3sSQQqw9hAGY_1whS-yXIA8saspuLAudO51Frd_IH3QNZR5VnUDS8fZW_iF0B54thoxEpNXoyPLtAIAXgBAGABr_Lica30_nRW6AGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2CPKrYPM6QwJIIZ3wICQOCLldv1g%26client%3Dca-pub-1276641434651360%26adurl%3D

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

34c3ae81cd958df09f8912557b0a7c53fea002cc24b4d6058d852da53811e414

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/dr?ed=1h9dk1w51bkkpw38tv98bb6a8jtk513rfqvq51sbe7s4ewnak40k2h9z4vc5texe79q4nydgb1j45nvm6dq7sqyhxaasq1axrssk0c58g13zdhwfhp9464vhvv16ebv14wkck58tzvkrm4vmj9vaf4rtc5wthnynafck3sfhx8336xf7rtvrh1fdbf3cwccnt73k9t2yzrmscqn0h56vy92mqrg3x8vcrsbqj0b54d9a4vjgxjpwvthvp1s6x9081tb022jrhp2n20h8abjy1r2w8gpg6k13pyny1b0b4dgtvgt4sh0veh4w4477temerkeh9zvzz5mvvrw4pbwee3dhd0dkhenqs7tqcs5gbmatxj0y160rrkn7d3jtymf5y1nrhgk7a4zvwpp0fg1ab7rx8c8fv4a6&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCHD-JDoosY__uEteGjuwP3oaSkAqQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0xMjc2NjQxNDM0NjUxMzYwoAHCrujdA8gBCakCLi0QhmKOsD7gAgCoAwGqBJACT9BmouPZbLVQ9ib4JGHIeWIHB1gRCfQGzI4U37WJT7mSE1E3sI4VOroH2CcIK0NASODSRekDHLB18Xylws3j0KQdwmlVQvpDd7X7LEQrU-ywaM1rH4NIZdQ7reu77EK7ZZnspKUx-fnDaKBOlQxfHnMVOsyMl07uzFE_ghyHhV6F6RFJ8Tb-aeSHTkOQQ5sKdrDdGMtfLhU8HiDYCGl-8VB4OBvY-9UgyUYjWQtpJ6oKZlcUN_DgbtkY6KVU8JsOQEZX4rlXjUk7MJ8nqLfGOSEmiwu3sSQQqw9hAGY_1whS-yXIA8saspuLAudO51Frd_IH3QNZR5VnUDS8fZW_iF0B54thoxEpNXoyPLtAIAXgBAGABr_Lica30_nRW6AGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2CPKrYPM6QwJIIZ3wICQOCLldv1g%26client%3Dca-pub-1276641434651360%26adurl%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 16:15:10 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
age: 871074
cross-origin-embedder-policy: unsafe-none
cf-polished: origSize=86781
surrogate-control: no-store
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=86400; includeSubDomains; preload
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: same-origin
last-modified: Mon, 12 Sep 2022 14:17:16 GMT
server: cloudflare
cross-origin-opener-policy: unsafe-none
x-download-options: noopen
vary: accept-encoding
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
content-type: text/css; charset=utf-8
expires: 0
cache-control: max-age=3600, must-revalidate, proxy-revalidate
cf-ray: 74ec567cf9179bb0-FRA
cf-bgj: minify

GET
H3 200 fxpcopuw.js Show response
ad4m.at/ Frame 0ADC 36 KB
13 KB 50ms
32ms Script
application/javascript 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/fxpcopuw.js
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1h9dk1w51bkkpw38tv98bb6a8jtk513rfqvq51sbe7s4ewnak40k2h9z4vc5texe79q4nydgb1j45nvm6dq7sqyhxaasq1axrssk0c58g13zdhwfhp9464vhvv16ebv14wkck58tzvkrm4vmj9vaf4rtc5wthnynafck3sfhx8336xf7rtvrh1fdbf3cwccnt73k9t2yzrmscqn0h56vy92mqrg3x8vcrsbqj0b54d9a4vjgxjpwvthvp1s6x9081tb022jrhp2n20h8abjy1r2w8gpg6k13pyny1b0b4dgtvgt4sh0veh4w4477temerkeh9zvzz5mvvrw4pbwee3dhd0dkhenqs7tqcs5gbmatxj0y160rrkn7d3jtymf5y1nrhgk7a4zvwpp0fg1ab7rx8c8fv4a6&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCHD-JDoosY__uEteGjuwP3oaSkAqQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0xMjc2NjQxNDM0NjUxMzYwoAHCrujdA8gBCakCLi0QhmKOsD7gAgCoAwGqBJACT9BmouPZbLVQ9ib4JGHIeWIHB1gRCfQGzI4U37WJT7mSE1E3sI4VOroH2CcIK0NASODSRekDHLB18Xylws3j0KQdwmlVQvpDd7X7LEQrU-ywaM1rH4NIZdQ7reu77EK7ZZnspKUx-fnDaKBOlQxfHnMVOsyMl07uzFE_ghyHhV6F6RFJ8Tb-aeSHTkOQQ5sKdrDdGMtfLhU8HiDYCGl-8VB4OBvY-9UgyUYjWQtpJ6oKZlcUN_DgbtkY6KVU8JsOQEZX4rlXjUk7MJ8nqLfGOSEmiwu3sSQQqw9hAGY_1whS-yXIA8saspuLAudO51Frd_IH3QNZR5VnUDS8fZW_iF0B54thoxEpNXoyPLtAIAXgBAGABr_Lica30_nRW6AGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2CPKrYPM6QwJIIZ3wICQOCLldv1g%26client%3Dca-pub-1276641434651360%26adurl%3D
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 22cadce4f1aad2a4af3657f90efa02d4e3d32217fdf307ff69512771d1fb08ab

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 16:15:10 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 192889
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 27 Jul 2022 10:39:36 GMT
server: cloudflare
etag: W/"1a2552545a3303319c45b19addfd8947"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iuL9eovDHI%2BtEfih9rkjoTd1lQ%2BParqGR4IHjlypP%2BPupAPIqz34ZT8d%2By3nyHmIzfjScB%2BH2R9maAOQQQ79BQjTgziJS70sGIhCo0MfqbTIHQSCz7%2F5yZg1M5dqX7FNQ3OMzxU%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray: 74ec567d196c9bb0-FRA
expires: Wed, 14 Sep 2022 13:04:27 GMT

GET
H2 200 dpixel
cms.quantserve.com/ Frame 72F9 35 B
210 B 49ms
0ms Image
image/gif 2620:116:800d:21:b314:a0ef:ab7c:d546
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESELRMHJ8AD26oyfXBOF2EKFU&google_cver=1&google_push=AZmPxg9uJodX1xQYMmI2KCGKUFh3XEDGASOOBB4YjRGjv0Dyay5PPrW4VtxWzjhy7GPOJyHa3JBfF70XTr-6d5AAlNwimshljOJm

Requested by

Host: 82949896b9ac300f85ab93d8e62ae5e8.safeframe.googlesyndication.com
URL: https://82949896b9ac300f85ab93d8e62ae5e8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:b314:a0ef:ab7c:d546 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 22 Sep 2022 16:15:10 GMT
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
strict-transport-security: max-age=86400
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 451 466606.gif
id.rlcdn.com/ Frame 72F9 0
42 B 148ms
41ms Image
text/plain 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://id.rlcdn.com/466606.gif?cparams=google_push%3DAZmPxg92celgG_6oPr8F0DqV_xScxusmxVvsSAZbBTGpXH3idcqPIARhrfLXNfOTuPwlCWC2AZwQV3jsAAWHHncgaFmtel3ef9Jh&google_gid=CAESELEZKa14JMa-AZJ79GitPxY&google_cver=1
Requested by: Host: 82949896b9ac300f85ab93d8e62ae5e8.safeframe.googlesyndication.com
URL: https://82949896b9ac300f85ab93d8e62ae5e8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 16:15:10 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 sync
odr.mookie1.com/t/v2/ Frame 72F9 43 B
61 B 63ms
22ms Image
image/gif 34.98.67.61
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://odr.mookie1.com/t/v2/sync?tagid=V2_4531&src.visitorid=CAESEA6Hk6zElcTeEdGP-xgPlaM&google_push=AZmPxg_uFZIqsMDCFGz-E8J8jHAnAyMiv98TBBqo4ZtGnbSZxxbjcDuuJ_yXi9QkV69PKF0NuUCbWerM66Kwsh0XJmram5GT6ryA&google_cver=1
Requested by: Host: 82949896b9ac300f85ab93d8e62ae5e8.safeframe.googlesyndication.com
URL: https://82949896b9ac300f85ab93d8e62ae5e8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.98.67.61 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 61.67.98.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 22 Sep 2022 16:15:10 GMT
via: 1.1 google
server: Apache
p3p: CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif;charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-application-context: application
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3 200 dds
rtb.openx.net/sync/ Frame 72F9 43 B
64 B 77ms
42ms Image
image/gif 35.227.252.103
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESEF7AiXoeJ8ZiRDfK4wqgMzc&google_cver=1&google_push=AZmPxg8ncIfA9ML_Uk54hkK97_MUm8gRrT7rRV14mFNjN06XnEPHKsnt8L_L8EbiR_QCYtknx41n8ANz5oDAFW3N-2ctvuEdWdfw
Requested by: Host: 82949896b9ac300f85ab93d8e62ae5e8.safeframe.googlesyndication.com
URL: https://82949896b9ac300f85ab93d8e62ae5e8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 103.252.227.35.bc.googleusercontent.com
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 22 Sep 2022 16:15:10 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-request-id: 0he3rkn0lv6547uq5s7b4ink8c6slonq

GET
H2 200 UCookieSetPug
image6.pubmatic.com/AdServer/ Frame 72F9 0
41 B 58ms
10ms Image
text/html 185.64.190.78
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEIma_nHTAYdBG9Ua_kgsiZE&google_cver=1&google_push=AZmPxg--rY_ubdfxGYmshPtgayFljJ75bdHq5kroxMSqtoxcJJOWZi-POlkHcDTk0WqkvMBQW2m1xE8E6ZOxpB_i24-g0NkSXq_k
Requested by: Host: 82949896b9ac300f85ab93d8e62ae5e8.safeframe.googlesyndication.com
URL: https://82949896b9ac300f85ab93d8e62ae5e8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 16:15:10 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 72F9
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEO31QZW6XYm6T2Zb11IghQY&google_cver=1&google_push=AZmPxg9-Bd6lUYmd5PPsoRKUClQqSdr6KVbvXjVqvy0sqazj--up1aOawuG3OLwMDhoj6lSCm7d...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDhEOTk3QjktMjgtMlk1NA==&google_push=AZmPxg9-Bd6lUYmd5PPsoRKUClQqSdr6KVbvXjVqvy0sqazj--up1aOawuG3OLwMDhoj6lSCm7d6rmsFx7lDWH_kZ5c_IE7tG54

170 B
188 B

59ms
50ms

Image
image/png

216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDhEOTk3QjktMjgtMlk1NA==&google_push=AZmPxg9-Bd6lUYmd5PPsoRKUClQqSdr6KVbvXjVqvy0sqazj--up1aOawuG3OLwMDhoj6lSCm7d6rmsFx7lDWH_kZ5c_IE7tG54

Requested by

Host: 82949896b9ac300f85ab93d8e62ae5e8.safeframe.googlesyndication.com
URL: https://82949896b9ac300f85ab93d8e62ae5e8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 22 Sep 2022 16:15:10 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDhEOTk3QjktMjgtMlk1NA==&google_push=AZmPxg9-Bd6lUYmd5PPsoRKUClQqSdr6KVbvXjVqvy0sqazj--up1aOawuG3OLwMDhoj6lSCm7d6rmsFx7lDWH_kZ5c_IE7tG54
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
content-length: 0
X-RPHost: de8527bfa1ccfd6c1590da0d3b6cff52
Expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 72F9
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESELavPKFVq77-mjFbcWoHFHc&google_cver=1&googl...
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESELavPKFVq77-mjFbcWoHFHc&google_hm=YyyKDpjq3SH2WD84L9GHAgAAFDwAAAAB&google_nid=index&google_push=AZmPxg8sWoXGXx8fmuUIwMwX8-5w6JEg614Em...

170 B
188 B

55ms
55ms

Image
image/png

216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESELavPKFVq77-mjFbcWoHFHc&google_hm=YyyKDpjq3SH2WD84L9GHAgAAFDwAAAAB&google_nid=index&google_push=AZmPxg8sWoXGXx8fmuUIwMwX8-5w6JEg614EmKSkslBnob-xMyBr_k-2nUCIO8OP-b7MXdNTLFscZzFtMtHqO52nkfpUjId3kIg

Requested by

Host: 82949896b9ac300f85ab93d8e62ae5e8.safeframe.googlesyndication.com
URL: https://82949896b9ac300f85ab93d8e62ae5e8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 22 Sep 2022 16:15:11 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 22 Sep 2022 16:15:10 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2q%2BMaHYNzhIEUYzUXEpo%2BiDE%2FetD4xnPaYTxTPpB2ujJ9StJ8pRHTInFxqsbGLxOnTxQFfv%2BNoPyxdkoPLDPspRcnt1ABCJGHWDZJN%2BC%2FjkCBGdOuIuG23J8ygHGB2BdlIBw8mqs45xpvQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESELavPKFVq77-mjFbcWoHFHc&google_hm=YyyKDpjq3SH2WD84L9GHAgAAFDwAAAAB&google_nid=index&google_push=AZmPxg8sWoXGXx8fmuUIwMwX8-5w6JEg614EmKSkslBnob-xMyBr_k-2nUCIO8OP-b7MXdNTLFscZzFtMtHqO52nkfpUjId3kIg
cache-control: no-cache
cf-ray: 74ec567d386e9b86-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: 0

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 72F9 0
12 B 93ms
60ms Image
text/html 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13K8IkgxdNteSDnnQ-XxgHCeCnGjZcJQGUBzYs7AI4rTI14M1OQhlCFxBrZrfj0Vv7GLHp9W

Requested by

Host: 82949896b9ac300f85ab93d8e62ae5e8.safeframe.googlesyndication.com
URL: https://82949896b9ac300f85ab93d8e62ae5e8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 16:15:10 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

POST
H3 200 rs Show response
ad4m.at/ Frame A958 2 KB
2 KB 59ms
56ms XHR
text/plain 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Requested by: Host: ad4m.at
URL: https://ad4m.at/fxpcopuw.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b2c860752030c2103f252f81663cf87bffb5f488a005bbdd82f0aa6d569a8b3d

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: application/json

Response headers

cf-ray: 74ec567d9f2c9b83-FRA
date: Thu, 22 Sep 2022 16:15:11 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Fs4lQ9fS1D%2FuFLF%2BwBVYvoaqA9r8cBbw0N8KOJnHWJo9GTdpwtu1xIw0m7dyEJDCrFF5flD0%2FGDBqyE8mPfJ3%2FsS88D8E7Nk6Zt2dBX7%2FbV4ST474Z%2FOlWml04icvBvuM25bAIk%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain
access-control-allow-origin: https://as.ad4m.at
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
access-control-allow-credentials: true
content-encoding: br
x-backend-server: aa-reachservice-group-europe-west1-2p34

POST
H3 200 rs Show response
ad4m.at/ Frame 38CD 1 KB
2 KB 48ms
47ms XHR
text/plain 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Requested by: Host: ad4m.at
URL: https://ad4m.at/fxpcopuw.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e108851e31ceefe2af3becd54cd7880b731665da2cca6fda6abe4d5d3257b009

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: application/json

Response headers

cf-ray: 74ec567d7ee99b83-FRA
date: Thu, 22 Sep 2022 16:15:10 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O2s6JpDHJgl1YAV5MWqru8Q%2FGSPfsjQqWCyMBUZHNefuiNmwZXx8fWA7YpwAUipBzSF%2FQXebYp23PAA0rcJalFRmwyQCmLBVLS%2BGq7XFWq1txlg8eWSZMV5YEVJFaFVqXsMpSf8%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain
access-control-allow-origin: https://as.ad4m.at
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
access-control-allow-credentials: true
content-encoding: br
x-backend-server: aa-reachservice-group-europe-west1-2p34

OPTIONS
H3 200 rs
ad4m.at/ Frame 0
0 77ms
41ms Preflight
text/plain 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://as.ad4m.at
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin: https://as.ad4m.at
access-control-max-age: 1800
allow: HEAD,POST,GET,OPTIONS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 74ec567d3e7b9b83-FRA
content-length: 24
content-type: text/plain
date: Thu, 22 Sep 2022 16:15:10 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z2TuqECueaWmQyT9K%2Ba2arGDCWbr3HXiM5He968TiCVRDvBZlSEu3BSooTFWK8x%2FOCfkAsoGU0RJ%2FT%2BrB0icT72%2FCxwtRAx0RLdyQCW7lBOPzXZLonAf2fqVR76iU%2F3PeiistqE%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
via: 1.1 google
x-backend-server: aa-reachservice-group-europe-west1-2p34

OPTIONS
H3 200 rs
ad4m.at/ Frame 0
0 70ms
36ms Preflight
text/plain 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://as.ad4m.at
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin: https://as.ad4m.at
access-control-max-age: 1800
allow: HEAD,POST,GET,OPTIONS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 74ec567d3e7a9b83-FRA
content-length: 24
content-type: text/plain
date: Thu, 22 Sep 2022 16:15:10 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0Rj%2BzodT6Wok%2BZMVOR8n7fk8UMn%2Fgjcl0WAd55cg00AvFCWvrvYPuyAXLPp7L3O69xO70J00kjYegHZVnZLZURef37MRQ10DS2Xyc3b8F3bekyGCHkA9gsfQjaxmZJWiwMnlEas%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
via: 1.1 google
x-backend-server: aa-reachservice-group-europe-west1-2p34

GET
H3 200 adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame CF93 3 KB
4 KB 60ms
29ms Image
image/png 2606:4700:20::681a:71b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/style/0.1.23/one-ad/default.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:71b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-goog-hash: crc32c=v7nNsg==, md5=eUyE0w4hPsahRNZCFfB1UQ==
date: Thu, 22 Sep 2022 16:15:10 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 20767592
x-guploader-uploadid: ADPycdvuqSd5z7x-P6zciDvJguhfevnTZzPv-sFvdv4VVTj2cCVUndir5fZqBzjNPOlq80uW-sAFhIkV33WDoT1aRSnwIseHrQ
x-goog-storage-class: STANDARD
x-goog-custom-time: 1970-01-01T00:00:00Z
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3262
x-goog-meta-
last-modified: Wed, 09 Jun 2021 12:35:14 GMT
server: cloudflare
etag: "794c84d30e213ec6a144d64215f07551"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BDfN3Uwyr903xN3ExwZdJnIkb69E5tU47YwGciXYDW4QMtKweXay%2BXch4GkK0248iLkursFrGFlJOXpyWh2c1xBCVVrlTsu7qZusuDvpwC3dNDbQxtu4cwco7%2BMo7YA%2BSWQ3MUohqWbmRpvDzafyAajY"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1623242114099744
content-type: image/png
cache-control: public, max-age=31536000, immutable
x-goog-stored-content-length: 3262
accept-ranges: bytes
cf-ray: 74ec567d3ee15be1-FRA
expires: Wed, 25 Jan 2023 07:28:38 GMT

GET
DATA 200
OK truncated
/ Frame CD7D 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 84311bd0dc2298a0ab71b53b28a5cc78d782914f3775ef9e4ec3e7e5467d90e4

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 frame.html Show response
ad4m.at/ Frame D300 2 KB
1 KB 47ms
23ms Document
text/html 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/frame.html
Requested by: Host: ad4m.at
URL: https://ad4m.at/fxpcopuw.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 2405399
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: public, max-age=3600
cf-cache-status: HIT
cf-ray: 74ec567d49e89bb0-FRA
content-encoding: br
content-language: en
content-type: text/html; charset=utf-8
date: Thu, 22 Sep 2022 16:15:10 GMT
expires: Thu, 25 Aug 2022 20:10:16 GMT
last-modified: Thu, 25 Aug 2022 14:12:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e3o4vJYfgjS%2BWwuCrIXkuAYg2ptMxB0343VJVfDNgLN4Cgr1iKTsp0o39z2g53pQeGD%2BMeF6%2B%2B1ZxhLeFg9BQ2bYRo8tdjEUQjqFZU4cwMkU2ZzHrU5XaEZP8dPN3Jj0k7vYX2E%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 9E09
Redirect Chain

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEBxlj1La05JCAgsiBba9jJk&google_cver=1&google_push=AZmPxg9EfvnTsi8gNAdgfbH6g4JjgJQRUFswry67fHetYyKMHScxfhc2q-...
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AZmPxg9EfvnTsi8gNAdgfbH6g4JjgJQRUFswry67fHetYyKMHScxfhc2q-6S217iO_RBVgf2-XWW-mSZB_Zix9c4wvrhs60q8pJn&google_hm=he2TnCE9fC4_...

170 B
188 B

61ms
52ms

Image
image/png

216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AZmPxg9EfvnTsi8gNAdgfbH6g4JjgJQRUFswry67fHetYyKMHScxfhc2q-6S217iO_RBVgf2-XWW-mSZB_Zix9c4wvrhs60q8pJn&google_hm=he2TnCE9fC4_Hy5y3Tqvmw

Requested by

Host: 82949896b9ac300f85ab93d8e62ae5e8.safeframe.googlesyndication.com
URL: https://82949896b9ac300f85ab93d8e62ae5e8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 22 Sep 2022 16:15:11 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AZmPxg9EfvnTsi8gNAdgfbH6g4JjgJQRUFswry67fHetYyKMHScxfhc2q-6S217iO_RBVgf2-XWW-mSZB_Zix9c4wvrhs60q8pJn&google_hm=he2TnCE9fC4_Hy5y3Tqvmw
pragma: no-cache
date: Thu, 22 Sep 2022 16:15:10 GMT
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
strict-transport-security: max-age=86400
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 9E09
Redirect Chain

https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAZmPxg_HWVcd...
https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAZmPxg_HWVcd...
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjA5MjIxNjE1MTEwMDAxMDcyMDUyNjc5Nw%3D%3D&google_push=AZmPxg_HWVcdJcCapBYxSSGFe2Hi68gLMMc-avtDjTQCab-tn99CH21BvpNDZx8es2TzGn...

170 B
188 B

68ms
65ms

Image
image/png

216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjA5MjIxNjE1MTEwMDAxMDcyMDUyNjc5Nw%3D%3D&google_push=AZmPxg_HWVcdJcCapBYxSSGFe2Hi68gLMMc-avtDjTQCab-tn99CH21BvpNDZx8es2TzGn5PhTPHYA521e5b6YG4YhriThuSUjc-

Requested by

Host: 82949896b9ac300f85ab93d8e62ae5e8.safeframe.googlesyndication.com
URL: https://82949896b9ac300f85ab93d8e62ae5e8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 22 Sep 2022 16:15:11 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjA5MjIxNjE1MTEwMDAxMDcyMDUyNjc5Nw%3D%3D&google_push=AZmPxg_HWVcdJcCapBYxSSGFe2Hi68gLMMc-avtDjTQCab-tn99CH21BvpNDZx8es2TzGn5PhTPHYA521e5b6YG4YhriThuSUjc-
pragma: no-cache
date: Thu, 22 Sep 2022 16:15:11 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0
strict-transport-security: max-age=2628000
expires: Thu, 22 Sep 2022 16:15:11 GMT

GET
H3 200 dds
rtb.openx.net/sync/ Frame 9E09 43 B
64 B 70ms
49ms Image
image/gif 35.227.252.103
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESEDeGCKFF2VwpO1hDrnAIAH8&google_cver=1&google_push=AZmPxg8SKOZd48sRj41yB2GXBH0pMHIYZaD5gE9Z1X8vO1-tbgcXmn7ViYF6LOLb79jpnpxBt1KG0wUksjRU-dDtnXayEtCdDdPI
Requested by: Host: 82949896b9ac300f85ab93d8e62ae5e8.safeframe.googlesyndication.com
URL: https://82949896b9ac300f85ab93d8e62ae5e8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 103.252.227.35.bc.googleusercontent.com
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 22 Sep 2022 16:15:10 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-request-id: rt1jq5c8bcgdlmgddncb2elcfno8uftm

GET
H2 200 UCookieSetPug
image6.pubmatic.com/AdServer/ Frame 9E09 0
41 B 40ms
15ms Image
text/html 185.64.190.78
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEAqV36ywdpvznhQPzKoNo6Q&google_cver=1&google_push=AZmPxg9fx58LPFFQ5qzCYjBmhllRKWgpeoNwJRgfWP1cJDexcfkrCDiF5w0OykbK-GDaov1WgdVei-3OcnJZ821OzAs-g68ZE5Y
Requested by: Host: 82949896b9ac300f85ab93d8e62ae5e8.safeframe.googlesyndication.com
URL: https://82949896b9ac300f85ab93d8e62ae5e8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 16:15:10 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 9E09
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEMsprMkqq8CY15EJwtZbKr8&google_cver=1&google_push=AZmPxg-V2Srk26BDSF7gT_Vm8Tnj6_Xv5pXgq1pth9LXPxqoJfT0CL062RdObozo-SGKfdfCdya...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDhEOTk3Qk0tMVUtS1k0SQ==&google_push=AZmPxg-V2Srk26BDSF7gT_Vm8Tnj6_Xv5pXgq1pth9LXPxqoJfT0CL062RdObozo-SGKfdfCdyaZQqnF3pd2f3r8wMkjUTNqV7Ib

170 B
188 B

61ms
50ms

Image
image/png

216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDhEOTk3Qk0tMVUtS1k0SQ==&google_push=AZmPxg-V2Srk26BDSF7gT_Vm8Tnj6_Xv5pXgq1pth9LXPxqoJfT0CL062RdObozo-SGKfdfCdyaZQqnF3pd2f3r8wMkjUTNqV7Ib

Requested by

Host: 82949896b9ac300f85ab93d8e62ae5e8.safeframe.googlesyndication.com
URL: https://82949896b9ac300f85ab93d8e62ae5e8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 22 Sep 2022 16:15:11 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDhEOTk3Qk0tMVUtS1k0SQ==&google_push=AZmPxg-V2Srk26BDSF7gT_Vm8Tnj6_Xv5pXgq1pth9LXPxqoJfT0CL062RdObozo-SGKfdfCdyaZQqnF3pd2f3r8wMkjUTNqV7Ib
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
content-length: 0
X-RPHost: de8527bfa1ccfd6c1590da0d3b6cff52
Expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 9E09
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEBa_wxMUICgMXds8enwK4UY&google_cver=1&googl...
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEBa_wxMUICgMXds8enwK4UY&google_hm=YyyKDpjq3SH2WD84L9GHAgAAFDwAAAAB&google_nid=index&google_push=AZmPxg-nML1fhprM1zjbnek-e9ZZXoAqc8w_2...

170 B
188 B

50ms
50ms

Image
image/png

216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEBa_wxMUICgMXds8enwK4UY&google_hm=YyyKDpjq3SH2WD84L9GHAgAAFDwAAAAB&google_nid=index&google_push=AZmPxg-nML1fhprM1zjbnek-e9ZZXoAqc8w_2dnKkQ1216rIEjRy3eaOYyijVmcDfO4NfAobdTUwisVkftCRvmmDOEcisQjzRio

Requested by

Host: 82949896b9ac300f85ab93d8e62ae5e8.safeframe.googlesyndication.com
URL: https://82949896b9ac300f85ab93d8e62ae5e8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 22 Sep 2022 16:15:11 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 22 Sep 2022 16:15:10 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qK5qJdTzApgZUr7VDivY6CcE%2F8ohxWv2mpxvb3N5tt%2FRK%2BERaPAF1k2laqwVuYLPwnQuJ72UEU3lsEduycxnnBj%2B0vbxIrtZk7nii0VVpA74xa8JHud6j8DhzOiAzuxMzUY7Gdbit8YeCw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEBa_wxMUICgMXds8enwK4UY&google_hm=YyyKDpjq3SH2WD84L9GHAgAAFDwAAAAB&google_nid=index&google_push=AZmPxg-nML1fhprM1zjbnek-e9ZZXoAqc8w_2dnKkQ1216rIEjRy3eaOYyijVmcDfO4NfAobdTUwisVkftCRvmmDOEcisQjzRio
cache-control: no-cache
cf-ray: 74ec567d48a79b86-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: 0

GET
H2 200 trk
ag.innovid.com/ Frame 9E09 43 B
295 B 470ms
24ms Image
image/gif 2a05:d01c:1d8:8101:fce4:7d96:66d4:9311
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ag.innovid.com/trk?tid=11711&google_gid=CAESEM3qVrS3xZLYrYJs8__Yepo&google_cver=1&google_push=AZmPxg83_Uv0cnETalro-eiaCLfT3XWHOqs0WZUfPwY98ycbD5ZJt2T7ERsndEzaDcl68LOvjjAa0WX9a7wF8kpIaOzTa6O5FmC9
Requested by: Host: 82949896b9ac300f85ab93d8e62ae5e8.safeframe.googlesyndication.com
URL: https://82949896b9ac300f85ab93d8e62ae5e8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a05:d01c:1d8:8101:fce4:7d96:66d4:9311 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 22 Sep 2022 16:15:11 GMT
cache-control: no-cache
content-type: image/gif
content-length: 43
request-time: 1
expires: -1

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 9E09 0
12 B 70ms
52ms Image
text/html 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IhNUFfdKQ_6E1VUQBlFbPHg6hiTQSNhE8Nw-iFlpaf4dKe8NS3tKk-nMElAedjV2HTSNZI

Requested by

Host: 82949896b9ac300f85ab93d8e62ae5e8.safeframe.googlesyndication.com
URL: https://82949896b9ac300f85ab93d8e62ae5e8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 16:15:10 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame 9889 3 KB
4 KB 44ms
27ms Image
image/png 2606:4700:20::681a:71b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/style/0.1.23/one-ad/default.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:71b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-goog-hash: crc32c=v7nNsg==, md5=eUyE0w4hPsahRNZCFfB1UQ==
date: Thu, 22 Sep 2022 16:15:10 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 20767592
x-guploader-uploadid: ADPycdvuqSd5z7x-P6zciDvJguhfevnTZzPv-sFvdv4VVTj2cCVUndir5fZqBzjNPOlq80uW-sAFhIkV33WDoT1aRSnwIseHrQ
x-goog-storage-class: STANDARD
x-goog-custom-time: 1970-01-01T00:00:00Z
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3262
x-goog-meta-
last-modified: Wed, 09 Jun 2021 12:35:14 GMT
server: cloudflare
etag: "794c84d30e213ec6a144d64215f07551"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FNiVaqLfs6Q0crYTL1FPDG86dEYHWrKv4sVu4H6YgFYIbBO1%2FSvTLaBDb6A1aCO%2BL0bYLD1xf7eFnJzk0g%2FxLWXkBc5NUC%2F8mrHmY9wy%2FlPYRmph8Mqy5xh3koXMsRDRfrHk5FYPFUHhEtWl13AHlcCH"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1623242114099744
content-type: image/png
cache-control: public, max-age=31536000, immutable
x-goog-stored-content-length: 3262
accept-ranges: bytes
cf-ray: 74ec567d4efc5be1-FRA
expires: Wed, 25 Jan 2023 07:28:38 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 6B6F 8 KB
893 B 138ms
48ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220919/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4cf6f3dffbc65f9231255bf31f40ddc84a45bc57428b41d6786afc7153b90b7a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 22 Sep 2022 14:54:45 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 22 Sep 2022 16:15:11 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 22 Sep 2022 16:15:11 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220919/r20110914/client/ Frame 6B6F 2 KB
902 B 49ms
45ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220919/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220919/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 16:05:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 593
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 875
x-xss-protection: 0
server: cafe
etag: 16974406330603315520
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 06 Oct 2022 16:05:17 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220919/r20110914/ Frame 6B6F 23 KB
9 KB 47ms
45ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220919/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220919/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0c2d5358c7df05018004b5ff5434f854385d8fe8a64593901d9ae662564592d3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 15:59:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 970
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9574
x-xss-protection: 0
server: cafe
etag: 3447265524526809024
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 06 Oct 2022 15:59:00 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220919/r20110914/client/ Frame 6B6F 3 KB
1 KB 48ms
46ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220919/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220919/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 15:52:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1334
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 06 Oct 2022 15:52:56 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220919/r20110914/client/ Frame 6B6F 17 KB
7 KB 47ms
45ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220919/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220919/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

343e8bb1ac79eaf674b71ae9b5da8696724016649576600cdeaf11b69704ea40

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 15:28:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2811
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7568
x-xss-protection: 0
server: cafe
etag: 16266204680973569043
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 06 Oct 2022 15:28:19 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 6B6F 0
0 74ms
72ms Image
text/html 2a00:1450:400d:80d::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSd-pQNGb-O5qjWIJ2C5D8w4KLG3ZBRdvZWZUwcu8Hrw7Cnqi2HGqB4kGDouJB_HKFtyTI7MP9sBGeENnLzZcuhmP4CQQ
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220919/r20110914/zrt_lookup.html?fsb=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400d:80d::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 6B6F 140 KB
44 KB 117ms
115ms Script
text/javascript 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220919/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0d71b1f9bb2c1439edff9c640fedc7e649eeaa3a1d5b5b08199a6877b3328a71

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 16:15:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44544
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1663587528796173"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 22 Sep 2022 16:15:10 GMT

GET
H3 200 b6810b6596f7ed55ed76c68d0358aca1.js Show response
www.gstatic.com/mysidia/ Frame 6B6F 33 KB
13 KB 151ms
49ms Script
text/javascript 2a00:1450:400d:80a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/b6810b6596f7ed55ed76c68d0358aca1.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220919/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e6480171803c66741b9d13c44e06e9817bb8f51479574044d5226cb2dc28a897

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 15 Sep 2022 21:18:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 586613
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13684
x-xss-protection: 0
last-modified: Thu, 15 Sep 2022 20:14:13 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 14 Dec 2022 21:18:18 GMT

GET
H3 200 frame.html Show response
ad4m.at/ Frame 74BE 2 KB
1 KB 34ms
25ms Document
text/html 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/frame.html
Requested by: Host: ad4m.at
URL: https://ad4m.at/fxpcopuw.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 2405399
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: public, max-age=3600
cf-cache-status: HIT
cf-ray: 74ec567d9a989bb0-FRA
content-encoding: br
content-language: en
content-type: text/html; charset=utf-8
date: Thu, 22 Sep 2022 16:15:10 GMT
expires: Thu, 25 Aug 2022 20:10:16 GMT
last-modified: Thu, 25 Aug 2022 14:12:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n9TZ1XBD5HVvIrI6Zn33f7khxCcsnB0Ko38QgUsD8Gcc4hqySyat0MQ9tzBbFnjukHsg0xA05ACTEfsgHvROaFD4OAYgGN07qhugTexOicZ8nquwM6%2FCllqOBModAOrKvldiMxo%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame EB9C 143 B
166 B 48ms
47ms Document
text/html 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220919/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20220919/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 2288
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 22 Sep 2022 15:37:03 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame FAB1 1 KB
749 B 48ms
47ms Document
text/html 2a00:1450:400d:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220919/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 31479
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: gzip
content-length: 724
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 22 Sep 2022 07:30:32 GMT
etag: 48472445140208031
expires: Fri, 23 Sep 2022 07:30:32 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H3 200 rs Show response
ad4m.at/ Frame 54B9 2 KB
2 KB 51ms
50ms XHR
text/plain 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Requested by: Host: ad4m.at
URL: https://ad4m.at/fxpcopuw.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b413f500a3af4bca4c144fa8bddf381faa5f1ff1be518efe8211e487f361480d

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: application/json

Response headers

cf-ray: 74ec567e894a9b83-FRA
date: Thu, 22 Sep 2022 16:15:11 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=i%2BR5ifcsZFl91e77QxfeufiIt5uW%2Fgi8SWMMk9wvXbpwy%2F%2B45UZHLmYMfCN2x39tLhyXQdxm303F2TH%2BErnzbTXsvNJLWT7oIVaOAECn8NRRP%2B7tzeDY%2BfBsfGIRO3gJwWMQkQ8%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain
access-control-allow-origin: https://as.ad4m.at
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
access-control-allow-credentials: true
content-encoding: br
x-backend-server: aa-reachservice-group-europe-west1-2p34

OPTIONS
H3 200 rs
ad4m.at/ Frame 0
0 33ms
33ms Preflight
text/plain 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://as.ad4m.at
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin: https://as.ad4m.at
access-control-max-age: 1800
allow: HEAD,POST,GET,OPTIONS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 74ec567e48b99b83-FRA
content-length: 24
content-type: text/plain
date: Thu, 22 Sep 2022 16:15:11 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cFUgFBo%2Bp1ebtD2C1uV4rQiKxu8SuhImxREzR9bSu7hxn8sRnH7FptnYwNknwfWzjaRsgumU4umaqJuU90Gumc8vyfwhy2VxqrdAIIJcsugKY40txLClv4UuR0EuFMT1qk%2BS61w%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
via: 1.1 google
x-backend-server: aa-reachservice-group-europe-west1-2p34

GET
H3 200 rar Show response
as.ad4m.at/ad/ Frame 3FEB 11 KB
5 KB 47ms
46ms Document
text/html 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/rar?a=186460%2C24673%2C14019&b=q4VSmfWfJWr1TZHgHDtJtZG5UeSgTA2ja3%2C4rehEf5fRAzhGH9HdtAtmJAsbSpTr6XuK%2CRx6fgfQfZx7TkHwH3tQtdWgf9SzTmqbF7&f=Rx6fgfQfG6wACkHwH3tzCPzJu9SzTmqbF7%2Cr2GcQf9fd3jTAH7HjtJCBwxuYS8TKxdhd%2CQxef4fjfbV7txH5HYt9CZekh6S4T5qBcV&c=300&d=250&e=&g=3154fa04860da739017c7ddf52715584%2F14494824074150942501&i=25174%2C20430%2C21596&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1663863310983&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kz9qtkvq5t5z66amjqjj4ecm8dfesrdz6fjnckqqnkepcv3gm32w48507fzgreaq1ve2d02y9c4f8p78rxs0wd423vp84ptp043cpwe74hdb0kx5jss1mk8bsqr5edrnk0saht594q5ax68wer6frm2c2e6pv507s6s5ynpv3fnz8g2v8se1966nhh3cb31sy38fwr856te6kzwnzcn1e7ztfgdhxzp6x81s9qqqrscp0sv52ghxvbrqp42mh6wtsmyd1nw3fgkm%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCo8u0DYosY-GGKKeQ78EPp6KvmAuQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0xMjc2NjQxNDM0NjUxMzYwoAHCrujdA8gBCakCLi0QhmKOsD6oAwGqBOoBT9ARCigLB4Ud3VwMcxQqWZKT9eM4d3gP9FOWz16aOKhPNB0_OhZFkAUkzhHvuUq3at-aOa-le-Ldq3kjK1nzVbj1iNJKHLwtiHltELYT10UcrmlDykeNAXtg5GAO8thcoYYrZJGKvuhooYf__0zkGWxFvpnux3GBoLje9ECqcECZXq9DhKOKJ8PsWBlWOjClD9PWrBU5SGUB2hT5cT8x0fzWeWglAO3ws6qOgTWvptBXW-qho7jIKRjaYurCzPb3ZS7tp1JmxAD2frSUpLG2MOLZTvYHygm12GBB2cCLJ2W-TnhmS3ZJqzeVgAbxur7BzIOftfwBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3p4uolVJNVC0aDHq4ngYT2MOQ4sg%2526client%253Dca-pub-1276641434651360%2526adurl%253D&y=1&s=&z=0

Requested by

Host: ad4m.at
URL: https://ad4m.at/fxpcopuw.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ad6789ab78a8f1a9fb9864311d88770462e447bc53b4720799a58b726dec69c6

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-ancestors * data:;frame-src ;img-src data:;manifest-src 'none';media-src 'none';navigate-to ;object-src 'none';prefetch-src 'none';script-src 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://as.ad4m.at/ad/dr?ed=1kph083wevzmw8x96t6bprv2jt8s98hdv0yasw1sxb6mrck2pqf76fvfcfqsdqbrz37cm6e4q579z0rxm7zymfft5mend32t9717aaajrm8jt3ptszswva2p5k99qsrxcqhxd3mdx38re6v053jv6b63h5qm4md1h2n6k3cb507zr9xz2h5sdhc7b2j2zj9xptksvzq455zyj5dpx4wac67he3mx60s0mzfc80c6vt878gbq1xds153dwjpp0hdgtqswghgt8mmbzce5apz1tbh06cr25c962mshyae6n1kbszqbeacd81y9dpjag5tbadz2j08amzdexyeg403hw4y8mr6qmv2x085200ktamp9x9stss1dcjq7p3mq4d50r2mm1pdcxgfsca7cs69j33ema6z7dztkyg&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCo8u0DYosY-GGKKeQ78EPp6KvmAuQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0xMjc2NjQxNDM0NjUxMzYwoAHCrujdA8gBCakCLi0QhmKOsD6oAwGqBOoBT9ARCigLB4Ud3VwMcxQqWZKT9eM4d3gP9FOWz16aOKhPNB0_OhZFkAUkzhHvuUq3at-aOa-le-Ldq3kjK1nzVbj1iNJKHLwtiHltELYT10UcrmlDykeNAXtg5GAO8thcoYYrZJGKvuhooYf__0zkGWxFvpnux3GBoLje9ECqcECZXq9DhKOKJ8PsWBlWOjClD9PWrBU5SGUB2hT5cT8x0fzWeWglAO3ws6qOgTWvptBXW-qho7jIKRjaYurCzPb3ZS7tp1JmxAD2frSUpLG2MOLZTvYHygm12GBB2cCLJ2W-TnhmS3ZJqzeVgAbxur7BzIOftfwBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3p4uolVJNVC0aDHq4ngYT2MOQ4sg%26client%3Dca-pub-1276641434651360%26adurl%3D
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 74ec567e6c179bb0-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Thu, 22 Sep 2022 16:15:11 GMT
expires: 0
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H3 200 rar Show response
as.ad4m.at/ad/ Frame 4DAD 11 KB
5 KB 45ms
45ms Document
text/html 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/rar?a=22451%2C24673%2C14019&b=PxefBfbfM5Qa9HjHbtMtR5KaJS9TPM7Fp%2C4rehEf5fRAzhGH9HdtAtmJAsbSpTr6XuK%2CRx6fgfQfZx7TkHwH3tQtdWgf9SzTmqbF7&f=bM4CQfZfmzVaYHbHzt8Cpb1tbSJT5WecJ%2Cr2GcQf9fd3jTAH7HjtJCBwxuYS8TKxdhd%2CQxef4fjfbV7txH5HYt9CZekh6S4T5qBcV&c=728&d=90&e=&g=f53bc385ba76b587a9b1ea518d216ed6%2F2103268502690185678&i=25174%2C20430%2C21596&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1663863311004&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gq8c2cmhqqbpxm1qjekdb316k1rp6e547x9gke81njgn4tsvybjshefdgasq35ajnermq8bfxjdk9d0h9x1cag2tcf5f7r9fb57b3m87sex2fsrbpx5yw4sm9zb40tggzb3twv9nfpeakagvgz6k9j9f8kbasakg4sf53da2kzxr3bc5vqa0nc3xq4847s3kw9wqsc3hephcvcw1g6etbt632tn3gk2axfn18skxswr5e59pk4xfstp1g091xc2tsdgx9rgsymzj%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCLk-BDYosY_b-H4zu3gOFj7yYCJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTEyNzY2NDE0MzQ2NTEzNjCgAcKu6N0DyAEJqQJytCsqX4mwPuACAKgDAaoEkwJP0NzPBm30HQzy1Ho9kFRPUhjh2lIQDxjcauTEsDDAmkvTJxe0wHz_B-JJxcP0MNQGyWXEHKWnRSwW3QlK8OyS0y3FMEy4g7kbveaCf4Hrz71go-2ZMPYTqZbRkZLe7kEO51fOnw7pY3105GWkHuwbXuMgeTnLHOcocUwcSI2etyUKgMdSmoqbX2rqXAkk3pMqqn0GSGQcACEteaK1EigxTGs_ramlV2JtZZIsM9Cty5Z3yG4R1D0K_JtJ9Z2ZPlT9Auwj-Zac5X7vF_A5Q0V3oupuRQdUy24owghuvcY_LUtj9-_HkkXzfQ-NZEXqc2I4g90SrMUaVFKXSyQQtT0qS7F90gTYkf9cc1eOc0VjONX66OAEAYAGv8uJxrfT-dFboAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_2jJRgiVXjgZri6ziBY-Q12dASoWw%2526client%253Dca-pub-1276641434651360%2526adurl%253D&y=1&s=&z=0

Requested by

Host: ad4m.at
URL: https://ad4m.at/fxpcopuw.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

32815ff741aadf5695bcd86d7a4c9717d0e853ff4f9c34bb3ec148e5489bc7a3

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-ancestors * data:;frame-src ;img-src data:;manifest-src 'none';media-src 'none';navigate-to ;object-src 'none';prefetch-src 'none';script-src 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://as.ad4m.at/ad/dr?ed=1k18xfz2q6qky9x7phpjs314xay6barkah7ycbj4b2pk2yzr26dmfxecr4tw5qstbw1dxrsd2388ed6kw7f36yetxgb4kt8f01mfqs98sqjvq05fcpjtp143d22x4rkzrqmjgkpk9v54eyn396c3ewnnbfh2dn30g3ccf7x7b31kg9bgvnhmzv4bp5mkcya3snjf0rnwkj4m6g62g2zkf2qf00bpfj5x03z0x4n5y3qph5skc33f57y0wjr5zq88nbn29qch4gez1p3b3k9ym4hr4a0jbqway3keg353rf8ypb3zhxay33st3zhbg8sfycgdqmbntd3tmv2q65c5ej1scd301ch8h0xcs2k73sdm41871t7ypa8bhy53393e4hq8ypnk2zs0786kcb9sfs69eqnh94p1&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCLk-BDYosY_b-H4zu3gOFj7yYCJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTEyNzY2NDE0MzQ2NTEzNjCgAcKu6N0DyAEJqQJytCsqX4mwPuACAKgDAaoEkwJP0NzPBm30HQzy1Ho9kFRPUhjh2lIQDxjcauTEsDDAmkvTJxe0wHz_B-JJxcP0MNQGyWXEHKWnRSwW3QlK8OyS0y3FMEy4g7kbveaCf4Hrz71go-2ZMPYTqZbRkZLe7kEO51fOnw7pY3105GWkHuwbXuMgeTnLHOcocUwcSI2etyUKgMdSmoqbX2rqXAkk3pMqqn0GSGQcACEteaK1EigxTGs_ramlV2JtZZIsM9Cty5Z3yG4R1D0K_JtJ9Z2ZPlT9Auwj-Zac5X7vF_A5Q0V3oupuRQdUy24owghuvcY_LUtj9-_HkkXzfQ-NZEXqc2I4g90SrMUaVFKXSyQQtT0qS7F90gTYkf9cc1eOc0VjONX66OAEAYAGv8uJxrfT-dFboAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2jJRgiVXjgZri6ziBY-Q12dASoWw%26client%3Dca-pub-1276641434651360%26adurl%3D
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 74ec567e9c659bb0-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Thu, 22 Sep 2022 16:15:11 GMT
expires: 0
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 3B9E 143 B
166 B 51ms
46ms Document
text/html 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220919/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20220919/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 2288
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 22 Sep 2022 15:37:03 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 31A5 1 KB
749 B 49ms
47ms Document
text/html 2a00:1450:400d:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220919/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 31479
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: gzip
content-length: 724
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 22 Sep 2022 07:30:32 GMT
etag: 48472445140208031
expires: Fri, 23 Sep 2022 07:30:32 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame 0ADC 3 KB
4 KB 29ms
29ms Image
image/png 2606:4700:20::681a:71b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/style/0.1.23/one-ad/default.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:71b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-goog-hash: crc32c=v7nNsg==, md5=eUyE0w4hPsahRNZCFfB1UQ==
date: Thu, 22 Sep 2022 16:15:11 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 20767593
x-guploader-uploadid: ADPycdvuqSd5z7x-P6zciDvJguhfevnTZzPv-sFvdv4VVTj2cCVUndir5fZqBzjNPOlq80uW-sAFhIkV33WDoT1aRSnwIseHrQ
x-goog-storage-class: STANDARD
x-goog-custom-time: 1970-01-01T00:00:00Z
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3262
x-goog-meta-
last-modified: Wed, 09 Jun 2021 12:35:14 GMT
server: cloudflare
etag: "794c84d30e213ec6a144d64215f07551"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A7xPb884jYWvh5aXBXfuMnGbdp19FrxGMywHZQrVZy4J%2FV72%2FOlboJOOC1N2Zrj3QtmhSOkkbA6cTgJOrY5ggfkg8fEU%2BtCbxY3DG3Cg7tir8VDaF9i1S7rdMHAG%2Bw8UpY9OmTpUdRMlbm3jBzCmxcDS"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1623242114099744
content-type: image/png
cache-control: public, max-age=31536000, immutable
x-goog-stored-content-length: 3262
accept-ranges: bytes
cf-ray: 74ec567f091e5be1-FRA
expires: Wed, 25 Jan 2023 07:28:38 GMT

GET
H3 200 rar Show response
as.ad4m.at/ad/ Frame 9B98 11 KB
4 KB 33ms
32ms Document
text/html 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/rar?a=117569%2C61651%2C14044&b=r2GcQf9f8qB2CAH7Hjtqt8DYtYS8TKxdhd%2CwA3SdfjfD5b6hEHRH2tXtxVEUzSATDzRT5%2CXxVfzfrfqw7U6H4HetqtxD7UQSkTXKPfJ&f=PxefBfbf4YMAU9HjHbtgCYqGUJS9TPM7Fp%2CgVXF8frfkpAGaPHbH8txCzDPhmSQTm7VFe%2Ce7RC3fVfxBVcjHZHet2CeW3swSQTx8Ja1&c=728&d=90&e=&g=69aa324510f6aa54839a9c7fcf68e131%2F95487472883052983&i=29981%2C24905%2C25007&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1663863311157&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1j9pg95j96tzkbn5j53br27ndfx9a77pht56h2zsve15zv55jqvscxt47h9xmvvcw9fnjkzy6mns1te3320vxbxh7412hm1x8xfsprfzqzprzn20pamg60x77r7grstv0s27jnpw5pkgqk7vhtw6r5e0e680989mhc071jc47cyr1c40as4x09mp3014mqxw9asvq2cb9akbbbx3c851waka72666zkw7jfwqgjfjbj8ww12bnk69f5y9en78h4b2q0m0jt81vg9w%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCnjuKDYosY-i1H9Gi3gPUyJ_wDpDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTEyNzY2NDE0MzQ2NTEzNjCgAcKu6N0DyAEJqQIuLRCGYo6wPuACAKgDAaoEkwJP0D6CFnPu0-BEOcw3E6RU9jjxixi3W4aGGMhhWe5UJZowSi1stQAeVmQZKx310VPNYx89TQdOnlGnKUTGwvzB_Wbs2C2pLiFEXVkdxYoX3AVEC2dYLUk8cvlL2_LL_YJrxEk7lYuBXIiFkRMIqjq6rnoGmwiilgfjnyGiQMGWNM9MEHM0YTSJShVJS5uQKdNjcaP_RohowQ-dJruu-WtNDCb3XuivPplAh7AwhcLSelKrGU3H8ON0DRGveKk895pgq34ukE_1GqwfXWL4jZm3wJOJhy28O1ZTqD-mgfEWZQFdsqFnI5M29C5tiL3Iz6UjEVBrevtPsJmmSmG0il4HfbRcjxuQdtNq6GNTvboW_2dihOAEAYAGv8uJxrfT-dFboAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_0qa8hWRsRMYyzO_Dkf2k12ejc1wA%2526client%253Dca-pub-1276641434651360%2526adurl%253D&y=1&s=&z=0

Requested by

Host: ad4m.at
URL: https://ad4m.at/fxpcopuw.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

85ec93efa934554dea347ce5342e522232832dd9f991c8959322d1b714958709

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-ancestors * data:;frame-src ;img-src data:;manifest-src 'none';media-src 'none';navigate-to ;object-src 'none';prefetch-src 'none';script-src 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://as.ad4m.at/ad/dr?ed=1je9vfr3hk2n943dhw7v4rc98mmfb2srxd27avm7qmvypjf5mns5kd7zm69gsv1a910j54mv0smfbxfqdvbzrr132647ng12n8yv52k4d6smvc17d606qggwqrf5qg5r7a9nfa9zj786jv3n3w0sghn5hmcv63thazt0qj6r080hch6rjvc1mkbaezpvfc2mc78swee4gmag1yz84vxd6bt64cj7er9yzw2vhtevh22j6pjsvv0sym51byb0fzpx2px7hfm54jfz3bdewg4gcg8y9ht5hynn3q2rnaw2tjwzhvenb661bwtr4rhqwpsy2maxynfmkmqx77kb6229h8v74g7cx6waebqph8vfk9tcyj6282av3wxtg87s97mng9dzytmj85dzxnpm12jf84tg3061bnmg&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCnjuKDYosY-i1H9Gi3gPUyJ_wDpDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTEyNzY2NDE0MzQ2NTEzNjCgAcKu6N0DyAEJqQIuLRCGYo6wPuACAKgDAaoEkwJP0D6CFnPu0-BEOcw3E6RU9jjxixi3W4aGGMhhWe5UJZowSi1stQAeVmQZKx310VPNYx89TQdOnlGnKUTGwvzB_Wbs2C2pLiFEXVkdxYoX3AVEC2dYLUk8cvlL2_LL_YJrxEk7lYuBXIiFkRMIqjq6rnoGmwiilgfjnyGiQMGWNM9MEHM0YTSJShVJS5uQKdNjcaP_RohowQ-dJruu-WtNDCb3XuivPplAh7AwhcLSelKrGU3H8ON0DRGveKk895pgq34ukE_1GqwfXWL4jZm3wJOJhy28O1ZTqD-mgfEWZQFdsqFnI5M29C5tiL3Iz6UjEVBrevtPsJmmSmG0il4HfbRcjxuQdtNq6GNTvboW_2dihOAEAYAGv8uJxrfT-dFboAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0qa8hWRsRMYyzO_Dkf2k12ejc1wA%26client%3Dca-pub-1276641434651360%26adurl%3D
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 74ec567f2d899bb0-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Thu, 22 Sep 2022 16:15:11 GMT
expires: 0
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H3 200 frame.html Show response
ad4m.at/ Frame 62D1 2 KB
1 KB 27ms
27ms Document
text/html 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/frame.html
Requested by: Host: ad4m.at
URL: https://ad4m.at/fxpcopuw.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 2405400
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: public, max-age=3600
cf-cache-status: HIT
cf-ray: 74ec567f4dc19bb0-FRA
content-encoding: br
content-language: en
content-type: text/html; charset=utf-8
date: Thu, 22 Sep 2022 16:15:11 GMT
expires: Thu, 25 Aug 2022 20:10:16 GMT
last-modified: Thu, 25 Aug 2022 14:12:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ahAoj1srR8ZItOZMl9SDP86D1jcnsEkZx0zu%2BZomYPaN5WWHtAtl9CvfOPo5V5egsOFbb6QXhfWgXvTl8PfzDaG5zIhtajOM02XqASDbnaBPIIXDcjXgObSXEU8ZbU%2BW%2BNfOgl0%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.23/one-ad/ Frame 3FEB 85 KB
11 KB 22ms
21ms Stylesheet
text/css 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/style/0.1.23/one-ad/default.css

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=186460%2C24673%2C14019&b=q4VSmfWfJWr1TZHgHDtJtZG5UeSgTA2ja3%2C4rehEf5fRAzhGH9HdtAtmJAsbSpTr6XuK%2CRx6fgfQfZx7TkHwH3tQtdWgf9SzTmqbF7&f=Rx6fgfQfG6wACkHwH3tzCPzJu9SzTmqbF7%2Cr2GcQf9fd3jTAH7HjtJCBwxuYS8TKxdhd%2CQxef4fjfbV7txH5HYt9CZekh6S4T5qBcV&c=300&d=250&e=&g=3154fa04860da739017c7ddf52715584%2F14494824074150942501&i=25174%2C20430%2C21596&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1663863310983&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kz9qtkvq5t5z66amjqjj4ecm8dfesrdz6fjnckqqnkepcv3gm32w48507fzgreaq1ve2d02y9c4f8p78rxs0wd423vp84ptp043cpwe74hdb0kx5jss1mk8bsqr5edrnk0saht594q5ax68wer6frm2c2e6pv507s6s5ynpv3fnz8g2v8se1966nhh3cb31sy38fwr856te6kzwnzcn1e7ztfgdhxzp6x81s9qqqrscp0sv52ghxvbrqp42mh6wtsmyd1nw3fgkm%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCo8u0DYosY-GGKKeQ78EPp6KvmAuQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0xMjc2NjQxNDM0NjUxMzYwoAHCrujdA8gBCakCLi0QhmKOsD6oAwGqBOoBT9ARCigLB4Ud3VwMcxQqWZKT9eM4d3gP9FOWz16aOKhPNB0_OhZFkAUkzhHvuUq3at-aOa-le-Ldq3kjK1nzVbj1iNJKHLwtiHltELYT10UcrmlDykeNAXtg5GAO8thcoYYrZJGKvuhooYf__0zkGWxFvpnux3GBoLje9ECqcECZXq9DhKOKJ8PsWBlWOjClD9PWrBU5SGUB2hT5cT8x0fzWeWglAO3ws6qOgTWvptBXW-qho7jIKRjaYurCzPb3ZS7tp1JmxAD2frSUpLG2MOLZTvYHygm12GBB2cCLJ2W-TnhmS3ZJqzeVgAbxur7BzIOftfwBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3p4uolVJNVC0aDHq4ngYT2MOQ4sg%2526client%253Dca-pub-1276641434651360%2526adurl%253D&y=1&s=&z=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

34c3ae81cd958df09f8912557b0a7c53fea002cc24b4d6058d852da53811e414

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/rar?a=186460%2C24673%2C14019&b=q4VSmfWfJWr1TZHgHDtJtZG5UeSgTA2ja3%2C4rehEf5fRAzhGH9HdtAtmJAsbSpTr6XuK%2CRx6fgfQfZx7TkHwH3tQtdWgf9SzTmqbF7&f=Rx6fgfQfG6wACkHwH3tzCPzJu9SzTmqbF7%2Cr2GcQf9fd3jTAH7HjtJCBwxuYS8TKxdhd%2CQxef4fjfbV7txH5HYt9CZekh6S4T5qBcV&c=300&d=250&e=&g=3154fa04860da739017c7ddf52715584%2F14494824074150942501&i=25174%2C20430%2C21596&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1663863310983&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kz9qtkvq5t5z66amjqjj4ecm8dfesrdz6fjnckqqnkepcv3gm32w48507fzgreaq1ve2d02y9c4f8p78rxs0wd423vp84ptp043cpwe74hdb0kx5jss1mk8bsqr5edrnk0saht594q5ax68wer6frm2c2e6pv507s6s5ynpv3fnz8g2v8se1966nhh3cb31sy38fwr856te6kzwnzcn1e7ztfgdhxzp6x81s9qqqrscp0sv52ghxvbrqp42mh6wtsmyd1nw3fgkm%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCo8u0DYosY-GGKKeQ78EPp6KvmAuQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0xMjc2NjQxNDM0NjUxMzYwoAHCrujdA8gBCakCLi0QhmKOsD6oAwGqBOoBT9ARCigLB4Ud3VwMcxQqWZKT9eM4d3gP9FOWz16aOKhPNB0_OhZFkAUkzhHvuUq3at-aOa-le-Ldq3kjK1nzVbj1iNJKHLwtiHltELYT10UcrmlDykeNAXtg5GAO8thcoYYrZJGKvuhooYf__0zkGWxFvpnux3GBoLje9ECqcECZXq9DhKOKJ8PsWBlWOjClD9PWrBU5SGUB2hT5cT8x0fzWeWglAO3ws6qOgTWvptBXW-qho7jIKRjaYurCzPb3ZS7tp1JmxAD2frSUpLG2MOLZTvYHygm12GBB2cCLJ2W-TnhmS3ZJqzeVgAbxur7BzIOftfwBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3p4uolVJNVC0aDHq4ngYT2MOQ4sg%2526client%253Dca-pub-1276641434651360%2526adurl%253D&y=1&s=&z=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 16:15:11 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
age: 871075
cross-origin-embedder-policy: unsafe-none
cf-polished: origSize=86781
surrogate-control: no-store
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=86400; includeSubDomains; preload
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: same-origin
last-modified: Mon, 12 Sep 2022 14:17:16 GMT
server: cloudflare
cross-origin-opener-policy: unsafe-none
x-download-options: noopen
vary: accept-encoding
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
content-type: text/css; charset=utf-8
expires: 0
cache-control: max-age=3600, must-revalidate, proxy-revalidate
cf-ray: 74ec567f4dc59bb0-FRA
cf-bgj: minify

GET
H2 200 188CB8AAD064EA4A8191591B373E95EFBB15091EC45B736DE282B2519499BCCBCAB6FDEDC5113C2A7BE7DE03216809B9DDF8A0A0594CFE95168D455C315D4410
assets.ad4m.at/logo/ Frame 3FEB 8 KB
9 KB 55ms
25ms Image
image/webp 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/188CB8AAD064EA4A8191591B373E95EFBB15091EC45B736DE282B2519499BCCBCAB6FDEDC5113C2A7BE7DE03216809B9DDF8A0A0594CFE95168D455C315D4410
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=186460%2C24673%2C14019&b=q4VSmfWfJWr1TZHgHDtJtZG5UeSgTA2ja3%2C4rehEf5fRAzhGH9HdtAtmJAsbSpTr6XuK%2CRx6fgfQfZx7TkHwH3tQtdWgf9SzTmqbF7&f=Rx6fgfQfG6wACkHwH3tzCPzJu9SzTmqbF7%2Cr2GcQf9fd3jTAH7HjtJCBwxuYS8TKxdhd%2CQxef4fjfbV7txH5HYt9CZekh6S4T5qBcV&c=300&d=250&e=&g=3154fa04860da739017c7ddf52715584%2F14494824074150942501&i=25174%2C20430%2C21596&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1663863310983&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kz9qtkvq5t5z66amjqjj4ecm8dfesrdz6fjnckqqnkepcv3gm32w48507fzgreaq1ve2d02y9c4f8p78rxs0wd423vp84ptp043cpwe74hdb0kx5jss1mk8bsqr5edrnk0saht594q5ax68wer6frm2c2e6pv507s6s5ynpv3fnz8g2v8se1966nhh3cb31sy38fwr856te6kzwnzcn1e7ztfgdhxzp6x81s9qqqrscp0sv52ghxvbrqp42mh6wtsmyd1nw3fgkm%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCo8u0DYosY-GGKKeQ78EPp6KvmAuQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0xMjc2NjQxNDM0NjUxMzYwoAHCrujdA8gBCakCLi0QhmKOsD6oAwGqBOoBT9ARCigLB4Ud3VwMcxQqWZKT9eM4d3gP9FOWz16aOKhPNB0_OhZFkAUkzhHvuUq3at-aOa-le-Ldq3kjK1nzVbj1iNJKHLwtiHltELYT10UcrmlDykeNAXtg5GAO8thcoYYrZJGKvuhooYf__0zkGWxFvpnux3GBoLje9ECqcECZXq9DhKOKJ8PsWBlWOjClD9PWrBU5SGUB2hT5cT8x0fzWeWglAO3ws6qOgTWvptBXW-qho7jIKRjaYurCzPb3ZS7tp1JmxAD2frSUpLG2MOLZTvYHygm12GBB2cCLJ2W-TnhmS3ZJqzeVgAbxur7BzIOftfwBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3p4uolVJNVC0aDHq4ngYT2MOQ4sg%2526client%253Dca-pub-1276641434651360%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8e49b984d20b3e7cb3f2c4a08805dc3f66bb8a58ec08c365d0cf955dd57c77c7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 16:15:11 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2577413
cf-polished: qual=85, origFmt=jpeg, origSize=16723
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 8354
last-modified: Wed, 22 Jan 2020 13:13:07 GMT
server: cloudflare
etag: "04cb7ec205cea351157aeffb998f3a85"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=V8yBWo35REn8oFSXS1%2BTjY2c%2BT0RzuW%2BohHX2DyKYTPSCsJ7NkAbEcdv%2Be%2Fv9rrzz2o4cHdn79uvkFmWvojgoManpDgkK2FnUAlSnvgUFmSMOSX1d5P9ZaK7sYzfXALNnoANx49OU%2FSrKgvk"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
expires: Fri, 23 Sep 2022 16:15:11 GMT
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 74ec567f7fd1bbcd-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 AB835EC0E966F04068CFBCC15FF8D3990CA3F197C61D255EFFB5638D89BE559012324778419F7E946D67344E6F7D42939F789567B51C0345F091B72DDF1D712C
assets.ad4m.at/product_image/ Frame 3FEB 93 KB
94 KB 34ms
31ms Image
image/webp 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/AB835EC0E966F04068CFBCC15FF8D3990CA3F197C61D255EFFB5638D89BE559012324778419F7E946D67344E6F7D42939F789567B51C0345F091B72DDF1D712C
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=186460%2C24673%2C14019&b=q4VSmfWfJWr1TZHgHDtJtZG5UeSgTA2ja3%2C4rehEf5fRAzhGH9HdtAtmJAsbSpTr6XuK%2CRx6fgfQfZx7TkHwH3tQtdWgf9SzTmqbF7&f=Rx6fgfQfG6wACkHwH3tzCPzJu9SzTmqbF7%2Cr2GcQf9fd3jTAH7HjtJCBwxuYS8TKxdhd%2CQxef4fjfbV7txH5HYt9CZekh6S4T5qBcV&c=300&d=250&e=&g=3154fa04860da739017c7ddf52715584%2F14494824074150942501&i=25174%2C20430%2C21596&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1663863310983&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kz9qtkvq5t5z66amjqjj4ecm8dfesrdz6fjnckqqnkepcv3gm32w48507fzgreaq1ve2d02y9c4f8p78rxs0wd423vp84ptp043cpwe74hdb0kx5jss1mk8bsqr5edrnk0saht594q5ax68wer6frm2c2e6pv507s6s5ynpv3fnz8g2v8se1966nhh3cb31sy38fwr856te6kzwnzcn1e7ztfgdhxzp6x81s9qqqrscp0sv52ghxvbrqp42mh6wtsmyd1nw3fgkm%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCo8u0DYosY-GGKKeQ78EPp6KvmAuQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0xMjc2NjQxNDM0NjUxMzYwoAHCrujdA8gBCakCLi0QhmKOsD6oAwGqBOoBT9ARCigLB4Ud3VwMcxQqWZKT9eM4d3gP9FOWz16aOKhPNB0_OhZFkAUkzhHvuUq3at-aOa-le-Ldq3kjK1nzVbj1iNJKHLwtiHltELYT10UcrmlDykeNAXtg5GAO8thcoYYrZJGKvuhooYf__0zkGWxFvpnux3GBoLje9ECqcECZXq9DhKOKJ8PsWBlWOjClD9PWrBU5SGUB2hT5cT8x0fzWeWglAO3ws6qOgTWvptBXW-qho7jIKRjaYurCzPb3ZS7tp1JmxAD2frSUpLG2MOLZTvYHygm12GBB2cCLJ2W-TnhmS3ZJqzeVgAbxur7BzIOftfwBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3p4uolVJNVC0aDHq4ngYT2MOQ4sg%2526client%253Dca-pub-1276641434651360%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7ce3eee4cd598dd52e7b937de204d78dc2459a9dc379d0d70c478364e7b1bfcd

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 16:15:11 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2571565
cf-polished: origFmt=png, origSize=155400
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 95550
last-modified: Thu, 24 Mar 2022 15:45:36 GMT
server: cloudflare
etag: "6fddd7204b0a0a403f584248bda12d72"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NhMqaZf6sEWypKyy5jpq6HhK7ayuNPGv79tH09%2FjRZ%2BrD4diSkbcuM4ugMuTIXEdDvAoPg1CZxqsOuW57jnavo7VjVLUewnoNroKN2SHdUfbYu07KcalufvTQ11AeUvw3RMBN7zAITevKTUs"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
expires: Fri, 23 Sep 2022 16:15:11 GMT
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 74ec567f7fdbbbcd-FRA
cf-bgj: imgq:85,h2pri

GET
H/1.1

200

/
banner.congstar.de/cookie/ Frame 3FEB
Redirect Chain

https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?https%3A%...
https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_pre=COzmg-3lqPoCFbSW_QcdpxgIsQ;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_d...
https://www.awin1.com/cawshow.php?v=11938&s=2542680&q=367022&r=412871&pv=1&pref3=mm_SUBIDTEST_view
https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1663863311_bbf8b121-3a91-11ed-9471-2264f100ad21

0
518 B

495ms
12ms

Image
text/plain

148.251.139.77
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1663863311_bbf8b121-3a91-11ed-9471-2264f100ad21
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=186460%2C24673%2C14019&b=q4VSmfWfJWr1TZHgHDtJtZG5UeSgTA2ja3%2C4rehEf5fRAzhGH9HdtAtmJAsbSpTr6XuK%2CRx6fgfQfZx7TkHwH3tQtdWgf9SzTmqbF7&f=Rx6fgfQfG6wACkHwH3tzCPzJu9SzTmqbF7%2Cr2GcQf9fd3jTAH7HjtJCBwxuYS8TKxdhd%2CQxef4fjfbV7txH5HYt9CZekh6S4T5qBcV&c=300&d=250&e=&g=3154fa04860da739017c7ddf52715584%2F14494824074150942501&i=25174%2C20430%2C21596&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1663863310983&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kz9qtkvq5t5z66amjqjj4ecm8dfesrdz6fjnckqqnkepcv3gm32w48507fzgreaq1ve2d02y9c4f8p78rxs0wd423vp84ptp043cpwe74hdb0kx5jss1mk8bsqr5edrnk0saht594q5ax68wer6frm2c2e6pv507s6s5ynpv3fnz8g2v8se1966nhh3cb31sy38fwr856te6kzwnzcn1e7ztfgdhxzp6x81s9qqqrscp0sv52ghxvbrqp42mh6wtsmyd1nw3fgkm%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCo8u0DYosY-GGKKeQ78EPp6KvmAuQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0xMjc2NjQxNDM0NjUxMzYwoAHCrujdA8gBCakCLi0QhmKOsD6oAwGqBOoBT9ARCigLB4Ud3VwMcxQqWZKT9eM4d3gP9FOWz16aOKhPNB0_OhZFkAUkzhHvuUq3at-aOa-le-Ldq3kjK1nzVbj1iNJKHLwtiHltELYT10UcrmlDykeNAXtg5GAO8thcoYYrZJGKvuhooYf__0zkGWxFvpnux3GBoLje9ECqcECZXq9DhKOKJ8PsWBlWOjClD9PWrBU5SGUB2hT5cT8x0fzWeWglAO3ws6qOgTWvptBXW-qho7jIKRjaYurCzPb3ZS7tp1JmxAD2frSUpLG2MOLZTvYHygm12GBB2cCLJ2W-TnhmS3ZJqzeVgAbxur7BzIOftfwBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3p4uolVJNVC0aDHq4ngYT2MOQ4sg%2526client%253Dca-pub-1276641434651360%2526adurl%253D&y=1&s=&z=0
Protocol: HTTP/1.1
Server: 148.251.139.77 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.77.139.251.148.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 22 Sep 2022 16:15:11 GMT
Server: Apache
P3P: CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
Content-Length: 0

Redirect headers

Date: Thu, 22 Sep 2022 16:15:11 GMT
Strict-Transport-Security: max-age=86400
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Location: https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1663863311_bbf8b121-3a91-11ed-9471-2264f100ad21
Awin-Akamai-Rule-Set: default
Node: Helix
Connection: keep-alive
Content-Length: 0

GET
H2 200 E8A0B3404CF65D67FABF74F38D2E787E97D75F650E6720B8A047EFE226A7A598DA94FFCF3CDCC52A3B206A422DD3D5082778689277BC79BF962DEE607C6331D8
assets.ad4m.at/logo/ Frame 3FEB 38 KB
38 KB 27ms
23ms Image
image/webp 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/E8A0B3404CF65D67FABF74F38D2E787E97D75F650E6720B8A047EFE226A7A598DA94FFCF3CDCC52A3B206A422DD3D5082778689277BC79BF962DEE607C6331D8
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=186460%2C24673%2C14019&b=q4VSmfWfJWr1TZHgHDtJtZG5UeSgTA2ja3%2C4rehEf5fRAzhGH9HdtAtmJAsbSpTr6XuK%2CRx6fgfQfZx7TkHwH3tQtdWgf9SzTmqbF7&f=Rx6fgfQfG6wACkHwH3tzCPzJu9SzTmqbF7%2Cr2GcQf9fd3jTAH7HjtJCBwxuYS8TKxdhd%2CQxef4fjfbV7txH5HYt9CZekh6S4T5qBcV&c=300&d=250&e=&g=3154fa04860da739017c7ddf52715584%2F14494824074150942501&i=25174%2C20430%2C21596&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1663863310983&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kz9qtkvq5t5z66amjqjj4ecm8dfesrdz6fjnckqqnkepcv3gm32w48507fzgreaq1ve2d02y9c4f8p78rxs0wd423vp84ptp043cpwe74hdb0kx5jss1mk8bsqr5edrnk0saht594q5ax68wer6frm2c2e6pv507s6s5ynpv3fnz8g2v8se1966nhh3cb31sy38fwr856te6kzwnzcn1e7ztfgdhxzp6x81s9qqqrscp0sv52ghxvbrqp42mh6wtsmyd1nw3fgkm%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCo8u0DYosY-GGKKeQ78EPp6KvmAuQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0xMjc2NjQxNDM0NjUxMzYwoAHCrujdA8gBCakCLi0QhmKOsD6oAwGqBOoBT9ARCigLB4Ud3VwMcxQqWZKT9eM4d3gP9FOWz16aOKhPNB0_OhZFkAUkzhHvuUq3at-aOa-le-Ldq3kjK1nzVbj1iNJKHLwtiHltELYT10UcrmlDykeNAXtg5GAO8thcoYYrZJGKvuhooYf__0zkGWxFvpnux3GBoLje9ECqcECZXq9DhKOKJ8PsWBlWOjClD9PWrBU5SGUB2hT5cT8x0fzWeWglAO3ws6qOgTWvptBXW-qho7jIKRjaYurCzPb3ZS7tp1JmxAD2frSUpLG2MOLZTvYHygm12GBB2cCLJ2W-TnhmS3ZJqzeVgAbxur7BzIOftfwBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3p4uolVJNVC0aDHq4ngYT2MOQ4sg%2526client%253Dca-pub-1276641434651360%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d997fba7832cb78b0933a9eb2ce191d53234c978e25c6c8fc50c75923ea8405e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 16:15:11 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2581247
cf-polished: origFmt=png, origSize=77267
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 38696
last-modified: Wed, 22 Jan 2020 13:11:48 GMT
server: cloudflare
etag: "2b0e02e9dde77e31d38d78d73dc69e4f"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YobD58yBnTjy41gR6stuP9U0NoohaQyoIsMPE9FGO851VYjH9uhYxPXaST0yz3FAjPomZEOT8mlQvDOlibaXPDyEH3rgaXBgrBPtc0CTUEaaik7eb1OqLdf7UtkVCvXjyjkGyMzKYRgXQKuy"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
expires: Fri, 23 Sep 2022 16:15:11 GMT
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 74ec567f7fe0bbcd-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 B45F893E9FFC024BF63F31BCCBD125167CBC3446F3678FC31F706A695A83CDCA7427229BCA4C5992B83E2F60A147FCD1B6148725AA0AF3ABB801A6BB7EA78390
assets.ad4m.at/ Frame 3FEB 84 KB
84 KB 42ms
38ms Image
image/jpeg 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/B45F893E9FFC024BF63F31BCCBD125167CBC3446F3678FC31F706A695A83CDCA7427229BCA4C5992B83E2F60A147FCD1B6148725AA0AF3ABB801A6BB7EA78390
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=186460%2C24673%2C14019&b=q4VSmfWfJWr1TZHgHDtJtZG5UeSgTA2ja3%2C4rehEf5fRAzhGH9HdtAtmJAsbSpTr6XuK%2CRx6fgfQfZx7TkHwH3tQtdWgf9SzTmqbF7&f=Rx6fgfQfG6wACkHwH3tzCPzJu9SzTmqbF7%2Cr2GcQf9fd3jTAH7HjtJCBwxuYS8TKxdhd%2CQxef4fjfbV7txH5HYt9CZekh6S4T5qBcV&c=300&d=250&e=&g=3154fa04860da739017c7ddf52715584%2F14494824074150942501&i=25174%2C20430%2C21596&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1663863310983&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kz9qtkvq5t5z66amjqjj4ecm8dfesrdz6fjnckqqnkepcv3gm32w48507fzgreaq1ve2d02y9c4f8p78rxs0wd423vp84ptp043cpwe74hdb0kx5jss1mk8bsqr5edrnk0saht594q5ax68wer6frm2c2e6pv507s6s5ynpv3fnz8g2v8se1966nhh3cb31sy38fwr856te6kzwnzcn1e7ztfgdhxzp6x81s9qqqrscp0sv52ghxvbrqp42mh6wtsmyd1nw3fgkm%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCo8u0DYosY-GGKKeQ78EPp6KvmAuQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0xMjc2NjQxNDM0NjUxMzYwoAHCrujdA8gBCakCLi0QhmKOsD6oAwGqBOoBT9ARCigLB4Ud3VwMcxQqWZKT9eM4d3gP9FOWz16aOKhPNB0_OhZFkAUkzhHvuUq3at-aOa-le-Ldq3kjK1nzVbj1iNJKHLwtiHltELYT10UcrmlDykeNAXtg5GAO8thcoYYrZJGKvuhooYf__0zkGWxFvpnux3GBoLje9ECqcECZXq9DhKOKJ8PsWBlWOjClD9PWrBU5SGUB2hT5cT8x0fzWeWglAO3ws6qOgTWvptBXW-qho7jIKRjaYurCzPb3ZS7tp1JmxAD2frSUpLG2MOLZTvYHygm12GBB2cCLJ2W-TnhmS3ZJqzeVgAbxur7BzIOftfwBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3p4uolVJNVC0aDHq4ngYT2MOQ4sg%2526client%253Dca-pub-1276641434651360%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3c3a0321547809818914bf6666db8a6b4f882b487d3e08e334566d25d5d38e55

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 16:15:11 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2538398
cf-polished: origSize=90165, status=webp_bigger
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 85727
last-modified: Wed, 09 Oct 2019 16:06:53 GMT
server: cloudflare
etag: "a6c89bb079950765946aeeda42e13d01"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kzp88jH%2BHr%2BD%2F%2F1QnmSKbGDQyWOAsQKcgfMehz5cswGuE2n5OoJL%2BMF%2FhcejgmrbNDJ2pPkAGzPMSBedtJHhy5CHvruZ2jF%2FSiyDLQ5q1AiVzyEyTsoHbylaK0svXUxLkjNXoGLSriOhTodY"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
expires: Fri, 23 Sep 2022 16:15:11 GMT
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 74ec567f7fe2bbcd-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 CE11F4A269236C0AF074ADB7F1ADA1F8C472CD7AC3290EFBF4A7DADA0100B8792254D4F2CF871D3311E6317269487774B650CDD0B207BED389DBEA35CD2DBC8F
assets.ad4m.at/logo/ Frame 3FEB 16 KB
16 KB 40ms
36ms Image
image/webp 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/CE11F4A269236C0AF074ADB7F1ADA1F8C472CD7AC3290EFBF4A7DADA0100B8792254D4F2CF871D3311E6317269487774B650CDD0B207BED389DBEA35CD2DBC8F
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=186460%2C24673%2C14019&b=q4VSmfWfJWr1TZHgHDtJtZG5UeSgTA2ja3%2C4rehEf5fRAzhGH9HdtAtmJAsbSpTr6XuK%2CRx6fgfQfZx7TkHwH3tQtdWgf9SzTmqbF7&f=Rx6fgfQfG6wACkHwH3tzCPzJu9SzTmqbF7%2Cr2GcQf9fd3jTAH7HjtJCBwxuYS8TKxdhd%2CQxef4fjfbV7txH5HYt9CZekh6S4T5qBcV&c=300&d=250&e=&g=3154fa04860da739017c7ddf52715584%2F14494824074150942501&i=25174%2C20430%2C21596&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1663863310983&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kz9qtkvq5t5z66amjqjj4ecm8dfesrdz6fjnckqqnkepcv3gm32w48507fzgreaq1ve2d02y9c4f8p78rxs0wd423vp84ptp043cpwe74hdb0kx5jss1mk8bsqr5edrnk0saht594q5ax68wer6frm2c2e6pv507s6s5ynpv3fnz8g2v8se1966nhh3cb31sy38fwr856te6kzwnzcn1e7ztfgdhxzp6x81s9qqqrscp0sv52ghxvbrqp42mh6wtsmyd1nw3fgkm%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCo8u0DYosY-GGKKeQ78EPp6KvmAuQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0xMjc2NjQxNDM0NjUxMzYwoAHCrujdA8gBCakCLi0QhmKOsD6oAwGqBOoBT9ARCigLB4Ud3VwMcxQqWZKT9eM4d3gP9FOWz16aOKhPNB0_OhZFkAUkzhHvuUq3at-aOa-le-Ldq3kjK1nzVbj1iNJKHLwtiHltELYT10UcrmlDykeNAXtg5GAO8thcoYYrZJGKvuhooYf__0zkGWxFvpnux3GBoLje9ECqcECZXq9DhKOKJ8PsWBlWOjClD9PWrBU5SGUB2hT5cT8x0fzWeWglAO3ws6qOgTWvptBXW-qho7jIKRjaYurCzPb3ZS7tp1JmxAD2frSUpLG2MOLZTvYHygm12GBB2cCLJ2W-TnhmS3ZJqzeVgAbxur7BzIOftfwBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3p4uolVJNVC0aDHq4ngYT2MOQ4sg%2526client%253Dca-pub-1276641434651360%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7024493525030ecd098ce0dcb2f0aea839373775120b40580028137b1d125ac9

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 16:15:11 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2578933
cf-polished: origFmt=png, origSize=39979
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 15996
last-modified: Wed, 22 Jan 2020 13:07:55 GMT
server: cloudflare
etag: "ad9334664514d900a0c3b76d17ca960f"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yL0gg9Ov4M1IJJZ%2FOKFj5%2BCcS9aNU%2BjEV4Ssgt4r3is8%2FOUVK3AVmJ%2FPkPpdRKvzLaXb2C1P7zbxSuPHbUwHMb7ukO4Jd4RRE19b0SbVRT7kTBGgjsZp781cjxdFlZq41dvV3a76vUUxp95T"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
expires: Fri, 23 Sep 2022 16:15:11 GMT
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 74ec567f8fecbbcd-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 EC9093D4AF3799CF781B1E590A25D192F3BFBB8EF4C33117758FB5ADF524B34A287AF80FDD08D80A46541DEAE1FFA692B6F4CA688E7C199182253AEB01A2863C
assets.ad4m.at/product_image/ Frame 3FEB 222 KB
222 KB 42ms
39ms Image
image/webp 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/EC9093D4AF3799CF781B1E590A25D192F3BFBB8EF4C33117758FB5ADF524B34A287AF80FDD08D80A46541DEAE1FFA692B6F4CA688E7C199182253AEB01A2863C
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=186460%2C24673%2C14019&b=q4VSmfWfJWr1TZHgHDtJtZG5UeSgTA2ja3%2C4rehEf5fRAzhGH9HdtAtmJAsbSpTr6XuK%2CRx6fgfQfZx7TkHwH3tQtdWgf9SzTmqbF7&f=Rx6fgfQfG6wACkHwH3tzCPzJu9SzTmqbF7%2Cr2GcQf9fd3jTAH7HjtJCBwxuYS8TKxdhd%2CQxef4fjfbV7txH5HYt9CZekh6S4T5qBcV&c=300&d=250&e=&g=3154fa04860da739017c7ddf52715584%2F14494824074150942501&i=25174%2C20430%2C21596&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1663863310983&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kz9qtkvq5t5z66amjqjj4ecm8dfesrdz6fjnckqqnkepcv3gm32w48507fzgreaq1ve2d02y9c4f8p78rxs0wd423vp84ptp043cpwe74hdb0kx5jss1mk8bsqr5edrnk0saht594q5ax68wer6frm2c2e6pv507s6s5ynpv3fnz8g2v8se1966nhh3cb31sy38fwr856te6kzwnzcn1e7ztfgdhxzp6x81s9qqqrscp0sv52ghxvbrqp42mh6wtsmyd1nw3fgkm%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCo8u0DYosY-GGKKeQ78EPp6KvmAuQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0xMjc2NjQxNDM0NjUxMzYwoAHCrujdA8gBCakCLi0QhmKOsD6oAwGqBOoBT9ARCigLB4Ud3VwMcxQqWZKT9eM4d3gP9FOWz16aOKhPNB0_OhZFkAUkzhHvuUq3at-aOa-le-Ldq3kjK1nzVbj1iNJKHLwtiHltELYT10UcrmlDykeNAXtg5GAO8thcoYYrZJGKvuhooYf__0zkGWxFvpnux3GBoLje9ECqcECZXq9DhKOKJ8PsWBlWOjClD9PWrBU5SGUB2hT5cT8x0fzWeWglAO3ws6qOgTWvptBXW-qho7jIKRjaYurCzPb3ZS7tp1JmxAD2frSUpLG2MOLZTvYHygm12GBB2cCLJ2W-TnhmS3ZJqzeVgAbxur7BzIOftfwBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3p4uolVJNVC0aDHq4ngYT2MOQ4sg%2526client%253Dca-pub-1276641434651360%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9bfc7d34cd8bc7df36a984d6f3da50799752e33c48bbf07a4a1ee959b51476d0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 16:15:11 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2577887
cf-polished: origFmt=png, origSize=342797
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 226950
last-modified: Wed, 15 Jun 2022 14:01:11 GMT
server: cloudflare
etag: "82c7de0f42ff55fdd0acc07731664031"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jScWQ9xhWFhsT3Bo0FJZJvo5tvriuKczukuI6NpCFmZDD%2BH1nUZIjhr2grDDGGAvOVZtT6FXCVwFCWvdJgTgolPJYpVfm8%2Fvrs%2B36EK%2BZq%2BspAVycDoLTDr%2FJ5WYMnGplCk%2FI6SY%2BaG2iOF7"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
expires: Fri, 23 Sep 2022 16:15:11 GMT
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 74ec567f8fedbbcd-FRA
cf-bgj: imgq:85,h2pri

GET
H2

200

ztpv.php
www.conrad.de/ Frame 3FEB
Redirect Chain

https://www.awin1.com/cshow.php?s=2470185&v=11354&q=377129&r=412871&pv=1&pref3=oneidRx6fgfQfZx7TkHwH3tQtdWgf9SzTmqbF7oneid__dc_reach_suite02wkz&gdpr_consent=&gdpr=0&gdpr_pd=0
https://www.zenaps.com/cshow.php?pvr=bbecca41-3a91-11ed-945d-2266f18be32e&v=11354&r=412871&q=377129&s=2470185&viewref3=oneidRx6fgfQfZx7TkHwH3tQtdWgf9SzTmqbF7oneid__dc_reach_suite02wkz&pv=1&gdpr=0&g...
https://www.conrad.de/ztpv.php?awc=11354_412871_1663863311_bbecca41-3a91-11ed-945d-2266f18be32e&insert=AW&&gdpr=0&gdpr_consent=

0
773 B

68ms
40ms

Image
text/html

2606:4700::6812:7f05
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.conrad.de/ztpv.php?awc=11354_412871_1663863311_bbecca41-3a91-11ed-945d-2266f18be32e&insert=AW&&gdpr=0&gdpr_consent=

Requested by

Protocol

Server

2606:4700::6812:7f05 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 16:15:12 GMT
via: 1.1 varnish (Varnish/6.6)
cf-cache-status: DYNAMIC
age: 0
content-security-policy-report-only: script-src 'none'; report-uri https://csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=VWdC9YtzmXAgmiJJEnT6KNaE87ErRD22SrtB78unBkc-1663863312-0-AVcF52sLLY_uwXjcCs6GDKdQDPS4kR50decqf1cIxx2rwDu_yt174o8DONQ0sJ6DMBEudkIK-gjVP9I1dBDIXZk; report-to cf-csp-endpoint
p3p: policyref="http://www.conrad.de/w3c/p3p.xml", CP="NOI NID STP STA CUR OUR"
server-timing: intid;desc=f321cfa080cc835c
content-encoding: br
x-varnish: 818421394
server: cloudflare
strict-transport-security: max-age=15552000
report-to: {"endpoints":[{"url":"https:\/\/csp-reporting.cloudflare.com\/cdn-cgi\/script_monitor\/report?m=VWdC9YtzmXAgmiJJEnT6KNaE87ErRD22SrtB78unBkc-1663863312-0-AVcF52sLLY_uwXjcCs6GDKdQDPS4kR50decqf1cIxx2rwDu_yt174o8DONQ0sJ6DMBEudkIK-gjVP9I1dBDIXZk"}],"group":"cf-csp-endpoint","max_age":86400}
content-type: text/html; charset=UTF-8
cache-control: no-cache
cf-ray: 74ec568429d1694f-FRA
expires: -1

Redirect headers

Date: Thu, 22 Sep 2022 16:15:11 GMT
Strict-Transport-Security: max-age=86400
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Location: https://www.conrad.de/ztpv.php?awc=11354_412871_1663863311_bbecca41-3a91-11ed-945d-2266f18be32e&insert=AW&&gdpr=0&gdpr_consent=
Awin-Akamai-Rule-Set: default
Node: Helix
Connection: keep-alive
Content-Length: 0

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.23/one-ad/ Frame 4DAD 85 KB
11 KB 26ms
26ms Stylesheet
text/css 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/style/0.1.23/one-ad/default.css

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=22451%2C24673%2C14019&b=PxefBfbfM5Qa9HjHbtMtR5KaJS9TPM7Fp%2C4rehEf5fRAzhGH9HdtAtmJAsbSpTr6XuK%2CRx6fgfQfZx7TkHwH3tQtdWgf9SzTmqbF7&f=bM4CQfZfmzVaYHbHzt8Cpb1tbSJT5WecJ%2Cr2GcQf9fd3jTAH7HjtJCBwxuYS8TKxdhd%2CQxef4fjfbV7txH5HYt9CZekh6S4T5qBcV&c=728&d=90&e=&g=f53bc385ba76b587a9b1ea518d216ed6%2F2103268502690185678&i=25174%2C20430%2C21596&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1663863311004&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gq8c2cmhqqbpxm1qjekdb316k1rp6e547x9gke81njgn4tsvybjshefdgasq35ajnermq8bfxjdk9d0h9x1cag2tcf5f7r9fb57b3m87sex2fsrbpx5yw4sm9zb40tggzb3twv9nfpeakagvgz6k9j9f8kbasakg4sf53da2kzxr3bc5vqa0nc3xq4847s3kw9wqsc3hephcvcw1g6etbt632tn3gk2axfn18skxswr5e59pk4xfstp1g091xc2tsdgx9rgsymzj%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCLk-BDYosY_b-H4zu3gOFj7yYCJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTEyNzY2NDE0MzQ2NTEzNjCgAcKu6N0DyAEJqQJytCsqX4mwPuACAKgDAaoEkwJP0NzPBm30HQzy1Ho9kFRPUhjh2lIQDxjcauTEsDDAmkvTJxe0wHz_B-JJxcP0MNQGyWXEHKWnRSwW3QlK8OyS0y3FMEy4g7kbveaCf4Hrz71go-2ZMPYTqZbRkZLe7kEO51fOnw7pY3105GWkHuwbXuMgeTnLHOcocUwcSI2etyUKgMdSmoqbX2rqXAkk3pMqqn0GSGQcACEteaK1EigxTGs_ramlV2JtZZIsM9Cty5Z3yG4R1D0K_JtJ9Z2ZPlT9Auwj-Zac5X7vF_A5Q0V3oupuRQdUy24owghuvcY_LUtj9-_HkkXzfQ-NZEXqc2I4g90SrMUaVFKXSyQQtT0qS7F90gTYkf9cc1eOc0VjONX66OAEAYAGv8uJxrfT-dFboAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_2jJRgiVXjgZri6ziBY-Q12dASoWw%2526client%253Dca-pub-1276641434651360%2526adurl%253D&y=1&s=&z=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

34c3ae81cd958df09f8912557b0a7c53fea002cc24b4d6058d852da53811e414

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/rar?a=22451%2C24673%2C14019&b=PxefBfbfM5Qa9HjHbtMtR5KaJS9TPM7Fp%2C4rehEf5fRAzhGH9HdtAtmJAsbSpTr6XuK%2CRx6fgfQfZx7TkHwH3tQtdWgf9SzTmqbF7&f=bM4CQfZfmzVaYHbHzt8Cpb1tbSJT5WecJ%2Cr2GcQf9fd3jTAH7HjtJCBwxuYS8TKxdhd%2CQxef4fjfbV7txH5HYt9CZekh6S4T5qBcV&c=728&d=90&e=&g=f53bc385ba76b587a9b1ea518d216ed6%2F2103268502690185678&i=25174%2C20430%2C21596&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1663863311004&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gq8c2cmhqqbpxm1qjekdb316k1rp6e547x9gke81njgn4tsvybjshefdgasq35ajnermq8bfxjdk9d0h9x1cag2tcf5f7r9fb57b3m87sex2fsrbpx5yw4sm9zb40tggzb3twv9nfpeakagvgz6k9j9f8kbasakg4sf53da2kzxr3bc5vqa0nc3xq4847s3kw9wqsc3hephcvcw1g6etbt632tn3gk2axfn18skxswr5e59pk4xfstp1g091xc2tsdgx9rgsymzj%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCLk-BDYosY_b-H4zu3gOFj7yYCJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTEyNzY2NDE0MzQ2NTEzNjCgAcKu6N0DyAEJqQJytCsqX4mwPuACAKgDAaoEkwJP0NzPBm30HQzy1Ho9kFRPUhjh2lIQDxjcauTEsDDAmkvTJxe0wHz_B-JJxcP0MNQGyWXEHKWnRSwW3QlK8OyS0y3FMEy4g7kbveaCf4Hrz71go-2ZMPYTqZbRkZLe7kEO51fOnw7pY3105GWkHuwbXuMgeTnLHOcocUwcSI2etyUKgMdSmoqbX2rqXAkk3pMqqn0GSGQcACEteaK1EigxTGs_ramlV2JtZZIsM9Cty5Z3yG4R1D0K_JtJ9Z2ZPlT9Auwj-Zac5X7vF_A5Q0V3oupuRQdUy24owghuvcY_LUtj9-_HkkXzfQ-NZEXqc2I4g90SrMUaVFKXSyQQtT0qS7F90gTYkf9cc1eOc0VjONX66OAEAYAGv8uJxrfT-dFboAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_2jJRgiVXjgZri6ziBY-Q12dASoWw%2526client%253Dca-pub-1276641434651360%2526adurl%253D&y=1&s=&z=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 16:15:11 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
age: 871075
cross-origin-embedder-policy: unsafe-none
cf-polished: origSize=86781
surrogate-control: no-store
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=86400; includeSubDomains; preload
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: same-origin
last-modified: Mon, 12 Sep 2022 14:17:16 GMT
server: cloudflare
cross-origin-opener-policy: unsafe-none
x-download-options: noopen
vary: accept-encoding
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
content-type: text/css; charset=utf-8
expires: 0
cache-control: max-age=3600, must-revalidate, proxy-revalidate
cf-ray: 74ec567f4dc89bb0-FRA
cf-bgj: minify

GET
H2 200 188CB8AAD064EA4A8191591B373E95EFBB15091EC45B736DE282B2519499BCCBCAB6FDEDC5113C2A7BE7DE03216809B9DDF8A0A0594CFE95168D455C315D4410
assets.ad4m.at/logo/ Frame 4DAD 8 KB
8 KB 54ms
26ms Image
image/webp 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/188CB8AAD064EA4A8191591B373E95EFBB15091EC45B736DE282B2519499BCCBCAB6FDEDC5113C2A7BE7DE03216809B9DDF8A0A0594CFE95168D455C315D4410
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=22451%2C24673%2C14019&b=PxefBfbfM5Qa9HjHbtMtR5KaJS9TPM7Fp%2C4rehEf5fRAzhGH9HdtAtmJAsbSpTr6XuK%2CRx6fgfQfZx7TkHwH3tQtdWgf9SzTmqbF7&f=bM4CQfZfmzVaYHbHzt8Cpb1tbSJT5WecJ%2Cr2GcQf9fd3jTAH7HjtJCBwxuYS8TKxdhd%2CQxef4fjfbV7txH5HYt9CZekh6S4T5qBcV&c=728&d=90&e=&g=f53bc385ba76b587a9b1ea518d216ed6%2F2103268502690185678&i=25174%2C20430%2C21596&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1663863311004&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gq8c2cmhqqbpxm1qjekdb316k1rp6e547x9gke81njgn4tsvybjshefdgasq35ajnermq8bfxjdk9d0h9x1cag2tcf5f7r9fb57b3m87sex2fsrbpx5yw4sm9zb40tggzb3twv9nfpeakagvgz6k9j9f8kbasakg4sf53da2kzxr3bc5vqa0nc3xq4847s3kw9wqsc3hephcvcw1g6etbt632tn3gk2axfn18skxswr5e59pk4xfstp1g091xc2tsdgx9rgsymzj%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCLk-BDYosY_b-H4zu3gOFj7yYCJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTEyNzY2NDE0MzQ2NTEzNjCgAcKu6N0DyAEJqQJytCsqX4mwPuACAKgDAaoEkwJP0NzPBm30HQzy1Ho9kFRPUhjh2lIQDxjcauTEsDDAmkvTJxe0wHz_B-JJxcP0MNQGyWXEHKWnRSwW3QlK8OyS0y3FMEy4g7kbveaCf4Hrz71go-2ZMPYTqZbRkZLe7kEO51fOnw7pY3105GWkHuwbXuMgeTnLHOcocUwcSI2etyUKgMdSmoqbX2rqXAkk3pMqqn0GSGQcACEteaK1EigxTGs_ramlV2JtZZIsM9Cty5Z3yG4R1D0K_JtJ9Z2ZPlT9Auwj-Zac5X7vF_A5Q0V3oupuRQdUy24owghuvcY_LUtj9-_HkkXzfQ-NZEXqc2I4g90SrMUaVFKXSyQQtT0qS7F90gTYkf9cc1eOc0VjONX66OAEAYAGv8uJxrfT-dFboAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_2jJRgiVXjgZri6ziBY-Q12dASoWw%2526client%253Dca-pub-1276641434651360%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8e49b984d20b3e7cb3f2c4a08805dc3f66bb8a58ec08c365d0cf955dd57c77c7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 16:15:11 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2577413
cf-polished: qual=85, origFmt=jpeg, origSize=16723
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 8354
last-modified: Wed, 22 Jan 2020 13:13:07 GMT
server: cloudflare
etag: "04cb7ec205cea351157aeffb998f3a85"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VIbPvr0SuX1ZI6SBaWh%2Bu%2FtTW3cxUP4FOR3Ow5Zvz14nOjylpS0bwbM6%2B%2FQEOwP%2BNeV%2BxHZ%2BtAd0ER0iSxS7ZtzoCvu%2F61FIbieMOt8pF7zFh6amiivPN3He6UY%2FF7gTOdX7yjvgLLPJUHqG"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
expires: Fri, 23 Sep 2022 16:15:11 GMT
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 74ec567f7fd2bbcd-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 FC413BBA72211F5AF56B42ACBA3ABD3A49D827F593C9E1323C0F2A226E056430F688C15FF4CD83A6D4A3CFCFA1FE4220CE28CD84F613C42E73DA82679F4A107B
assets.ad4m.at/product_image/ Frame 4DAD 30 KB
30 KB 40ms
37ms Image
image/webp 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/FC413BBA72211F5AF56B42ACBA3ABD3A49D827F593C9E1323C0F2A226E056430F688C15FF4CD83A6D4A3CFCFA1FE4220CE28CD84F613C42E73DA82679F4A107B
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=22451%2C24673%2C14019&b=PxefBfbfM5Qa9HjHbtMtR5KaJS9TPM7Fp%2C4rehEf5fRAzhGH9HdtAtmJAsbSpTr6XuK%2CRx6fgfQfZx7TkHwH3tQtdWgf9SzTmqbF7&f=bM4CQfZfmzVaYHbHzt8Cpb1tbSJT5WecJ%2Cr2GcQf9fd3jTAH7HjtJCBwxuYS8TKxdhd%2CQxef4fjfbV7txH5HYt9CZekh6S4T5qBcV&c=728&d=90&e=&g=f53bc385ba76b587a9b1ea518d216ed6%2F2103268502690185678&i=25174%2C20430%2C21596&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1663863311004&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gq8c2cmhqqbpxm1qjekdb316k1rp6e547x9gke81njgn4tsvybjshefdgasq35ajnermq8bfxjdk9d0h9x1cag2tcf5f7r9fb57b3m87sex2fsrbpx5yw4sm9zb40tggzb3twv9nfpeakagvgz6k9j9f8kbasakg4sf53da2kzxr3bc5vqa0nc3xq4847s3kw9wqsc3hephcvcw1g6etbt632tn3gk2axfn18skxswr5e59pk4xfstp1g091xc2tsdgx9rgsymzj%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCLk-BDYosY_b-H4zu3gOFj7yYCJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTEyNzY2NDE0MzQ2NTEzNjCgAcKu6N0DyAEJqQJytCsqX4mwPuACAKgDAaoEkwJP0NzPBm30HQzy1Ho9kFRPUhjh2lIQDxjcauTEsDDAmkvTJxe0wHz_B-JJxcP0MNQGyWXEHKWnRSwW3QlK8OyS0y3FMEy4g7kbveaCf4Hrz71go-2ZMPYTqZbRkZLe7kEO51fOnw7pY3105GWkHuwbXuMgeTnLHOcocUwcSI2etyUKgMdSmoqbX2rqXAkk3pMqqn0GSGQcACEteaK1EigxTGs_ramlV2JtZZIsM9Cty5Z3yG4R1D0K_JtJ9Z2ZPlT9Auwj-Zac5X7vF_A5Q0V3oupuRQdUy24owghuvcY_LUtj9-_HkkXzfQ-NZEXqc2I4g90SrMUaVFKXSyQQtT0qS7F90gTYkf9cc1eOc0VjONX66OAEAYAGv8uJxrfT-dFboAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_2jJRgiVXjgZri6ziBY-Q12dASoWw%2526client%253Dca-pub-1276641434651360%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8638f3568cf35b04429b02b36b4f4e37baa12bf47b618e530dfa728022c1d41c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 16:15:11 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2578053
cf-polished: qual=85, origFmt=jpeg, origSize=81547
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 30226
last-modified: Thu, 09 Apr 2020 08:50:22 GMT
server: cloudflare
etag: "f7c8b1c28756e1f042414e043a02e1fa"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BQd0PDc4%2Balq7CLALnoSLp2bSWADhQWnGNr%2BQQwXQYCeqotmPb3FJSOmjWW1p%2BaFP7yiDG9bUaYeK1ssJgk7QYMZzF5aSWw89JPTzZT%2FBUsuxEEJOi2H5q3Uf2phsRg8nbiv6S3mUBMGu%2Bhz"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
expires: Fri, 23 Sep 2022 16:15:11 GMT
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 74ec567f8ff0bbcd-FRA
cf-bgj: imgq:85,h2pri

GET
H/1.1

200

/
banner.congstar.de/cookie/ Frame 4DAD
Redirect Chain

https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?https%3A%...
https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_pre=CNnvg-3lqPoCFbic_QcdFwoH4w;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_d...
https://www.awin1.com/cawshow.php?v=11938&s=2542680&q=367022&r=412871&pv=1&pref3=oneidPxefBfbfM5Qa9HjHbtMtR5KaJS9TPM7Fponeid__dc_reach_suite02wkz&gdpr_consent=&gdpr=0&gdpr_pd=0
https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1663863311_bbf9c290-3a91-11ed-8c43-2239a2f90a87

0
518 B

499ms
12ms

Image
text/plain

148.251.139.77
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1663863311_bbf9c290-3a91-11ed-8c43-2239a2f90a87
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=22451%2C24673%2C14019&b=PxefBfbfM5Qa9HjHbtMtR5KaJS9TPM7Fp%2C4rehEf5fRAzhGH9HdtAtmJAsbSpTr6XuK%2CRx6fgfQfZx7TkHwH3tQtdWgf9SzTmqbF7&f=bM4CQfZfmzVaYHbHzt8Cpb1tbSJT5WecJ%2Cr2GcQf9fd3jTAH7HjtJCBwxuYS8TKxdhd%2CQxef4fjfbV7txH5HYt9CZekh6S4T5qBcV&c=728&d=90&e=&g=f53bc385ba76b587a9b1ea518d216ed6%2F2103268502690185678&i=25174%2C20430%2C21596&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1663863311004&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gq8c2cmhqqbpxm1qjekdb316k1rp6e547x9gke81njgn4tsvybjshefdgasq35ajnermq8bfxjdk9d0h9x1cag2tcf5f7r9fb57b3m87sex2fsrbpx5yw4sm9zb40tggzb3twv9nfpeakagvgz6k9j9f8kbasakg4sf53da2kzxr3bc5vqa0nc3xq4847s3kw9wqsc3hephcvcw1g6etbt632tn3gk2axfn18skxswr5e59pk4xfstp1g091xc2tsdgx9rgsymzj%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCLk-BDYosY_b-H4zu3gOFj7yYCJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTEyNzY2NDE0MzQ2NTEzNjCgAcKu6N0DyAEJqQJytCsqX4mwPuACAKgDAaoEkwJP0NzPBm30HQzy1Ho9kFRPUhjh2lIQDxjcauTEsDDAmkvTJxe0wHz_B-JJxcP0MNQGyWXEHKWnRSwW3QlK8OyS0y3FMEy4g7kbveaCf4Hrz71go-2ZMPYTqZbRkZLe7kEO51fOnw7pY3105GWkHuwbXuMgeTnLHOcocUwcSI2etyUKgMdSmoqbX2rqXAkk3pMqqn0GSGQcACEteaK1EigxTGs_ramlV2JtZZIsM9Cty5Z3yG4R1D0K_JtJ9Z2ZPlT9Auwj-Zac5X7vF_A5Q0V3oupuRQdUy24owghuvcY_LUtj9-_HkkXzfQ-NZEXqc2I4g90SrMUaVFKXSyQQtT0qS7F90gTYkf9cc1eOc0VjONX66OAEAYAGv8uJxrfT-dFboAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_2jJRgiVXjgZri6ziBY-Q12dASoWw%2526client%253Dca-pub-1276641434651360%2526adurl%253D&y=1&s=&z=0
Protocol: HTTP/1.1
Server: 148.251.139.77 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.77.139.251.148.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 22 Sep 2022 16:15:11 GMT
Server: Apache
P3P: CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
Content-Length: 0

Redirect headers

Date: Thu, 22 Sep 2022 16:15:11 GMT
Strict-Transport-Security: max-age=86400
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Location: https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1663863311_bbf9c290-3a91-11ed-8c43-2239a2f90a87
Awin-Akamai-Rule-Set: default
Node: Helix
Connection: keep-alive
Content-Length: 0

GET
H2 200 E8A0B3404CF65D67FABF74F38D2E787E97D75F650E6720B8A047EFE226A7A598DA94FFCF3CDCC52A3B206A422DD3D5082778689277BC79BF962DEE607C6331D8
assets.ad4m.at/logo/ Frame 4DAD 38 KB
38 KB 41ms
38ms Image
image/webp 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/E8A0B3404CF65D67FABF74F38D2E787E97D75F650E6720B8A047EFE226A7A598DA94FFCF3CDCC52A3B206A422DD3D5082778689277BC79BF962DEE607C6331D8
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=22451%2C24673%2C14019&b=PxefBfbfM5Qa9HjHbtMtR5KaJS9TPM7Fp%2C4rehEf5fRAzhGH9HdtAtmJAsbSpTr6XuK%2CRx6fgfQfZx7TkHwH3tQtdWgf9SzTmqbF7&f=bM4CQfZfmzVaYHbHzt8Cpb1tbSJT5WecJ%2Cr2GcQf9fd3jTAH7HjtJCBwxuYS8TKxdhd%2CQxef4fjfbV7txH5HYt9CZekh6S4T5qBcV&c=728&d=90&e=&g=f53bc385ba76b587a9b1ea518d216ed6%2F2103268502690185678&i=25174%2C20430%2C21596&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1663863311004&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gq8c2cmhqqbpxm1qjekdb316k1rp6e547x9gke81njgn4tsvybjshefdgasq35ajnermq8bfxjdk9d0h9x1cag2tcf5f7r9fb57b3m87sex2fsrbpx5yw4sm9zb40tggzb3twv9nfpeakagvgz6k9j9f8kbasakg4sf53da2kzxr3bc5vqa0nc3xq4847s3kw9wqsc3hephcvcw1g6etbt632tn3gk2axfn18skxswr5e59pk4xfstp1g091xc2tsdgx9rgsymzj%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCLk-BDYosY_b-H4zu3gOFj7yYCJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTEyNzY2NDE0MzQ2NTEzNjCgAcKu6N0DyAEJqQJytCsqX4mwPuACAKgDAaoEkwJP0NzPBm30HQzy1Ho9kFRPUhjh2lIQDxjcauTEsDDAmkvTJxe0wHz_B-JJxcP0MNQGyWXEHKWnRSwW3QlK8OyS0y3FMEy4g7kbveaCf4Hrz71go-2ZMPYTqZbRkZLe7kEO51fOnw7pY3105GWkHuwbXuMgeTnLHOcocUwcSI2etyUKgMdSmoqbX2rqXAkk3pMqqn0GSGQcACEteaK1EigxTGs_ramlV2JtZZIsM9Cty5Z3yG4R1D0K_JtJ9Z2ZPlT9Auwj-Zac5X7vF_A5Q0V3oupuRQdUy24owghuvcY_LUtj9-_HkkXzfQ-NZEXqc2I4g90SrMUaVFKXSyQQtT0qS7F90gTYkf9cc1eOc0VjONX66OAEAYAGv8uJxrfT-dFboAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_2jJRgiVXjgZri6ziBY-Q12dASoWw%2526client%253Dca-pub-1276641434651360%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d997fba7832cb78b0933a9eb2ce191d53234c978e25c6c8fc50c75923ea8405e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 16:15:11 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2581247
cf-polished: origFmt=png, origSize=77267
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 38696
last-modified: Wed, 22 Jan 2020 13:11:48 GMT
server: cloudflare
etag: "2b0e02e9dde77e31d38d78d73dc69e4f"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1TYwoT1YunA1XLqRKgV6RgC2ppqMauz1VdDdVrfqVeUjAZtymifRwLiOZkD7LMqfxNE%2FZcl9o9gBT51N6SZovbTEht6jrW%2FmXp7lOjWur4YVnTwUnvUEBfblOfZfaBVkD90kpeF5GS8hkxE1"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
expires: Fri, 23 Sep 2022 16:15:11 GMT
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 74ec567f8ff4bbcd-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 B45F893E9FFC024BF63F31BCCBD125167CBC3446F3678FC31F706A695A83CDCA7427229BCA4C5992B83E2F60A147FCD1B6148725AA0AF3ABB801A6BB7EA78390
assets.ad4m.at/ Frame 4DAD 84 KB
84 KB 40ms
37ms Image
image/jpeg 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/B45F893E9FFC024BF63F31BCCBD125167CBC3446F3678FC31F706A695A83CDCA7427229BCA4C5992B83E2F60A147FCD1B6148725AA0AF3ABB801A6BB7EA78390
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=22451%2C24673%2C14019&b=PxefBfbfM5Qa9HjHbtMtR5KaJS9TPM7Fp%2C4rehEf5fRAzhGH9HdtAtmJAsbSpTr6XuK%2CRx6fgfQfZx7TkHwH3tQtdWgf9SzTmqbF7&f=bM4CQfZfmzVaYHbHzt8Cpb1tbSJT5WecJ%2Cr2GcQf9fd3jTAH7HjtJCBwxuYS8TKxdhd%2CQxef4fjfbV7txH5HYt9CZekh6S4T5qBcV&c=728&d=90&e=&g=f53bc385ba76b587a9b1ea518d216ed6%2F2103268502690185678&i=25174%2C20430%2C21596&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1663863311004&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gq8c2cmhqqbpxm1qjekdb316k1rp6e547x9gke81njgn4tsvybjshefdgasq35ajnermq8bfxjdk9d0h9x1cag2tcf5f7r9fb57b3m87sex2fsrbpx5yw4sm9zb40tggzb3twv9nfpeakagvgz6k9j9f8kbasakg4sf53da2kzxr3bc5vqa0nc3xq4847s3kw9wqsc3hephcvcw1g6etbt632tn3gk2axfn18skxswr5e59pk4xfstp1g091xc2tsdgx9rgsymzj%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCLk-BDYosY_b-H4zu3gOFj7yYCJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTEyNzY2NDE0MzQ2NTEzNjCgAcKu6N0DyAEJqQJytCsqX4mwPuACAKgDAaoEkwJP0NzPBm30HQzy1Ho9kFRPUhjh2lIQDxjcauTEsDDAmkvTJxe0wHz_B-JJxcP0MNQGyWXEHKWnRSwW3QlK8OyS0y3FMEy4g7kbveaCf4Hrz71go-2ZMPYTqZbRkZLe7kEO51fOnw7pY3105GWkHuwbXuMgeTnLHOcocUwcSI2etyUKgMdSmoqbX2rqXAkk3pMqqn0GSGQcACEteaK1EigxTGs_ramlV2JtZZIsM9Cty5Z3yG4R1D0K_JtJ9Z2ZPlT9Auwj-Zac5X7vF_A5Q0V3oupuRQdUy24owghuvcY_LUtj9-_HkkXzfQ-NZEXqc2I4g90SrMUaVFKXSyQQtT0qS7F90gTYkf9cc1eOc0VjONX66OAEAYAGv8uJxrfT-dFboAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_2jJRgiVXjgZri6ziBY-Q12dASoWw%2526client%253Dca-pub-1276641434651360%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3c3a0321547809818914bf6666db8a6b4f882b487d3e08e334566d25d5d38e55

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 16:15:11 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2538398
cf-polished: origSize=90165, status=webp_bigger
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 85727
last-modified: Wed, 09 Oct 2019 16:06:53 GMT
server: cloudflare
etag: "a6c89bb079950765946aeeda42e13d01"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uRpwkG%2BldvDntGp8i7Zz1NnNFNkc6o5DUFV7f2KIhUAvBIxElbGG4VJczwzSpjSlYflxWxh2m0lnpoi5rXEkKh38Piv%2BmFpsm6QOCOrpoq5GLssArW32XmfQn0m81gXlwE2Xeb%2BP4AO%2FjGPA"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
expires: Fri, 23 Sep 2022 16:15:11 GMT
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 74ec567f8ff8bbcd-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 CE11F4A269236C0AF074ADB7F1ADA1F8C472CD7AC3290EFBF4A7DADA0100B8792254D4F2CF871D3311E6317269487774B650CDD0B207BED389DBEA35CD2DBC8F
assets.ad4m.at/logo/ Frame 4DAD 16 KB
16 KB 41ms
38ms Image
image/webp 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/CE11F4A269236C0AF074ADB7F1ADA1F8C472CD7AC3290EFBF4A7DADA0100B8792254D4F2CF871D3311E6317269487774B650CDD0B207BED389DBEA35CD2DBC8F
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=22451%2C24673%2C14019&b=PxefBfbfM5Qa9HjHbtMtR5KaJS9TPM7Fp%2C4rehEf5fRAzhGH9HdtAtmJAsbSpTr6XuK%2CRx6fgfQfZx7TkHwH3tQtdWgf9SzTmqbF7&f=bM4CQfZfmzVaYHbHzt8Cpb1tbSJT5WecJ%2Cr2GcQf9fd3jTAH7HjtJCBwxuYS8TKxdhd%2CQxef4fjfbV7txH5HYt9CZekh6S4T5qBcV&c=728&d=90&e=&g=f53bc385ba76b587a9b1ea518d216ed6%2F2103268502690185678&i=25174%2C20430%2C21596&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1663863311004&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gq8c2cmhqqbpxm1qjekdb316k1rp6e547x9gke81njgn4tsvybjshefdgasq35ajnermq8bfxjdk9d0h9x1cag2tcf5f7r9fb57b3m87sex2fsrbpx5yw4sm9zb40tggzb3twv9nfpeakagvgz6k9j9f8kbasakg4sf53da2kzxr3bc5vqa0nc3xq4847s3kw9wqsc3hephcvcw1g6etbt632tn3gk2axfn18skxswr5e59pk4xfstp1g091xc2tsdgx9rgsymzj%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCLk-BDYosY_b-H4zu3gOFj7yYCJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTEyNzY2NDE0MzQ2NTEzNjCgAcKu6N0DyAEJqQJytCsqX4mwPuACAKgDAaoEkwJP0NzPBm30HQzy1Ho9kFRPUhjh2lIQDxjcauTEsDDAmkvTJxe0wHz_B-JJxcP0MNQGyWXEHKWnRSwW3QlK8OyS0y3FMEy4g7kbveaCf4Hrz71go-2ZMPYTqZbRkZLe7kEO51fOnw7pY3105GWkHuwbXuMgeTnLHOcocUwcSI2etyUKgMdSmoqbX2rqXAkk3pMqqn0GSGQcACEteaK1EigxTGs_ramlV2JtZZIsM9Cty5Z3yG4R1D0K_JtJ9Z2ZPlT9Auwj-Zac5X7vF_A5Q0V3oupuRQdUy24owghuvcY_LUtj9-_HkkXzfQ-NZEXqc2I4g90SrMUaVFKXSyQQtT0qS7F90gTYkf9cc1eOc0VjONX66OAEAYAGv8uJxrfT-dFboAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_2jJRgiVXjgZri6ziBY-Q12dASoWw%2526client%253Dca-pub-1276641434651360%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7024493525030ecd098ce0dcb2f0aea839373775120b40580028137b1d125ac9

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 16:15:11 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2578933
cf-polished: origFmt=png, origSize=39979
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 15996
last-modified: Wed, 22 Jan 2020 13:07:55 GMT
server: cloudflare
etag: "ad9334664514d900a0c3b76d17ca960f"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3NCsO%2Bn8DNlZC3VfWAL4kKUk6MW%2B5RBWqL1Dvho9Fy2sPRy2m7nHaysUzQF1FMvBfkBZhyFa6wgSa%2FYn9BDHBn7NlmwWRh5YdX43NIn%2BkcuC3SplqvMAq66GcrGzagtp6jBA97Gb%2FcYHG68R"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
expires: Fri, 23 Sep 2022 16:15:11 GMT
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 74ec567f8803bbcd-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 EC9093D4AF3799CF781B1E590A25D192F3BFBB8EF4C33117758FB5ADF524B34A287AF80FDD08D80A46541DEAE1FFA692B6F4CA688E7C199182253AEB01A2863C
assets.ad4m.at/product_image/ Frame 4DAD 222 KB
222 KB 42ms
39ms Image
image/webp 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/EC9093D4AF3799CF781B1E590A25D192F3BFBB8EF4C33117758FB5ADF524B34A287AF80FDD08D80A46541DEAE1FFA692B6F4CA688E7C199182253AEB01A2863C
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=22451%2C24673%2C14019&b=PxefBfbfM5Qa9HjHbtMtR5KaJS9TPM7Fp%2C4rehEf5fRAzhGH9HdtAtmJAsbSpTr6XuK%2CRx6fgfQfZx7TkHwH3tQtdWgf9SzTmqbF7&f=bM4CQfZfmzVaYHbHzt8Cpb1tbSJT5WecJ%2Cr2GcQf9fd3jTAH7HjtJCBwxuYS8TKxdhd%2CQxef4fjfbV7txH5HYt9CZekh6S4T5qBcV&c=728&d=90&e=&g=f53bc385ba76b587a9b1ea518d216ed6%2F2103268502690185678&i=25174%2C20430%2C21596&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1663863311004&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gq8c2cmhqqbpxm1qjekdb316k1rp6e547x9gke81njgn4tsvybjshefdgasq35ajnermq8bfxjdk9d0h9x1cag2tcf5f7r9fb57b3m87sex2fsrbpx5yw4sm9zb40tggzb3twv9nfpeakagvgz6k9j9f8kbasakg4sf53da2kzxr3bc5vqa0nc3xq4847s3kw9wqsc3hephcvcw1g6etbt632tn3gk2axfn18skxswr5e59pk4xfstp1g091xc2tsdgx9rgsymzj%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCLk-BDYosY_b-H4zu3gOFj7yYCJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTEyNzY2NDE0MzQ2NTEzNjCgAcKu6N0DyAEJqQJytCsqX4mwPuACAKgDAaoEkwJP0NzPBm30HQzy1Ho9kFRPUhjh2lIQDxjcauTEsDDAmkvTJxe0wHz_B-JJxcP0MNQGyWXEHKWnRSwW3QlK8OyS0y3FMEy4g7kbveaCf4Hrz71go-2ZMPYTqZbRkZLe7kEO51fOnw7pY3105GWkHuwbXuMgeTnLHOcocUwcSI2etyUKgMdSmoqbX2rqXAkk3pMqqn0GSGQcACEteaK1EigxTGs_ramlV2JtZZIsM9Cty5Z3yG4R1D0K_JtJ9Z2ZPlT9Auwj-Zac5X7vF_A5Q0V3oupuRQdUy24owghuvcY_LUtj9-_HkkXzfQ-NZEXqc2I4g90SrMUaVFKXSyQQtT0qS7F90gTYkf9cc1eOc0VjONX66OAEAYAGv8uJxrfT-dFboAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_2jJRgiVXjgZri6ziBY-Q12dASoWw%2526client%253Dca-pub-1276641434651360%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9bfc7d34cd8bc7df36a984d6f3da50799752e33c48bbf07a4a1ee959b51476d0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 16:15:11 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2577887
cf-polished: origFmt=png, origSize=342797
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 226950
last-modified: Wed, 15 Jun 2022 14:01:11 GMT
server: cloudflare
etag: "82c7de0f42ff55fdd0acc07731664031"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=galXlMOvNh9t00hoZZ4FjeEA5RbLqGrNGuxpReg5qtwah75o3C4%2BUQbvc4x52tj04XoE2kY%2BujOe96NgvegDYTsbWkgENytSDLMb2lAvRHDEJNB321NUMf%2BTAJY9k%2Bv4wKHfGqdSYoMNkf0w"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
expires: Fri, 23 Sep 2022 16:15:11 GMT
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 74ec567f8805bbcd-FRA
cf-bgj: imgq:85,h2pri

GET
H2

200

ztpv.php
www.conrad.de/ Frame 4DAD
Redirect Chain

https://www.awin1.com/cshow.php?s=2470185&v=11354&q=377129&r=412871&pv=1&pref3=oneidRx6fgfQfZx7TkHwH3tQtdWgf9SzTmqbF7oneid__dc_reach_suite02wkz&gdpr_consent=&gdpr=0&gdpr_pd=0
https://www.zenaps.com/cshow.php?pvr=bbfc3390-3a91-11ed-945d-2266f18be32e&v=11354&r=412871&q=377129&s=2470185&viewref3=oneidRx6fgfQfZx7TkHwH3tQtdWgf9SzTmqbF7oneid__dc_reach_suite02wkz&pv=1&gdpr=0&g...
https://www.conrad.de/ztpv.php?awc=11354_412871_1663863311_bbfc3390-3a91-11ed-945d-2266f18be32e&insert=AW&&gdpr=0&gdpr_consent=

0
652 B

72ms
36ms

Image
text/html

2606:4700::6812:7f05
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.conrad.de/ztpv.php?awc=11354_412871_1663863311_bbfc3390-3a91-11ed-945d-2266f18be32e&insert=AW&&gdpr=0&gdpr_consent=

Requested by

Protocol

Server

2606:4700::6812:7f05 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 16:15:12 GMT
via: 1.1 varnish (Varnish/6.6)
cf-cache-status: DYNAMIC
server: cloudflare
age: 0
strict-transport-security: max-age=15552000
p3p: policyref="http://www.conrad.de/w3c/p3p.xml", CP="NOI NID STP STA CUR OUR"
content-type: text/html; charset=UTF-8
content-encoding: br
cache-control: no-cache
x-varnish: 818116932
server-timing: intid;desc=a5ad969acd9614ec
cf-ray: 74ec568429d0694f-FRA
expires: -1

Redirect headers

Date: Thu, 22 Sep 2022 16:15:11 GMT
Strict-Transport-Security: max-age=86400
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Location: https://www.conrad.de/ztpv.php?awc=11354_412871_1663863311_bbfc3390-3a91-11ed-945d-2266f18be32e&insert=AW&&gdpr=0&gdpr_consent=
Awin-Akamai-Rule-Set: default
Node: Helix
Connection: keep-alive
Content-Length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame FAB1
Redirect Chain

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEBu5XcCh06pTKP2dFo0luXc&google_cver=1&google_push=AZmPxg_jqB818wLsFjcMkBsavZWZj2Z3TTJfrB-h5C6kNi75PKdlIal12b...
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AZmPxg_jqB818wLsFjcMkBsavZWZj2Z3TTJfrB-h5C6kNi75PKdlIal12bzysZO1OLxSfKTdbAI21l-0V87-beJfrA998UgoCAqD&google_hm=he2TnCE9fC4_...

170 B
188 B

53ms
52ms

Image
image/png

216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AZmPxg_jqB818wLsFjcMkBsavZWZj2Z3TTJfrB-h5C6kNi75PKdlIal12bzysZO1OLxSfKTdbAI21l-0V87-beJfrA998UgoCAqD&google_hm=he2TnCE9fC4_Hy5y3Tqvmw

Requested by

Host: www.secretchina.com
URL: https://www.secretchina.com/

Protocol

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 22 Sep 2022 16:15:11 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AZmPxg_jqB818wLsFjcMkBsavZWZj2Z3TTJfrB-h5C6kNi75PKdlIal12bzysZO1OLxSfKTdbAI21l-0V87-beJfrA998UgoCAqD&google_hm=he2TnCE9fC4_Hy5y3Tqvmw
pragma: no-cache
date: Thu, 22 Sep 2022 16:15:11 GMT
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
strict-transport-security: max-age=86400
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3 451 466606.gif
id.rlcdn.com/ Frame FAB1 0
9 B 116ms
44ms Image
text/plain 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://id.rlcdn.com/466606.gif?cparams=google_push%3DAZmPxg9AdpAWM62gvQdsm5YSSpe3u-qEzZDdlTGUX98yv-qWqk_gjiyS2FPn4kTQXcjtyLCDRSv-NaZsgJzhIqazBznkpEWLkGCS&google_gid=CAESEJOFoQdkJWnA9HaLRP0hqP8&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220919/r20110914/zrt_lookup.html?fsb=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 16:15:11 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame FAB1
Redirect Chain

https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAZmPxg-StSNG...
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjA5MjIxNjE1MTEwMDA0OTg3NjA2MzQwMw%3D%3D&google_push=AZmPxg-StSNGMCc0zsg5ozTOCtbqsJGOZUGFFU8mAd-6rw389V9sZKA2fpyiCRihaAv0if...

170 B
188 B

49ms
49ms

Image
image/png

216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjA5MjIxNjE1MTEwMDA0OTg3NjA2MzQwMw%3D%3D&google_push=AZmPxg-StSNGMCc0zsg5ozTOCtbqsJGOZUGFFU8mAd-6rw389V9sZKA2fpyiCRihaAv0ifjMTC7YPloMWa5S0CGri5UugCEz7Izk

Requested by

Host: www.secretchina.com
URL: https://www.secretchina.com/

Protocol

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 22 Sep 2022 16:15:11 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjA5MjIxNjE1MTEwMDA0OTg3NjA2MzQwMw%3D%3D&google_push=AZmPxg-StSNGMCc0zsg5ozTOCtbqsJGOZUGFFU8mAd-6rw389V9sZKA2fpyiCRihaAv0ifjMTC7YPloMWa5S0CGri5UugCEz7Izk
pragma: no-cache
date: Thu, 22 Sep 2022 16:15:11 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0
strict-transport-security: max-age=2628000
expires: Thu, 22 Sep 2022 16:15:11 GMT

GET
H3 200 dds
rtb.openx.net/sync/ Frame FAB1 43 B
64 B 45ms
40ms Image
image/gif 35.227.252.103
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESEFI6E9vKCfWlhZiD_s-fV9A&google_cver=1&google_push=AZmPxg-rfsJGJI3I4BoMms6U3AcY0EBxDRStNbkEwIRZk69eFg3zWp9P6uaWvSOWpqCW7DWyHB-4Lt7LXiQiLQIy9nk6SxSBm29S
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220919/r20110914/zrt_lookup.html?fsb=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 103.252.227.35.bc.googleusercontent.com
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 22 Sep 2022 16:15:10 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-request-id: qrd2daeq09ki57c9qatdqo8v17pvm24t

GET
H2 200 UCookieSetPug
image6.pubmatic.com/AdServer/ Frame FAB1 0
41 B 20ms
15ms Image
text/html 185.64.190.78
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEIYGvJjQm2aZakGI5FOfe6w&google_cver=1&google_push=AZmPxg-Ohd9oUT1MItE5ndO7Nj3lLBBcvQstsP9viYz73ChwdhD5oCRBJsZ-I6NdGv96lS5nRcr2MPBrs_v7j8_-w4rX5VZLJhuh
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220919/r20110914/zrt_lookup.html?fsb=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 16:15:11 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame FAB1
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEPWv-McE6LJGWi76lH2wJlU&google_cver=1&google_push=AZmPxg9o4rz8xPvmZj9jDAy5w6_951KWm03iLKRT1Tc0NOEaY8hDtu50uNJ_iU9j6UhsHjab0yi...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDhEOTk3TDYtRS1GQlE5&google_push=AZmPxg9o4rz8xPvmZj9jDAy5w6_951KWm03iLKRT1Tc0NOEaY8hDtu50uNJ_iU9j6UhsHjab0yiMxT2JicipKEjx2HzgHTQ0JuXv

170 B
188 B

51ms
50ms

Image
image/png

216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDhEOTk3TDYtRS1GQlE5&google_push=AZmPxg9o4rz8xPvmZj9jDAy5w6_951KWm03iLKRT1Tc0NOEaY8hDtu50uNJ_iU9j6UhsHjab0yiMxT2JicipKEjx2HzgHTQ0JuXv

Requested by

Host: www.secretchina.com
URL: https://www.secretchina.com/

Protocol

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 22 Sep 2022 16:15:11 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDhEOTk3TDYtRS1GQlE5&google_push=AZmPxg9o4rz8xPvmZj9jDAy5w6_951KWm03iLKRT1Tc0NOEaY8hDtu50uNJ_iU9j6UhsHjab0yiMxT2JicipKEjx2HzgHTQ0JuXv
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
content-length: 0
X-RPHost: de8527bfa1ccfd6c1590da0d3b6cff52
Expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame FAB1
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEHPH7ZO1ZI8GVCIc62wftTw&google_cver=1&googl...
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEHPH7ZO1ZI8GVCIc62wftTw&google_hm=YyyKDpjq3SH2WD84L9GHAgAAFDwAAAAB&google_nid=index&google_push=AZmPxg8HnF3PvFE5yJMy2dzqVKkQrwsdB0RA9...

170 B
188 B

52ms
51ms

Image
image/png

216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEHPH7ZO1ZI8GVCIc62wftTw&google_hm=YyyKDpjq3SH2WD84L9GHAgAAFDwAAAAB&google_nid=index&google_push=AZmPxg8HnF3PvFE5yJMy2dzqVKkQrwsdB0RA9q65HE32nWMTkbcIMrjlvbHZsmpPi5wdUiqEmk271NsDrKVp2N7g72ty4VsXTpo

Requested by

Host: www.secretchina.com
URL: https://www.secretchina.com/

Protocol

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 22 Sep 2022 16:15:11 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 22 Sep 2022 16:15:11 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z6lcmkG0uQV2sGcbPrwofbBratcW3WUi9IMpG0z9N4bpIGZSd18zJd2tHByWQ3MaMtsQ3i0shUnyS743%2BvVQcjyXrQgdr%2BTJchSKNGPT3mG%2Bid8GotskUG98%2Fp9LZfGIftI7%2FO8OUBV97g%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEHPH7ZO1ZI8GVCIc62wftTw&google_hm=YyyKDpjq3SH2WD84L9GHAgAAFDwAAAAB&google_nid=index&google_push=AZmPxg8HnF3PvFE5yJMy2dzqVKkQrwsdB0RA9q65HE32nWMTkbcIMrjlvbHZsmpPi5wdUiqEmk271NsDrKVp2N7g72ty4VsXTpo
cache-control: no-cache
cf-ray: 74ec567f7d729b86-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: 0

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame FAB1 0
12 B 53ms
49ms Image
text/html 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Ig25rbdxmc4z_j1mqrVuNWbqQorPApJ4-HXkW0JhQN2lokiMJtcFU_PCz3mZsZtBRRB8O-

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220919/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 16:15:11 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame EB9C
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
16 B

84ms
78ms

Document
text/html

2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220919/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
date: Thu, 22 Sep 2022 16:15:11 GMT
expires: Thu, 22 Sep 2022 16:15:11 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 22 Sep 2022 16:15:11 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 6BYXhZMCT46-9MEs0mF7PtO-2LtaEInKrtcRBPC9dKM.js Show response
pagead2.googlesyndication.com/bg/ Frame 58D5 36 KB
16 KB 52ms
51ms Script
text/javascript 2a00:1450:400d:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/6BYXhZMCT46-9MEs0mF7PtO-2LtaEInKrtcRBPC9dKM.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220919/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e816178593024f8ebef4c12cd2617b3ed3bed8bb5a1089caaed71104f0bd74a3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 19:18:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 75417
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15952
x-xss-protection: 0
last-modified: Tue, 13 Sep 2022 10:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 21 Sep 2023 19:18:14 GMT

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.23/one-ad/ Frame 9B98 85 KB
11 KB 22ms
20ms Stylesheet
text/css 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/style/0.1.23/one-ad/default.css

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=117569%2C61651%2C14044&b=r2GcQf9f8qB2CAH7Hjtqt8DYtYS8TKxdhd%2CwA3SdfjfD5b6hEHRH2tXtxVEUzSATDzRT5%2CXxVfzfrfqw7U6H4HetqtxD7UQSkTXKPfJ&f=PxefBfbf4YMAU9HjHbtgCYqGUJS9TPM7Fp%2CgVXF8frfkpAGaPHbH8txCzDPhmSQTm7VFe%2Ce7RC3fVfxBVcjHZHet2CeW3swSQTx8Ja1&c=728&d=90&e=&g=69aa324510f6aa54839a9c7fcf68e131%2F95487472883052983&i=29981%2C24905%2C25007&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1663863311157&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1j9pg95j96tzkbn5j53br27ndfx9a77pht56h2zsve15zv55jqvscxt47h9xmvvcw9fnjkzy6mns1te3320vxbxh7412hm1x8xfsprfzqzprzn20pamg60x77r7grstv0s27jnpw5pkgqk7vhtw6r5e0e680989mhc071jc47cyr1c40as4x09mp3014mqxw9asvq2cb9akbbbx3c851waka72666zkw7jfwqgjfjbj8ww12bnk69f5y9en78h4b2q0m0jt81vg9w%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCnjuKDYosY-i1H9Gi3gPUyJ_wDpDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTEyNzY2NDE0MzQ2NTEzNjCgAcKu6N0DyAEJqQIuLRCGYo6wPuACAKgDAaoEkwJP0D6CFnPu0-BEOcw3E6RU9jjxixi3W4aGGMhhWe5UJZowSi1stQAeVmQZKx310VPNYx89TQdOnlGnKUTGwvzB_Wbs2C2pLiFEXVkdxYoX3AVEC2dYLUk8cvlL2_LL_YJrxEk7lYuBXIiFkRMIqjq6rnoGmwiilgfjnyGiQMGWNM9MEHM0YTSJShVJS5uQKdNjcaP_RohowQ-dJruu-WtNDCb3XuivPplAh7AwhcLSelKrGU3H8ON0DRGveKk895pgq34ukE_1GqwfXWL4jZm3wJOJhy28O1ZTqD-mgfEWZQFdsqFnI5M29C5tiL3Iz6UjEVBrevtPsJmmSmG0il4HfbRcjxuQdtNq6GNTvboW_2dihOAEAYAGv8uJxrfT-dFboAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_0qa8hWRsRMYyzO_Dkf2k12ejc1wA%2526client%253Dca-pub-1276641434651360%2526adurl%253D&y=1&s=&z=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

34c3ae81cd958df09f8912557b0a7c53fea002cc24b4d6058d852da53811e414

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/rar?a=117569%2C61651%2C14044&b=r2GcQf9f8qB2CAH7Hjtqt8DYtYS8TKxdhd%2CwA3SdfjfD5b6hEHRH2tXtxVEUzSATDzRT5%2CXxVfzfrfqw7U6H4HetqtxD7UQSkTXKPfJ&f=PxefBfbf4YMAU9HjHbtgCYqGUJS9TPM7Fp%2CgVXF8frfkpAGaPHbH8txCzDPhmSQTm7VFe%2Ce7RC3fVfxBVcjHZHet2CeW3swSQTx8Ja1&c=728&d=90&e=&g=69aa324510f6aa54839a9c7fcf68e131%2F95487472883052983&i=29981%2C24905%2C25007&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1663863311157&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1j9pg95j96tzkbn5j53br27ndfx9a77pht56h2zsve15zv55jqvscxt47h9xmvvcw9fnjkzy6mns1te3320vxbxh7412hm1x8xfsprfzqzprzn20pamg60x77r7grstv0s27jnpw5pkgqk7vhtw6r5e0e680989mhc071jc47cyr1c40as4x09mp3014mqxw9asvq2cb9akbbbx3c851waka72666zkw7jfwqgjfjbj8ww12bnk69f5y9en78h4b2q0m0jt81vg9w%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCnjuKDYosY-i1H9Gi3gPUyJ_wDpDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTEyNzY2NDE0MzQ2NTEzNjCgAcKu6N0DyAEJqQIuLRCGYo6wPuACAKgDAaoEkwJP0D6CFnPu0-BEOcw3E6RU9jjxixi3W4aGGMhhWe5UJZowSi1stQAeVmQZKx310VPNYx89TQdOnlGnKUTGwvzB_Wbs2C2pLiFEXVkdxYoX3AVEC2dYLUk8cvlL2_LL_YJrxEk7lYuBXIiFkRMIqjq6rnoGmwiilgfjnyGiQMGWNM9MEHM0YTSJShVJS5uQKdNjcaP_RohowQ-dJruu-WtNDCb3XuivPplAh7AwhcLSelKrGU3H8ON0DRGveKk895pgq34ukE_1GqwfXWL4jZm3wJOJhy28O1ZTqD-mgfEWZQFdsqFnI5M29C5tiL3Iz6UjEVBrevtPsJmmSmG0il4HfbRcjxuQdtNq6GNTvboW_2dihOAEAYAGv8uJxrfT-dFboAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_0qa8hWRsRMYyzO_Dkf2k12ejc1wA%2526client%253Dca-pub-1276641434651360%2526adurl%253D&y=1&s=&z=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 16:15:11 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
age: 871075
cross-origin-embedder-policy: unsafe-none
cf-polished: origSize=86781
surrogate-control: no-store
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=86400; includeSubDomains; preload
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: same-origin
last-modified: Mon, 12 Sep 2022 14:17:16 GMT
server: cloudflare
cross-origin-opener-policy: unsafe-none
x-download-options: noopen
vary: accept-encoding
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
content-type: text/css; charset=utf-8
expires: 0
cache-control: max-age=3600, must-revalidate, proxy-revalidate
cf-ray: 74ec567fbe969bb0-FRA
cf-bgj: minify

GET
H3 200 A0843E9156C9D7335C02FDBAB8781B4AFFEEE9E59ABD085E1EDF62037D970710A817E95DBBFD727CE4E28B26524C9A8F4A33EB1E826BD3A7B2541F094E39D266
assets.ad4m.at/logo/ Frame 9B98 2 KB
3 KB 29ms
27ms Image
image/webp 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/A0843E9156C9D7335C02FDBAB8781B4AFFEEE9E59ABD085E1EDF62037D970710A817E95DBBFD727CE4E28B26524C9A8F4A33EB1E826BD3A7B2541F094E39D266
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=117569%2C61651%2C14044&b=r2GcQf9f8qB2CAH7Hjtqt8DYtYS8TKxdhd%2CwA3SdfjfD5b6hEHRH2tXtxVEUzSATDzRT5%2CXxVfzfrfqw7U6H4HetqtxD7UQSkTXKPfJ&f=PxefBfbf4YMAU9HjHbtgCYqGUJS9TPM7Fp%2CgVXF8frfkpAGaPHbH8txCzDPhmSQTm7VFe%2Ce7RC3fVfxBVcjHZHet2CeW3swSQTx8Ja1&c=728&d=90&e=&g=69aa324510f6aa54839a9c7fcf68e131%2F95487472883052983&i=29981%2C24905%2C25007&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1663863311157&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1j9pg95j96tzkbn5j53br27ndfx9a77pht56h2zsve15zv55jqvscxt47h9xmvvcw9fnjkzy6mns1te3320vxbxh7412hm1x8xfsprfzqzprzn20pamg60x77r7grstv0s27jnpw5pkgqk7vhtw6r5e0e680989mhc071jc47cyr1c40as4x09mp3014mqxw9asvq2cb9akbbbx3c851waka72666zkw7jfwqgjfjbj8ww12bnk69f5y9en78h4b2q0m0jt81vg9w%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCnjuKDYosY-i1H9Gi3gPUyJ_wDpDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTEyNzY2NDE0MzQ2NTEzNjCgAcKu6N0DyAEJqQIuLRCGYo6wPuACAKgDAaoEkwJP0D6CFnPu0-BEOcw3E6RU9jjxixi3W4aGGMhhWe5UJZowSi1stQAeVmQZKx310VPNYx89TQdOnlGnKUTGwvzB_Wbs2C2pLiFEXVkdxYoX3AVEC2dYLUk8cvlL2_LL_YJrxEk7lYuBXIiFkRMIqjq6rnoGmwiilgfjnyGiQMGWNM9MEHM0YTSJShVJS5uQKdNjcaP_RohowQ-dJruu-WtNDCb3XuivPplAh7AwhcLSelKrGU3H8ON0DRGveKk895pgq34ukE_1GqwfXWL4jZm3wJOJhy28O1ZTqD-mgfEWZQFdsqFnI5M29C5tiL3Iz6UjEVBrevtPsJmmSmG0il4HfbRcjxuQdtNq6GNTvboW_2dihOAEAYAGv8uJxrfT-dFboAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_0qa8hWRsRMYyzO_Dkf2k12ejc1wA%2526client%253Dca-pub-1276641434651360%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: af7a66542220ecfb2b8fa0286b60ffa95c1c8047df094654a90e1ff75f848ef5

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 16:15:11 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2576595
cf-polished: origFmt=png, origSize=9357
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2330
last-modified: Thu, 08 Apr 2021 14:26:03 GMT
server: cloudflare
etag: "8cc161b392f5744da5319a4da549b763"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C7LqMGh2DwS5BBIFQYRvz2D3whZfoxbFSMDWSvxToxBm2vLY7bOrraoS4gAvy9kpUEvEH2XSB4%2BUIyPylsqdlm0OAdxc%2Fbf0oXm5p5nbzv9v%2B2EiGZ4Jcy3PXQ58Rg58YGQxCyQwpfYKxe3B"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
expires: Fri, 23 Sep 2022 16:15:11 GMT
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 74ec567fbe999bb0-FRA
cf-bgj: imgq:85,h2pri

GET
H3 200 B0EFBB0208E9EF8D30A7C89B72C086F1DD36F5D7A5F0A9551729DDFC67E85BCDECDB196EB4EAB3FEC6BC55A4A1442682559F8312D8959CED1C6B0F52B22CF45C
assets.ad4m.at/product_image/ Frame 9B98 339 KB
340 KB 65ms
59ms Image
image/webp 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/B0EFBB0208E9EF8D30A7C89B72C086F1DD36F5D7A5F0A9551729DDFC67E85BCDECDB196EB4EAB3FEC6BC55A4A1442682559F8312D8959CED1C6B0F52B22CF45C
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=117569%2C61651%2C14044&b=r2GcQf9f8qB2CAH7Hjtqt8DYtYS8TKxdhd%2CwA3SdfjfD5b6hEHRH2tXtxVEUzSATDzRT5%2CXxVfzfrfqw7U6H4HetqtxD7UQSkTXKPfJ&f=PxefBfbf4YMAU9HjHbtgCYqGUJS9TPM7Fp%2CgVXF8frfkpAGaPHbH8txCzDPhmSQTm7VFe%2Ce7RC3fVfxBVcjHZHet2CeW3swSQTx8Ja1&c=728&d=90&e=&g=69aa324510f6aa54839a9c7fcf68e131%2F95487472883052983&i=29981%2C24905%2C25007&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1663863311157&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1j9pg95j96tzkbn5j53br27ndfx9a77pht56h2zsve15zv55jqvscxt47h9xmvvcw9fnjkzy6mns1te3320vxbxh7412hm1x8xfsprfzqzprzn20pamg60x77r7grstv0s27jnpw5pkgqk7vhtw6r5e0e680989mhc071jc47cyr1c40as4x09mp3014mqxw9asvq2cb9akbbbx3c851waka72666zkw7jfwqgjfjbj8ww12bnk69f5y9en78h4b2q0m0jt81vg9w%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCnjuKDYosY-i1H9Gi3gPUyJ_wDpDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTEyNzY2NDE0MzQ2NTEzNjCgAcKu6N0DyAEJqQIuLRCGYo6wPuACAKgDAaoEkwJP0D6CFnPu0-BEOcw3E6RU9jjxixi3W4aGGMhhWe5UJZowSi1stQAeVmQZKx310VPNYx89TQdOnlGnKUTGwvzB_Wbs2C2pLiFEXVkdxYoX3AVEC2dYLUk8cvlL2_LL_YJrxEk7lYuBXIiFkRMIqjq6rnoGmwiilgfjnyGiQMGWNM9MEHM0YTSJShVJS5uQKdNjcaP_RohowQ-dJruu-WtNDCb3XuivPplAh7AwhcLSelKrGU3H8ON0DRGveKk895pgq34ukE_1GqwfXWL4jZm3wJOJhy28O1ZTqD-mgfEWZQFdsqFnI5M29C5tiL3Iz6UjEVBrevtPsJmmSmG0il4HfbRcjxuQdtNq6GNTvboW_2dihOAEAYAGv8uJxrfT-dFboAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_0qa8hWRsRMYyzO_Dkf2k12ejc1wA%2526client%253Dca-pub-1276641434651360%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 42e8de9192dee3b3ee8a7529c5883dac20b868000168362d9f287125c95e18a8

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 16:15:11 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2571214
cf-polished: origFmt=png, origSize=563367
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 347098
last-modified: Fri, 09 Apr 2021 07:22:09 GMT
server: cloudflare
etag: "ff5ac113643d20bec15acfffe32cb75e"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MbP82pk%2BlXAg%2BhPdlzUPuPoj9ofkFaDOA9dnvlKs7LbSLHKXqcDVaNAnx7SuepDFjimwlnB1YPhm7YW%2BS7C767HyOrF4M8aOoXP22EHhwp%2B5oefZTFjnBM8do5Lrnor6eG9V41StCWdWC3ty"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
expires: Fri, 23 Sep 2022 16:15:11 GMT
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 74ec567fff0b9bb0-FRA
cf-bgj: imgq:85,h2pri

GET
H/1.1 200
OK cshow.php
www.awin1.com/ Frame 9B98 43 B
704 B 272ms
80ms Image
image/gif 92.123.17.141
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.awin1.com/cshow.php?s=2767075&v=20044&q=402224&r=412871&pv=1&pref3=oneidr2GcQf9f8qB2CAH7Hjtqt8DYtYS8TKxdhdoneid__dc_reach_suite02wkz&gdpr_consent=&gdpr=0&gdpr_pd=0

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

92.123.17.141 Vienna, Austria, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a92-123-17-141.deploy.static.akamaitechnologies.com

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 22 Sep 2022 16:15:11 GMT
Strict-Transport-Security: max-age=86400
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set: default
Node: Helix
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: 0

GET
H3 200 28955936A185107CE60DF2585A63B3B86CCC4B7A6593F99CF47D770EC5D0A33C82C6A9B67E144703653DB452E4551C62791722409DB6346D6D48A000139D8F04
assets.ad4m.at/logo/ Frame 9B98 9 KB
10 KB 50ms
43ms Image
image/webp 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/28955936A185107CE60DF2585A63B3B86CCC4B7A6593F99CF47D770EC5D0A33C82C6A9B67E144703653DB452E4551C62791722409DB6346D6D48A000139D8F04
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=117569%2C61651%2C14044&b=r2GcQf9f8qB2CAH7Hjtqt8DYtYS8TKxdhd%2CwA3SdfjfD5b6hEHRH2tXtxVEUzSATDzRT5%2CXxVfzfrfqw7U6H4HetqtxD7UQSkTXKPfJ&f=PxefBfbf4YMAU9HjHbtgCYqGUJS9TPM7Fp%2CgVXF8frfkpAGaPHbH8txCzDPhmSQTm7VFe%2Ce7RC3fVfxBVcjHZHet2CeW3swSQTx8Ja1&c=728&d=90&e=&g=69aa324510f6aa54839a9c7fcf68e131%2F95487472883052983&i=29981%2C24905%2C25007&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1663863311157&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1j9pg95j96tzkbn5j53br27ndfx9a77pht56h2zsve15zv55jqvscxt47h9xmvvcw9fnjkzy6mns1te3320vxbxh7412hm1x8xfsprfzqzprzn20pamg60x77r7grstv0s27jnpw5pkgqk7vhtw6r5e0e680989mhc071jc47cyr1c40as4x09mp3014mqxw9asvq2cb9akbbbx3c851waka72666zkw7jfwqgjfjbj8ww12bnk69f5y9en78h4b2q0m0jt81vg9w%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCnjuKDYosY-i1H9Gi3gPUyJ_wDpDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTEyNzY2NDE0MzQ2NTEzNjCgAcKu6N0DyAEJqQIuLRCGYo6wPuACAKgDAaoEkwJP0D6CFnPu0-BEOcw3E6RU9jjxixi3W4aGGMhhWe5UJZowSi1stQAeVmQZKx310VPNYx89TQdOnlGnKUTGwvzB_Wbs2C2pLiFEXVkdxYoX3AVEC2dYLUk8cvlL2_LL_YJrxEk7lYuBXIiFkRMIqjq6rnoGmwiilgfjnyGiQMGWNM9MEHM0YTSJShVJS5uQKdNjcaP_RohowQ-dJruu-WtNDCb3XuivPplAh7AwhcLSelKrGU3H8ON0DRGveKk895pgq34ukE_1GqwfXWL4jZm3wJOJhy28O1ZTqD-mgfEWZQFdsqFnI5M29C5tiL3Iz6UjEVBrevtPsJmmSmG0il4HfbRcjxuQdtNq6GNTvboW_2dihOAEAYAGv8uJxrfT-dFboAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_0qa8hWRsRMYyzO_Dkf2k12ejc1wA%2526client%253Dca-pub-1276641434651360%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5c4855666e3ecdd01da9664d8da573fab1c6eac6fdc34492d8a111754e39b902

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 16:15:11 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2578454
cf-polished: qual=85, origFmt=jpeg, origSize=27926
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 9624
last-modified: Fri, 04 Dec 2020 11:16:28 GMT
server: cloudflare
etag: "47002e1929641ef35481b6bce27c6dda"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8qFq%2FPhJkRpv7xz8gL3hoEWUbTrb1BidQ%2BKhqP9sEKijmtS71cDQQl5ghToMRvx%2Bz6n1QMO75P9uJRnftVfi6cLphfAMBmelf%2B6MGJ6%2BrWcdNGL2mB2yp%2BI5VmhhQSnMdn%2F0tWFlOk2KRP0G"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
expires: Fri, 23 Sep 2022 16:15:11 GMT
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 74ec567fff0f9bb0-FRA
cf-bgj: imgq:85,h2pri

GET
H3 200 FECCE304185C1438795F6CFAE6B9B1E43CAE4BEF881C07F340D064682278609596ABCD52DD6AC9BB2F361B9C4B020BB847724EC6671823EA7A116895AD4BEA2E
assets.ad4m.at/product_image/ Frame 9B98 283 KB
284 KB 44ms
37ms Image
image/webp 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/FECCE304185C1438795F6CFAE6B9B1E43CAE4BEF881C07F340D064682278609596ABCD52DD6AC9BB2F361B9C4B020BB847724EC6671823EA7A116895AD4BEA2E
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=117569%2C61651%2C14044&b=r2GcQf9f8qB2CAH7Hjtqt8DYtYS8TKxdhd%2CwA3SdfjfD5b6hEHRH2tXtxVEUzSATDzRT5%2CXxVfzfrfqw7U6H4HetqtxD7UQSkTXKPfJ&f=PxefBfbf4YMAU9HjHbtgCYqGUJS9TPM7Fp%2CgVXF8frfkpAGaPHbH8txCzDPhmSQTm7VFe%2Ce7RC3fVfxBVcjHZHet2CeW3swSQTx8Ja1&c=728&d=90&e=&g=69aa324510f6aa54839a9c7fcf68e131%2F95487472883052983&i=29981%2C24905%2C25007&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1663863311157&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1j9pg95j96tzkbn5j53br27ndfx9a77pht56h2zsve15zv55jqvscxt47h9xmvvcw9fnjkzy6mns1te3320vxbxh7412hm1x8xfsprfzqzprzn20pamg60x77r7grstv0s27jnpw5pkgqk7vhtw6r5e0e680989mhc071jc47cyr1c40as4x09mp3014mqxw9asvq2cb9akbbbx3c851waka72666zkw7jfwqgjfjbj8ww12bnk69f5y9en78h4b2q0m0jt81vg9w%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCnjuKDYosY-i1H9Gi3gPUyJ_wDpDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTEyNzY2NDE0MzQ2NTEzNjCgAcKu6N0DyAEJqQIuLRCGYo6wPuACAKgDAaoEkwJP0D6CFnPu0-BEOcw3E6RU9jjxixi3W4aGGMhhWe5UJZowSi1stQAeVmQZKx310VPNYx89TQdOnlGnKUTGwvzB_Wbs2C2pLiFEXVkdxYoX3AVEC2dYLUk8cvlL2_LL_YJrxEk7lYuBXIiFkRMIqjq6rnoGmwiilgfjnyGiQMGWNM9MEHM0YTSJShVJS5uQKdNjcaP_RohowQ-dJruu-WtNDCb3XuivPplAh7AwhcLSelKrGU3H8ON0DRGveKk895pgq34ukE_1GqwfXWL4jZm3wJOJhy28O1ZTqD-mgfEWZQFdsqFnI5M29C5tiL3Iz6UjEVBrevtPsJmmSmG0il4HfbRcjxuQdtNq6GNTvboW_2dihOAEAYAGv8uJxrfT-dFboAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_0qa8hWRsRMYyzO_Dkf2k12ejc1wA%2526client%253Dca-pub-1276641434651360%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8b06ee7322964225af9c5f879971180be48ef42bac3933c73bfe6c1ea4c0f699

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 16:15:11 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2573190
cf-polished: origFmt=png, origSize=446787
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 289896
last-modified: Fri, 04 Dec 2020 12:36:47 GMT
server: cloudflare
etag: "f23fb93575be392d52c9c297c7323368"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3gYSKiQOuelmEHIiVwjkmBNnSKAbcVIeB5A0IOhTRtFy9i7IbfNfpQTCXwoqFQBAouTsAXaCcBFPDkdX%2BY%2BEXtBa9z7JDj0vOCNM2ZFfirZL%2FakEofGzq3I6Jwe19T9rY7HIezud9OwobvmV"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
expires: Fri, 23 Sep 2022 16:15:11 GMT
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 74ec567fff119bb0-FRA
cf-bgj: imgq:85,h2pri

GET
H3 200 B4CB880477BA810028D7D7613EE7E9E1448DC35AF48781E4B95EC6ECB7049A9AA27B107B317198EC504A03E948F7EC5A02BC2426A27879C893669BA93941B528
assets.ad4m.at/logo/ Frame 9B98 18 KB
19 KB 33ms
27ms Image
image/webp 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/B4CB880477BA810028D7D7613EE7E9E1448DC35AF48781E4B95EC6ECB7049A9AA27B107B317198EC504A03E948F7EC5A02BC2426A27879C893669BA93941B528
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=117569%2C61651%2C14044&b=r2GcQf9f8qB2CAH7Hjtqt8DYtYS8TKxdhd%2CwA3SdfjfD5b6hEHRH2tXtxVEUzSATDzRT5%2CXxVfzfrfqw7U6H4HetqtxD7UQSkTXKPfJ&f=PxefBfbf4YMAU9HjHbtgCYqGUJS9TPM7Fp%2CgVXF8frfkpAGaPHbH8txCzDPhmSQTm7VFe%2Ce7RC3fVfxBVcjHZHet2CeW3swSQTx8Ja1&c=728&d=90&e=&g=69aa324510f6aa54839a9c7fcf68e131%2F95487472883052983&i=29981%2C24905%2C25007&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1663863311157&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1j9pg95j96tzkbn5j53br27ndfx9a77pht56h2zsve15zv55jqvscxt47h9xmvvcw9fnjkzy6mns1te3320vxbxh7412hm1x8xfsprfzqzprzn20pamg60x77r7grstv0s27jnpw5pkgqk7vhtw6r5e0e680989mhc071jc47cyr1c40as4x09mp3014mqxw9asvq2cb9akbbbx3c851waka72666zkw7jfwqgjfjbj8ww12bnk69f5y9en78h4b2q0m0jt81vg9w%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCnjuKDYosY-i1H9Gi3gPUyJ_wDpDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTEyNzY2NDE0MzQ2NTEzNjCgAcKu6N0DyAEJqQIuLRCGYo6wPuACAKgDAaoEkwJP0D6CFnPu0-BEOcw3E6RU9jjxixi3W4aGGMhhWe5UJZowSi1stQAeVmQZKx310VPNYx89TQdOnlGnKUTGwvzB_Wbs2C2pLiFEXVkdxYoX3AVEC2dYLUk8cvlL2_LL_YJrxEk7lYuBXIiFkRMIqjq6rnoGmwiilgfjnyGiQMGWNM9MEHM0YTSJShVJS5uQKdNjcaP_RohowQ-dJruu-WtNDCb3XuivPplAh7AwhcLSelKrGU3H8ON0DRGveKk895pgq34ukE_1GqwfXWL4jZm3wJOJhy28O1ZTqD-mgfEWZQFdsqFnI5M29C5tiL3Iz6UjEVBrevtPsJmmSmG0il4HfbRcjxuQdtNq6GNTvboW_2dihOAEAYAGv8uJxrfT-dFboAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_0qa8hWRsRMYyzO_Dkf2k12ejc1wA%2526client%253Dca-pub-1276641434651360%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 54d35e66675f9cc2ab471d0c389573b5ab0902937b397914a177712b27678a46

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 16:15:11 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1204539
cf-polished: origFmt=png, origSize=35453
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 18872
last-modified: Mon, 18 May 2020 12:30:29 GMT
server: cloudflare
etag: "e18c9634cdd319e69c2765475f29cd13"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w3HMdmmiRGv4lkvi9XhK9n02k%2Fc3ba1IZ8GrHGp2vPWdmGCL%2F%2F4VfqIQsduYbdHclD8qPh2wqScIat9PFzM5ZMXlHIqm1tk3fplLaIEGk%2BRPTCltFu0aUvWz5uIxRTs79POH%2FI4E7uKUYOv5"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
expires: Fri, 23 Sep 2022 16:15:11 GMT
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 74ec567fff129bb0-FRA
cf-bgj: imgq:85,h2pri

GET
H3 200 285DE9FE17F697DA1B3C600D8F320A9D948FC7BBE696D077F9175DFE5ECD143923061A8E9DA395B492694AC69B9D920D397618A0BB22BBF5834FED5EDAA72A95
assets.ad4m.at/product_image/ Frame 9B98 9 KB
10 KB 39ms
33ms Image
image/webp 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/285DE9FE17F697DA1B3C600D8F320A9D948FC7BBE696D077F9175DFE5ECD143923061A8E9DA395B492694AC69B9D920D397618A0BB22BBF5834FED5EDAA72A95
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=117569%2C61651%2C14044&b=r2GcQf9f8qB2CAH7Hjtqt8DYtYS8TKxdhd%2CwA3SdfjfD5b6hEHRH2tXtxVEUzSATDzRT5%2CXxVfzfrfqw7U6H4HetqtxD7UQSkTXKPfJ&f=PxefBfbf4YMAU9HjHbtgCYqGUJS9TPM7Fp%2CgVXF8frfkpAGaPHbH8txCzDPhmSQTm7VFe%2Ce7RC3fVfxBVcjHZHet2CeW3swSQTx8Ja1&c=728&d=90&e=&g=69aa324510f6aa54839a9c7fcf68e131%2F95487472883052983&i=29981%2C24905%2C25007&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1663863311157&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1j9pg95j96tzkbn5j53br27ndfx9a77pht56h2zsve15zv55jqvscxt47h9xmvvcw9fnjkzy6mns1te3320vxbxh7412hm1x8xfsprfzqzprzn20pamg60x77r7grstv0s27jnpw5pkgqk7vhtw6r5e0e680989mhc071jc47cyr1c40as4x09mp3014mqxw9asvq2cb9akbbbx3c851waka72666zkw7jfwqgjfjbj8ww12bnk69f5y9en78h4b2q0m0jt81vg9w%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCnjuKDYosY-i1H9Gi3gPUyJ_wDpDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTEyNzY2NDE0MzQ2NTEzNjCgAcKu6N0DyAEJqQIuLRCGYo6wPuACAKgDAaoEkwJP0D6CFnPu0-BEOcw3E6RU9jjxixi3W4aGGMhhWe5UJZowSi1stQAeVmQZKx310VPNYx89TQdOnlGnKUTGwvzB_Wbs2C2pLiFEXVkdxYoX3AVEC2dYLUk8cvlL2_LL_YJrxEk7lYuBXIiFkRMIqjq6rnoGmwiilgfjnyGiQMGWNM9MEHM0YTSJShVJS5uQKdNjcaP_RohowQ-dJruu-WtNDCb3XuivPplAh7AwhcLSelKrGU3H8ON0DRGveKk895pgq34ukE_1GqwfXWL4jZm3wJOJhy28O1ZTqD-mgfEWZQFdsqFnI5M29C5tiL3Iz6UjEVBrevtPsJmmSmG0il4HfbRcjxuQdtNq6GNTvboW_2dihOAEAYAGv8uJxrfT-dFboAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_0qa8hWRsRMYyzO_Dkf2k12ejc1wA%2526client%253Dca-pub-1276641434651360%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 48f67a152acf6ef2df67acd63779bee22382effa8a37b241811e04b683e312b1

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 16:15:11 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1804798
cf-polished: qual=85, origFmt=jpeg, origSize=83479
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 9260
last-modified: Mon, 29 Nov 2021 15:03:15 GMT
server: cloudflare
etag: "70d78c6b26d24e038cbf23832e1bb538"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NH%2Fp%2F6LM%2BgKgAZS3oMDb2o831SjgeKLEbdr6zW73%2BAHoqEC0x5ofFLQnHt3luOqvnsUrb8CP%2FAYT6hyWqwBVex4lIF%2BvSARJwy4DzefYgZADgCY1d1t209tITTXub1tiWKNQvTG%2FYKLF5ft2"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
expires: Fri, 23 Sep 2022 16:15:11 GMT
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 74ec567fff139bb0-FRA
cf-bgj: imgq:85,h2pri

GET
H/1.1 200
OK cshow.php
www.awin1.com/ Frame 9B98 43 B
704 B 286ms
95ms Image
image/gif 92.123.17.141
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.awin1.com/cshow.php?s=2519498&v=14098&q=368694&r=412871&pv=1&pref3=oneidXxVfzfrfqw7U6H4HetqtxD7UQSkTXKPfJoneid__dc_reach_suite02wkz&gdpr_consent=&gdpr=0&gdpr_pd=0

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

92.123.17.141 Vienna, Austria, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a92-123-17-141.deploy.static.akamaitechnologies.com

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 22 Sep 2022 16:15:11 GMT
Strict-Transport-Security: max-age=86400
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set: default
Node: Helix
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: 0

GET
H2 200 link.html Show response
track.webgains.com/ Frame 3FEB 2 KB
2 KB 161ms
72ms Script
text/html 3.11.195.34
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://track.webgains.com/link.html?wglinkid=713569&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1kef7fsbfc3vmrerfqq3kjaefej2pdj3syxmpypx39qfebtrqewyzz5trsaqwks0khzp5az3wset6ahptzketde6f9eppr24je9949jtec1dpz8ajyz7k352zjqek9vmw1v7bvm9xqczpqmfp5extfq0r3fav9rp5sfcpdf4d9zms62ycpa76fsfetvt4z6w20hpk9sqr8xwpmqeahbb62k0h9v6xg7shae7aqmq5a8kjz2d3jy8n71ewdvp59262g9g%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1kz9qtkvq5t5z66amjqjj4ecm8dfesrdz6fjnckqqnkepcv3gm32w48507fzgreaq1ve2d02y9c4f8p78rxs0wd423vp84ptp043cpwe74hdb0kx5jss1mk8bsqr5edrnk0saht594q5ax68wer6frm2c2e6pv507s6s5ynpv3fnz8g2v8se1966nhh3cb31sy38fwr856te6kzwnzcn1e7ztfgdhxzp6x81s9qqqrscp0sv52ghxvbrqp42mh6wtsmyd1nw3fgkm%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCo8u0DYosY-GGKKeQ78EPp6KvmAuQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0xMjc2NjQxNDM0NjUxMzYwoAHCrujdA8gBCakCLi0QhmKOsD6oAwGqBOoBT9ARCigLB4Ud3VwMcxQqWZKT9eM4d3gP9FOWz16aOKhPNB0_OhZFkAUkzhHvuUq3at-aOa-le-Ldq3kjK1nzVbj1iNJKHLwtiHltELYT10UcrmlDykeNAXtg5GAO8thcoYYrZJGKvuhooYf__0zkGWxFvpnux3GBoLje9ECqcECZXq9DhKOKJ8PsWBlWOjClD9PWrBU5SGUB2hT5cT8x0fzWeWglAO3ws6qOgTWvptBXW-qho7jIKRjaYurCzPb3ZS7tp1JmxAD2frSUpLG2MOLZTvYHygm12GBB2cCLJ2W-TnhmS3ZJqzeVgAbxur7BzIOftfwBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_3p4uolVJNVC0aDHq4ngYT2MOQ4sg%252526client%25253Dca-pub-1276641434651360%252526adurl%25253D&clickref=oneidr2GcQf9fd3jTAH7HjtJCBwxuYS8TKxdhdoneid__dc_reach_suite02wkz&viewref=oneid4rehEf5fRAzhGH9HdtAtmJAsbSpTr6XuKoneid__dc_reach_suite02wkz
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=186460%2C24673%2C14019&b=q4VSmfWfJWr1TZHgHDtJtZG5UeSgTA2ja3%2C4rehEf5fRAzhGH9HdtAtmJAsbSpTr6XuK%2CRx6fgfQfZx7TkHwH3tQtdWgf9SzTmqbF7&f=Rx6fgfQfG6wACkHwH3tzCPzJu9SzTmqbF7%2Cr2GcQf9fd3jTAH7HjtJCBwxuYS8TKxdhd%2CQxef4fjfbV7txH5HYt9CZekh6S4T5qBcV&c=300&d=250&e=&g=3154fa04860da739017c7ddf52715584%2F14494824074150942501&i=25174%2C20430%2C21596&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1663863310983&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kz9qtkvq5t5z66amjqjj4ecm8dfesrdz6fjnckqqnkepcv3gm32w48507fzgreaq1ve2d02y9c4f8p78rxs0wd423vp84ptp043cpwe74hdb0kx5jss1mk8bsqr5edrnk0saht594q5ax68wer6frm2c2e6pv507s6s5ynpv3fnz8g2v8se1966nhh3cb31sy38fwr856te6kzwnzcn1e7ztfgdhxzp6x81s9qqqrscp0sv52ghxvbrqp42mh6wtsmyd1nw3fgkm%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCo8u0DYosY-GGKKeQ78EPp6KvmAuQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0xMjc2NjQxNDM0NjUxMzYwoAHCrujdA8gBCakCLi0QhmKOsD6oAwGqBOoBT9ARCigLB4Ud3VwMcxQqWZKT9eM4d3gP9FOWz16aOKhPNB0_OhZFkAUkzhHvuUq3at-aOa-le-Ldq3kjK1nzVbj1iNJKHLwtiHltELYT10UcrmlDykeNAXtg5GAO8thcoYYrZJGKvuhooYf__0zkGWxFvpnux3GBoLje9ECqcECZXq9DhKOKJ8PsWBlWOjClD9PWrBU5SGUB2hT5cT8x0fzWeWglAO3ws6qOgTWvptBXW-qho7jIKRjaYurCzPb3ZS7tp1JmxAD2frSUpLG2MOLZTvYHygm12GBB2cCLJ2W-TnhmS3ZJqzeVgAbxur7BzIOftfwBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3p4uolVJNVC0aDHq4ngYT2MOQ4sg%2526client%253Dca-pub-1276641434651360%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.11.195.34 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-11-195-34.eu-west-2.compute.amazonaws.com
Software: nginx / PHP/7.4.26
Resource Hash: ba5692e47aa9696b1e6c3b470e2a3f87a963028091d60eca9b5a2bfd652f5371

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 16:15:11 GMT
last-modified: Thu, 22 Sep 2022 16:15:11 GMT
server: nginx
x-powered-by: PHP/7.4.26
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=60
access-control-allow-headers: Authorization
expires: Thu, 22 Sep 2022 16:16:11 GMT

GET
H2 200 link.html Show response
track.webgains.com/ Frame 4DAD 2 KB
2 KB 156ms
68ms Script
text/html 3.11.195.34
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://track.webgains.com/link.html?wglinkid=713569&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1gqs3tzjpr0htngy8mckq8jm3vxndhn65cc2rjwdqm1mwqyq6bgjtc73kf01xs39n3ajedt6hx65xc4yyyf84d8nm2c5ptjg4ehkkk8k44nycpzaprf6v63qanf3tghg46ecmzm8cezrt0e3v1d45385kxsj0y7agnhk044r1vyd34rnyhr2exna4dszedzsbg8pcw39napt31ktcx1yt1dkhhqfdvcmc6x9p7b74nqgn0b0qv1eh5kszrb4scs534%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1gq8c2cmhqqbpxm1qjekdb316k1rp6e547x9gke81njgn4tsvybjshefdgasq35ajnermq8bfxjdk9d0h9x1cag2tcf5f7r9fb57b3m87sex2fsrbpx5yw4sm9zb40tggzb3twv9nfpeakagvgz6k9j9f8kbasakg4sf53da2kzxr3bc5vqa0nc3xq4847s3kw9wqsc3hephcvcw1g6etbt632tn3gk2axfn18skxswr5e59pk4xfstp1g091xc2tsdgx9rgsymzj%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCLk-BDYosY_b-H4zu3gOFj7yYCJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTEyNzY2NDE0MzQ2NTEzNjCgAcKu6N0DyAEJqQJytCsqX4mwPuACAKgDAaoEkwJP0NzPBm30HQzy1Ho9kFRPUhjh2lIQDxjcauTEsDDAmkvTJxe0wHz_B-JJxcP0MNQGyWXEHKWnRSwW3QlK8OyS0y3FMEy4g7kbveaCf4Hrz71go-2ZMPYTqZbRkZLe7kEO51fOnw7pY3105GWkHuwbXuMgeTnLHOcocUwcSI2etyUKgMdSmoqbX2rqXAkk3pMqqn0GSGQcACEteaK1EigxTGs_ramlV2JtZZIsM9Cty5Z3yG4R1D0K_JtJ9Z2ZPlT9Auwj-Zac5X7vF_A5Q0V3oupuRQdUy24owghuvcY_LUtj9-_HkkXzfQ-NZEXqc2I4g90SrMUaVFKXSyQQtT0qS7F90gTYkf9cc1eOc0VjONX66OAEAYAGv8uJxrfT-dFboAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_2jJRgiVXjgZri6ziBY-Q12dASoWw%252526client%25253Dca-pub-1276641434651360%252526adurl%25253D&clickref=oneidr2GcQf9fd3jTAH7HjtJCBwxuYS8TKxdhdoneid__dc_reach_suite02wkz&viewref=oneid4rehEf5fRAzhGH9HdtAtmJAsbSpTr6XuKoneid__dc_reach_suite02wkz
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=22451%2C24673%2C14019&b=PxefBfbfM5Qa9HjHbtMtR5KaJS9TPM7Fp%2C4rehEf5fRAzhGH9HdtAtmJAsbSpTr6XuK%2CRx6fgfQfZx7TkHwH3tQtdWgf9SzTmqbF7&f=bM4CQfZfmzVaYHbHzt8Cpb1tbSJT5WecJ%2Cr2GcQf9fd3jTAH7HjtJCBwxuYS8TKxdhd%2CQxef4fjfbV7txH5HYt9CZekh6S4T5qBcV&c=728&d=90&e=&g=f53bc385ba76b587a9b1ea518d216ed6%2F2103268502690185678&i=25174%2C20430%2C21596&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1663863311004&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gq8c2cmhqqbpxm1qjekdb316k1rp6e547x9gke81njgn4tsvybjshefdgasq35ajnermq8bfxjdk9d0h9x1cag2tcf5f7r9fb57b3m87sex2fsrbpx5yw4sm9zb40tggzb3twv9nfpeakagvgz6k9j9f8kbasakg4sf53da2kzxr3bc5vqa0nc3xq4847s3kw9wqsc3hephcvcw1g6etbt632tn3gk2axfn18skxswr5e59pk4xfstp1g091xc2tsdgx9rgsymzj%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCLk-BDYosY_b-H4zu3gOFj7yYCJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTEyNzY2NDE0MzQ2NTEzNjCgAcKu6N0DyAEJqQJytCsqX4mwPuACAKgDAaoEkwJP0NzPBm30HQzy1Ho9kFRPUhjh2lIQDxjcauTEsDDAmkvTJxe0wHz_B-JJxcP0MNQGyWXEHKWnRSwW3QlK8OyS0y3FMEy4g7kbveaCf4Hrz71go-2ZMPYTqZbRkZLe7kEO51fOnw7pY3105GWkHuwbXuMgeTnLHOcocUwcSI2etyUKgMdSmoqbX2rqXAkk3pMqqn0GSGQcACEteaK1EigxTGs_ramlV2JtZZIsM9Cty5Z3yG4R1D0K_JtJ9Z2ZPlT9Auwj-Zac5X7vF_A5Q0V3oupuRQdUy24owghuvcY_LUtj9-_HkkXzfQ-NZEXqc2I4g90SrMUaVFKXSyQQtT0qS7F90gTYkf9cc1eOc0VjONX66OAEAYAGv8uJxrfT-dFboAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_2jJRgiVXjgZri6ziBY-Q12dASoWw%2526client%253Dca-pub-1276641434651360%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.11.195.34 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-11-195-34.eu-west-2.compute.amazonaws.com
Software: nginx / PHP/7.4.26
Resource Hash: f4f7728e999f7f8fcf32d4974fe1c1f53c906f7af3d1467f8e8492fe20b0f58e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 16:15:11 GMT
last-modified: Thu, 22 Sep 2022 16:15:11 GMT
server: nginx
x-powered-by: PHP/7.4.26
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=60
access-control-allow-headers: Authorization
expires: Thu, 22 Sep 2022 16:16:11 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 31A5
Redirect Chain

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEBu5XcCh06pTKP2dFo0luXc&google_cver=1&google_push=AZmPxg-fvfTNkiPACa3HPhkzvMmOs_5pjn_SxAn3G5_zuIW9746_se3e0s...
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AZmPxg-fvfTNkiPACa3HPhkzvMmOs_5pjn_SxAn3G5_zuIW9746_se3e0s2v1EZiZ9cohtHqJx3S9gCHkfKRohzvWso0d3hLlSiF&google_hm=he2TnCE9fC4_...

170 B
188 B

67ms
64ms

Image
image/png

216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AZmPxg-fvfTNkiPACa3HPhkzvMmOs_5pjn_SxAn3G5_zuIW9746_se3e0s2v1EZiZ9cohtHqJx3S9gCHkfKRohzvWso0d3hLlSiF&google_hm=he2TnCE9fC4_Hy5y3Tqvmw

Requested by

Host: www.secretchina.com
URL: https://www.secretchina.com/

Protocol

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 22 Sep 2022 16:15:11 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AZmPxg-fvfTNkiPACa3HPhkzvMmOs_5pjn_SxAn3G5_zuIW9746_se3e0s2v1EZiZ9cohtHqJx3S9gCHkfKRohzvWso0d3hLlSiF&google_hm=he2TnCE9fC4_Hy5y3Tqvmw
pragma: no-cache
date: Thu, 22 Sep 2022 16:15:11 GMT
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
strict-transport-security: max-age=86400
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3 451 466606.gif
id.rlcdn.com/ Frame 31A5 0
9 B 60ms
48ms Image
text/plain 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://id.rlcdn.com/466606.gif?cparams=google_push%3DAZmPxg_OdScYuLiiBgyG_DKL1lv1-iJBOqI5_ykCLE02wG6xOWAaeTmYee_GlvRGSFF87BjW4d6sTyHZJl-svrBzX654-6RgHu6T&google_gid=CAESEJOFoQdkJWnA9HaLRP0hqP8&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220919/r20110914/zrt_lookup.html?fsb=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 16:15:11 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 sync
odr.mookie1.com/t/v2/ Frame 31A5 43 B
61 B 26ms
24ms Image
image/gif 34.98.67.61
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://odr.mookie1.com/t/v2/sync?tagid=V2_4531&src.visitorid=CAESEFkPmxhPWFV_ZkbrJHXjSvE&google_push=AZmPxg9Sj1C3jQakW2ltRxoowKDcx2fjjRyxewmDU4TUCORYCufOjqlDHqTOCOpRsW4DTTJMS7QZWJka9hpF_Y7bh_8e7DX1nWxz&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220919/r20110914/zrt_lookup.html?fsb=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.98.67.61 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 61.67.98.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 22 Sep 2022 16:15:11 GMT
via: 1.1 google
server: Apache
p3p: CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif;charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-application-context: application
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 UCookieSetPug
image6.pubmatic.com/AdServer/ Frame 31A5 0
41 B 16ms
15ms Image
text/html 185.64.190.78
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEIYGvJjQm2aZakGI5FOfe6w&google_cver=1&google_push=AZmPxg_moRnHq3QxhHRCHpmgAYSXMTygoD8bbiy4HxvY9DFCylGbU-FbYpdsCWIBsC2-Q4kDbirQnC2n7isVTa15olZaadAF2Tik
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220919/r20110914/zrt_lookup.html?fsb=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 16:15:11 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 31A5
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEPWv-McE6LJGWi76lH2wJlU&google_cver=1&google_push=AZmPxg_w6ZeYz9kPv8YLjOvT8thAl1TlmC_QnqQWDi8Vqdt4PJgZr40KXA-oFzNki-laFbtMyes...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDhEOTk3TVItTS1MMlNS&google_push=AZmPxg_w6ZeYz9kPv8YLjOvT8thAl1TlmC_QnqQWDi8Vqdt4PJgZr40KXA-oFzNki-laFbtMyes_JbSiB-PxMb2H6hrwBBtUn7Do

170 B
188 B

66ms
63ms

Image
image/png

216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDhEOTk3TVItTS1MMlNS&google_push=AZmPxg_w6ZeYz9kPv8YLjOvT8thAl1TlmC_QnqQWDi8Vqdt4PJgZr40KXA-oFzNki-laFbtMyes_JbSiB-PxMb2H6hrwBBtUn7Do

Requested by

Host: www.secretchina.com
URL: https://www.secretchina.com/

Protocol

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 22 Sep 2022 16:15:11 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDhEOTk3TVItTS1MMlNS&google_push=AZmPxg_w6ZeYz9kPv8YLjOvT8thAl1TlmC_QnqQWDi8Vqdt4PJgZr40KXA-oFzNki-laFbtMyes_JbSiB-PxMb2H6hrwBBtUn7Do
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
content-length: 0
X-RPHost: de8527bfa1ccfd6c1590da0d3b6cff52
Expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 31A5
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEHPH7ZO1ZI8GVCIc62wftTw&google_cver=1&googl...
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEHPH7ZO1ZI8GVCIc62wftTw&google_hm=YyyKDpjq3SH2WD84L9GHAgAAFDwAAAAB&google_nid=index&google_push=AZmPxg-wvfKWuzjAoPXhs-IA8twkyeXcRsYIa...

170 B
188 B

72ms
63ms

Image
image/png

216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEHPH7ZO1ZI8GVCIc62wftTw&google_hm=YyyKDpjq3SH2WD84L9GHAgAAFDwAAAAB&google_nid=index&google_push=AZmPxg-wvfKWuzjAoPXhs-IA8twkyeXcRsYIa7dTt_fp9daEYvfGdnoXd85YqKMNG_HD2arxtmEtIKFJXqvCJ52UctR-SYj6QN6S

Requested by

Host: www.secretchina.com
URL: https://www.secretchina.com/

Protocol

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 22 Sep 2022 16:15:11 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 22 Sep 2022 16:15:11 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GnRQFMnnrzPyUdsuE0i5RXTv7%2B0%2BEdMy9uZEf7%2FGYmBZbqxjsr5%2BMDC82G50S9kv8UN9TeFTlL0NsjJW%2BXi9wm6fqwRGmGfhz6PvFhrq5C4W%2BnGgQyEiymILYnpYFAS0uM0HIq9Zx9NB4g%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEHPH7ZO1ZI8GVCIc62wftTw&google_hm=YyyKDpjq3SH2WD84L9GHAgAAFDwAAAAB&google_nid=index&google_push=AZmPxg-wvfKWuzjAoPXhs-IA8twkyeXcRsYIa7dTt_fp9daEYvfGdnoXd85YqKMNG_HD2arxtmEtIKFJXqvCJ52UctR-SYj6QN6S
cache-control: no-cache
cf-ray: 74ec567fce279b86-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: 0

GET
H2 200 trk
ag.innovid.com/ Frame 31A5 43 B
296 B 51ms
22ms Image
image/gif 2a05:d01c:1d8:8101:fce4:7d96:66d4:9311
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ag.innovid.com/trk?tid=11711&google_gid=CAESEK7_JoxBoMcujqXsfFlnHrA&google_cver=1&google_push=AZmPxg84roXj2PBxrDh_XyCI446kT-OK4Jy1iZ-P9gwFXvKma12pSipAS8TFpQbIiAlQ_B51xjrEWsftjVLBgaote2V-fqA0AntH
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220919/r20110914/zrt_lookup.html?fsb=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a05:d01c:1d8:8101:fce4:7d96:66d4:9311 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 22 Sep 2022 16:15:11 GMT
cache-control: no-cache
content-type: image/gif
content-length: 43
request-time: 0
expires: -1

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 31A5 0
12 B 49ms
48ms Image
text/html 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JRmDd_QDUqzolbEAOqNDnyym90hLbhKnCw3KnmDN2Rr01asMSdb6_wsymt5xyH8kzQWvZd

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220919/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 16:15:11 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

POST
H3 200 rs Show response
ad4m.at/ Frame CF93 2 KB
2 KB 50ms
50ms XHR
text/plain 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Requested by: Host: ad4m.at
URL: https://ad4m.at/fxpcopuw.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: af34ef4446fd98e2bebb8c69e7ca9cf35ecd4f00df69c6d931bf3f47e3519a9f

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: application/json

Response headers

cf-ray: 74ec56803cff9b83-FRA
date: Thu, 22 Sep 2022 16:15:11 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BpYdRB6iVe8chRngC3qAAdExAk4tdQdpoWzsFAKzkyKJX6g7%2FdqaN1a33Os1uCjYL33nu48wXQ12oUSddBWqzgjYENf4AnFMbAFgrVtqgWDqKetBc6ycY9tte7LuFkbyPx%2FgXRk%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain
access-control-allow-origin: https://as.ad4m.at
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
access-control-allow-credentials: true
content-encoding: br
x-backend-server: aa-reachservice-group-europe-west1-2p34

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 3B9E
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

93ms
81ms

Document
text/html

2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220919/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 22 Sep 2022 16:15:11 GMT
expires: Thu, 22 Sep 2022 16:15:11 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
date: Thu, 22 Sep 2022 16:15:11 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

OPTIONS
H3 200 rs
ad4m.at/ Frame 0
0 36ms
36ms Preflight
text/plain 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://as.ad4m.at
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin: https://as.ad4m.at
access-control-max-age: 1800
allow: HEAD,POST,GET,OPTIONS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 74ec567ffc739b83-FRA
content-length: 24
content-type: text/plain
date: Thu, 22 Sep 2022 16:15:11 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yeYO7X9HAJFv0QhWSjxr2qKy0DqV7%2BVDMvfPijJ6w4e8riYdkjPyvfcKpkaLnOvT9IkUpXChHV9OR9cgF60t6DzQunmAxaZtn5aN5QUnXGjufPGPy5A9xaHfyhRZrF4vQc%2BPUZY%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
via: 1.1 google
x-backend-server: aa-reachservice-group-europe-west1-2p34

GET
H3 200 6BYXhZMCT46-9MEs0mF7PtO-2LtaEInKrtcRBPC9dKM.js Show response
pagead2.googlesyndication.com/bg/ Frame 5E88 36 KB
16 KB 54ms
51ms Script
text/javascript 2a00:1450:400d:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/6BYXhZMCT46-9MEs0mF7PtO-2LtaEInKrtcRBPC9dKM.js

Requested by

Host: www.secretchina.com
URL: https://www.secretchina.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e816178593024f8ebef4c12cd2617b3ed3bed8bb5a1089caaed71104f0bd74a3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 19:18:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 75417
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15952
x-xss-protection: 0
last-modified: Tue, 13 Sep 2022 10:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 21 Sep 2023 19:18:14 GMT

GET
H2 200 link.html Show response
track.webgains.com/ Frame 9B98 2 KB
2 KB 162ms
134ms Script
text/html 3.11.195.34
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://track.webgains.com/link.html?wglinkid=3354045&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1j4xetz1vaas2cehvssg4hs619e9pbawf50rhvmyt12kj7ezn1r0gpdwbqc1t3zpse9cr3dr107c8pw3t276b0vqbbm0war9c4m40p0qm7se7eps3qpnkc1yqn72rt5gax4pxnpfcmkfxkw7gsss79t6gk6qg76pnf7h4z9kce6h7a6mxg3x0fjncnx5qzac5x2rd92dbk1s6ejjffpsm3kww5cbnrrvvqnnxq9aazxqvzw4eh1cq5907h631fg%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1j9pg95j96tzkbn5j53br27ndfx9a77pht56h2zsve15zv55jqvscxt47h9xmvvcw9fnjkzy6mns1te3320vxbxh7412hm1x8xfsprfzqzprzn20pamg60x77r7grstv0s27jnpw5pkgqk7vhtw6r5e0e680989mhc071jc47cyr1c40as4x09mp3014mqxw9asvq2cb9akbbbx3c851waka72666zkw7jfwqgjfjbj8ww12bnk69f5y9en78h4b2q0m0jt81vg9w%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCnjuKDYosY-i1H9Gi3gPUyJ_wDpDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTEyNzY2NDE0MzQ2NTEzNjCgAcKu6N0DyAEJqQIuLRCGYo6wPuACAKgDAaoEkwJP0D6CFnPu0-BEOcw3E6RU9jjxixi3W4aGGMhhWe5UJZowSi1stQAeVmQZKx310VPNYx89TQdOnlGnKUTGwvzB_Wbs2C2pLiFEXVkdxYoX3AVEC2dYLUk8cvlL2_LL_YJrxEk7lYuBXIiFkRMIqjq6rnoGmwiilgfjnyGiQMGWNM9MEHM0YTSJShVJS5uQKdNjcaP_RohowQ-dJruu-WtNDCb3XuivPplAh7AwhcLSelKrGU3H8ON0DRGveKk895pgq34ukE_1GqwfXWL4jZm3wJOJhy28O1ZTqD-mgfEWZQFdsqFnI5M29C5tiL3Iz6UjEVBrevtPsJmmSmG0il4HfbRcjxuQdtNq6GNTvboW_2dihOAEAYAGv8uJxrfT-dFboAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_0qa8hWRsRMYyzO_Dkf2k12ejc1wA%252526client%25253Dca-pub-1276641434651360%252526adurl%25253D&clickref=oneidgVXF8frfkpAGaPHbH8txCzDPhmSQTm7VFeoneid__dc_reach_suite02wkz&viewref=oneidwA3SdfjfD5b6hEHRH2tXtxVEUzSATDzRT5oneid__dc_reach_suite02wkz
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=117569%2C61651%2C14044&b=r2GcQf9f8qB2CAH7Hjtqt8DYtYS8TKxdhd%2CwA3SdfjfD5b6hEHRH2tXtxVEUzSATDzRT5%2CXxVfzfrfqw7U6H4HetqtxD7UQSkTXKPfJ&f=PxefBfbf4YMAU9HjHbtgCYqGUJS9TPM7Fp%2CgVXF8frfkpAGaPHbH8txCzDPhmSQTm7VFe%2Ce7RC3fVfxBVcjHZHet2CeW3swSQTx8Ja1&c=728&d=90&e=&g=69aa324510f6aa54839a9c7fcf68e131%2F95487472883052983&i=29981%2C24905%2C25007&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1663863311157&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1j9pg95j96tzkbn5j53br27ndfx9a77pht56h2zsve15zv55jqvscxt47h9xmvvcw9fnjkzy6mns1te3320vxbxh7412hm1x8xfsprfzqzprzn20pamg60x77r7grstv0s27jnpw5pkgqk7vhtw6r5e0e680989mhc071jc47cyr1c40as4x09mp3014mqxw9asvq2cb9akbbbx3c851waka72666zkw7jfwqgjfjbj8ww12bnk69f5y9en78h4b2q0m0jt81vg9w%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCnjuKDYosY-i1H9Gi3gPUyJ_wDpDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTEyNzY2NDE0MzQ2NTEzNjCgAcKu6N0DyAEJqQIuLRCGYo6wPuACAKgDAaoEkwJP0D6CFnPu0-BEOcw3E6RU9jjxixi3W4aGGMhhWe5UJZowSi1stQAeVmQZKx310VPNYx89TQdOnlGnKUTGwvzB_Wbs2C2pLiFEXVkdxYoX3AVEC2dYLUk8cvlL2_LL_YJrxEk7lYuBXIiFkRMIqjq6rnoGmwiilgfjnyGiQMGWNM9MEHM0YTSJShVJS5uQKdNjcaP_RohowQ-dJruu-WtNDCb3XuivPplAh7AwhcLSelKrGU3H8ON0DRGveKk895pgq34ukE_1GqwfXWL4jZm3wJOJhy28O1ZTqD-mgfEWZQFdsqFnI5M29C5tiL3Iz6UjEVBrevtPsJmmSmG0il4HfbRcjxuQdtNq6GNTvboW_2dihOAEAYAGv8uJxrfT-dFboAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_0qa8hWRsRMYyzO_Dkf2k12ejc1wA%2526client%253Dca-pub-1276641434651360%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.11.195.34 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-11-195-34.eu-west-2.compute.amazonaws.com
Software: nginx / PHP/7.4.26
Resource Hash: a2f02d8e9279992c13b519d117a1cf097c276d1fc959ff1bc5ebdd5362655fe5

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 16:15:11 GMT
last-modified: Thu, 22 Sep 2022 16:15:11 GMT
server: nginx
x-powered-by: PHP/7.4.26
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=60
access-control-allow-headers: Authorization
expires: Thu, 22 Sep 2022 16:16:11 GMT

POST
H3 200 rs Show response
ad4m.at/ Frame 9889 2 KB
2 KB 49ms
38ms XHR
text/plain 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Requested by: Host: ad4m.at
URL: https://ad4m.at/fxpcopuw.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f8f1cd84c57ffc81f8865b1ebba353154e383b75192cd0beac7d63b1773f9bba

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: application/json

Response headers

cf-ray: 74ec56808d9f9b83-FRA
date: Thu, 22 Sep 2022 16:15:11 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZREwoSCytoCPo%2Bq0AB3BwY8aElpUZFrDlKYPSo5HeoonurA087J%2FpS1DlJKzhJEqzLmdx6AWh%2FuUdqdzbpx49c%2FX9IqmT%2Fv05280D%2F%2FuFQFj%2FIr9wCkblsEiVttkdUaeC9GAuGY%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain
access-control-allow-origin: https://as.ad4m.at
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
access-control-allow-credentials: true
content-encoding: br
x-backend-server: aa-reachservice-group-europe-west1-2p34

OPTIONS
H3 200 rs
ad4m.at/ Frame 0
0 45ms
40ms Preflight
text/plain 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://as.ad4m.at
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin: https://as.ad4m.at
access-control-max-age: 1800
allow: HEAD,POST,GET,OPTIONS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 74ec56802cd99b83-FRA
content-length: 24
content-type: text/plain
date: Thu, 22 Sep 2022 16:15:11 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wYXHbdaw637uf354R4iHsaeaF1X5K7xWlkMimWcCF1J%2B98ZNVbVKldpWLm%2FqSI00so2V%2FxpN6oZ1AJtVOB6tspb0sZHsIbjpCPXh7lAbqGtt98IT%2FIo3QUdu7Pf6NhLCZfSI1Ok%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
via: 1.1 google
x-backend-server: aa-reachservice-group-europe-west1-2p34

GET
H3 200 rar Show response
as.ad4m.at/ad/ Frame F412 11 KB
5 KB 36ms
35ms Document
text/html 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/rar?a=183975%2C22925%2C195017&b=e7RC3fVfrkRMajHZHet1t4jXTwSQTx8Ja1%2CMxefzfrfw4QsWHEHGtDt66BTBS4Tb6ku3%2C2beH6fqfjA7xtVHWHkt8txx5FxS7T7G4fg&f=DjeT3fwfGA3rF3HmH9twCZ3kTxSmTk8rFV%2C62Zcef3fK8VueHmHYtECWW8aYS1T2qJs7%2C4rehEf5fAQEZcGH9HdtzCmm7abSpTr6XuK&c=728&d=90&e=&g=8eaa81d6dc3b3952bcd66cbf65e3be14%2F13756239879287092410&i=20597%2C20774%2C20773&j=21%2C14%2C14&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1663863311421&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jg0nnn2qhhrmw7dgzfk8xjxk7yqb1ymapf5sp08vtzz5k2fvnyg6spqfnwd33z7s1p9jb2dr05mzm45am4vvvfay6ab8vnhz5vdwb8gkmc2h96ag8ja3hg66tmv9s1192j70fkm1v148zxk389wpdxavf9hgkx05k1hddbpda8yd01y98byr2zyjmwrn1y4harwmff7hz0ex6y7kbk49e4jnyp0xeaa6pcysyxa0zyygwqw8ne1vq2vt1mf11yag1bs5jwwr8bby%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCHWK4DYosY_KzL9KprASw-rvABJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTEyNzY2NDE0MzQ2NTEzNjCgAcKu6N0DyAEJqQIuLRCGYo6wPuACAKgDAaoEkAJP0HuRmZSdj-T_urpqJeAzggjDUDltRPbxmp0Jc1Q-burtz8rc0707FVZ_MAwjwfcI9eT6lNeUnC_9T1wPiUv62fHOIzzxiwsi_9pip_8X78tESeEcKWScWQ3rtcWLLJ31uXl2j8GJ2ynpOs-EPVm17YYW7GFshEafdx4Dlha8kX7ls9kgZjyxnNci2z3Gi8PpViUc5xDfAl_ezbxAii_4NvehnKPgyANViCt2c-j2Fbufc2sRGtREkq_3dkYO-kekEyBhJXz7e0KBi-Lb8uXWzw8Dw5WsfBMZ3esD0TdLWoIGQnmPxZKSxqecLloWFRYLiKKjW4ZHEaLpwfBLIUZV6exdzuVVBMmCGaCtvDTCBOAEAYAGv8uJxrfT-dFboAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_0rg4TMi1rEWj0fpEc_p4_XmWQMXw%2526client%253Dca-pub-1276641434651360%2526adurl%253D&y=1&s=&z=0

Requested by

Host: ad4m.at
URL: https://ad4m.at/fxpcopuw.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d7ab7338f30670957aaf471ca493ac902b9a9aaf12f1bcbac1cbc924c8dc29d0

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-ancestors * data:;frame-src ;img-src data:;manifest-src 'none';media-src 'none';navigate-to ;object-src 'none';prefetch-src 'none';script-src 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://as.ad4m.at/ad/dr?ed=1kjtg790vfj0tv3860ntyzxsmzjfqsvf2pft7f6wf0jxqnpymscwh958hp37kxdektj3ecn3t7pndbg6tmc3z048xyms8xhmqjmdncwpmcd6agcwb41djnstpjk225stkw03pdfq9mass3ct81dk436b0qnsd2v5kwea1vd9hd2q7wb6pqhzyr9jjhbq1vkv7kx45r4bj84vx7c7f3tktvs289ryfysk4w3wp467ek9zem5vt4tc8yje9tskn1t576ckz5afpq14yjmeym2vttxw1rz78n0jk6hcf9nyrmf4rnzd3g27zr27zgrvkqrqhk6c3vpr0cyffj5qdy72ffmbskkdzvhtzav1zcxy56pbb1bg8kzzh0f61hswpymkb1jp7fan7ps8v0d7t3g88a7ysyya2444&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCHWK4DYosY_KzL9KprASw-rvABJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTEyNzY2NDE0MzQ2NTEzNjCgAcKu6N0DyAEJqQIuLRCGYo6wPuACAKgDAaoEkAJP0HuRmZSdj-T_urpqJeAzggjDUDltRPbxmp0Jc1Q-burtz8rc0707FVZ_MAwjwfcI9eT6lNeUnC_9T1wPiUv62fHOIzzxiwsi_9pip_8X78tESeEcKWScWQ3rtcWLLJ31uXl2j8GJ2ynpOs-EPVm17YYW7GFshEafdx4Dlha8kX7ls9kgZjyxnNci2z3Gi8PpViUc5xDfAl_ezbxAii_4NvehnKPgyANViCt2c-j2Fbufc2sRGtREkq_3dkYO-kekEyBhJXz7e0KBi-Lb8uXWzw8Dw5WsfBMZ3esD0TdLWoIGQnmPxZKSxqecLloWFRYLiKKjW4ZHEaLpwfBLIUZV6exdzuVVBMmCGaCtvDTCBOAEAYAGv8uJxrfT-dFboAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0rg4TMi1rEWj0fpEc_p4_XmWQMXw%26client%3Dca-pub-1276641434651360%26adurl%3D
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 74ec5680a8609bb0-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Thu, 22 Sep 2022 16:15:11 GMT
expires: 0
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

POST
H3 200 rs Show response
ad4m.at/ Frame 0ADC 2 KB
2 KB 56ms
56ms XHR
text/plain 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Requested by: Host: ad4m.at
URL: https://ad4m.at/fxpcopuw.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8fa7cd53bc66417a6b1e19e3ef3e6430aa5773d7ceb5ee5b175b93abeb467ba9

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: application/json

Response headers

cf-ray: 74ec5680eed59b83-FRA
date: Thu, 22 Sep 2022 16:15:11 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XULrwzpqq4QbXrTOF0qfWTpX%2FfzkY0PVFXeJQ30mWOufI7%2FKjqIIqnSe8K0d3zNczYC8R5lfHO2qYrDUtqUMjnmWHwvAxgyGen5kRH7oQv3ytvldq1WQgg1N5aAZePOktXCiEG4%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain
access-control-allow-origin: https://as.ad4m.at
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
access-control-allow-credentials: true
content-encoding: br
x-backend-server: aa-reachservice-group-europe-west1-2p34

OPTIONS
H3 200 rs
ad4m.at/ Frame 0
0 34ms
34ms Preflight
text/plain 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://as.ad4m.at
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin: https://as.ad4m.at
access-control-max-age: 1800
allow: HEAD,POST,GET,OPTIONS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 74ec5680be369b83-FRA
content-length: 24
content-type: text/plain
date: Thu, 22 Sep 2022 16:15:11 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gwSfT8yNVdVuS7QChKYFhXFqucd9lR1oXvpUc8YVcHb6PKo7JZTqwpJTptAbjsyF15zjQdRiPi%2FYEbBh%2B6%2BZTy0Pte%2F%2FFwDhVV3PyA52IB7KqzheTTrR5RpSaTzrHTEN4UklXiM%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
via: 1.1 google
x-backend-server: aa-reachservice-group-europe-west1-2p34

GET
H3 200 rar Show response
as.ad4m.at/ad/ Frame DAD7 13 KB
5 KB 25ms
24ms Document
text/html 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/rar?a=43784%2C13833%2C56666&b=jpBHEfGfjp9hYHEH2t6tx1WsZSzTDRGT9%2C7QZTqfzfzeKSrHXHgtAtX71H4S1Tr9ZuM%2CZxJfwfBfJJ8DumHDHDt3tkBjC6SXTx3qaJ&f=xEbfQfAf6gJUPHdHztDC3jqh7S6TqkxSA%2CEjeTDfEfAJktzHAHjt6CQXYuKSVTZAGT7%2C9jeTMfmf11YBaKHBH2tzCG5zS9SmTZY2Td&c=728&d=90&e=&g=c2a8357628d38ee2f46d2d57bceb7cb6%2F15360957782537916248&i=27720%2C17743%2C22427&j=21%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1663863311464&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jf3mkc71hjdf4nyyrw9b89n2jbf5xdnncxj76fsb6frdb7wkmr2xqfr1sg3tmf9962vag9jpyr6b0d64heajcchw04pxwpqe9mmsx5k47s2dw0kabrhgwnhdedvvhbkwqvp9z7gk85b84srkkwasg4xksth4274mjhwf01g2kmfq818xfjt93q66ckfr2cdbz70c94w8sctp18mwpqfr8wbr6nepts8x3has9f4tgsbm64fyz8rj7pqxhc7p4b403n4qch8mb4et%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC3lCADoosY6jpBqXH3gOZ5JWIBJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTEyNzY2NDE0MzQ2NTEzNjCgAcKu6N0DyAEJqQIuLRCGYo6wPuACAKgDAaoEkQJP0NoYi9FYHQWhNM3Wn_xvJlS210HholWBIvR6IZzwTBZD1CJLYV0sjWU2tmXdHDgC81NjgYIQrOfE9X1kX23Dc9ylCWviynz8A0W2EK9kN1MKK-xk8U3adznRfS2ver8CB_vc0VaAzwkz6MBI3_zDH7tBMzt0HoZSHdbxILdqQsEdzFWLNiX16enGjHpsz2wLtPagfk3gmlDhwHuDUXyDQCZ3WHmHuyYa7KvULI77BeqECi9gtguOz1PHLj8NNq1KSwNS9wZNfgxytqhm9sA0MByAeAj1fFx4msWXmKX7NuyDcRR7GawymQoK8OjWm-LPF66II7_gZFimXgPFzh8Gh8HpXMMVAuKfA_HP4W93WSbgBAGABr_Lica30_nRW6AGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1XAk5I2W0F_xNOk2wvfC2j7UuKWQ%2526client%253Dca-pub-1276641434651360%2526adurl%253D&y=1&s=&z=0

Requested by

Host: ad4m.at
URL: https://ad4m.at/fxpcopuw.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

be8dc547b91f0491ca3e19f9a41cc19ee6872ce0672b47df47b6f2163a105260

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-ancestors * data:;frame-src ;img-src data:;manifest-src 'none';media-src 'none';navigate-to ;object-src 'none';prefetch-src 'none';script-src 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://as.ad4m.at/ad/dr?ed=1g5jfej2kvdnxfg0mzfadv1c713wq36ds2mcjq7ygspkkhfmfmjma49pze6haxrx366gpye7gh0te5ymbqvrgz73by0zft3bxdv4wm54v3gynsbxwwbj71xhsg9jbwhhgxkxwmjha7b5scywwtw2cwvqx43sgj2eqc7ev01w4anzc5tzsdtr6191p1e8rfvqqfrejte0f15f3msa498x103p832x2p8qkj5v6bpct00vjznaf0xhf5axg0552gpkx6w6rq0j4ns448f5g5x2hvb2fmywh2vr8rgbc73r3henpqbjd04edan33d64mp4225xh836b4z7x96v5zqgw5fe2jg991p5e5h3zm1xv9bg2ykky374aeyp2s1a9r6hyhh1b778ct0dy9ydqkpg8p3pf00a2rkkz&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC3lCADoosY6jpBqXH3gOZ5JWIBJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTEyNzY2NDE0MzQ2NTEzNjCgAcKu6N0DyAEJqQIuLRCGYo6wPuACAKgDAaoEkQJP0NoYi9FYHQWhNM3Wn_xvJlS210HholWBIvR6IZzwTBZD1CJLYV0sjWU2tmXdHDgC81NjgYIQrOfE9X1kX23Dc9ylCWviynz8A0W2EK9kN1MKK-xk8U3adznRfS2ver8CB_vc0VaAzwkz6MBI3_zDH7tBMzt0HoZSHdbxILdqQsEdzFWLNiX16enGjHpsz2wLtPagfk3gmlDhwHuDUXyDQCZ3WHmHuyYa7KvULI77BeqECi9gtguOz1PHLj8NNq1KSwNS9wZNfgxytqhm9sA0MByAeAj1fFx4msWXmKX7NuyDcRR7GawymQoK8OjWm-LPF66II7_gZFimXgPFzh8Gh8HpXMMVAuKfA_HP4W93WSbgBAGABr_Lica30_nRW6AGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1XAk5I2W0F_xNOk2wvfC2j7UuKWQ%26client%3Dca-pub-1276641434651360%26adurl%3D
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 74ec5681192d9bb0-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Thu, 22 Sep 2022 16:15:11 GMT
expires: 0
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.23/one-ad/ Frame F412 85 KB
11 KB 31ms
30ms Stylesheet
text/css 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/style/0.1.23/one-ad/default.css

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=183975%2C22925%2C195017&b=e7RC3fVfrkRMajHZHet1t4jXTwSQTx8Ja1%2CMxefzfrfw4QsWHEHGtDt66BTBS4Tb6ku3%2C2beH6fqfjA7xtVHWHkt8txx5FxS7T7G4fg&f=DjeT3fwfGA3rF3HmH9twCZ3kTxSmTk8rFV%2C62Zcef3fK8VueHmHYtECWW8aYS1T2qJs7%2C4rehEf5fAQEZcGH9HdtzCmm7abSpTr6XuK&c=728&d=90&e=&g=8eaa81d6dc3b3952bcd66cbf65e3be14%2F13756239879287092410&i=20597%2C20774%2C20773&j=21%2C14%2C14&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1663863311421&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jg0nnn2qhhrmw7dgzfk8xjxk7yqb1ymapf5sp08vtzz5k2fvnyg6spqfnwd33z7s1p9jb2dr05mzm45am4vvvfay6ab8vnhz5vdwb8gkmc2h96ag8ja3hg66tmv9s1192j70fkm1v148zxk389wpdxavf9hgkx05k1hddbpda8yd01y98byr2zyjmwrn1y4harwmff7hz0ex6y7kbk49e4jnyp0xeaa6pcysyxa0zyygwqw8ne1vq2vt1mf11yag1bs5jwwr8bby%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCHWK4DYosY_KzL9KprASw-rvABJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTEyNzY2NDE0MzQ2NTEzNjCgAcKu6N0DyAEJqQIuLRCGYo6wPuACAKgDAaoEkAJP0HuRmZSdj-T_urpqJeAzggjDUDltRPbxmp0Jc1Q-burtz8rc0707FVZ_MAwjwfcI9eT6lNeUnC_9T1wPiUv62fHOIzzxiwsi_9pip_8X78tESeEcKWScWQ3rtcWLLJ31uXl2j8GJ2ynpOs-EPVm17YYW7GFshEafdx4Dlha8kX7ls9kgZjyxnNci2z3Gi8PpViUc5xDfAl_ezbxAii_4NvehnKPgyANViCt2c-j2Fbufc2sRGtREkq_3dkYO-kekEyBhJXz7e0KBi-Lb8uXWzw8Dw5WsfBMZ3esD0TdLWoIGQnmPxZKSxqecLloWFRYLiKKjW4ZHEaLpwfBLIUZV6exdzuVVBMmCGaCtvDTCBOAEAYAGv8uJxrfT-dFboAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_0rg4TMi1rEWj0fpEc_p4_XmWQMXw%2526client%253Dca-pub-1276641434651360%2526adurl%253D&y=1&s=&z=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

34c3ae81cd958df09f8912557b0a7c53fea002cc24b4d6058d852da53811e414

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/rar?a=183975%2C22925%2C195017&b=e7RC3fVfrkRMajHZHet1t4jXTwSQTx8Ja1%2CMxefzfrfw4QsWHEHGtDt66BTBS4Tb6ku3%2C2beH6fqfjA7xtVHWHkt8txx5FxS7T7G4fg&f=DjeT3fwfGA3rF3HmH9twCZ3kTxSmTk8rFV%2C62Zcef3fK8VueHmHYtECWW8aYS1T2qJs7%2C4rehEf5fAQEZcGH9HdtzCmm7abSpTr6XuK&c=728&d=90&e=&g=8eaa81d6dc3b3952bcd66cbf65e3be14%2F13756239879287092410&i=20597%2C20774%2C20773&j=21%2C14%2C14&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1663863311421&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jg0nnn2qhhrmw7dgzfk8xjxk7yqb1ymapf5sp08vtzz5k2fvnyg6spqfnwd33z7s1p9jb2dr05mzm45am4vvvfay6ab8vnhz5vdwb8gkmc2h96ag8ja3hg66tmv9s1192j70fkm1v148zxk389wpdxavf9hgkx05k1hddbpda8yd01y98byr2zyjmwrn1y4harwmff7hz0ex6y7kbk49e4jnyp0xeaa6pcysyxa0zyygwqw8ne1vq2vt1mf11yag1bs5jwwr8bby%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCHWK4DYosY_KzL9KprASw-rvABJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTEyNzY2NDE0MzQ2NTEzNjCgAcKu6N0DyAEJqQIuLRCGYo6wPuACAKgDAaoEkAJP0HuRmZSdj-T_urpqJeAzggjDUDltRPbxmp0Jc1Q-burtz8rc0707FVZ_MAwjwfcI9eT6lNeUnC_9T1wPiUv62fHOIzzxiwsi_9pip_8X78tESeEcKWScWQ3rtcWLLJ31uXl2j8GJ2ynpOs-EPVm17YYW7GFshEafdx4Dlha8kX7ls9kgZjyxnNci2z3Gi8PpViUc5xDfAl_ezbxAii_4NvehnKPgyANViCt2c-j2Fbufc2sRGtREkq_3dkYO-kekEyBhJXz7e0KBi-Lb8uXWzw8Dw5WsfBMZ3esD0TdLWoIGQnmPxZKSxqecLloWFRYLiKKjW4ZHEaLpwfBLIUZV6exdzuVVBMmCGaCtvDTCBOAEAYAGv8uJxrfT-dFboAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_0rg4TMi1rEWj0fpEc_p4_XmWQMXw%2526client%253Dca-pub-1276641434651360%2526adurl%253D&y=1&s=&z=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 16:15:11 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
age: 871075
cross-origin-embedder-policy: unsafe-none
cf-polished: origSize=86781
surrogate-control: no-store
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=86400; includeSubDomains; preload
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: same-origin
last-modified: Mon, 12 Sep 2022 14:17:16 GMT
server: cloudflare
cross-origin-opener-policy: unsafe-none
x-download-options: noopen
vary: accept-encoding
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
content-type: text/css; charset=utf-8
expires: 0
cache-control: max-age=3600, must-revalidate, proxy-revalidate
cf-ray: 74ec568129609bb0-FRA
cf-bgj: minify

GET
H3 200 F9B39585BFA0505D63AEC15D6DB1B02D9089CB0BB1445FD9678DBB04C32C81A56DC3B966E24F60B1752A92F908AA27DE3F0994E5B1621436EB0D2328EC61055B
assets.ad4m.at/logo/ Frame F412 127 KB
128 KB 23ms
23ms Image
image/webp 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/F9B39585BFA0505D63AEC15D6DB1B02D9089CB0BB1445FD9678DBB04C32C81A56DC3B966E24F60B1752A92F908AA27DE3F0994E5B1621436EB0D2328EC61055B
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=183975%2C22925%2C195017&b=e7RC3fVfrkRMajHZHet1t4jXTwSQTx8Ja1%2CMxefzfrfw4QsWHEHGtDt66BTBS4Tb6ku3%2C2beH6fqfjA7xtVHWHkt8txx5FxS7T7G4fg&f=DjeT3fwfGA3rF3HmH9twCZ3kTxSmTk8rFV%2C62Zcef3fK8VueHmHYtECWW8aYS1T2qJs7%2C4rehEf5fAQEZcGH9HdtzCmm7abSpTr6XuK&c=728&d=90&e=&g=8eaa81d6dc3b3952bcd66cbf65e3be14%2F13756239879287092410&i=20597%2C20774%2C20773&j=21%2C14%2C14&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1663863311421&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jg0nnn2qhhrmw7dgzfk8xjxk7yqb1ymapf5sp08vtzz5k2fvnyg6spqfnwd33z7s1p9jb2dr05mzm45am4vvvfay6ab8vnhz5vdwb8gkmc2h96ag8ja3hg66tmv9s1192j70fkm1v148zxk389wpdxavf9hgkx05k1hddbpda8yd01y98byr2zyjmwrn1y4harwmff7hz0ex6y7kbk49e4jnyp0xeaa6pcysyxa0zyygwqw8ne1vq2vt1mf11yag1bs5jwwr8bby%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCHWK4DYosY_KzL9KprASw-rvABJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTEyNzY2NDE0MzQ2NTEzNjCgAcKu6N0DyAEJqQIuLRCGYo6wPuACAKgDAaoEkAJP0HuRmZSdj-T_urpqJeAzggjDUDltRPbxmp0Jc1Q-burtz8rc0707FVZ_MAwjwfcI9eT6lNeUnC_9T1wPiUv62fHOIzzxiwsi_9pip_8X78tESeEcKWScWQ3rtcWLLJ31uXl2j8GJ2ynpOs-EPVm17YYW7GFshEafdx4Dlha8kX7ls9kgZjyxnNci2z3Gi8PpViUc5xDfAl_ezbxAii_4NvehnKPgyANViCt2c-j2Fbufc2sRGtREkq_3dkYO-kekEyBhJXz7e0KBi-Lb8uXWzw8Dw5WsfBMZ3esD0TdLWoIGQnmPxZKSxqecLloWFRYLiKKjW4ZHEaLpwfBLIUZV6exdzuVVBMmCGaCtvDTCBOAEAYAGv8uJxrfT-dFboAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_0rg4TMi1rEWj0fpEc_p4_XmWQMXw%2526client%253Dca-pub-1276641434651360%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4e249aef61e2d675b41a8d764b5b9c9a8ee9ebc5e512386625516f6d2c8a4977

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 16:15:11 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2571899
cf-polished: origFmt=png, origSize=233620
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 130164
last-modified: Tue, 29 Mar 2022 07:10:51 GMT
server: cloudflare
etag: "d1d171dd651522f41a2fc0dba256a546"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iu1b7Uq1YpW0Fna3JriFWeZsVNzmLg5HRgI3EADtfmuee7mBTMVa8vxddFbBeolBZSWkCuXCMX%2BoALryH6osVoIQMNU2LTN0HvA6KFKOsXhYZSfVXUbUUXgSRlKs6ncsAaoebJG728cLaUwT"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
expires: Fri, 23 Sep 2022 16:15:11 GMT
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 74ec568129629bb0-FRA
cf-bgj: imgq:85,h2pri

GET
H3 200 1408E404D125984EC307986C30204BFB93CEF5A079A8B664A2AB24EB8E10E04B06FC2810F2A3432611FA8E4EB56D40C4CE476E3578F76162AC45AD15ADEE2CC0
assets.ad4m.at/product_image/ Frame F412 461 KB
461 KB 33ms
32ms Image
image/webp 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/1408E404D125984EC307986C30204BFB93CEF5A079A8B664A2AB24EB8E10E04B06FC2810F2A3432611FA8E4EB56D40C4CE476E3578F76162AC45AD15ADEE2CC0
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=183975%2C22925%2C195017&b=e7RC3fVfrkRMajHZHet1t4jXTwSQTx8Ja1%2CMxefzfrfw4QsWHEHGtDt66BTBS4Tb6ku3%2C2beH6fqfjA7xtVHWHkt8txx5FxS7T7G4fg&f=DjeT3fwfGA3rF3HmH9twCZ3kTxSmTk8rFV%2C62Zcef3fK8VueHmHYtECWW8aYS1T2qJs7%2C4rehEf5fAQEZcGH9HdtzCmm7abSpTr6XuK&c=728&d=90&e=&g=8eaa81d6dc3b3952bcd66cbf65e3be14%2F13756239879287092410&i=20597%2C20774%2C20773&j=21%2C14%2C14&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1663863311421&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jg0nnn2qhhrmw7dgzfk8xjxk7yqb1ymapf5sp08vtzz5k2fvnyg6spqfnwd33z7s1p9jb2dr05mzm45am4vvvfay6ab8vnhz5vdwb8gkmc2h96ag8ja3hg66tmv9s1192j70fkm1v148zxk389wpdxavf9hgkx05k1hddbpda8yd01y98byr2zyjmwrn1y4harwmff7hz0ex6y7kbk49e4jnyp0xeaa6pcysyxa0zyygwqw8ne1vq2vt1mf11yag1bs5jwwr8bby%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCHWK4DYosY_KzL9KprASw-rvABJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTEyNzY2NDE0MzQ2NTEzNjCgAcKu6N0DyAEJqQIuLRCGYo6wPuACAKgDAaoEkAJP0HuRmZSdj-T_urpqJeAzggjDUDltRPbxmp0Jc1Q-burtz8rc0707FVZ_MAwjwfcI9eT6lNeUnC_9T1wPiUv62fHOIzzxiwsi_9pip_8X78tESeEcKWScWQ3rtcWLLJ31uXl2j8GJ2ynpOs-EPVm17YYW7GFshEafdx4Dlha8kX7ls9kgZjyxnNci2z3Gi8PpViUc5xDfAl_ezbxAii_4NvehnKPgyANViCt2c-j2Fbufc2sRGtREkq_3dkYO-kekEyBhJXz7e0KBi-Lb8uXWzw8Dw5WsfBMZ3esD0TdLWoIGQnmPxZKSxqecLloWFRYLiKKjW4ZHEaLpwfBLIUZV6exdzuVVBMmCGaCtvDTCBOAEAYAGv8uJxrfT-dFboAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_0rg4TMi1rEWj0fpEc_p4_XmWQMXw%2526client%253Dca-pub-1276641434651360%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ec335cbc056796d69797fd1ef82fc0abd9159579add0bf72e3f54fc0acba786b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 16:15:11 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2579277
cf-polished: origFmt=png, origSize=731561
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 471752
last-modified: Tue, 29 Mar 2022 07:03:31 GMT
server: cloudflare
etag: "1b69278243c107df5b11186b1f6ca585"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=i0Rryd8k%2BKz4RpF5q%2FseqDGU9fvsZK7kayZITrUogFohmjf9t%2FPdpiRKoEHJS3hAMJP5pUZBr6xEBoIdQGM4lnIM4zSnCnETH7%2B6OkG9B46ajFG6Tr1AQrl1trQ6Npji8C2%2FQ0i8sAvDpNeW"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
expires: Fri, 23 Sep 2022 16:15:11 GMT
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 74ec5681499d9bb0-FRA
cf-bgj: imgq:85,h2pri

GET
H3 200 D694B3AB12381C049B127B34DC11A792684BA8B6EE8B598D6E4045678591B7D0DC6B2CEF7528F06BB05FC11826A1D16CF24DA68FCFC2416343996FBFC05A3155
assets.ad4m.at/logo/ Frame F412 53 KB
54 KB 27ms
26ms Image
image/webp 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/D694B3AB12381C049B127B34DC11A792684BA8B6EE8B598D6E4045678591B7D0DC6B2CEF7528F06BB05FC11826A1D16CF24DA68FCFC2416343996FBFC05A3155
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=183975%2C22925%2C195017&b=e7RC3fVfrkRMajHZHet1t4jXTwSQTx8Ja1%2CMxefzfrfw4QsWHEHGtDt66BTBS4Tb6ku3%2C2beH6fqfjA7xtVHWHkt8txx5FxS7T7G4fg&f=DjeT3fwfGA3rF3HmH9twCZ3kTxSmTk8rFV%2C62Zcef3fK8VueHmHYtECWW8aYS1T2qJs7%2C4rehEf5fAQEZcGH9HdtzCmm7abSpTr6XuK&c=728&d=90&e=&g=8eaa81d6dc3b3952bcd66cbf65e3be14%2F13756239879287092410&i=20597%2C20774%2C20773&j=21%2C14%2C14&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1663863311421&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jg0nnn2qhhrmw7dgzfk8xjxk7yqb1ymapf5sp08vtzz5k2fvnyg6spqfnwd33z7s1p9jb2dr05mzm45am4vvvfay6ab8vnhz5vdwb8gkmc2h96ag8ja3hg66tmv9s1192j70fkm1v148zxk389wpdxavf9hgkx05k1hddbpda8yd01y98byr2zyjmwrn1y4harwmff7hz0ex6y7kbk49e4jnyp0xeaa6pcysyxa0zyygwqw8ne1vq2vt1mf11yag1bs5jwwr8bby%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCHWK4DYosY_KzL9KprASw-rvABJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTEyNzY2NDE0MzQ2NTEzNjCgAcKu6N0DyAEJqQIuLRCGYo6wPuACAKgDAaoEkAJP0HuRmZSdj-T_urpqJeAzggjDUDltRPbxmp0Jc1Q-burtz8rc0707FVZ_MAwjwfcI9eT6lNeUnC_9T1wPiUv62fHOIzzxiwsi_9pip_8X78tESeEcKWScWQ3rtcWLLJ31uXl2j8GJ2ynpOs-EPVm17YYW7GFshEafdx4Dlha8kX7ls9kgZjyxnNci2z3Gi8PpViUc5xDfAl_ezbxAii_4NvehnKPgyANViCt2c-j2Fbufc2sRGtREkq_3dkYO-kekEyBhJXz7e0KBi-Lb8uXWzw8Dw5WsfBMZ3esD0TdLWoIGQnmPxZKSxqecLloWFRYLiKKjW4ZHEaLpwfBLIUZV6exdzuVVBMmCGaCtvDTCBOAEAYAGv8uJxrfT-dFboAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_0rg4TMi1rEWj0fpEc_p4_XmWQMXw%2526client%253Dca-pub-1276641434651360%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f7cdf71044448cb736733f5163fff96081d51ba4101567d61d22ee5998a7a399

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 16:15:11 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2579281
cf-polished: origFmt=png, origSize=115129
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 54564
last-modified: Tue, 09 Feb 2021 15:11:24 GMT
server: cloudflare
etag: "0a277d59efca0369a6983645e273659e"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MEPXVOHqGxUc3rbsP7an7tlmS%2BJv%2BD2jxYOsEK4PeR1FtRg8uz7lOHAirwnChveCDPXrRmxEmoHJmca4GEZQHAIiClzh27s7hzd3DX0Z62Slb4u7Y9Xxntpk50SD5uMs9g9ZRY4Dyrf3D%2Fsz"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
expires: Fri, 23 Sep 2022 16:15:11 GMT
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 74ec568149a09bb0-FRA
cf-bgj: imgq:85,h2pri

GET
H3 200 6486455729BD96BDB8E481E3F0AFB23C855E4C9DE0A632584D1F8D6C5F1005300BBB8C5B4E62E496B41D404576EFD68869DA14CD92C2EDFC6AAE9F735B87038D
assets.ad4m.at/product_image/ Frame F412 15 KB
15 KB 21ms
20ms Image
image/webp 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/6486455729BD96BDB8E481E3F0AFB23C855E4C9DE0A632584D1F8D6C5F1005300BBB8C5B4E62E496B41D404576EFD68869DA14CD92C2EDFC6AAE9F735B87038D
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=183975%2C22925%2C195017&b=e7RC3fVfrkRMajHZHet1t4jXTwSQTx8Ja1%2CMxefzfrfw4QsWHEHGtDt66BTBS4Tb6ku3%2C2beH6fqfjA7xtVHWHkt8txx5FxS7T7G4fg&f=DjeT3fwfGA3rF3HmH9twCZ3kTxSmTk8rFV%2C62Zcef3fK8VueHmHYtECWW8aYS1T2qJs7%2C4rehEf5fAQEZcGH9HdtzCmm7abSpTr6XuK&c=728&d=90&e=&g=8eaa81d6dc3b3952bcd66cbf65e3be14%2F13756239879287092410&i=20597%2C20774%2C20773&j=21%2C14%2C14&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1663863311421&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jg0nnn2qhhrmw7dgzfk8xjxk7yqb1ymapf5sp08vtzz5k2fvnyg6spqfnwd33z7s1p9jb2dr05mzm45am4vvvfay6ab8vnhz5vdwb8gkmc2h96ag8ja3hg66tmv9s1192j70fkm1v148zxk389wpdxavf9hgkx05k1hddbpda8yd01y98byr2zyjmwrn1y4harwmff7hz0ex6y7kbk49e4jnyp0xeaa6pcysyxa0zyygwqw8ne1vq2vt1mf11yag1bs5jwwr8bby%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCHWK4DYosY_KzL9KprASw-rvABJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTEyNzY2NDE0MzQ2NTEzNjCgAcKu6N0DyAEJqQIuLRCGYo6wPuACAKgDAaoEkAJP0HuRmZSdj-T_urpqJeAzggjDUDltRPbxmp0Jc1Q-burtz8rc0707FVZ_MAwjwfcI9eT6lNeUnC_9T1wPiUv62fHOIzzxiwsi_9pip_8X78tESeEcKWScWQ3rtcWLLJ31uXl2j8GJ2ynpOs-EPVm17YYW7GFshEafdx4Dlha8kX7ls9kgZjyxnNci2z3Gi8PpViUc5xDfAl_ezbxAii_4NvehnKPgyANViCt2c-j2Fbufc2sRGtREkq_3dkYO-kekEyBhJXz7e0KBi-Lb8uXWzw8Dw5WsfBMZ3esD0TdLWoIGQnmPxZKSxqecLloWFRYLiKKjW4ZHEaLpwfBLIUZV6exdzuVVBMmCGaCtvDTCBOAEAYAGv8uJxrfT-dFboAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_0rg4TMi1rEWj0fpEc_p4_XmWQMXw%2526client%253Dca-pub-1276641434651360%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 88c4ce8d34a9daa60952a5e3c77f6a430e87ef15ad67d03105131dcdeb04131d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 16:15:11 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2571801
cf-polished: qual=85, origFmt=jpeg, origSize=29501
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 15016
last-modified: Mon, 06 Apr 2020 13:24:35 GMT
server: cloudflare
etag: "2ea521e9d32f25981bf850882042e821"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w%2F0%2FAo9XiUXpY3HBJuiCuQryQt0AEubvZqRSHiCRQfhh7H%2BkTFW%2FzQn1bzIXvlUlNwkIVgUnfgjZ3gJ1%2BUKB458aK0fn%2B2Y2%2F0ex%2FjgiULzQVjLYLLrMDTp%2FDVQsxSqsHUd72ciZvH5v9c3S"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
expires: Fri, 23 Sep 2022 16:15:11 GMT
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 74ec568149a39bb0-FRA
cf-bgj: imgq:85,h2pri

GET
H/1.1

200
OK

/
partner.o2online.de/a/ Frame F412
Redirect Chain

https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_t...
https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_pre=CIu-kO3lqPoCFTTLuwgdd-MK0g;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=...
https://www.telefonica-partner.de/tpv.php?t=117679V1226132702M&subid=viewoneidMxefzfrfw4QsWHEHGtDt66BTBS4Tb6ku3oneid__dc_reach_suite02wkz&gdpr_consent=&gdpr=0&gdpr_pd=0
https://www.lead-alliance.net/tpv.php?t=117679V1226132702M&subid=viewoneidMxefzfrfw4QsWHEHGtDt66BTBS4Tb6ku3oneid__dc_reach_suite02wkz&gdpr_consent=&gdpr=0&gdpr_pd=0
https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117679&s_id=2022092218151176705956409X117679V1226132702MSviewoneidMxefzfrfw4QsWHEHGtDt66BTBS4Tb6ku3oneid__dc_reach...

49 B
1 KB

127ms
25ms

Image
image/gif

88.99.63.132
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117679&s_id=2022092218151176705956409X117679V1226132702MSviewoneidMxefzfrfw4QsWHEHGtDt66BTBS4Tb6ku3oneid__dc_reach_suite02wkz&gdpr_consent=&gdpr=0&cons=0&spid=2022092218151176705956409X117679V1226132702MSviewoneidMxefzfrfw4QsWHEHGtDt66BTBS4Tb6ku3oneid__dc_reach_suite02wkz&wfid=117679&partnerid=12218
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=183975%2C22925%2C195017&b=e7RC3fVfrkRMajHZHet1t4jXTwSQTx8Ja1%2CMxefzfrfw4QsWHEHGtDt66BTBS4Tb6ku3%2C2beH6fqfjA7xtVHWHkt8txx5FxS7T7G4fg&f=DjeT3fwfGA3rF3HmH9twCZ3kTxSmTk8rFV%2C62Zcef3fK8VueHmHYtECWW8aYS1T2qJs7%2C4rehEf5fAQEZcGH9HdtzCmm7abSpTr6XuK&c=728&d=90&e=&g=8eaa81d6dc3b3952bcd66cbf65e3be14%2F13756239879287092410&i=20597%2C20774%2C20773&j=21%2C14%2C14&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1663863311421&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jg0nnn2qhhrmw7dgzfk8xjxk7yqb1ymapf5sp08vtzz5k2fvnyg6spqfnwd33z7s1p9jb2dr05mzm45am4vvvfay6ab8vnhz5vdwb8gkmc2h96ag8ja3hg66tmv9s1192j70fkm1v148zxk389wpdxavf9hgkx05k1hddbpda8yd01y98byr2zyjmwrn1y4harwmff7hz0ex6y7kbk49e4jnyp0xeaa6pcysyxa0zyygwqw8ne1vq2vt1mf11yag1bs5jwwr8bby%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCHWK4DYosY_KzL9KprASw-rvABJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTEyNzY2NDE0MzQ2NTEzNjCgAcKu6N0DyAEJqQIuLRCGYo6wPuACAKgDAaoEkAJP0HuRmZSdj-T_urpqJeAzggjDUDltRPbxmp0Jc1Q-burtz8rc0707FVZ_MAwjwfcI9eT6lNeUnC_9T1wPiUv62fHOIzzxiwsi_9pip_8X78tESeEcKWScWQ3rtcWLLJ31uXl2j8GJ2ynpOs-EPVm17YYW7GFshEafdx4Dlha8kX7ls9kgZjyxnNci2z3Gi8PpViUc5xDfAl_ezbxAii_4NvehnKPgyANViCt2c-j2Fbufc2sRGtREkq_3dkYO-kekEyBhJXz7e0KBi-Lb8uXWzw8Dw5WsfBMZ3esD0TdLWoIGQnmPxZKSxqecLloWFRYLiKKjW4ZHEaLpwfBLIUZV6exdzuVVBMmCGaCtvDTCBOAEAYAGv8uJxrfT-dFboAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_0rg4TMi1rEWj0fpEc_p4_XmWQMXw%2526client%253Dca-pub-1276641434651360%2526adurl%253D&y=1&s=&z=0
Protocol: HTTP/1.1
Server: 88.99.63.132 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: nonstopads3.sunbonet.de
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Thu, 22 Sep 2022 16:15:11 GMT
X-NODEIP: 88.99.63.132
Server: nginx/1.18.0 (Ubuntu)
RM-PrivacyPolicy: https://www.nonstoppartner.net/
P3P: policyref="https://a.nonstoppartner.net/w3c/p3p.a.xml", CP="NOI CUR OUR STP"
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=10
Content-Length: 49

Redirect headers

location: https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117679&s_id=2022092218151176705956409X117679V1226132702MSviewoneidMxefzfrfw4QsWHEHGtDt66BTBS4Tb6ku3oneid__dc_reach_suite02wkz&gdpr_consent=&gdpr=0&cons=0&spid=2022092218151176705956409X117679V1226132702MSviewoneidMxefzfrfw4QsWHEHGtDt66BTBS4Tb6ku3oneid__dc_reach_suite02wkz&wfid=117679&partnerid=12218
date: Thu, 22 Sep 2022 16:15:11 GMT
x-content-type-options: nosniff
server: nginx
x-xss-protection: 1; mode=block
content-type: text/html; charset=UTF-8

GET
H3 200 DF9A32151D42BCC835EC0C9BE62CF0094313EE46FD4E5D3DC0F1217B7F8F1AD49F0F4DDF5D50AE1511A12D11F97A6BCA3DF8CE9D056CE7A3DC11AF6ED1255D71
assets.ad4m.at/logo/ Frame F412 9 KB
10 KB 30ms
29ms Image
image/webp 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/DF9A32151D42BCC835EC0C9BE62CF0094313EE46FD4E5D3DC0F1217B7F8F1AD49F0F4DDF5D50AE1511A12D11F97A6BCA3DF8CE9D056CE7A3DC11AF6ED1255D71
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=183975%2C22925%2C195017&b=e7RC3fVfrkRMajHZHet1t4jXTwSQTx8Ja1%2CMxefzfrfw4QsWHEHGtDt66BTBS4Tb6ku3%2C2beH6fqfjA7xtVHWHkt8txx5FxS7T7G4fg&f=DjeT3fwfGA3rF3HmH9twCZ3kTxSmTk8rFV%2C62Zcef3fK8VueHmHYtECWW8aYS1T2qJs7%2C4rehEf5fAQEZcGH9HdtzCmm7abSpTr6XuK&c=728&d=90&e=&g=8eaa81d6dc3b3952bcd66cbf65e3be14%2F13756239879287092410&i=20597%2C20774%2C20773&j=21%2C14%2C14&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1663863311421&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jg0nnn2qhhrmw7dgzfk8xjxk7yqb1ymapf5sp08vtzz5k2fvnyg6spqfnwd33z7s1p9jb2dr05mzm45am4vvvfay6ab8vnhz5vdwb8gkmc2h96ag8ja3hg66tmv9s1192j70fkm1v148zxk389wpdxavf9hgkx05k1hddbpda8yd01y98byr2zyjmwrn1y4harwmff7hz0ex6y7kbk49e4jnyp0xeaa6pcysyxa0zyygwqw8ne1vq2vt1mf11yag1bs5jwwr8bby%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCHWK4DYosY_KzL9KprASw-rvABJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTEyNzY2NDE0MzQ2NTEzNjCgAcKu6N0DyAEJqQIuLRCGYo6wPuACAKgDAaoEkAJP0HuRmZSdj-T_urpqJeAzggjDUDltRPbxmp0Jc1Q-burtz8rc0707FVZ_MAwjwfcI9eT6lNeUnC_9T1wPiUv62fHOIzzxiwsi_9pip_8X78tESeEcKWScWQ3rtcWLLJ31uXl2j8GJ2ynpOs-EPVm17YYW7GFshEafdx4Dlha8kX7ls9kgZjyxnNci2z3Gi8PpViUc5xDfAl_ezbxAii_4NvehnKPgyANViCt2c-j2Fbufc2sRGtREkq_3dkYO-kekEyBhJXz7e0KBi-Lb8uXWzw8Dw5WsfBMZ3esD0TdLWoIGQnmPxZKSxqecLloWFRYLiKKjW4ZHEaLpwfBLIUZV6exdzuVVBMmCGaCtvDTCBOAEAYAGv8uJxrfT-dFboAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_0rg4TMi1rEWj0fpEc_p4_XmWQMXw%2526client%253Dca-pub-1276641434651360%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5eeedf9055f9efab9127642b4c44135be9f404caa7ce08e51a5ea734dfd28828

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 16:15:11 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2571198
cf-polished: origFmt=png, origSize=24833
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 9258
last-modified: Tue, 09 Feb 2021 15:11:57 GMT
server: cloudflare
etag: "174bb0dc35647e204b09aa120965604a"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yZyE7XUpJtFNc2sUp%2BBQC1GNKR9Oe5rhHJ8WrcxpMp5ucPt2UJ65ZZab6ooptRiFgMgeML7ugqT5%2BDVbefdYVX8OYzV3G3vsEhF164cIxCjBuA4vdMI7fGMKvgHVfKQ1EOlzoiLMyq6TEOvh"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
expires: Fri, 23 Sep 2022 16:15:11 GMT
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 74ec568149a59bb0-FRA
cf-bgj: imgq:85,h2pri

GET
H3 200 E9D375C72282EE56D8DA5AD27266D69B7BFE40E40C948577C3783C3219F98DD01F9931DC8CCF9B67D3492B05912CD4E83AC0FF6D46D2312F3BB13A1DCC095909
assets.ad4m.at/product_image/ Frame F412 17 KB
18 KB 24ms
23ms Image
image/webp 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/E9D375C72282EE56D8DA5AD27266D69B7BFE40E40C948577C3783C3219F98DD01F9931DC8CCF9B67D3492B05912CD4E83AC0FF6D46D2312F3BB13A1DCC095909
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=183975%2C22925%2C195017&b=e7RC3fVfrkRMajHZHet1t4jXTwSQTx8Ja1%2CMxefzfrfw4QsWHEHGtDt66BTBS4Tb6ku3%2C2beH6fqfjA7xtVHWHkt8txx5FxS7T7G4fg&f=DjeT3fwfGA3rF3HmH9twCZ3kTxSmTk8rFV%2C62Zcef3fK8VueHmHYtECWW8aYS1T2qJs7%2C4rehEf5fAQEZcGH9HdtzCmm7abSpTr6XuK&c=728&d=90&e=&g=8eaa81d6dc3b3952bcd66cbf65e3be14%2F13756239879287092410&i=20597%2C20774%2C20773&j=21%2C14%2C14&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1663863311421&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jg0nnn2qhhrmw7dgzfk8xjxk7yqb1ymapf5sp08vtzz5k2fvnyg6spqfnwd33z7s1p9jb2dr05mzm45am4vvvfay6ab8vnhz5vdwb8gkmc2h96ag8ja3hg66tmv9s1192j70fkm1v148zxk389wpdxavf9hgkx05k1hddbpda8yd01y98byr2zyjmwrn1y4harwmff7hz0ex6y7kbk49e4jnyp0xeaa6pcysyxa0zyygwqw8ne1vq2vt1mf11yag1bs5jwwr8bby%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCHWK4DYosY_KzL9KprASw-rvABJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTEyNzY2NDE0MzQ2NTEzNjCgAcKu6N0DyAEJqQIuLRCGYo6wPuACAKgDAaoEkAJP0HuRmZSdj-T_urpqJeAzggjDUDltRPbxmp0Jc1Q-burtz8rc0707FVZ_MAwjwfcI9eT6lNeUnC_9T1wPiUv62fHOIzzxiwsi_9pip_8X78tESeEcKWScWQ3rtcWLLJ31uXl2j8GJ2ynpOs-EPVm17YYW7GFshEafdx4Dlha8kX7ls9kgZjyxnNci2z3Gi8PpViUc5xDfAl_ezbxAii_4NvehnKPgyANViCt2c-j2Fbufc2sRGtREkq_3dkYO-kekEyBhJXz7e0KBi-Lb8uXWzw8Dw5WsfBMZ3esD0TdLWoIGQnmPxZKSxqecLloWFRYLiKKjW4ZHEaLpwfBLIUZV6exdzuVVBMmCGaCtvDTCBOAEAYAGv8uJxrfT-dFboAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_0rg4TMi1rEWj0fpEc_p4_XmWQMXw%2526client%253Dca-pub-1276641434651360%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f52afbdc9b50ea83386ec3f01d5b7f960c612515f6904541b370334f8d9676c0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 16:15:11 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2576722
cf-polished: qual=85, origFmt=jpeg, origSize=63020
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 17696
last-modified: Tue, 07 Jun 2022 13:12:55 GMT
server: cloudflare
etag: "d0374826c2da26747cdba3111108f584"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AjbFGArJVPoDpC2Ukt7Z20uaJKg4PIoDkGwCA42yIohPHu5x9iI0Tg09Zi9u3mAV8jSLKgbRtdIvaU%2BQxDTw4LaOv0o2utNZBZH3XDN50p2eJiz2QnFEdCp6%2BHyF3uJO%2BRo2MM5IPUGMkcyd"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
expires: Fri, 23 Sep 2022 16:15:11 GMT
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 74ec568149a79bb0-FRA
cf-bgj: imgq:85,h2pri

GET
H/1.1

200
OK

/
partner.blau.de/a/ Frame F412
Redirect Chain

https://ad.doubleclick.net/ddm/trackimp/N773418.3163536BLAU_AFFILIATE/B25532621.345088000;dc_trk_aid=536454876;dc_trk_cid=177082088;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed...
https://ad.doubleclick.net/ddm/trackimp/N773418.3163536BLAU_AFFILIATE/B25532621.345088000;dc_pre=CNDAkO3lqPoCFXyd_QcdqA8FkQ;dc_trk_aid=536454876;dc_trk_cid=177082088;ord=%7B%7Btimestamp%7D%7D;dc_la...
https://www.telefonica-partner.de/tpv.php?t=117663V1225131106M&subid=mm_SUBIDTEST_view
https://www.lead-alliance.net/tpv.php?t=117663V1225131106M&subid=mm_SUBIDTEST_view
https://partner.blau.de/a/?i=pview&client=blau&camp=pview&l=de&nw=lea1&affiliate=117663&s_id=2022092218151176705956407X117663V1225131106MSmm_SUBIDTEST_view&gdpr_consent=&gdpr=0&cons=0

49 B
1 KB

98ms
27ms

Image
image/gif

78.46.85.162
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://partner.blau.de/a/?i=pview&client=blau&camp=pview&l=de&nw=lea1&affiliate=117663&s_id=2022092218151176705956407X117663V1225131106MSmm_SUBIDTEST_view&gdpr_consent=&gdpr=0&cons=0
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=183975%2C22925%2C195017&b=e7RC3fVfrkRMajHZHet1t4jXTwSQTx8Ja1%2CMxefzfrfw4QsWHEHGtDt66BTBS4Tb6ku3%2C2beH6fqfjA7xtVHWHkt8txx5FxS7T7G4fg&f=DjeT3fwfGA3rF3HmH9twCZ3kTxSmTk8rFV%2C62Zcef3fK8VueHmHYtECWW8aYS1T2qJs7%2C4rehEf5fAQEZcGH9HdtzCmm7abSpTr6XuK&c=728&d=90&e=&g=8eaa81d6dc3b3952bcd66cbf65e3be14%2F13756239879287092410&i=20597%2C20774%2C20773&j=21%2C14%2C14&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1663863311421&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jg0nnn2qhhrmw7dgzfk8xjxk7yqb1ymapf5sp08vtzz5k2fvnyg6spqfnwd33z7s1p9jb2dr05mzm45am4vvvfay6ab8vnhz5vdwb8gkmc2h96ag8ja3hg66tmv9s1192j70fkm1v148zxk389wpdxavf9hgkx05k1hddbpda8yd01y98byr2zyjmwrn1y4harwmff7hz0ex6y7kbk49e4jnyp0xeaa6pcysyxa0zyygwqw8ne1vq2vt1mf11yag1bs5jwwr8bby%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCHWK4DYosY_KzL9KprASw-rvABJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTEyNzY2NDE0MzQ2NTEzNjCgAcKu6N0DyAEJqQIuLRCGYo6wPuACAKgDAaoEkAJP0HuRmZSdj-T_urpqJeAzggjDUDltRPbxmp0Jc1Q-burtz8rc0707FVZ_MAwjwfcI9eT6lNeUnC_9T1wPiUv62fHOIzzxiwsi_9pip_8X78tESeEcKWScWQ3rtcWLLJ31uXl2j8GJ2ynpOs-EPVm17YYW7GFshEafdx4Dlha8kX7ls9kgZjyxnNci2z3Gi8PpViUc5xDfAl_ezbxAii_4NvehnKPgyANViCt2c-j2Fbufc2sRGtREkq_3dkYO-kekEyBhJXz7e0KBi-Lb8uXWzw8Dw5WsfBMZ3esD0TdLWoIGQnmPxZKSxqecLloWFRYLiKKjW4ZHEaLpwfBLIUZV6exdzuVVBMmCGaCtvDTCBOAEAYAGv8uJxrfT-dFboAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_0rg4TMi1rEWj0fpEc_p4_XmWQMXw%2526client%253Dca-pub-1276641434651360%2526adurl%253D&y=1&s=&z=0
Protocol: HTTP/1.1
Server: 78.46.85.162 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: nonstopads1.sunbonet.de
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Thu, 22 Sep 2022 16:15:11 GMT
X-NODEIP: 78.46.85.162
Server: nginx/1.10.3 (Ubuntu)
RM-PrivacyPolicy: https://www.nonstoppartner.net/
P3P: policyref="https://a.nonstoppartner.net/w3c/p3p.a.xml", CP="NOI CUR OUR STP"
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=10
Content-Length: 49

Redirect headers

location: https://partner.blau.de/a/?i=pview&client=blau&camp=pview&l=de&nw=lea1&affiliate=117663&s_id=2022092218151176705956407X117663V1225131106MSmm_SUBIDTEST_view&gdpr_consent=&gdpr=0&cons=0
date: Thu, 22 Sep 2022 16:15:11 GMT
x-content-type-options: nosniff
server: nginx
x-xss-protection: 1; mode=block
content-type: text/html; charset=UTF-8

GET
H2 200 pvClk.min.js Show response
analytics.webgains.io/ Frame 4DAD 85 KB
85 KB 134ms
21ms Script
text/javascript 18.66.15.79
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.webgains.io/pvClk.min.js
Requested by: Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=713569&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1gqs3tzjpr0htngy8mckq8jm3vxndhn65cc2rjwdqm1mwqyq6bgjtc73kf01xs39n3ajedt6hx65xc4yyyf84d8nm2c5ptjg4ehkkk8k44nycpzaprf6v63qanf3tghg46ecmzm8cezrt0e3v1d45385kxsj0y7agnhk044r1vyd34rnyhr2exna4dszedzsbg8pcw39napt31ktcx1yt1dkhhqfdvcmc6x9p7b74nqgn0b0qv1eh5kszrb4scs534%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1gq8c2cmhqqbpxm1qjekdb316k1rp6e547x9gke81njgn4tsvybjshefdgasq35ajnermq8bfxjdk9d0h9x1cag2tcf5f7r9fb57b3m87sex2fsrbpx5yw4sm9zb40tggzb3twv9nfpeakagvgz6k9j9f8kbasakg4sf53da2kzxr3bc5vqa0nc3xq4847s3kw9wqsc3hephcvcw1g6etbt632tn3gk2axfn18skxswr5e59pk4xfstp1g091xc2tsdgx9rgsymzj%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCLk-BDYosY_b-H4zu3gOFj7yYCJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTEyNzY2NDE0MzQ2NTEzNjCgAcKu6N0DyAEJqQJytCsqX4mwPuACAKgDAaoEkwJP0NzPBm30HQzy1Ho9kFRPUhjh2lIQDxjcauTEsDDAmkvTJxe0wHz_B-JJxcP0MNQGyWXEHKWnRSwW3QlK8OyS0y3FMEy4g7kbveaCf4Hrz71go-2ZMPYTqZbRkZLe7kEO51fOnw7pY3105GWkHuwbXuMgeTnLHOcocUwcSI2etyUKgMdSmoqbX2rqXAkk3pMqqn0GSGQcACEteaK1EigxTGs_ramlV2JtZZIsM9Cty5Z3yG4R1D0K_JtJ9Z2ZPlT9Auwj-Zac5X7vF_A5Q0V3oupuRQdUy24owghuvcY_LUtj9-_HkkXzfQ-NZEXqc2I4g90SrMUaVFKXSyQQtT0qS7F90gTYkf9cc1eOc0VjONX66OAEAYAGv8uJxrfT-dFboAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_2jJRgiVXjgZri6ziBY-Q12dASoWw%252526client%25253Dca-pub-1276641434651360%252526adurl%25253D&clickref=oneidr2GcQf9fd3jTAH7HjtJCBwxuYS8TKxdhdoneid__dc_reach_suite02wkz&viewref=oneid4rehEf5fRAzhGH9HdtAtmJAsbSpTr6XuKoneid__dc_reach_suite02wkz
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.15.79 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-15-79.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ddf89cdacf98bb3a625393cc6301c0e57d1a40b9aab4e246c21c9a37301580dc

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 03:15:40 GMT
via: 1.1 127e1ddb6224f10ae9e484392afd1b6c.cloudfront.net (CloudFront)
last-modified: Tue, 23 Aug 2022 13:40:24 GMT
server: AmazonS3
age: 46774
etag: "42f12532a1be9c2d028e26e9b82a99a2"
x-cache: Hit from cloudfront
content-type: text/javascript
x-amz-cf-pop: VIE50-P1
content-length: 86537
x-amz-cf-id: 8Hnb7yuK0z7IzzCkZLnpcVZTT5h9OQS8wsO9B7icKY-TnPHrnsgsvA==

GET
H2 200 Logo%20RGB.png
cdn.track.production.webgains.team/12607/ Frame 4DAD 85 KB
85 KB 111ms
26ms Image
image/png 18.66.15.50
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.track.production.webgains.team/12607/Logo%20RGB.png?Expires=1663863611&Signature=lt-gYhsmuaaZfAsCeNKOQxjCWgHbOzX9SOIV7CvlSY5RR8ve1FXk2XZYOuD4yLjAFxPMLZsiPAX4SPFjJM6foj63lakK8xXYC3AW2GhGd0apWfF~AaYfYPMiTGZVtXwzWCOkro1z6dvNdwDopjaEs7r1ZpfoiElBmCjmxcW0GW-1JRaIrBS6DbYO3nexMPAW9GHXE7q9b5lbnI0bxqT5YivWaCE0MZxg2twS19A98d53YpQrXRQn2Q1BCvBBKvcHqh0OZFyv1InRqf44mFLrEPIQ9crekGScWh9ZuntgIanOwvT6VbXEn3Qvi0BdJ2SQjZnVkTJOqD4GrHA5pKtrBA__&Key-Pair-Id=K28VXAGA7VWE0O
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=22451%2C24673%2C14019&b=PxefBfbfM5Qa9HjHbtMtR5KaJS9TPM7Fp%2C4rehEf5fRAzhGH9HdtAtmJAsbSpTr6XuK%2CRx6fgfQfZx7TkHwH3tQtdWgf9SzTmqbF7&f=bM4CQfZfmzVaYHbHzt8Cpb1tbSJT5WecJ%2Cr2GcQf9fd3jTAH7HjtJCBwxuYS8TKxdhd%2CQxef4fjfbV7txH5HYt9CZekh6S4T5qBcV&c=728&d=90&e=&g=f53bc385ba76b587a9b1ea518d216ed6%2F2103268502690185678&i=25174%2C20430%2C21596&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1663863311004&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gq8c2cmhqqbpxm1qjekdb316k1rp6e547x9gke81njgn4tsvybjshefdgasq35ajnermq8bfxjdk9d0h9x1cag2tcf5f7r9fb57b3m87sex2fsrbpx5yw4sm9zb40tggzb3twv9nfpeakagvgz6k9j9f8kbasakg4sf53da2kzxr3bc5vqa0nc3xq4847s3kw9wqsc3hephcvcw1g6etbt632tn3gk2axfn18skxswr5e59pk4xfstp1g091xc2tsdgx9rgsymzj%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCLk-BDYosY_b-H4zu3gOFj7yYCJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTEyNzY2NDE0MzQ2NTEzNjCgAcKu6N0DyAEJqQJytCsqX4mwPuACAKgDAaoEkwJP0NzPBm30HQzy1Ho9kFRPUhjh2lIQDxjcauTEsDDAmkvTJxe0wHz_B-JJxcP0MNQGyWXEHKWnRSwW3QlK8OyS0y3FMEy4g7kbveaCf4Hrz71go-2ZMPYTqZbRkZLe7kEO51fOnw7pY3105GWkHuwbXuMgeTnLHOcocUwcSI2etyUKgMdSmoqbX2rqXAkk3pMqqn0GSGQcACEteaK1EigxTGs_ramlV2JtZZIsM9Cty5Z3yG4R1D0K_JtJ9Z2ZPlT9Auwj-Zac5X7vF_A5Q0V3oupuRQdUy24owghuvcY_LUtj9-_HkkXzfQ-NZEXqc2I4g90SrMUaVFKXSyQQtT0qS7F90gTYkf9cc1eOc0VjONX66OAEAYAGv8uJxrfT-dFboAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_2jJRgiVXjgZri6ziBY-Q12dASoWw%2526client%253Dca-pub-1276641434651360%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.15.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-15-50.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 272d25a3bc4e780b90797dc968a382dbccaa40157d7612ace2f59f2768a6bb86

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-amz-version-id: null
via: 1.1 75373f3f77c169166bbce98d302dff7c.cloudfront.net (CloudFront)
last-modified: Fri, 06 May 2022 09:41:36 GMT
server: AmazonS3
age: 43992
etag: "92f323c42d6018008b4cf82e90ac9639"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/png
date: Thu, 22 Sep 2022 04:02:00 GMT
x-amz-cf-pop: VIE50-P1
accept-ranges: bytes
content-length: 86991
x-amz-cf-id: JV5h6hT1adWMKcz25VU8t9suc2TsC_nlAGsMY8ycMyjBiTMPAaik4A==

GET
H2 200 pvClk.min.js Show response
analytics.webgains.io/ Frame 3FEB 85 KB
85 KB 164ms
53ms Script
text/javascript 18.66.15.79
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.webgains.io/pvClk.min.js
Requested by: Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=713569&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1kef7fsbfc3vmrerfqq3kjaefej2pdj3syxmpypx39qfebtrqewyzz5trsaqwks0khzp5az3wset6ahptzketde6f9eppr24je9949jtec1dpz8ajyz7k352zjqek9vmw1v7bvm9xqczpqmfp5extfq0r3fav9rp5sfcpdf4d9zms62ycpa76fsfetvt4z6w20hpk9sqr8xwpmqeahbb62k0h9v6xg7shae7aqmq5a8kjz2d3jy8n71ewdvp59262g9g%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1kz9qtkvq5t5z66amjqjj4ecm8dfesrdz6fjnckqqnkepcv3gm32w48507fzgreaq1ve2d02y9c4f8p78rxs0wd423vp84ptp043cpwe74hdb0kx5jss1mk8bsqr5edrnk0saht594q5ax68wer6frm2c2e6pv507s6s5ynpv3fnz8g2v8se1966nhh3cb31sy38fwr856te6kzwnzcn1e7ztfgdhxzp6x81s9qqqrscp0sv52ghxvbrqp42mh6wtsmyd1nw3fgkm%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCo8u0DYosY-GGKKeQ78EPp6KvmAuQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0xMjc2NjQxNDM0NjUxMzYwoAHCrujdA8gBCakCLi0QhmKOsD6oAwGqBOoBT9ARCigLB4Ud3VwMcxQqWZKT9eM4d3gP9FOWz16aOKhPNB0_OhZFkAUkzhHvuUq3at-aOa-le-Ldq3kjK1nzVbj1iNJKHLwtiHltELYT10UcrmlDykeNAXtg5GAO8thcoYYrZJGKvuhooYf__0zkGWxFvpnux3GBoLje9ECqcECZXq9DhKOKJ8PsWBlWOjClD9PWrBU5SGUB2hT5cT8x0fzWeWglAO3ws6qOgTWvptBXW-qho7jIKRjaYurCzPb3ZS7tp1JmxAD2frSUpLG2MOLZTvYHygm12GBB2cCLJ2W-TnhmS3ZJqzeVgAbxur7BzIOftfwBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_3p4uolVJNVC0aDHq4ngYT2MOQ4sg%252526client%25253Dca-pub-1276641434651360%252526adurl%25253D&clickref=oneidr2GcQf9fd3jTAH7HjtJCBwxuYS8TKxdhdoneid__dc_reach_suite02wkz&viewref=oneid4rehEf5fRAzhGH9HdtAtmJAsbSpTr6XuKoneid__dc_reach_suite02wkz
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.15.79 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-15-79.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ddf89cdacf98bb3a625393cc6301c0e57d1a40b9aab4e246c21c9a37301580dc

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 03:15:40 GMT
via: 1.1 127e1ddb6224f10ae9e484392afd1b6c.cloudfront.net (CloudFront)
last-modified: Tue, 23 Aug 2022 13:40:24 GMT
server: AmazonS3
age: 46774
etag: "42f12532a1be9c2d028e26e9b82a99a2"
x-cache: Hit from cloudfront
content-type: text/javascript
x-amz-cf-pop: VIE50-P1
content-length: 86537
x-amz-cf-id: bSFjMb1vm_NvquVRCIVoWNkV24b2vVYDUjvwCFyVXJvQ1AF5LStRAg==

GET
H2 200 Logo%20RGB.png
cdn.track.production.webgains.team/12607/ Frame 3FEB 85 KB
85 KB 140ms
56ms Image
image/png 18.66.15.50
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.track.production.webgains.team/12607/Logo%20RGB.png?Expires=1663863611&Signature=lt-gYhsmuaaZfAsCeNKOQxjCWgHbOzX9SOIV7CvlSY5RR8ve1FXk2XZYOuD4yLjAFxPMLZsiPAX4SPFjJM6foj63lakK8xXYC3AW2GhGd0apWfF~AaYfYPMiTGZVtXwzWCOkro1z6dvNdwDopjaEs7r1ZpfoiElBmCjmxcW0GW-1JRaIrBS6DbYO3nexMPAW9GHXE7q9b5lbnI0bxqT5YivWaCE0MZxg2twS19A98d53YpQrXRQn2Q1BCvBBKvcHqh0OZFyv1InRqf44mFLrEPIQ9crekGScWh9ZuntgIanOwvT6VbXEn3Qvi0BdJ2SQjZnVkTJOqD4GrHA5pKtrBA__&Key-Pair-Id=K28VXAGA7VWE0O
Requested by: Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=713569&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1kef7fsbfc3vmrerfqq3kjaefej2pdj3syxmpypx39qfebtrqewyzz5trsaqwks0khzp5az3wset6ahptzketde6f9eppr24je9949jtec1dpz8ajyz7k352zjqek9vmw1v7bvm9xqczpqmfp5extfq0r3fav9rp5sfcpdf4d9zms62ycpa76fsfetvt4z6w20hpk9sqr8xwpmqeahbb62k0h9v6xg7shae7aqmq5a8kjz2d3jy8n71ewdvp59262g9g%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1kz9qtkvq5t5z66amjqjj4ecm8dfesrdz6fjnckqqnkepcv3gm32w48507fzgreaq1ve2d02y9c4f8p78rxs0wd423vp84ptp043cpwe74hdb0kx5jss1mk8bsqr5edrnk0saht594q5ax68wer6frm2c2e6pv507s6s5ynpv3fnz8g2v8se1966nhh3cb31sy38fwr856te6kzwnzcn1e7ztfgdhxzp6x81s9qqqrscp0sv52ghxvbrqp42mh6wtsmyd1nw3fgkm%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCo8u0DYosY-GGKKeQ78EPp6KvmAuQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0xMjc2NjQxNDM0NjUxMzYwoAHCrujdA8gBCakCLi0QhmKOsD6oAwGqBOoBT9ARCigLB4Ud3VwMcxQqWZKT9eM4d3gP9FOWz16aOKhPNB0_OhZFkAUkzhHvuUq3at-aOa-le-Ldq3kjK1nzVbj1iNJKHLwtiHltELYT10UcrmlDykeNAXtg5GAO8thcoYYrZJGKvuhooYf__0zkGWxFvpnux3GBoLje9ECqcECZXq9DhKOKJ8PsWBlWOjClD9PWrBU5SGUB2hT5cT8x0fzWeWglAO3ws6qOgTWvptBXW-qho7jIKRjaYurCzPb3ZS7tp1JmxAD2frSUpLG2MOLZTvYHygm12GBB2cCLJ2W-TnhmS3ZJqzeVgAbxur7BzIOftfwBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_3p4uolVJNVC0aDHq4ngYT2MOQ4sg%252526client%25253Dca-pub-1276641434651360%252526adurl%25253D&clickref=oneidr2GcQf9fd3jTAH7HjtJCBwxuYS8TKxdhdoneid__dc_reach_suite02wkz&viewref=oneid4rehEf5fRAzhGH9HdtAtmJAsbSpTr6XuKoneid__dc_reach_suite02wkz
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.15.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-15-50.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 272d25a3bc4e780b90797dc968a382dbccaa40157d7612ace2f59f2768a6bb86

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-amz-version-id: null
via: 1.1 75373f3f77c169166bbce98d302dff7c.cloudfront.net (CloudFront)
last-modified: Fri, 06 May 2022 09:41:36 GMT
server: AmazonS3
age: 43992
etag: "92f323c42d6018008b4cf82e90ac9639"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/png
date: Thu, 22 Sep 2022 04:02:00 GMT
x-amz-cf-pop: VIE50-P1
accept-ranges: bytes
content-length: 86991
x-amz-cf-id: 8GGRRBXGfrtVd-QfNK-v561NaaS_er5WQILhYodnJkWe_2lI-FvRYA==

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 85B9 42 B
64 B 97ms
96ms Image
image/gif 2a00:1450:400d:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstvoDWxJpX8FPs6w6AIrH9Jw6LMQJjFiSw9lEBW-nNvKSoVXvxV1mNyhqH4BJZ40UJbRiiWCWWMxvaQ2BEPMYcjsSCTWgIwzlW-8qpUBHI3JW4D7IN2udp7NInvQdoXvHiyiKWb7w&sai=AMfl-YTzF5T9BJbNqKkrYMfedMqCs9aek8B8e2bsQHTnvbOghwQ__jHuoQofi8It-QK8PjCZnDdzJoVySKRwI3jAt525DLJoCE2O4YjBw7j4FzaNurDBuzZH1IxGkcg&sig=Cg0ArKJSzBfKQA2G7BQfEAE&cid=CAASF-Ro6nPqjHaiDWsQBcfnQNH_UUG0Rkun&id=ampim&o=301,763&d=728,90&ss=1600,1200&bs=1600,1200&mcvt=1011&mtos=0,0,1011,1011,1011&tos=0,0,1011,0,0&tfs=701&tls=1712&g=100&h=100&tt=1712&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0

Requested by

Host: www.secretchina.com
URL: https://www.secretchina.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.secretchina.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 22 Sep 2022 16:15:11 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 rar Show response
as.ad4m.at/ad/ Frame EEB3 11 KB
5 KB 39ms
39ms Document
text/html 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/rar?a=19840%2C196439%2C24673&b=Vx7fwfmf7p4TVHbHAtRtDJxaBSzTzQkTQ%2CJBeszf5f3drKCBH6H7tptrjQtxSgTbWguX%2C4rehEf5fRAzhGH9HdtAtmJAsbSpTr6XuK&f=m3AsefGfARbfmHZHZtQC6rQtKSwTX8AfA%2CGjeTBfpfXwxkcKHeHGtBC31dHZSYTeA9tE%2Cr2GcQf9fd3jTAH7HjtJCBwxuYS8TKxdhd&c=728&d=90&e=&g=16c2e55e4a9590aea04ea0fb6b0c5928%2F7858400548227888840&i=22610%2C25174%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1663863311551&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hdn96kc1nkcej93ptzah8jbm3pz5f9hkptcnsbe1bjj9t7y7mtt6zbjkemkfr7w116y0bkg38e4svzsmxekhbfx3tf8kgspm5r1ac7125rhtp9b48gpwbv6ayxp84k7c9s7rhqw9bqp257tb9wk65w70p30ce9wkzxp2w4vanszkqpm630gawhfkabgkyqmrea0x9315csgnzx1sx62rs6fj2x14snxeyr5hsn010g9mz1d9591bt4g87bxhn0jhqeyfrp5bspbc%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCHD-JDoosY__uEteGjuwP3oaSkAqQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0xMjc2NjQxNDM0NjUxMzYwoAHCrujdA8gBCakCLi0QhmKOsD7gAgCoAwGqBJACT9BmouPZbLVQ9ib4JGHIeWIHB1gRCfQGzI4U37WJT7mSE1E3sI4VOroH2CcIK0NASODSRekDHLB18Xylws3j0KQdwmlVQvpDd7X7LEQrU-ywaM1rH4NIZdQ7reu77EK7ZZnspKUx-fnDaKBOlQxfHnMVOsyMl07uzFE_ghyHhV6F6RFJ8Tb-aeSHTkOQQ5sKdrDdGMtfLhU8HiDYCGl-8VB4OBvY-9UgyUYjWQtpJ6oKZlcUN_DgbtkY6KVU8JsOQEZX4rlXjUk7MJ8nqLfGOSEmiwu3sSQQqw9hAGY_1whS-yXIA8saspuLAudO51Frd_IH3QNZR5VnUDS8fZW_iF0B54thoxEpNXoyPLtAIAXgBAGABr_Lica30_nRW6AGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_2CPKrYPM6QwJIIZ3wICQOCLldv1g%2526client%253Dca-pub-1276641434651360%2526adurl%253D&y=1&s=&z=0

Requested by

Host: ad4m.at
URL: https://ad4m.at/fxpcopuw.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b70e7500e2bf18aa7f7d863d25348ca9033430926ffabae3b558c5ca193606f8

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-ancestors * data:;frame-src ;img-src data:;manifest-src 'none';media-src 'none';navigate-to ;object-src 'none';prefetch-src 'none';script-src 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://as.ad4m.at/ad/dr?ed=1h9dk1w51bkkpw38tv98bb6a8jtk513rfqvq51sbe7s4ewnak40k2h9z4vc5texe79q4nydgb1j45nvm6dq7sqyhxaasq1axrssk0c58g13zdhwfhp9464vhvv16ebv14wkck58tzvkrm4vmj9vaf4rtc5wthnynafck3sfhx8336xf7rtvrh1fdbf3cwccnt73k9t2yzrmscqn0h56vy92mqrg3x8vcrsbqj0b54d9a4vjgxjpwvthvp1s6x9081tb022jrhp2n20h8abjy1r2w8gpg6k13pyny1b0b4dgtvgt4sh0veh4w4477temerkeh9zvzz5mvvrw4pbwee3dhd0dkhenqs7tqcs5gbmatxj0y160rrkn7d3jtymf5y1nrhgk7a4zvwpp0fg1ab7rx8c8fv4a6&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCHD-JDoosY__uEteGjuwP3oaSkAqQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0xMjc2NjQxNDM0NjUxMzYwoAHCrujdA8gBCakCLi0QhmKOsD7gAgCoAwGqBJACT9BmouPZbLVQ9ib4JGHIeWIHB1gRCfQGzI4U37WJT7mSE1E3sI4VOroH2CcIK0NASODSRekDHLB18Xylws3j0KQdwmlVQvpDd7X7LEQrU-ywaM1rH4NIZdQ7reu77EK7ZZnspKUx-fnDaKBOlQxfHnMVOsyMl07uzFE_ghyHhV6F6RFJ8Tb-aeSHTkOQQ5sKdrDdGMtfLhU8HiDYCGl-8VB4OBvY-9UgyUYjWQtpJ6oKZlcUN_DgbtkY6KVU8JsOQEZX4rlXjUk7MJ8nqLfGOSEmiwu3sSQQqw9hAGY_1whS-yXIA8saspuLAudO51Frd_IH3QNZR5VnUDS8fZW_iF0B54thoxEpNXoyPLtAIAXgBAGABr_Lica30_nRW6AGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2CPKrYPM6QwJIIZ3wICQOCLldv1g%26client%3Dca-pub-1276641434651360%26adurl%3D
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 74ec568169d49bb0-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Thu, 22 Sep 2022 16:15:11 GMT
expires: 0
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H2 200 pvClk.min.js Show response
analytics.webgains.io/ Frame 9B98 85 KB
85 KB 164ms
77ms Script
text/javascript 18.66.15.79
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.webgains.io/pvClk.min.js
Requested by: Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=3354045&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1j4xetz1vaas2cehvssg4hs619e9pbawf50rhvmyt12kj7ezn1r0gpdwbqc1t3zpse9cr3dr107c8pw3t276b0vqbbm0war9c4m40p0qm7se7eps3qpnkc1yqn72rt5gax4pxnpfcmkfxkw7gsss79t6gk6qg76pnf7h4z9kce6h7a6mxg3x0fjncnx5qzac5x2rd92dbk1s6ejjffpsm3kww5cbnrrvvqnnxq9aazxqvzw4eh1cq5907h631fg%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1j9pg95j96tzkbn5j53br27ndfx9a77pht56h2zsve15zv55jqvscxt47h9xmvvcw9fnjkzy6mns1te3320vxbxh7412hm1x8xfsprfzqzprzn20pamg60x77r7grstv0s27jnpw5pkgqk7vhtw6r5e0e680989mhc071jc47cyr1c40as4x09mp3014mqxw9asvq2cb9akbbbx3c851waka72666zkw7jfwqgjfjbj8ww12bnk69f5y9en78h4b2q0m0jt81vg9w%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCnjuKDYosY-i1H9Gi3gPUyJ_wDpDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTEyNzY2NDE0MzQ2NTEzNjCgAcKu6N0DyAEJqQIuLRCGYo6wPuACAKgDAaoEkwJP0D6CFnPu0-BEOcw3E6RU9jjxixi3W4aGGMhhWe5UJZowSi1stQAeVmQZKx310VPNYx89TQdOnlGnKUTGwvzB_Wbs2C2pLiFEXVkdxYoX3AVEC2dYLUk8cvlL2_LL_YJrxEk7lYuBXIiFkRMIqjq6rnoGmwiilgfjnyGiQMGWNM9MEHM0YTSJShVJS5uQKdNjcaP_RohowQ-dJruu-WtNDCb3XuivPplAh7AwhcLSelKrGU3H8ON0DRGveKk895pgq34ukE_1GqwfXWL4jZm3wJOJhy28O1ZTqD-mgfEWZQFdsqFnI5M29C5tiL3Iz6UjEVBrevtPsJmmSmG0il4HfbRcjxuQdtNq6GNTvboW_2dihOAEAYAGv8uJxrfT-dFboAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_0qa8hWRsRMYyzO_Dkf2k12ejc1wA%252526client%25253Dca-pub-1276641434651360%252526adurl%25253D&clickref=oneidgVXF8frfkpAGaPHbH8txCzDPhmSQTm7VFeoneid__dc_reach_suite02wkz&viewref=oneidwA3SdfjfD5b6hEHRH2tXtxVEUzSATDzRT5oneid__dc_reach_suite02wkz
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.15.79 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-15-79.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ddf89cdacf98bb3a625393cc6301c0e57d1a40b9aab4e246c21c9a37301580dc

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 03:15:40 GMT
via: 1.1 127e1ddb6224f10ae9e484392afd1b6c.cloudfront.net (CloudFront)
last-modified: Tue, 23 Aug 2022 13:40:24 GMT
server: AmazonS3
age: 46774
etag: "42f12532a1be9c2d028e26e9b82a99a2"
x-cache: Hit from cloudfront
content-type: text/javascript
x-amz-cf-pop: VIE50-P1
content-length: 86537
x-amz-cf-id: h7G5FXsRmZFbPNpCQ2L_iBZ7DMM4Ju_G_KSSUyxPkzJBdoUeWTJcgQ==

GET
H2 200 logo_querformat_herzen_300x100.png
cdn.track.production.webgains.team/275055/ Frame 9B98 10 KB
11 KB 122ms
62ms Image
image/png 18.66.15.50
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.track.production.webgains.team/275055/logo_querformat_herzen_300x100.png?Expires=1663863611&Signature=K7JvrhfQ4PXQYlOcmymMdqN5KNi57UEOaj9oaL3sH2XrOQc4sxlDd~B93AOEUrQ3eQ5mZ3oPmmNW3r2p9cQ4vxwnC~JZXocJ9I5IWhm-qz687u3F51pZx5FUyi-6TA-1SfYibggWw--pXUQkW9q0c4Dfae8Mkiu3IHn0-gxac5sxVaEg6venskYRCJukQGFmWVzrTqgJQQmO5nc213SB40Cbx7Lkjez78HO-GVF7pTV95gcRI6AqRYLOCOdJfdA6fUF0DvO701moLXvMoKqjXQYZMwX~R5e8Jf1d4mnrp7JMZ7jHDoE8r-0PbCu7HbPuDFq04N~n4SjXoTHCtZ7bog__&Key-Pair-Id=K28VXAGA7VWE0O
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=117569%2C61651%2C14044&b=r2GcQf9f8qB2CAH7Hjtqt8DYtYS8TKxdhd%2CwA3SdfjfD5b6hEHRH2tXtxVEUzSATDzRT5%2CXxVfzfrfqw7U6H4HetqtxD7UQSkTXKPfJ&f=PxefBfbf4YMAU9HjHbtgCYqGUJS9TPM7Fp%2CgVXF8frfkpAGaPHbH8txCzDPhmSQTm7VFe%2Ce7RC3fVfxBVcjHZHet2CeW3swSQTx8Ja1&c=728&d=90&e=&g=69aa324510f6aa54839a9c7fcf68e131%2F95487472883052983&i=29981%2C24905%2C25007&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1663863311157&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1j9pg95j96tzkbn5j53br27ndfx9a77pht56h2zsve15zv55jqvscxt47h9xmvvcw9fnjkzy6mns1te3320vxbxh7412hm1x8xfsprfzqzprzn20pamg60x77r7grstv0s27jnpw5pkgqk7vhtw6r5e0e680989mhc071jc47cyr1c40as4x09mp3014mqxw9asvq2cb9akbbbx3c851waka72666zkw7jfwqgjfjbj8ww12bnk69f5y9en78h4b2q0m0jt81vg9w%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCnjuKDYosY-i1H9Gi3gPUyJ_wDpDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTEyNzY2NDE0MzQ2NTEzNjCgAcKu6N0DyAEJqQIuLRCGYo6wPuACAKgDAaoEkwJP0D6CFnPu0-BEOcw3E6RU9jjxixi3W4aGGMhhWe5UJZowSi1stQAeVmQZKx310VPNYx89TQdOnlGnKUTGwvzB_Wbs2C2pLiFEXVkdxYoX3AVEC2dYLUk8cvlL2_LL_YJrxEk7lYuBXIiFkRMIqjq6rnoGmwiilgfjnyGiQMGWNM9MEHM0YTSJShVJS5uQKdNjcaP_RohowQ-dJruu-WtNDCb3XuivPplAh7AwhcLSelKrGU3H8ON0DRGveKk895pgq34ukE_1GqwfXWL4jZm3wJOJhy28O1ZTqD-mgfEWZQFdsqFnI5M29C5tiL3Iz6UjEVBrevtPsJmmSmG0il4HfbRcjxuQdtNq6GNTvboW_2dihOAEAYAGv8uJxrfT-dFboAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_0qa8hWRsRMYyzO_Dkf2k12ejc1wA%2526client%253Dca-pub-1276641434651360%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.15.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-15-50.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 32156c8a346c5445b2068b5137c2ab4d354aa66c88de0c12f1d297f6f6a101a4

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-amz-version-id: null
via: 1.1 75373f3f77c169166bbce98d302dff7c.cloudfront.net (CloudFront)
last-modified: Fri, 06 May 2022 10:27:54 GMT
server: AmazonS3
age: 76379
etag: "f1ac17cc310d1d58c319caa4cec695b9"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/png
date: Wed, 21 Sep 2022 19:02:13 GMT
x-amz-cf-pop: VIE50-P1
accept-ranges: bytes
content-length: 10517
x-amz-cf-id: kI59DvKizdVt4hf74SNRTiFYydOhfn277bMV0ugnbWtxYwxerEqf5A==

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.23/one-ad/ Frame DAD7 85 KB
11 KB 38ms
38ms Stylesheet
text/css 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/style/0.1.23/one-ad/default.css

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=43784%2C13833%2C56666&b=jpBHEfGfjp9hYHEH2t6tx1WsZSzTDRGT9%2C7QZTqfzfzeKSrHXHgtAtX71H4S1Tr9ZuM%2CZxJfwfBfJJ8DumHDHDt3tkBjC6SXTx3qaJ&f=xEbfQfAf6gJUPHdHztDC3jqh7S6TqkxSA%2CEjeTDfEfAJktzHAHjt6CQXYuKSVTZAGT7%2C9jeTMfmf11YBaKHBH2tzCG5zS9SmTZY2Td&c=728&d=90&e=&g=c2a8357628d38ee2f46d2d57bceb7cb6%2F15360957782537916248&i=27720%2C17743%2C22427&j=21%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1663863311464&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jf3mkc71hjdf4nyyrw9b89n2jbf5xdnncxj76fsb6frdb7wkmr2xqfr1sg3tmf9962vag9jpyr6b0d64heajcchw04pxwpqe9mmsx5k47s2dw0kabrhgwnhdedvvhbkwqvp9z7gk85b84srkkwasg4xksth4274mjhwf01g2kmfq818xfjt93q66ckfr2cdbz70c94w8sctp18mwpqfr8wbr6nepts8x3has9f4tgsbm64fyz8rj7pqxhc7p4b403n4qch8mb4et%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC3lCADoosY6jpBqXH3gOZ5JWIBJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTEyNzY2NDE0MzQ2NTEzNjCgAcKu6N0DyAEJqQIuLRCGYo6wPuACAKgDAaoEkQJP0NoYi9FYHQWhNM3Wn_xvJlS210HholWBIvR6IZzwTBZD1CJLYV0sjWU2tmXdHDgC81NjgYIQrOfE9X1kX23Dc9ylCWviynz8A0W2EK9kN1MKK-xk8U3adznRfS2ver8CB_vc0VaAzwkz6MBI3_zDH7tBMzt0HoZSHdbxILdqQsEdzFWLNiX16enGjHpsz2wLtPagfk3gmlDhwHuDUXyDQCZ3WHmHuyYa7KvULI77BeqECi9gtguOz1PHLj8NNq1KSwNS9wZNfgxytqhm9sA0MByAeAj1fFx4msWXmKX7NuyDcRR7GawymQoK8OjWm-LPF66II7_gZFimXgPFzh8Gh8HpXMMVAuKfA_HP4W93WSbgBAGABr_Lica30_nRW6AGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1XAk5I2W0F_xNOk2wvfC2j7UuKWQ%2526client%253Dca-pub-1276641434651360%2526adurl%253D&y=1&s=&z=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

34c3ae81cd958df09f8912557b0a7c53fea002cc24b4d6058d852da53811e414

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/rar?a=43784%2C13833%2C56666&b=jpBHEfGfjp9hYHEH2t6tx1WsZSzTDRGT9%2C7QZTqfzfzeKSrHXHgtAtX71H4S1Tr9ZuM%2CZxJfwfBfJJ8DumHDHDt3tkBjC6SXTx3qaJ&f=xEbfQfAf6gJUPHdHztDC3jqh7S6TqkxSA%2CEjeTDfEfAJktzHAHjt6CQXYuKSVTZAGT7%2C9jeTMfmf11YBaKHBH2tzCG5zS9SmTZY2Td&c=728&d=90&e=&g=c2a8357628d38ee2f46d2d57bceb7cb6%2F15360957782537916248&i=27720%2C17743%2C22427&j=21%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1663863311464&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jf3mkc71hjdf4nyyrw9b89n2jbf5xdnncxj76fsb6frdb7wkmr2xqfr1sg3tmf9962vag9jpyr6b0d64heajcchw04pxwpqe9mmsx5k47s2dw0kabrhgwnhdedvvhbkwqvp9z7gk85b84srkkwasg4xksth4274mjhwf01g2kmfq818xfjt93q66ckfr2cdbz70c94w8sctp18mwpqfr8wbr6nepts8x3has9f4tgsbm64fyz8rj7pqxhc7p4b403n4qch8mb4et%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC3lCADoosY6jpBqXH3gOZ5JWIBJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTEyNzY2NDE0MzQ2NTEzNjCgAcKu6N0DyAEJqQIuLRCGYo6wPuACAKgDAaoEkQJP0NoYi9FYHQWhNM3Wn_xvJlS210HholWBIvR6IZzwTBZD1CJLYV0sjWU2tmXdHDgC81NjgYIQrOfE9X1kX23Dc9ylCWviynz8A0W2EK9kN1MKK-xk8U3adznRfS2ver8CB_vc0VaAzwkz6MBI3_zDH7tBMzt0HoZSHdbxILdqQsEdzFWLNiX16enGjHpsz2wLtPagfk3gmlDhwHuDUXyDQCZ3WHmHuyYa7KvULI77BeqECi9gtguOz1PHLj8NNq1KSwNS9wZNfgxytqhm9sA0MByAeAj1fFx4msWXmKX7NuyDcRR7GawymQoK8OjWm-LPF66II7_gZFimXgPFzh8Gh8HpXMMVAuKfA_HP4W93WSbgBAGABr_Lica30_nRW6AGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1XAk5I2W0F_xNOk2wvfC2j7UuKWQ%2526client%253Dca-pub-1276641434651360%2526adurl%253D&y=1&s=&z=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 16:15:11 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
age: 871075
cross-origin-embedder-policy: unsafe-none
cf-polished: origSize=86781
surrogate-control: no-store
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=86400; includeSubDomains; preload
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: same-origin
last-modified: Mon, 12 Sep 2022 14:17:16 GMT
server: cloudflare
cross-origin-opener-policy: unsafe-none
x-download-options: noopen
vary: accept-encoding
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
content-type: text/css; charset=utf-8
expires: 0
cache-control: max-age=3600, must-revalidate, proxy-revalidate
cf-ray: 74ec568169e19bb0-FRA
cf-bgj: minify

GET
H3 200 C35143419725FFAB72E7F85B0896E2CE1CF38E8530EF6A0FABB9A59404159EF275766FB79658D3B5D6644C20EACFACC3D3AEC4962CC34DBF676104F9A9E97E4B
assets.ad4m.at/logo/ Frame DAD7 12 KB
12 KB 40ms
40ms Image
image/webp 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/C35143419725FFAB72E7F85B0896E2CE1CF38E8530EF6A0FABB9A59404159EF275766FB79658D3B5D6644C20EACFACC3D3AEC4962CC34DBF676104F9A9E97E4B
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=43784%2C13833%2C56666&b=jpBHEfGfjp9hYHEH2t6tx1WsZSzTDRGT9%2C7QZTqfzfzeKSrHXHgtAtX71H4S1Tr9ZuM%2CZxJfwfBfJJ8DumHDHDt3tkBjC6SXTx3qaJ&f=xEbfQfAf6gJUPHdHztDC3jqh7S6TqkxSA%2CEjeTDfEfAJktzHAHjt6CQXYuKSVTZAGT7%2C9jeTMfmf11YBaKHBH2tzCG5zS9SmTZY2Td&c=728&d=90&e=&g=c2a8357628d38ee2f46d2d57bceb7cb6%2F15360957782537916248&i=27720%2C17743%2C22427&j=21%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1663863311464&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jf3mkc71hjdf4nyyrw9b89n2jbf5xdnncxj76fsb6frdb7wkmr2xqfr1sg3tmf9962vag9jpyr6b0d64heajcchw04pxwpqe9mmsx5k47s2dw0kabrhgwnhdedvvhbkwqvp9z7gk85b84srkkwasg4xksth4274mjhwf01g2kmfq818xfjt93q66ckfr2cdbz70c94w8sctp18mwpqfr8wbr6nepts8x3has9f4tgsbm64fyz8rj7pqxhc7p4b403n4qch8mb4et%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC3lCADoosY6jpBqXH3gOZ5JWIBJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTEyNzY2NDE0MzQ2NTEzNjCgAcKu6N0DyAEJqQIuLRCGYo6wPuACAKgDAaoEkQJP0NoYi9FYHQWhNM3Wn_xvJlS210HholWBIvR6IZzwTBZD1CJLYV0sjWU2tmXdHDgC81NjgYIQrOfE9X1kX23Dc9ylCWviynz8A0W2EK9kN1MKK-xk8U3adznRfS2ver8CB_vc0VaAzwkz6MBI3_zDH7tBMzt0HoZSHdbxILdqQsEdzFWLNiX16enGjHpsz2wLtPagfk3gmlDhwHuDUXyDQCZ3WHmHuyYa7KvULI77BeqECi9gtguOz1PHLj8NNq1KSwNS9wZNfgxytqhm9sA0MByAeAj1fFx4msWXmKX7NuyDcRR7GawymQoK8OjWm-LPF66II7_gZFimXgPFzh8Gh8HpXMMVAuKfA_HP4W93WSbgBAGABr_Lica30_nRW6AGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1XAk5I2W0F_xNOk2wvfC2j7UuKWQ%2526client%253Dca-pub-1276641434651360%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 47ec02e18941bc1fe215e0bf1b47eaef6dd674b8adfb18d17e980203a94b9ff4

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 16:15:11 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2577155
cf-polished: qual=85, origFmt=jpeg, origSize=42488
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 12110
last-modified: Thu, 25 Jun 2020 11:29:58 GMT
server: cloudflare
etag: "ede1d9155590baa798351884fc949bd0"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hSH0S3QjYmgCvhoQS6Mk23rqrtg4lKh6c1W5HWk6kqQiHcAFCJtsknblEWo%2Fwl2%2BznpAQyGz9OHxVZc9K6AcOmh8kM4vngpC%2BZEq1ZS1zHTyWyIh4N7kgVokO8s0GNatjnzZO6NNXm2WLeJ%2F"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
expires: Fri, 23 Sep 2022 16:15:11 GMT
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 74ec568169e59bb0-FRA
cf-bgj: imgq:85,h2pri

GET
H3 200 1BBE26EDBCDBCA83F6FC5982E78609DD993CBC5A877E96B16262445B5D5F827FF241EDC353E519B59B7B45AAB552B2BD1049C4DF410A0448B841F76C0CCED257
assets.ad4m.at/product_image/ Frame DAD7 42 KB
42 KB 48ms
42ms Image
image/webp 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/1BBE26EDBCDBCA83F6FC5982E78609DD993CBC5A877E96B16262445B5D5F827FF241EDC353E519B59B7B45AAB552B2BD1049C4DF410A0448B841F76C0CCED257
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=43784%2C13833%2C56666&b=jpBHEfGfjp9hYHEH2t6tx1WsZSzTDRGT9%2C7QZTqfzfzeKSrHXHgtAtX71H4S1Tr9ZuM%2CZxJfwfBfJJ8DumHDHDt3tkBjC6SXTx3qaJ&f=xEbfQfAf6gJUPHdHztDC3jqh7S6TqkxSA%2CEjeTDfEfAJktzHAHjt6CQXYuKSVTZAGT7%2C9jeTMfmf11YBaKHBH2tzCG5zS9SmTZY2Td&c=728&d=90&e=&g=c2a8357628d38ee2f46d2d57bceb7cb6%2F15360957782537916248&i=27720%2C17743%2C22427&j=21%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1663863311464&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jf3mkc71hjdf4nyyrw9b89n2jbf5xdnncxj76fsb6frdb7wkmr2xqfr1sg3tmf9962vag9jpyr6b0d64heajcchw04pxwpqe9mmsx5k47s2dw0kabrhgwnhdedvvhbkwqvp9z7gk85b84srkkwasg4xksth4274mjhwf01g2kmfq818xfjt93q66ckfr2cdbz70c94w8sctp18mwpqfr8wbr6nepts8x3has9f4tgsbm64fyz8rj7pqxhc7p4b403n4qch8mb4et%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC3lCADoosY6jpBqXH3gOZ5JWIBJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTEyNzY2NDE0MzQ2NTEzNjCgAcKu6N0DyAEJqQIuLRCGYo6wPuACAKgDAaoEkQJP0NoYi9FYHQWhNM3Wn_xvJlS210HholWBIvR6IZzwTBZD1CJLYV0sjWU2tmXdHDgC81NjgYIQrOfE9X1kX23Dc9ylCWviynz8A0W2EK9kN1MKK-xk8U3adznRfS2ver8CB_vc0VaAzwkz6MBI3_zDH7tBMzt0HoZSHdbxILdqQsEdzFWLNiX16enGjHpsz2wLtPagfk3gmlDhwHuDUXyDQCZ3WHmHuyYa7KvULI77BeqECi9gtguOz1PHLj8NNq1KSwNS9wZNfgxytqhm9sA0MByAeAj1fFx4msWXmKX7NuyDcRR7GawymQoK8OjWm-LPF66II7_gZFimXgPFzh8Gh8HpXMMVAuKfA_HP4W93WSbgBAGABr_Lica30_nRW6AGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1XAk5I2W0F_xNOk2wvfC2j7UuKWQ%2526client%253Dca-pub-1276641434651360%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f75a001bec4bdf424466cdc150b0aac769554195c5bf3105cd369a9861aa7103

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 16:15:11 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2577896
cf-polished: origFmt=png, origSize=68898
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 42816
last-modified: Wed, 09 Feb 2022 14:47:59 GMT
server: cloudflare
etag: "200a6022d5c4fedc3b4df1cba360cac1"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Bcglc701tpSmRToKFSjxh00SlGxllWEeS2fKkmLVYn5QaQoOxvNDqu5F47bf1xqOtAjLGxNdT7B7MUvdzVPNLK40YABPWraInzX90y8NDgZkDmYZWEGwB2owDJplD4xeT8%2BsYwK2kkcpBpoW"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
expires: Fri, 23 Sep 2022 16:15:11 GMT
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 74ec56817a289bb0-FRA
cf-bgj: imgq:85,h2pri

GET
H3 200 A9E9F13CD34C6176561B2A3A1512DA8C7C70105FEF038B1211F596B09F01FC7E333FBAD31F58F67BB7B118D699ACB8676EBCAAAC9719A61B310A69D3174D07E9
assets.ad4m.at/logo/ Frame DAD7 20 KB
21 KB 35ms
29ms Image
image/webp 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/A9E9F13CD34C6176561B2A3A1512DA8C7C70105FEF038B1211F596B09F01FC7E333FBAD31F58F67BB7B118D699ACB8676EBCAAAC9719A61B310A69D3174D07E9
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=43784%2C13833%2C56666&b=jpBHEfGfjp9hYHEH2t6tx1WsZSzTDRGT9%2C7QZTqfzfzeKSrHXHgtAtX71H4S1Tr9ZuM%2CZxJfwfBfJJ8DumHDHDt3tkBjC6SXTx3qaJ&f=xEbfQfAf6gJUPHdHztDC3jqh7S6TqkxSA%2CEjeTDfEfAJktzHAHjt6CQXYuKSVTZAGT7%2C9jeTMfmf11YBaKHBH2tzCG5zS9SmTZY2Td&c=728&d=90&e=&g=c2a8357628d38ee2f46d2d57bceb7cb6%2F15360957782537916248&i=27720%2C17743%2C22427&j=21%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1663863311464&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jf3mkc71hjdf4nyyrw9b89n2jbf5xdnncxj76fsb6frdb7wkmr2xqfr1sg3tmf9962vag9jpyr6b0d64heajcchw04pxwpqe9mmsx5k47s2dw0kabrhgwnhdedvvhbkwqvp9z7gk85b84srkkwasg4xksth4274mjhwf01g2kmfq818xfjt93q66ckfr2cdbz70c94w8sctp18mwpqfr8wbr6nepts8x3has9f4tgsbm64fyz8rj7pqxhc7p4b403n4qch8mb4et%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC3lCADoosY6jpBqXH3gOZ5JWIBJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTEyNzY2NDE0MzQ2NTEzNjCgAcKu6N0DyAEJqQIuLRCGYo6wPuACAKgDAaoEkQJP0NoYi9FYHQWhNM3Wn_xvJlS210HholWBIvR6IZzwTBZD1CJLYV0sjWU2tmXdHDgC81NjgYIQrOfE9X1kX23Dc9ylCWviynz8A0W2EK9kN1MKK-xk8U3adznRfS2ver8CB_vc0VaAzwkz6MBI3_zDH7tBMzt0HoZSHdbxILdqQsEdzFWLNiX16enGjHpsz2wLtPagfk3gmlDhwHuDUXyDQCZ3WHmHuyYa7KvULI77BeqECi9gtguOz1PHLj8NNq1KSwNS9wZNfgxytqhm9sA0MByAeAj1fFx4msWXmKX7NuyDcRR7GawymQoK8OjWm-LPF66II7_gZFimXgPFzh8Gh8HpXMMVAuKfA_HP4W93WSbgBAGABr_Lica30_nRW6AGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1XAk5I2W0F_xNOk2wvfC2j7UuKWQ%2526client%253Dca-pub-1276641434651360%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0614b9e015b9a646c5bb4099edb68390666b12c572a6b4712681be7d4bb9bfe4

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 16:15:11 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2581308
cf-polished: origFmt=png, origSize=42492
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 20462
last-modified: Wed, 22 Jan 2020 13:07:53 GMT
server: cloudflare
etag: "2a106de39894112a51fe03662bfea62f"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WKp0NqJqEOoFc9P3Rey1r6QJA7wrF%2B%2B3vahmMYVqdm7KTxpdFAA4d%2Bg3ABdtT2pS4vQ7naqCboO8bsqBqSx2cEoh2vWhz8Qz6BJMzjXfhpBbAN8VSYUZIVnAXnG4aDr7Dkv3yEp2zYw6Y2FI"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
expires: Fri, 23 Sep 2022 16:15:11 GMT
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 74ec56817a2b9bb0-FRA
cf-bgj: imgq:85,h2pri

GET
H3 200 7EAC6CF7EF6B64BB10610B54E5B6965DAEF1C036945F4235B33B17D07F7DFB9F26C3931CF6B5CFE42C5E728E6808B9AEC192FCA63F8A7B192DC57E243E417A46
assets.ad4m.at/ Frame DAD7 41 KB
41 KB 46ms
40ms Image
image/webp 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/7EAC6CF7EF6B64BB10610B54E5B6965DAEF1C036945F4235B33B17D07F7DFB9F26C3931CF6B5CFE42C5E728E6808B9AEC192FCA63F8A7B192DC57E243E417A46
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=43784%2C13833%2C56666&b=jpBHEfGfjp9hYHEH2t6tx1WsZSzTDRGT9%2C7QZTqfzfzeKSrHXHgtAtX71H4S1Tr9ZuM%2CZxJfwfBfJJ8DumHDHDt3tkBjC6SXTx3qaJ&f=xEbfQfAf6gJUPHdHztDC3jqh7S6TqkxSA%2CEjeTDfEfAJktzHAHjt6CQXYuKSVTZAGT7%2C9jeTMfmf11YBaKHBH2tzCG5zS9SmTZY2Td&c=728&d=90&e=&g=c2a8357628d38ee2f46d2d57bceb7cb6%2F15360957782537916248&i=27720%2C17743%2C22427&j=21%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1663863311464&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jf3mkc71hjdf4nyyrw9b89n2jbf5xdnncxj76fsb6frdb7wkmr2xqfr1sg3tmf9962vag9jpyr6b0d64heajcchw04pxwpqe9mmsx5k47s2dw0kabrhgwnhdedvvhbkwqvp9z7gk85b84srkkwasg4xksth4274mjhwf01g2kmfq818xfjt93q66ckfr2cdbz70c94w8sctp18mwpqfr8wbr6nepts8x3has9f4tgsbm64fyz8rj7pqxhc7p4b403n4qch8mb4et%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC3lCADoosY6jpBqXH3gOZ5JWIBJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTEyNzY2NDE0MzQ2NTEzNjCgAcKu6N0DyAEJqQIuLRCGYo6wPuACAKgDAaoEkQJP0NoYi9FYHQWhNM3Wn_xvJlS210HholWBIvR6IZzwTBZD1CJLYV0sjWU2tmXdHDgC81NjgYIQrOfE9X1kX23Dc9ylCWviynz8A0W2EK9kN1MKK-xk8U3adznRfS2ver8CB_vc0VaAzwkz6MBI3_zDH7tBMzt0HoZSHdbxILdqQsEdzFWLNiX16enGjHpsz2wLtPagfk3gmlDhwHuDUXyDQCZ3WHmHuyYa7KvULI77BeqECi9gtguOz1PHLj8NNq1KSwNS9wZNfgxytqhm9sA0MByAeAj1fFx4msWXmKX7NuyDcRR7GawymQoK8OjWm-LPF66II7_gZFimXgPFzh8Gh8HpXMMVAuKfA_HP4W93WSbgBAGABr_Lica30_nRW6AGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1XAk5I2W0F_xNOk2wvfC2j7UuKWQ%2526client%253Dca-pub-1276641434651360%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3539d3eee69eebe924850b7e253e0d255b519d795d58cbdc2409faed2a59112

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 16:15:11 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2571069
cf-polished: qual=85, origFmt=jpeg, origSize=136044
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 41838
last-modified: Fri, 04 Oct 2019 10:13:18 GMT
server: cloudflare
etag: "aedae787aea52f5d91c7cb4689acd1e6"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WxQjYIUHt0hj4apyrZ0z1BqZtTW7fpzKj6F%2FjzqBjgs7LkBnJDMedAXZuYA%2FuIJ%2FI8EKD95FLoaGbuEhGQE39WoOioAmyHMA%2BnaQ1kA38NToTDAFP%2BrcnYQEjWVhDd3lFjgjDze%2FYuGgAxxf"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
expires: Fri, 23 Sep 2022 16:15:11 GMT
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 74ec56817a2d9bb0-FRA
cf-bgj: imgq:85,h2pri

GET
H/1.1 200
OK cshow.php
www.awin1.com/ Frame DAD7 43 B
704 B 114ms
80ms Image
image/gif 92.123.17.141
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.awin1.com/cshow.php?s=2578359&v=11671&q=344795&r=412871&pv=1&pref3=oneid7QZTqfzfzeKSrHXHgtAtX71H4S1Tr9ZuMoneid__dc_reach_suite02wkz&gdpr_consent=&gdpr=0&gdpr_pd=0

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

92.123.17.141 Vienna, Austria, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a92-123-17-141.deploy.static.akamaitechnologies.com

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 22 Sep 2022 16:15:11 GMT
Strict-Transport-Security: max-age=86400
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set: default
Node: Helix
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: 0

GET
H3 200 DE7723A3AFDAF019578E8DC48EFCA5260074D3BD31078DAB30E39934BDB537A7756DE8A298EFEBC96FD918DCFB3DF6E8EFF3AA5A7830C15D1026723FEFAFAC4A
assets.ad4m.at/logo/ Frame DAD7 46 KB
47 KB 32ms
26ms Image
image/webp 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/DE7723A3AFDAF019578E8DC48EFCA5260074D3BD31078DAB30E39934BDB537A7756DE8A298EFEBC96FD918DCFB3DF6E8EFF3AA5A7830C15D1026723FEFAFAC4A
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=43784%2C13833%2C56666&b=jpBHEfGfjp9hYHEH2t6tx1WsZSzTDRGT9%2C7QZTqfzfzeKSrHXHgtAtX71H4S1Tr9ZuM%2CZxJfwfBfJJ8DumHDHDt3tkBjC6SXTx3qaJ&f=xEbfQfAf6gJUPHdHztDC3jqh7S6TqkxSA%2CEjeTDfEfAJktzHAHjt6CQXYuKSVTZAGT7%2C9jeTMfmf11YBaKHBH2tzCG5zS9SmTZY2Td&c=728&d=90&e=&g=c2a8357628d38ee2f46d2d57bceb7cb6%2F15360957782537916248&i=27720%2C17743%2C22427&j=21%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1663863311464&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jf3mkc71hjdf4nyyrw9b89n2jbf5xdnncxj76fsb6frdb7wkmr2xqfr1sg3tmf9962vag9jpyr6b0d64heajcchw04pxwpqe9mmsx5k47s2dw0kabrhgwnhdedvvhbkwqvp9z7gk85b84srkkwasg4xksth4274mjhwf01g2kmfq818xfjt93q66ckfr2cdbz70c94w8sctp18mwpqfr8wbr6nepts8x3has9f4tgsbm64fyz8rj7pqxhc7p4b403n4qch8mb4et%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC3lCADoosY6jpBqXH3gOZ5JWIBJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTEyNzY2NDE0MzQ2NTEzNjCgAcKu6N0DyAEJqQIuLRCGYo6wPuACAKgDAaoEkQJP0NoYi9FYHQWhNM3Wn_xvJlS210HholWBIvR6IZzwTBZD1CJLYV0sjWU2tmXdHDgC81NjgYIQrOfE9X1kX23Dc9ylCWviynz8A0W2EK9kN1MKK-xk8U3adznRfS2ver8CB_vc0VaAzwkz6MBI3_zDH7tBMzt0HoZSHdbxILdqQsEdzFWLNiX16enGjHpsz2wLtPagfk3gmlDhwHuDUXyDQCZ3WHmHuyYa7KvULI77BeqECi9gtguOz1PHLj8NNq1KSwNS9wZNfgxytqhm9sA0MByAeAj1fFx4msWXmKX7NuyDcRR7GawymQoK8OjWm-LPF66II7_gZFimXgPFzh8Gh8HpXMMVAuKfA_HP4W93WSbgBAGABr_Lica30_nRW6AGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1XAk5I2W0F_xNOk2wvfC2j7UuKWQ%2526client%253Dca-pub-1276641434651360%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fb99807d9c2d9b98d417acd2a3e897a28cc0829d4815642cb9bd1ab640b98454

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 16:15:11 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2575592
cf-polished: origFmt=png, origSize=74333
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 47320
last-modified: Mon, 11 May 2020 10:44:44 GMT
server: cloudflare
etag: "51f3d45cd5a8ea4b88e8dd266a535ea4"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ugXiqrSA6Hc7EMCRW6eRjdOz%2BBZzaB%2BaYqRjIivGZIgYjmcSqCC3NSk5HKqQBiyi7wR2ZBeqsn2wmzcLD7jE6y9b%2FtKn946N7fWFEGelXd%2BCBhfcFp6WWyaMwc%2BF2W4z6X8z5H58T39RdTys"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
expires: Fri, 23 Sep 2022 16:15:11 GMT
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 74ec56817a309bb0-FRA
cf-bgj: imgq:85,h2pri

GET
H3 200 E158872B571029E3E20F7B79790588A099EC8F077F856868794A4EA52ED013FC9129FAD340A51F8CD7B6A46733F8D275D86DF117AF4AF8DD766F13FB8A4CAA9A
assets.ad4m.at/product_image/ Frame DAD7 290 KB
290 KB 72ms
66ms Image
image/webp 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/E158872B571029E3E20F7B79790588A099EC8F077F856868794A4EA52ED013FC9129FAD340A51F8CD7B6A46733F8D275D86DF117AF4AF8DD766F13FB8A4CAA9A
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=43784%2C13833%2C56666&b=jpBHEfGfjp9hYHEH2t6tx1WsZSzTDRGT9%2C7QZTqfzfzeKSrHXHgtAtX71H4S1Tr9ZuM%2CZxJfwfBfJJ8DumHDHDt3tkBjC6SXTx3qaJ&f=xEbfQfAf6gJUPHdHztDC3jqh7S6TqkxSA%2CEjeTDfEfAJktzHAHjt6CQXYuKSVTZAGT7%2C9jeTMfmf11YBaKHBH2tzCG5zS9SmTZY2Td&c=728&d=90&e=&g=c2a8357628d38ee2f46d2d57bceb7cb6%2F15360957782537916248&i=27720%2C17743%2C22427&j=21%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1663863311464&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jf3mkc71hjdf4nyyrw9b89n2jbf5xdnncxj76fsb6frdb7wkmr2xqfr1sg3tmf9962vag9jpyr6b0d64heajcchw04pxwpqe9mmsx5k47s2dw0kabrhgwnhdedvvhbkwqvp9z7gk85b84srkkwasg4xksth4274mjhwf01g2kmfq818xfjt93q66ckfr2cdbz70c94w8sctp18mwpqfr8wbr6nepts8x3has9f4tgsbm64fyz8rj7pqxhc7p4b403n4qch8mb4et%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC3lCADoosY6jpBqXH3gOZ5JWIBJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTEyNzY2NDE0MzQ2NTEzNjCgAcKu6N0DyAEJqQIuLRCGYo6wPuACAKgDAaoEkQJP0NoYi9FYHQWhNM3Wn_xvJlS210HholWBIvR6IZzwTBZD1CJLYV0sjWU2tmXdHDgC81NjgYIQrOfE9X1kX23Dc9ylCWviynz8A0W2EK9kN1MKK-xk8U3adznRfS2ver8CB_vc0VaAzwkz6MBI3_zDH7tBMzt0HoZSHdbxILdqQsEdzFWLNiX16enGjHpsz2wLtPagfk3gmlDhwHuDUXyDQCZ3WHmHuyYa7KvULI77BeqECi9gtguOz1PHLj8NNq1KSwNS9wZNfgxytqhm9sA0MByAeAj1fFx4msWXmKX7NuyDcRR7GawymQoK8OjWm-LPF66II7_gZFimXgPFzh8Gh8HpXMMVAuKfA_HP4W93WSbgBAGABr_Lica30_nRW6AGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1XAk5I2W0F_xNOk2wvfC2j7UuKWQ%2526client%253Dca-pub-1276641434651360%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 46b98a3787c3de05a63a522c71300ef713f78660098ae524fda5e19bb8567a83

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 16:15:11 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2571253
cf-polished: origFmt=png, origSize=489686
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 296674
last-modified: Tue, 17 Nov 2020 11:24:27 GMT
server: cloudflare
etag: "e3cf70a0e5e86792e426bcf3dabd6105"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DVFFJHvjNljG0%2BdY%2Fc6DXi4y2V%2BOrFupotdOZpXfwBMP72lk%2BWXYE%2BkRRJZR6WFzoCR%2FU3u0PhLq25lmw3lVDGoSUYWe9baXHODnGMw01%2BXfYx5b3p4POPKq45RY4gokx%2Fx%2FQG2ID9Qk9d4%2B"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
expires: Fri, 23 Sep 2022 16:15:11 GMT
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 74ec56817a339bb0-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 link.html Show response
track.webgains.com/ Frame F412 1 KB
2 KB 57ms
53ms Script
text/html 3.11.195.34
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://track.webgains.com/link.html?wglinkid=2194035&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1gjt4psx8peqd40b9564jnwksn8xdgnk8vbmrdv6v36vyhkrk64vp1229ec2hc63n30jrvz138z75dcsvhtyjpnf3c0vsdk7d3r9e77pz0p2ybk5j6ehsp0zhezw3yk3wt30f35bs8hahxynzqgr9nj8vvpy5j3pjrmhg1c5py7sx5sfey0xywpszjcn3r7rsqvw6vxv07wcyymj45xyf9qst78w3vvj5n1n29p39mkpq5fwqfb8gxm6ffbav2qskk85g%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1jg0nnn2qhhrmw7dgzfk8xjxk7yqb1ymapf5sp08vtzz5k2fvnyg6spqfnwd33z7s1p9jb2dr05mzm45am4vvvfay6ab8vnhz5vdwb8gkmc2h96ag8ja3hg66tmv9s1192j70fkm1v148zxk389wpdxavf9hgkx05k1hddbpda8yd01y98byr2zyjmwrn1y4harwmff7hz0ex6y7kbk49e4jnyp0xeaa6pcysyxa0zyygwqw8ne1vq2vt1mf11yag1bs5jwwr8bby%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCHWK4DYosY_KzL9KprASw-rvABJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTEyNzY2NDE0MzQ2NTEzNjCgAcKu6N0DyAEJqQIuLRCGYo6wPuACAKgDAaoEkAJP0HuRmZSdj-T_urpqJeAzggjDUDltRPbxmp0Jc1Q-burtz8rc0707FVZ_MAwjwfcI9eT6lNeUnC_9T1wPiUv62fHOIzzxiwsi_9pip_8X78tESeEcKWScWQ3rtcWLLJ31uXl2j8GJ2ynpOs-EPVm17YYW7GFshEafdx4Dlha8kX7ls9kgZjyxnNci2z3Gi8PpViUc5xDfAl_ezbxAii_4NvehnKPgyANViCt2c-j2Fbufc2sRGtREkq_3dkYO-kekEyBhJXz7e0KBi-Lb8uXWzw8Dw5WsfBMZ3esD0TdLWoIGQnmPxZKSxqecLloWFRYLiKKjW4ZHEaLpwfBLIUZV6exdzuVVBMmCGaCtvDTCBOAEAYAGv8uJxrfT-dFboAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_0rg4TMi1rEWj0fpEc_p4_XmWQMXw%252526client%25253Dca-pub-1276641434651360%252526adurl%25253D&clickref=oneidDjeT3fwfGA3rF3HmH9twCZ3kTxSmTk8rFVoneid__dc_reach_suite02wkz&viewref=oneide7RC3fVfrkRMajHZHet1t4jXTwSQTx8Ja1oneid__dc_reach_suite02wkz
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=183975%2C22925%2C195017&b=e7RC3fVfrkRMajHZHet1t4jXTwSQTx8Ja1%2CMxefzfrfw4QsWHEHGtDt66BTBS4Tb6ku3%2C2beH6fqfjA7xtVHWHkt8txx5FxS7T7G4fg&f=DjeT3fwfGA3rF3HmH9twCZ3kTxSmTk8rFV%2C62Zcef3fK8VueHmHYtECWW8aYS1T2qJs7%2C4rehEf5fAQEZcGH9HdtzCmm7abSpTr6XuK&c=728&d=90&e=&g=8eaa81d6dc3b3952bcd66cbf65e3be14%2F13756239879287092410&i=20597%2C20774%2C20773&j=21%2C14%2C14&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1663863311421&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jg0nnn2qhhrmw7dgzfk8xjxk7yqb1ymapf5sp08vtzz5k2fvnyg6spqfnwd33z7s1p9jb2dr05mzm45am4vvvfay6ab8vnhz5vdwb8gkmc2h96ag8ja3hg66tmv9s1192j70fkm1v148zxk389wpdxavf9hgkx05k1hddbpda8yd01y98byr2zyjmwrn1y4harwmff7hz0ex6y7kbk49e4jnyp0xeaa6pcysyxa0zyygwqw8ne1vq2vt1mf11yag1bs5jwwr8bby%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCHWK4DYosY_KzL9KprASw-rvABJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTEyNzY2NDE0MzQ2NTEzNjCgAcKu6N0DyAEJqQIuLRCGYo6wPuACAKgDAaoEkAJP0HuRmZSdj-T_urpqJeAzggjDUDltRPbxmp0Jc1Q-burtz8rc0707FVZ_MAwjwfcI9eT6lNeUnC_9T1wPiUv62fHOIzzxiwsi_9pip_8X78tESeEcKWScWQ3rtcWLLJ31uXl2j8GJ2ynpOs-EPVm17YYW7GFshEafdx4Dlha8kX7ls9kgZjyxnNci2z3Gi8PpViUc5xDfAl_ezbxAii_4NvehnKPgyANViCt2c-j2Fbufc2sRGtREkq_3dkYO-kekEyBhJXz7e0KBi-Lb8uXWzw8Dw5WsfBMZ3esD0TdLWoIGQnmPxZKSxqecLloWFRYLiKKjW4ZHEaLpwfBLIUZV6exdzuVVBMmCGaCtvDTCBOAEAYAGv8uJxrfT-dFboAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_0rg4TMi1rEWj0fpEc_p4_XmWQMXw%2526client%253Dca-pub-1276641434651360%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.11.195.34 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-11-195-34.eu-west-2.compute.amazonaws.com
Software: nginx / PHP/7.4.26
Resource Hash: 23f3d9a38dc9e91081e8a6f9cadca8745fda6255f75e784f3fd1f9c5bee28ea3

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 16:15:11 GMT
last-modified: Thu, 22 Sep 2022 16:15:11 GMT
server: nginx
x-powered-by: PHP/7.4.26
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=60
access-control-allow-headers: Authorization
expires: Thu, 22 Sep 2022 16:16:11 GMT

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.23/one-ad/ Frame EEB3 85 KB
11 KB 61ms
58ms Stylesheet
text/css 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/style/0.1.23/one-ad/default.css

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=19840%2C196439%2C24673&b=Vx7fwfmf7p4TVHbHAtRtDJxaBSzTzQkTQ%2CJBeszf5f3drKCBH6H7tptrjQtxSgTbWguX%2C4rehEf5fRAzhGH9HdtAtmJAsbSpTr6XuK&f=m3AsefGfARbfmHZHZtQC6rQtKSwTX8AfA%2CGjeTBfpfXwxkcKHeHGtBC31dHZSYTeA9tE%2Cr2GcQf9fd3jTAH7HjtJCBwxuYS8TKxdhd&c=728&d=90&e=&g=16c2e55e4a9590aea04ea0fb6b0c5928%2F7858400548227888840&i=22610%2C25174%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1663863311551&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hdn96kc1nkcej93ptzah8jbm3pz5f9hkptcnsbe1bjj9t7y7mtt6zbjkemkfr7w116y0bkg38e4svzsmxekhbfx3tf8kgspm5r1ac7125rhtp9b48gpwbv6ayxp84k7c9s7rhqw9bqp257tb9wk65w70p30ce9wkzxp2w4vanszkqpm630gawhfkabgkyqmrea0x9315csgnzx1sx62rs6fj2x14snxeyr5hsn010g9mz1d9591bt4g87bxhn0jhqeyfrp5bspbc%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCHD-JDoosY__uEteGjuwP3oaSkAqQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0xMjc2NjQxNDM0NjUxMzYwoAHCrujdA8gBCakCLi0QhmKOsD7gAgCoAwGqBJACT9BmouPZbLVQ9ib4JGHIeWIHB1gRCfQGzI4U37WJT7mSE1E3sI4VOroH2CcIK0NASODSRekDHLB18Xylws3j0KQdwmlVQvpDd7X7LEQrU-ywaM1rH4NIZdQ7reu77EK7ZZnspKUx-fnDaKBOlQxfHnMVOsyMl07uzFE_ghyHhV6F6RFJ8Tb-aeSHTkOQQ5sKdrDdGMtfLhU8HiDYCGl-8VB4OBvY-9UgyUYjWQtpJ6oKZlcUN_DgbtkY6KVU8JsOQEZX4rlXjUk7MJ8nqLfGOSEmiwu3sSQQqw9hAGY_1whS-yXIA8saspuLAudO51Frd_IH3QNZR5VnUDS8fZW_iF0B54thoxEpNXoyPLtAIAXgBAGABr_Lica30_nRW6AGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_2CPKrYPM6QwJIIZ3wICQOCLldv1g%2526client%253Dca-pub-1276641434651360%2526adurl%253D&y=1&s=&z=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

34c3ae81cd958df09f8912557b0a7c53fea002cc24b4d6058d852da53811e414

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/rar?a=19840%2C196439%2C24673&b=Vx7fwfmf7p4TVHbHAtRtDJxaBSzTzQkTQ%2CJBeszf5f3drKCBH6H7tptrjQtxSgTbWguX%2C4rehEf5fRAzhGH9HdtAtmJAsbSpTr6XuK&f=m3AsefGfARbfmHZHZtQC6rQtKSwTX8AfA%2CGjeTBfpfXwxkcKHeHGtBC31dHZSYTeA9tE%2Cr2GcQf9fd3jTAH7HjtJCBwxuYS8TKxdhd&c=728&d=90&e=&g=16c2e55e4a9590aea04ea0fb6b0c5928%2F7858400548227888840&i=22610%2C25174%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1663863311551&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hdn96kc1nkcej93ptzah8jbm3pz5f9hkptcnsbe1bjj9t7y7mtt6zbjkemkfr7w116y0bkg38e4svzsmxekhbfx3tf8kgspm5r1ac7125rhtp9b48gpwbv6ayxp84k7c9s7rhqw9bqp257tb9wk65w70p30ce9wkzxp2w4vanszkqpm630gawhfkabgkyqmrea0x9315csgnzx1sx62rs6fj2x14snxeyr5hsn010g9mz1d9591bt4g87bxhn0jhqeyfrp5bspbc%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCHD-JDoosY__uEteGjuwP3oaSkAqQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0xMjc2NjQxNDM0NjUxMzYwoAHCrujdA8gBCakCLi0QhmKOsD7gAgCoAwGqBJACT9BmouPZbLVQ9ib4JGHIeWIHB1gRCfQGzI4U37WJT7mSE1E3sI4VOroH2CcIK0NASODSRekDHLB18Xylws3j0KQdwmlVQvpDd7X7LEQrU-ywaM1rH4NIZdQ7reu77EK7ZZnspKUx-fnDaKBOlQxfHnMVOsyMl07uzFE_ghyHhV6F6RFJ8Tb-aeSHTkOQQ5sKdrDdGMtfLhU8HiDYCGl-8VB4OBvY-9UgyUYjWQtpJ6oKZlcUN_DgbtkY6KVU8JsOQEZX4rlXjUk7MJ8nqLfGOSEmiwu3sSQQqw9hAGY_1whS-yXIA8saspuLAudO51Frd_IH3QNZR5VnUDS8fZW_iF0B54thoxEpNXoyPLtAIAXgBAGABr_Lica30_nRW6AGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_2CPKrYPM6QwJIIZ3wICQOCLldv1g%2526client%253Dca-pub-1276641434651360%2526adurl%253D&y=1&s=&z=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 16:15:11 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
age: 871075
cross-origin-embedder-policy: unsafe-none
cf-polished: origSize=86781
surrogate-control: no-store
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=86400; includeSubDomains; preload
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: same-origin
last-modified: Mon, 12 Sep 2022 14:17:16 GMT
server: cloudflare
cross-origin-opener-policy: unsafe-none
x-download-options: noopen
vary: accept-encoding
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
content-type: text/css; charset=utf-8
expires: 0
cache-control: max-age=3600, must-revalidate, proxy-revalidate
cf-ray: 74ec5681bafb9bb0-FRA
cf-bgj: minify

GET
H3 200 0FFB463DB03CB009793080C1B53C23C9FD5377E1899EF35E72791D21CA62D52A222D662E2077C819E6DE8402D02F3C83CF5355E92DFA2B41CAD20448D14D8FA3
assets.ad4m.at/logo/ Frame EEB3 3 KB
3 KB 49ms
46ms Image
image/webp 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/0FFB463DB03CB009793080C1B53C23C9FD5377E1899EF35E72791D21CA62D52A222D662E2077C819E6DE8402D02F3C83CF5355E92DFA2B41CAD20448D14D8FA3
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=19840%2C196439%2C24673&b=Vx7fwfmf7p4TVHbHAtRtDJxaBSzTzQkTQ%2CJBeszf5f3drKCBH6H7tptrjQtxSgTbWguX%2C4rehEf5fRAzhGH9HdtAtmJAsbSpTr6XuK&f=m3AsefGfARbfmHZHZtQC6rQtKSwTX8AfA%2CGjeTBfpfXwxkcKHeHGtBC31dHZSYTeA9tE%2Cr2GcQf9fd3jTAH7HjtJCBwxuYS8TKxdhd&c=728&d=90&e=&g=16c2e55e4a9590aea04ea0fb6b0c5928%2F7858400548227888840&i=22610%2C25174%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1663863311551&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hdn96kc1nkcej93ptzah8jbm3pz5f9hkptcnsbe1bjj9t7y7mtt6zbjkemkfr7w116y0bkg38e4svzsmxekhbfx3tf8kgspm5r1ac7125rhtp9b48gpwbv6ayxp84k7c9s7rhqw9bqp257tb9wk65w70p30ce9wkzxp2w4vanszkqpm630gawhfkabgkyqmrea0x9315csgnzx1sx62rs6fj2x14snxeyr5hsn010g9mz1d9591bt4g87bxhn0jhqeyfrp5bspbc%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCHD-JDoosY__uEteGjuwP3oaSkAqQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0xMjc2NjQxNDM0NjUxMzYwoAHCrujdA8gBCakCLi0QhmKOsD7gAgCoAwGqBJACT9BmouPZbLVQ9ib4JGHIeWIHB1gRCfQGzI4U37WJT7mSE1E3sI4VOroH2CcIK0NASODSRekDHLB18Xylws3j0KQdwmlVQvpDd7X7LEQrU-ywaM1rH4NIZdQ7reu77EK7ZZnspKUx-fnDaKBOlQxfHnMVOsyMl07uzFE_ghyHhV6F6RFJ8Tb-aeSHTkOQQ5sKdrDdGMtfLhU8HiDYCGl-8VB4OBvY-9UgyUYjWQtpJ6oKZlcUN_DgbtkY6KVU8JsOQEZX4rlXjUk7MJ8nqLfGOSEmiwu3sSQQqw9hAGY_1whS-yXIA8saspuLAudO51Frd_IH3QNZR5VnUDS8fZW_iF0B54thoxEpNXoyPLtAIAXgBAGABr_Lica30_nRW6AGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_2CPKrYPM6QwJIIZ3wICQOCLldv1g%2526client%253Dca-pub-1276641434651360%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8e82ac1ec5acf59251e8560b62ba41630b890325a9ecfc16f17418c16ae9871d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 16:15:11 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2577873
cf-polished: origFmt=png, origSize=10674
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2900
last-modified: Fri, 24 Jun 2022 09:18:05 GMT
server: cloudflare
etag: "749e968ec8ea7c9ff764f0b5b5a295a0"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=W2eFYOsFJLhgpm48mxAZDcgY2x8d%2BrqNhNQv3V%2FK%2BILotG39z5cGGrIirBjmbtXvBcmhe2QSrPL7L1fKsPrVtxJksEOWX%2FJXOFJUY43WQSE4hrj84RRVR7LADzszCE80jSeJQe5bL5DGULrh"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
expires: Fri, 23 Sep 2022 16:15:11 GMT
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 74ec5681bafc9bb0-FRA
cf-bgj: imgq:85,h2pri

GET
H3 200 50A0391ED1E82638BD388F91DB7A2617B584090578A365720D8AF5FD1BDF22035CB111A0506980F2E608C60A08D698A0A8D1AC530659B7A2489C546E1B8D6D1B
assets.ad4m.at/ Frame EEB3 168 KB
169 KB 47ms
45ms Image
image/webp 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/50A0391ED1E82638BD388F91DB7A2617B584090578A365720D8AF5FD1BDF22035CB111A0506980F2E608C60A08D698A0A8D1AC530659B7A2489C546E1B8D6D1B
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=19840%2C196439%2C24673&b=Vx7fwfmf7p4TVHbHAtRtDJxaBSzTzQkTQ%2CJBeszf5f3drKCBH6H7tptrjQtxSgTbWguX%2C4rehEf5fRAzhGH9HdtAtmJAsbSpTr6XuK&f=m3AsefGfARbfmHZHZtQC6rQtKSwTX8AfA%2CGjeTBfpfXwxkcKHeHGtBC31dHZSYTeA9tE%2Cr2GcQf9fd3jTAH7HjtJCBwxuYS8TKxdhd&c=728&d=90&e=&g=16c2e55e4a9590aea04ea0fb6b0c5928%2F7858400548227888840&i=22610%2C25174%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1663863311551&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hdn96kc1nkcej93ptzah8jbm3pz5f9hkptcnsbe1bjj9t7y7mtt6zbjkemkfr7w116y0bkg38e4svzsmxekhbfx3tf8kgspm5r1ac7125rhtp9b48gpwbv6ayxp84k7c9s7rhqw9bqp257tb9wk65w70p30ce9wkzxp2w4vanszkqpm630gawhfkabgkyqmrea0x9315csgnzx1sx62rs6fj2x14snxeyr5hsn010g9mz1d9591bt4g87bxhn0jhqeyfrp5bspbc%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCHD-JDoosY__uEteGjuwP3oaSkAqQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0xMjc2NjQxNDM0NjUxMzYwoAHCrujdA8gBCakCLi0QhmKOsD7gAgCoAwGqBJACT9BmouPZbLVQ9ib4JGHIeWIHB1gRCfQGzI4U37WJT7mSE1E3sI4VOroH2CcIK0NASODSRekDHLB18Xylws3j0KQdwmlVQvpDd7X7LEQrU-ywaM1rH4NIZdQ7reu77EK7ZZnspKUx-fnDaKBOlQxfHnMVOsyMl07uzFE_ghyHhV6F6RFJ8Tb-aeSHTkOQQ5sKdrDdGMtfLhU8HiDYCGl-8VB4OBvY-9UgyUYjWQtpJ6oKZlcUN_DgbtkY6KVU8JsOQEZX4rlXjUk7MJ8nqLfGOSEmiwu3sSQQqw9hAGY_1whS-yXIA8saspuLAudO51Frd_IH3QNZR5VnUDS8fZW_iF0B54thoxEpNXoyPLtAIAXgBAGABr_Lica30_nRW6AGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_2CPKrYPM6QwJIIZ3wICQOCLldv1g%2526client%253Dca-pub-1276641434651360%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: de09365c5a1290ab8b69797e3d02ef5b995c4bc684706e75ab72a8fe27e1c2ca

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 16:15:11 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2579248
cf-polished: origFmt=png, origSize=313263
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 171986
last-modified: Wed, 12 Feb 2020 11:15:33 GMT
server: cloudflare
etag: "eb54d83a4df355399ee99b599f8c33d8"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OtA7i9oj2RQUgITyHcBoIAwuSZZKvTo0shoztw7Fsdcif44Ww9qmm9NRp9p5GuP%2F9PeaBrPyXLnoepS2ke0ISvfZ0IPnsgloTPvqM3yUA4GxYVXj2PzX4CcSmhZLz3jQJxZxCAOw7MVaTekY"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
expires: Fri, 23 Sep 2022 16:15:11 GMT
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 74ec5681cb0f9bb0-FRA
cf-bgj: imgq:85,h2pri

GET
H/1.1 200
OK cshow.php
www.awin1.com/ Frame EEB3 43 B
704 B 92ms
90ms Image
image/gif 92.123.17.141
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.awin1.com/cshow.php?s=2463630&v=17927&q=371115&r=412871&pv=1&pref3=oneidVx7fwfmf7p4TVHbHAtRtDJxaBSzTzQkTQoneid__dc_reach_suite02wkz&gdpr_consent=&gdpr=0&gdpr_pd=0

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

92.123.17.141 Vienna, Austria, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a92-123-17-141.deploy.static.akamaitechnologies.com

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 22 Sep 2022 16:15:11 GMT
Strict-Transport-Security: max-age=86400
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set: default
Node: Helix
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: 0

GET
H3 200 188CB8AAD064EA4A8191591B373E95EFBB15091EC45B736DE282B2519499BCCBCAB6FDEDC5113C2A7BE7DE03216809B9DDF8A0A0594CFE95168D455C315D4410
assets.ad4m.at/logo/ Frame EEB3 8 KB
9 KB 52ms
50ms Image
image/webp 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/188CB8AAD064EA4A8191591B373E95EFBB15091EC45B736DE282B2519499BCCBCAB6FDEDC5113C2A7BE7DE03216809B9DDF8A0A0594CFE95168D455C315D4410
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=19840%2C196439%2C24673&b=Vx7fwfmf7p4TVHbHAtRtDJxaBSzTzQkTQ%2CJBeszf5f3drKCBH6H7tptrjQtxSgTbWguX%2C4rehEf5fRAzhGH9HdtAtmJAsbSpTr6XuK&f=m3AsefGfARbfmHZHZtQC6rQtKSwTX8AfA%2CGjeTBfpfXwxkcKHeHGtBC31dHZSYTeA9tE%2Cr2GcQf9fd3jTAH7HjtJCBwxuYS8TKxdhd&c=728&d=90&e=&g=16c2e55e4a9590aea04ea0fb6b0c5928%2F7858400548227888840&i=22610%2C25174%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1663863311551&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hdn96kc1nkcej93ptzah8jbm3pz5f9hkptcnsbe1bjj9t7y7mtt6zbjkemkfr7w116y0bkg38e4svzsmxekhbfx3tf8kgspm5r1ac7125rhtp9b48gpwbv6ayxp84k7c9s7rhqw9bqp257tb9wk65w70p30ce9wkzxp2w4vanszkqpm630gawhfkabgkyqmrea0x9315csgnzx1sx62rs6fj2x14snxeyr5hsn010g9mz1d9591bt4g87bxhn0jhqeyfrp5bspbc%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCHD-JDoosY__uEteGjuwP3oaSkAqQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0xMjc2NjQxNDM0NjUxMzYwoAHCrujdA8gBCakCLi0QhmKOsD7gAgCoAwGqBJACT9BmouPZbLVQ9ib4JGHIeWIHB1gRCfQGzI4U37WJT7mSE1E3sI4VOroH2CcIK0NASODSRekDHLB18Xylws3j0KQdwmlVQvpDd7X7LEQrU-ywaM1rH4NIZdQ7reu77EK7ZZnspKUx-fnDaKBOlQxfHnMVOsyMl07uzFE_ghyHhV6F6RFJ8Tb-aeSHTkOQQ5sKdrDdGMtfLhU8HiDYCGl-8VB4OBvY-9UgyUYjWQtpJ6oKZlcUN_DgbtkY6KVU8JsOQEZX4rlXjUk7MJ8nqLfGOSEmiwu3sSQQqw9hAGY_1whS-yXIA8saspuLAudO51Frd_IH3QNZR5VnUDS8fZW_iF0B54thoxEpNXoyPLtAIAXgBAGABr_Lica30_nRW6AGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_2CPKrYPM6QwJIIZ3wICQOCLldv1g%2526client%253Dca-pub-1276641434651360%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8e49b984d20b3e7cb3f2c4a08805dc3f66bb8a58ec08c365d0cf955dd57c77c7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 16:15:11 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2279062
cf-polished: qual=85, origFmt=jpeg, origSize=16723
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 8354
last-modified: Wed, 22 Jan 2020 13:13:07 GMT
server: cloudflare
etag: "04cb7ec205cea351157aeffb998f3a85"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QKnkYkLffiqA58ze55bPArHj0can9wwILu5rYpA7XIvQry2rXNOsItaQGn0UXSS%2BoLE5Ramr%2BWs%2F3LL8VR%2BvQmc2wcQW7jrA2txffg45R7GQadM%2BJOVDoS0vOA%2F7N14FJRoRCtjLY78lu5tm"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
expires: Fri, 23 Sep 2022 16:15:11 GMT
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 74ec5681cb139bb0-FRA
cf-bgj: imgq:85,h2pri

GET
H3 200 96AA637161FCFF7D0AE42DD0E3CF6E6A33D7A2D96B5FF2BDA5B1A8E0996EEB464D78D8CE114DFCCD8F5FCF559382B5A858EE2F2DD03A6307DB4B399DF7A75EC6
assets.ad4m.at/product_image/ Frame EEB3 43 KB
44 KB 55ms
53ms Image
image/webp 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/96AA637161FCFF7D0AE42DD0E3CF6E6A33D7A2D96B5FF2BDA5B1A8E0996EEB464D78D8CE114DFCCD8F5FCF559382B5A858EE2F2DD03A6307DB4B399DF7A75EC6
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=19840%2C196439%2C24673&b=Vx7fwfmf7p4TVHbHAtRtDJxaBSzTzQkTQ%2CJBeszf5f3drKCBH6H7tptrjQtxSgTbWguX%2C4rehEf5fRAzhGH9HdtAtmJAsbSpTr6XuK&f=m3AsefGfARbfmHZHZtQC6rQtKSwTX8AfA%2CGjeTBfpfXwxkcKHeHGtBC31dHZSYTeA9tE%2Cr2GcQf9fd3jTAH7HjtJCBwxuYS8TKxdhd&c=728&d=90&e=&g=16c2e55e4a9590aea04ea0fb6b0c5928%2F7858400548227888840&i=22610%2C25174%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1663863311551&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hdn96kc1nkcej93ptzah8jbm3pz5f9hkptcnsbe1bjj9t7y7mtt6zbjkemkfr7w116y0bkg38e4svzsmxekhbfx3tf8kgspm5r1ac7125rhtp9b48gpwbv6ayxp84k7c9s7rhqw9bqp257tb9wk65w70p30ce9wkzxp2w4vanszkqpm630gawhfkabgkyqmrea0x9315csgnzx1sx62rs6fj2x14snxeyr5hsn010g9mz1d9591bt4g87bxhn0jhqeyfrp5bspbc%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCHD-JDoosY__uEteGjuwP3oaSkAqQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0xMjc2NjQxNDM0NjUxMzYwoAHCrujdA8gBCakCLi0QhmKOsD7gAgCoAwGqBJACT9BmouPZbLVQ9ib4JGHIeWIHB1gRCfQGzI4U37WJT7mSE1E3sI4VOroH2CcIK0NASODSRekDHLB18Xylws3j0KQdwmlVQvpDd7X7LEQrU-ywaM1rH4NIZdQ7reu77EK7ZZnspKUx-fnDaKBOlQxfHnMVOsyMl07uzFE_ghyHhV6F6RFJ8Tb-aeSHTkOQQ5sKdrDdGMtfLhU8HiDYCGl-8VB4OBvY-9UgyUYjWQtpJ6oKZlcUN_DgbtkY6KVU8JsOQEZX4rlXjUk7MJ8nqLfGOSEmiwu3sSQQqw9hAGY_1whS-yXIA8saspuLAudO51Frd_IH3QNZR5VnUDS8fZW_iF0B54thoxEpNXoyPLtAIAXgBAGABr_Lica30_nRW6AGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_2CPKrYPM6QwJIIZ3wICQOCLldv1g%2526client%253Dca-pub-1276641434651360%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 426d76224de25de48c22820280fb851e7d9ebc04bfc915b4aec6dfc21821ea37

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 16:15:11 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2580732
cf-polished: qual=85, origFmt=jpeg, origSize=72345
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44118
last-modified: Tue, 14 Jun 2022 09:41:24 GMT
server: cloudflare
etag: "ed6f7b3b1b04cd5f78cf354be09c981b"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2N37wg6EzsQeB3EvFKmZS276WRmlu%2F6y9kDlhxkIj7i3V3%2ByY%2BM5IvrKS203RD1coK3JBHk04DSJnp3VKZEOlPJBt7WKJ3MWexYKt1g89eCcNlcGfS7Vg3QojOflz3Lsfuv%2F8iXrwRWTBJrZ"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
expires: Fri, 23 Sep 2022 16:15:11 GMT
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 74ec5681cb149bb0-FRA
cf-bgj: imgq:85,h2pri

GET
H/1.1

200

/
banner.congstar.de/cookie/ Frame EEB3
Redirect Chain

https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=%3Fhttps%3...
https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_pre=CKOHle3lqPoCFTTDuwgdpH0O5Q;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_d...
https://www.awin1.com/cawshow.php?v=11938&s=2542680&q=367022&r=412871&pv=1&pref3=pv_oneidJBeszf5f3drKCBH6H7tptrjQtxSgTbWguXoneid__dc_reach_suite02wkz&gdpr_consent=&gdpr=0&gdpr_pd=0
https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1663863311_bc0b9ce1-3a91-11ed-94c6-223782b38f54

0
517 B

383ms
11ms

Image
text/plain

148.251.139.77
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1663863311_bc0b9ce1-3a91-11ed-94c6-223782b38f54
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=19840%2C196439%2C24673&b=Vx7fwfmf7p4TVHbHAtRtDJxaBSzTzQkTQ%2CJBeszf5f3drKCBH6H7tptrjQtxSgTbWguX%2C4rehEf5fRAzhGH9HdtAtmJAsbSpTr6XuK&f=m3AsefGfARbfmHZHZtQC6rQtKSwTX8AfA%2CGjeTBfpfXwxkcKHeHGtBC31dHZSYTeA9tE%2Cr2GcQf9fd3jTAH7HjtJCBwxuYS8TKxdhd&c=728&d=90&e=&g=16c2e55e4a9590aea04ea0fb6b0c5928%2F7858400548227888840&i=22610%2C25174%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1663863311551&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hdn96kc1nkcej93ptzah8jbm3pz5f9hkptcnsbe1bjj9t7y7mtt6zbjkemkfr7w116y0bkg38e4svzsmxekhbfx3tf8kgspm5r1ac7125rhtp9b48gpwbv6ayxp84k7c9s7rhqw9bqp257tb9wk65w70p30ce9wkzxp2w4vanszkqpm630gawhfkabgkyqmrea0x9315csgnzx1sx62rs6fj2x14snxeyr5hsn010g9mz1d9591bt4g87bxhn0jhqeyfrp5bspbc%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCHD-JDoosY__uEteGjuwP3oaSkAqQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0xMjc2NjQxNDM0NjUxMzYwoAHCrujdA8gBCakCLi0QhmKOsD7gAgCoAwGqBJACT9BmouPZbLVQ9ib4JGHIeWIHB1gRCfQGzI4U37WJT7mSE1E3sI4VOroH2CcIK0NASODSRekDHLB18Xylws3j0KQdwmlVQvpDd7X7LEQrU-ywaM1rH4NIZdQ7reu77EK7ZZnspKUx-fnDaKBOlQxfHnMVOsyMl07uzFE_ghyHhV6F6RFJ8Tb-aeSHTkOQQ5sKdrDdGMtfLhU8HiDYCGl-8VB4OBvY-9UgyUYjWQtpJ6oKZlcUN_DgbtkY6KVU8JsOQEZX4rlXjUk7MJ8nqLfGOSEmiwu3sSQQqw9hAGY_1whS-yXIA8saspuLAudO51Frd_IH3QNZR5VnUDS8fZW_iF0B54thoxEpNXoyPLtAIAXgBAGABr_Lica30_nRW6AGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_2CPKrYPM6QwJIIZ3wICQOCLldv1g%2526client%253Dca-pub-1276641434651360%2526adurl%253D&y=1&s=&z=0
Protocol: HTTP/1.1
Server: 148.251.139.77 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.77.139.251.148.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 22 Sep 2022 16:15:11 GMT
Server: Apache
P3P: CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=5, max=99
Content-Length: 0

Redirect headers

Date: Thu, 22 Sep 2022 16:15:11 GMT
Strict-Transport-Security: max-age=86400
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Location: https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1663863311_bc0b9ce1-3a91-11ed-94c6-223782b38f54
Awin-Akamai-Rule-Set: default
Node: Helix
Connection: keep-alive
Content-Length: 0

GET
H3 200 E8A0B3404CF65D67FABF74F38D2E787E97D75F650E6720B8A047EFE226A7A598DA94FFCF3CDCC52A3B206A422DD3D5082778689277BC79BF962DEE607C6331D8
assets.ad4m.at/logo/ Frame EEB3 38 KB
38 KB 53ms
52ms Image
image/webp 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/E8A0B3404CF65D67FABF74F38D2E787E97D75F650E6720B8A047EFE226A7A598DA94FFCF3CDCC52A3B206A422DD3D5082778689277BC79BF962DEE607C6331D8
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=19840%2C196439%2C24673&b=Vx7fwfmf7p4TVHbHAtRtDJxaBSzTzQkTQ%2CJBeszf5f3drKCBH6H7tptrjQtxSgTbWguX%2C4rehEf5fRAzhGH9HdtAtmJAsbSpTr6XuK&f=m3AsefGfARbfmHZHZtQC6rQtKSwTX8AfA%2CGjeTBfpfXwxkcKHeHGtBC31dHZSYTeA9tE%2Cr2GcQf9fd3jTAH7HjtJCBwxuYS8TKxdhd&c=728&d=90&e=&g=16c2e55e4a9590aea04ea0fb6b0c5928%2F7858400548227888840&i=22610%2C25174%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1663863311551&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hdn96kc1nkcej93ptzah8jbm3pz5f9hkptcnsbe1bjj9t7y7mtt6zbjkemkfr7w116y0bkg38e4svzsmxekhbfx3tf8kgspm5r1ac7125rhtp9b48gpwbv6ayxp84k7c9s7rhqw9bqp257tb9wk65w70p30ce9wkzxp2w4vanszkqpm630gawhfkabgkyqmrea0x9315csgnzx1sx62rs6fj2x14snxeyr5hsn010g9mz1d9591bt4g87bxhn0jhqeyfrp5bspbc%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCHD-JDoosY__uEteGjuwP3oaSkAqQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0xMjc2NjQxNDM0NjUxMzYwoAHCrujdA8gBCakCLi0QhmKOsD7gAgCoAwGqBJACT9BmouPZbLVQ9ib4JGHIeWIHB1gRCfQGzI4U37WJT7mSE1E3sI4VOroH2CcIK0NASODSRekDHLB18Xylws3j0KQdwmlVQvpDd7X7LEQrU-ywaM1rH4NIZdQ7reu77EK7ZZnspKUx-fnDaKBOlQxfHnMVOsyMl07uzFE_ghyHhV6F6RFJ8Tb-aeSHTkOQQ5sKdrDdGMtfLhU8HiDYCGl-8VB4OBvY-9UgyUYjWQtpJ6oKZlcUN_DgbtkY6KVU8JsOQEZX4rlXjUk7MJ8nqLfGOSEmiwu3sSQQqw9hAGY_1whS-yXIA8saspuLAudO51Frd_IH3QNZR5VnUDS8fZW_iF0B54thoxEpNXoyPLtAIAXgBAGABr_Lica30_nRW6AGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_2CPKrYPM6QwJIIZ3wICQOCLldv1g%2526client%253Dca-pub-1276641434651360%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d997fba7832cb78b0933a9eb2ce191d53234c978e25c6c8fc50c75923ea8405e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 16:15:11 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2580752
cf-polished: origFmt=png, origSize=77267
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 38696
last-modified: Wed, 22 Jan 2020 13:11:48 GMT
server: cloudflare
etag: "2b0e02e9dde77e31d38d78d73dc69e4f"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VzkaDiRVcwMQIROX6LZfKxRlZqElNXgofmYIZaFEjtXgMHco%2F%2FYj6HoVsdtnQPXwdS%2F4vUph4JEzScxCSti0hFlCeaKHHuf7Pnp4U8GgDd1ioAMSwQYiCkl9R9U%2FtkzVjERdpkgMlaYQtYZK"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
expires: Fri, 23 Sep 2022 16:15:11 GMT
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 74ec5681cb159bb0-FRA
cf-bgj: imgq:85,h2pri

GET
H3 200 B45F893E9FFC024BF63F31BCCBD125167CBC3446F3678FC31F706A695A83CDCA7427229BCA4C5992B83E2F60A147FCD1B6148725AA0AF3ABB801A6BB7EA78390
assets.ad4m.at/ Frame EEB3 84 KB
84 KB 60ms
59ms Image
image/jpeg 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/B45F893E9FFC024BF63F31BCCBD125167CBC3446F3678FC31F706A695A83CDCA7427229BCA4C5992B83E2F60A147FCD1B6148725AA0AF3ABB801A6BB7EA78390
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=19840%2C196439%2C24673&b=Vx7fwfmf7p4TVHbHAtRtDJxaBSzTzQkTQ%2CJBeszf5f3drKCBH6H7tptrjQtxSgTbWguX%2C4rehEf5fRAzhGH9HdtAtmJAsbSpTr6XuK&f=m3AsefGfARbfmHZHZtQC6rQtKSwTX8AfA%2CGjeTBfpfXwxkcKHeHGtBC31dHZSYTeA9tE%2Cr2GcQf9fd3jTAH7HjtJCBwxuYS8TKxdhd&c=728&d=90&e=&g=16c2e55e4a9590aea04ea0fb6b0c5928%2F7858400548227888840&i=22610%2C25174%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1663863311551&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hdn96kc1nkcej93ptzah8jbm3pz5f9hkptcnsbe1bjj9t7y7mtt6zbjkemkfr7w116y0bkg38e4svzsmxekhbfx3tf8kgspm5r1ac7125rhtp9b48gpwbv6ayxp84k7c9s7rhqw9bqp257tb9wk65w70p30ce9wkzxp2w4vanszkqpm630gawhfkabgkyqmrea0x9315csgnzx1sx62rs6fj2x14snxeyr5hsn010g9mz1d9591bt4g87bxhn0jhqeyfrp5bspbc%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCHD-JDoosY__uEteGjuwP3oaSkAqQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0xMjc2NjQxNDM0NjUxMzYwoAHCrujdA8gBCakCLi0QhmKOsD7gAgCoAwGqBJACT9BmouPZbLVQ9ib4JGHIeWIHB1gRCfQGzI4U37WJT7mSE1E3sI4VOroH2CcIK0NASODSRekDHLB18Xylws3j0KQdwmlVQvpDd7X7LEQrU-ywaM1rH4NIZdQ7reu77EK7ZZnspKUx-fnDaKBOlQxfHnMVOsyMl07uzFE_ghyHhV6F6RFJ8Tb-aeSHTkOQQ5sKdrDdGMtfLhU8HiDYCGl-8VB4OBvY-9UgyUYjWQtpJ6oKZlcUN_DgbtkY6KVU8JsOQEZX4rlXjUk7MJ8nqLfGOSEmiwu3sSQQqw9hAGY_1whS-yXIA8saspuLAudO51Frd_IH3QNZR5VnUDS8fZW_iF0B54thoxEpNXoyPLtAIAXgBAGABr_Lica30_nRW6AGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_2CPKrYPM6QwJIIZ3wICQOCLldv1g%2526client%253Dca-pub-1276641434651360%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3c3a0321547809818914bf6666db8a6b4f882b487d3e08e334566d25d5d38e55

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 16:15:11 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1719735
cf-polished: origSize=90165, status=webp_bigger
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 85727
last-modified: Wed, 09 Oct 2019 16:06:53 GMT
server: cloudflare
etag: "a6c89bb079950765946aeeda42e13d01"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iou2doUCST8LYoNOoDBeEU0bmSjRoxNoF6eC%2Bg4qChwQJqG5zCcappChoWHrlRGE1bQzks4rJvNIhMQhVBYQ9HxiBNAKTSv2DvayzPhDLf3By%2FcyMTE2U3jkF6nERp7a1waiqAVWz0bp9rIp"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
expires: Fri, 23 Sep 2022 16:15:11 GMT
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 74ec5681cb169bb0-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 link.html Show response
track.webgains.com/ Frame DAD7 2 KB
2 KB 70ms
68ms Script
text/html 3.11.195.34
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://track.webgains.com/link.html?wglinkid=3247651&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1hde56hg2fgcqjzsg7jsrx3th2n13x4yzjw4hj3papx81b5vq9ths0kcmrkpck2gsja3vxkmjfeh9nnd9qr2n07gqyyfdnkmefdn8z51dsjcv8w5a5ngjpbzzrvwvsc3srv99fmxcskfeg4p0eyyf7rdeqbvy8vp3fqqfmdw41amvnd16n5m1b9ghbr1cshp1k2n3r10m9v3tffczm7detsjenk54bdx3bpmxjwzhtfc2jbd5x6h86v3pp16kjq28d6g%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1jf3mkc71hjdf4nyyrw9b89n2jbf5xdnncxj76fsb6frdb7wkmr2xqfr1sg3tmf9962vag9jpyr6b0d64heajcchw04pxwpqe9mmsx5k47s2dw0kabrhgwnhdedvvhbkwqvp9z7gk85b84srkkwasg4xksth4274mjhwf01g2kmfq818xfjt93q66ckfr2cdbz70c94w8sctp18mwpqfr8wbr6nepts8x3has9f4tgsbm64fyz8rj7pqxhc7p4b403n4qch8mb4et%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DC3lCADoosY6jpBqXH3gOZ5JWIBJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTEyNzY2NDE0MzQ2NTEzNjCgAcKu6N0DyAEJqQIuLRCGYo6wPuACAKgDAaoEkQJP0NoYi9FYHQWhNM3Wn_xvJlS210HholWBIvR6IZzwTBZD1CJLYV0sjWU2tmXdHDgC81NjgYIQrOfE9X1kX23Dc9ylCWviynz8A0W2EK9kN1MKK-xk8U3adznRfS2ver8CB_vc0VaAzwkz6MBI3_zDH7tBMzt0HoZSHdbxILdqQsEdzFWLNiX16enGjHpsz2wLtPagfk3gmlDhwHuDUXyDQCZ3WHmHuyYa7KvULI77BeqECi9gtguOz1PHLj8NNq1KSwNS9wZNfgxytqhm9sA0MByAeAj1fFx4msWXmKX7NuyDcRR7GawymQoK8OjWm-LPF66II7_gZFimXgPFzh8Gh8HpXMMVAuKfA_HP4W93WSbgBAGABr_Lica30_nRW6AGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_1XAk5I2W0F_xNOk2wvfC2j7UuKWQ%252526client%25253Dca-pub-1276641434651360%252526adurl%25253D&clickref=oneidxEbfQfAf6gJUPHdHztDC3jqh7S6TqkxSAoneid__dc_reach_suite02wkz&viewref=oneidjpBHEfGfjp9hYHEH2t6tx1WsZSzTDRGT9oneid__dc_reach_suite02wkz
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=43784%2C13833%2C56666&b=jpBHEfGfjp9hYHEH2t6tx1WsZSzTDRGT9%2C7QZTqfzfzeKSrHXHgtAtX71H4S1Tr9ZuM%2CZxJfwfBfJJ8DumHDHDt3tkBjC6SXTx3qaJ&f=xEbfQfAf6gJUPHdHztDC3jqh7S6TqkxSA%2CEjeTDfEfAJktzHAHjt6CQXYuKSVTZAGT7%2C9jeTMfmf11YBaKHBH2tzCG5zS9SmTZY2Td&c=728&d=90&e=&g=c2a8357628d38ee2f46d2d57bceb7cb6%2F15360957782537916248&i=27720%2C17743%2C22427&j=21%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1663863311464&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jf3mkc71hjdf4nyyrw9b89n2jbf5xdnncxj76fsb6frdb7wkmr2xqfr1sg3tmf9962vag9jpyr6b0d64heajcchw04pxwpqe9mmsx5k47s2dw0kabrhgwnhdedvvhbkwqvp9z7gk85b84srkkwasg4xksth4274mjhwf01g2kmfq818xfjt93q66ckfr2cdbz70c94w8sctp18mwpqfr8wbr6nepts8x3has9f4tgsbm64fyz8rj7pqxhc7p4b403n4qch8mb4et%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC3lCADoosY6jpBqXH3gOZ5JWIBJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTEyNzY2NDE0MzQ2NTEzNjCgAcKu6N0DyAEJqQIuLRCGYo6wPuACAKgDAaoEkQJP0NoYi9FYHQWhNM3Wn_xvJlS210HholWBIvR6IZzwTBZD1CJLYV0sjWU2tmXdHDgC81NjgYIQrOfE9X1kX23Dc9ylCWviynz8A0W2EK9kN1MKK-xk8U3adznRfS2ver8CB_vc0VaAzwkz6MBI3_zDH7tBMzt0HoZSHdbxILdqQsEdzFWLNiX16enGjHpsz2wLtPagfk3gmlDhwHuDUXyDQCZ3WHmHuyYa7KvULI77BeqECi9gtguOz1PHLj8NNq1KSwNS9wZNfgxytqhm9sA0MByAeAj1fFx4msWXmKX7NuyDcRR7GawymQoK8OjWm-LPF66II7_gZFimXgPFzh8Gh8HpXMMVAuKfA_HP4W93WSbgBAGABr_Lica30_nRW6AGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1XAk5I2W0F_xNOk2wvfC2j7UuKWQ%2526client%253Dca-pub-1276641434651360%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.11.195.34 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-11-195-34.eu-west-2.compute.amazonaws.com
Software: nginx / PHP/7.4.26
Resource Hash: d0e0df8d7d8ae1634279fe885ff801b14c45627734765518da9eafd5651c426e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 16:15:11 GMT
last-modified: Thu, 22 Sep 2022 16:15:11 GMT
server: nginx
x-powered-by: PHP/7.4.26
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=60
access-control-allow-headers: Authorization
expires: Thu, 22 Sep 2022 16:16:11 GMT

GET
H2 200 link.html Show response
track.webgains.com/ Frame DAD7 1 KB
2 KB 62ms
62ms Script
text/html 3.11.195.34
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://track.webgains.com/link.html?wglinkid=496305&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1gpvz4nm275e2xmkyq9jc7deeqxs2jsnj1b8j5xt2v552m5sy14k3pv2nw7z0gjv1bpw1tnqtj5ksyztg80jwt09m649ecah6wstc3k7fmza0rzm7zs99m4971rxrfhsgpme97ah8nhj0mpsm0s6sj0m7jvx8ap46c29h18azks9c1c8fw4kpx5tqnp41d9wdrj6qc24f34rtemfgzx517k2b2j2yqa86sbqzj4t5pb4m76f78rd4kfa8dd4xb93pjk0%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1jf3mkc71hjdf4nyyrw9b89n2jbf5xdnncxj76fsb6frdb7wkmr2xqfr1sg3tmf9962vag9jpyr6b0d64heajcchw04pxwpqe9mmsx5k47s2dw0kabrhgwnhdedvvhbkwqvp9z7gk85b84srkkwasg4xksth4274mjhwf01g2kmfq818xfjt93q66ckfr2cdbz70c94w8sctp18mwpqfr8wbr6nepts8x3has9f4tgsbm64fyz8rj7pqxhc7p4b403n4qch8mb4et%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DC3lCADoosY6jpBqXH3gOZ5JWIBJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTEyNzY2NDE0MzQ2NTEzNjCgAcKu6N0DyAEJqQIuLRCGYo6wPuACAKgDAaoEkQJP0NoYi9FYHQWhNM3Wn_xvJlS210HholWBIvR6IZzwTBZD1CJLYV0sjWU2tmXdHDgC81NjgYIQrOfE9X1kX23Dc9ylCWviynz8A0W2EK9kN1MKK-xk8U3adznRfS2ver8CB_vc0VaAzwkz6MBI3_zDH7tBMzt0HoZSHdbxILdqQsEdzFWLNiX16enGjHpsz2wLtPagfk3gmlDhwHuDUXyDQCZ3WHmHuyYa7KvULI77BeqECi9gtguOz1PHLj8NNq1KSwNS9wZNfgxytqhm9sA0MByAeAj1fFx4msWXmKX7NuyDcRR7GawymQoK8OjWm-LPF66II7_gZFimXgPFzh8Gh8HpXMMVAuKfA_HP4W93WSbgBAGABr_Lica30_nRW6AGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_1XAk5I2W0F_xNOk2wvfC2j7UuKWQ%252526client%25253Dca-pub-1276641434651360%252526adurl%25253D&clickref=oneid9jeTMfmf11YBaKHBH2tzCG5zS9SmTZY2Tdoneid__dc_reach_suite02wkz&viewref=oneidZxJfwfBfJJ8DumHDHDt3tkBjC6SXTx3qaJoneid__dc_reach_suite02wkz
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=43784%2C13833%2C56666&b=jpBHEfGfjp9hYHEH2t6tx1WsZSzTDRGT9%2C7QZTqfzfzeKSrHXHgtAtX71H4S1Tr9ZuM%2CZxJfwfBfJJ8DumHDHDt3tkBjC6SXTx3qaJ&f=xEbfQfAf6gJUPHdHztDC3jqh7S6TqkxSA%2CEjeTDfEfAJktzHAHjt6CQXYuKSVTZAGT7%2C9jeTMfmf11YBaKHBH2tzCG5zS9SmTZY2Td&c=728&d=90&e=&g=c2a8357628d38ee2f46d2d57bceb7cb6%2F15360957782537916248&i=27720%2C17743%2C22427&j=21%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1663863311464&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jf3mkc71hjdf4nyyrw9b89n2jbf5xdnncxj76fsb6frdb7wkmr2xqfr1sg3tmf9962vag9jpyr6b0d64heajcchw04pxwpqe9mmsx5k47s2dw0kabrhgwnhdedvvhbkwqvp9z7gk85b84srkkwasg4xksth4274mjhwf01g2kmfq818xfjt93q66ckfr2cdbz70c94w8sctp18mwpqfr8wbr6nepts8x3has9f4tgsbm64fyz8rj7pqxhc7p4b403n4qch8mb4et%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC3lCADoosY6jpBqXH3gOZ5JWIBJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTEyNzY2NDE0MzQ2NTEzNjCgAcKu6N0DyAEJqQIuLRCGYo6wPuACAKgDAaoEkQJP0NoYi9FYHQWhNM3Wn_xvJlS210HholWBIvR6IZzwTBZD1CJLYV0sjWU2tmXdHDgC81NjgYIQrOfE9X1kX23Dc9ylCWviynz8A0W2EK9kN1MKK-xk8U3adznRfS2ver8CB_vc0VaAzwkz6MBI3_zDH7tBMzt0HoZSHdbxILdqQsEdzFWLNiX16enGjHpsz2wLtPagfk3gmlDhwHuDUXyDQCZ3WHmHuyYa7KvULI77BeqECi9gtguOz1PHLj8NNq1KSwNS9wZNfgxytqhm9sA0MByAeAj1fFx4msWXmKX7NuyDcRR7GawymQoK8OjWm-LPF66II7_gZFimXgPFzh8Gh8HpXMMVAuKfA_HP4W93WSbgBAGABr_Lica30_nRW6AGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1XAk5I2W0F_xNOk2wvfC2j7UuKWQ%2526client%253Dca-pub-1276641434651360%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.11.195.34 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-11-195-34.eu-west-2.compute.amazonaws.com
Software: nginx / PHP/7.4.26
Resource Hash: 37e77411b44e1a48419cd77af863dd79188230adb43e0eb120631f28062f2e3d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 16:15:11 GMT
last-modified: Thu, 22 Sep 2022 16:15:11 GMT
server: nginx
x-powered-by: PHP/7.4.26
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=60
access-control-allow-headers: Authorization
expires: Thu, 22 Sep 2022 16:16:11 GMT

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 8F29 42 B
64 B 88ms
87ms Image
image/gif 2a00:1450:400d:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv1cfEz-QsTx7bwjsS-7NgkKo5bi4TtoWTbm4CacIGlZOu1Wk0DK5EMlsUVKtHQYu65jw6mJ1zVgM-pK5_uC5bX0uzG-c8X9N__utThDUeqcBzMOObbQu7JMjaJ13Nhv7zjoYuH-g&sai=AMfl-YT1J8_hoAI6QoM3mB8EXpOTE_vlWIlzDD6adJ93VpA35eAwgx7JuF7zzMh87RVCvGM-2vyL-h9KslLa_T0yH6j-e84PO7l9zHQsiL8UYluhRPQogTT7uuSF1u24&sig=Cg0ArKJSzI_fPwP8ICtXEAE&cid=CAASF-Ro-2p-CN1cQb6RGe9Twd49volw7-6F&id=ampim&o=315,219&d=970,90&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=615&tls=1615&g=100&h=100&tt=1615&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0

Requested by

Host: www.secretchina.com
URL: https://www.secretchina.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.secretchina.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 22 Sep 2022 16:15:11 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pvClk.min.js Show response
analytics.webgains.io/ Frame F412 85 KB
85 KB 95ms
87ms Script
text/javascript 18.66.15.79
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.webgains.io/pvClk.min.js
Requested by: Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=2194035&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1gjt4psx8peqd40b9564jnwksn8xdgnk8vbmrdv6v36vyhkrk64vp1229ec2hc63n30jrvz138z75dcsvhtyjpnf3c0vsdk7d3r9e77pz0p2ybk5j6ehsp0zhezw3yk3wt30f35bs8hahxynzqgr9nj8vvpy5j3pjrmhg1c5py7sx5sfey0xywpszjcn3r7rsqvw6vxv07wcyymj45xyf9qst78w3vvj5n1n29p39mkpq5fwqfb8gxm6ffbav2qskk85g%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1jg0nnn2qhhrmw7dgzfk8xjxk7yqb1ymapf5sp08vtzz5k2fvnyg6spqfnwd33z7s1p9jb2dr05mzm45am4vvvfay6ab8vnhz5vdwb8gkmc2h96ag8ja3hg66tmv9s1192j70fkm1v148zxk389wpdxavf9hgkx05k1hddbpda8yd01y98byr2zyjmwrn1y4harwmff7hz0ex6y7kbk49e4jnyp0xeaa6pcysyxa0zyygwqw8ne1vq2vt1mf11yag1bs5jwwr8bby%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCHWK4DYosY_KzL9KprASw-rvABJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTEyNzY2NDE0MzQ2NTEzNjCgAcKu6N0DyAEJqQIuLRCGYo6wPuACAKgDAaoEkAJP0HuRmZSdj-T_urpqJeAzggjDUDltRPbxmp0Jc1Q-burtz8rc0707FVZ_MAwjwfcI9eT6lNeUnC_9T1wPiUv62fHOIzzxiwsi_9pip_8X78tESeEcKWScWQ3rtcWLLJ31uXl2j8GJ2ynpOs-EPVm17YYW7GFshEafdx4Dlha8kX7ls9kgZjyxnNci2z3Gi8PpViUc5xDfAl_ezbxAii_4NvehnKPgyANViCt2c-j2Fbufc2sRGtREkq_3dkYO-kekEyBhJXz7e0KBi-Lb8uXWzw8Dw5WsfBMZ3esD0TdLWoIGQnmPxZKSxqecLloWFRYLiKKjW4ZHEaLpwfBLIUZV6exdzuVVBMmCGaCtvDTCBOAEAYAGv8uJxrfT-dFboAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_0rg4TMi1rEWj0fpEc_p4_XmWQMXw%252526client%25253Dca-pub-1276641434651360%252526adurl%25253D&clickref=oneidDjeT3fwfGA3rF3HmH9twCZ3kTxSmTk8rFVoneid__dc_reach_suite02wkz&viewref=oneide7RC3fVfrkRMajHZHet1t4jXTwSQTx8Ja1oneid__dc_reach_suite02wkz
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.15.79 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-15-79.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ddf89cdacf98bb3a625393cc6301c0e57d1a40b9aab4e246c21c9a37301580dc

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 03:15:40 GMT
via: 1.1 127e1ddb6224f10ae9e484392afd1b6c.cloudfront.net (CloudFront)
last-modified: Tue, 23 Aug 2022 13:40:24 GMT
server: AmazonS3
age: 46774
etag: "42f12532a1be9c2d028e26e9b82a99a2"
x-cache: Hit from cloudfront
content-type: text/javascript
x-amz-cf-pop: VIE50-P1
content-length: 86537
x-amz-cf-id: 8K5kMPBE7K8oIFx89q2bHoudtafgkNo2czZtnXy6JBVlpLcduUqMFg==

GET
H2 200 link.html
track.webgains.com/ Frame F412 48 KB
49 KB 78ms
71ms Image
image/gif 3.11.195.34
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track.webgains.com/link.html?wgdedup=1&wgcampaignid=1384975&viewref=oneide7RC3fVfrkRMajHZHet1t4jXTwSQTx8Ja1oneid__dc_reach_suite02wkz&wglinkid=2194035
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=183975%2C22925%2C195017&b=e7RC3fVfrkRMajHZHet1t4jXTwSQTx8Ja1%2CMxefzfrfw4QsWHEHGtDt66BTBS4Tb6ku3%2C2beH6fqfjA7xtVHWHkt8txx5FxS7T7G4fg&f=DjeT3fwfGA3rF3HmH9twCZ3kTxSmTk8rFV%2C62Zcef3fK8VueHmHYtECWW8aYS1T2qJs7%2C4rehEf5fAQEZcGH9HdtzCmm7abSpTr6XuK&c=728&d=90&e=&g=8eaa81d6dc3b3952bcd66cbf65e3be14%2F13756239879287092410&i=20597%2C20774%2C20773&j=21%2C14%2C14&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1663863311421&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jg0nnn2qhhrmw7dgzfk8xjxk7yqb1ymapf5sp08vtzz5k2fvnyg6spqfnwd33z7s1p9jb2dr05mzm45am4vvvfay6ab8vnhz5vdwb8gkmc2h96ag8ja3hg66tmv9s1192j70fkm1v148zxk389wpdxavf9hgkx05k1hddbpda8yd01y98byr2zyjmwrn1y4harwmff7hz0ex6y7kbk49e4jnyp0xeaa6pcysyxa0zyygwqw8ne1vq2vt1mf11yag1bs5jwwr8bby%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCHWK4DYosY_KzL9KprASw-rvABJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTEyNzY2NDE0MzQ2NTEzNjCgAcKu6N0DyAEJqQIuLRCGYo6wPuACAKgDAaoEkAJP0HuRmZSdj-T_urpqJeAzggjDUDltRPbxmp0Jc1Q-burtz8rc0707FVZ_MAwjwfcI9eT6lNeUnC_9T1wPiUv62fHOIzzxiwsi_9pip_8X78tESeEcKWScWQ3rtcWLLJ31uXl2j8GJ2ynpOs-EPVm17YYW7GFshEafdx4Dlha8kX7ls9kgZjyxnNci2z3Gi8PpViUc5xDfAl_ezbxAii_4NvehnKPgyANViCt2c-j2Fbufc2sRGtREkq_3dkYO-kekEyBhJXz7e0KBi-Lb8uXWzw8Dw5WsfBMZ3esD0TdLWoIGQnmPxZKSxqecLloWFRYLiKKjW4ZHEaLpwfBLIUZV6exdzuVVBMmCGaCtvDTCBOAEAYAGv8uJxrfT-dFboAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_0rg4TMi1rEWj0fpEc_p4_XmWQMXw%2526client%253Dca-pub-1276641434651360%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.11.195.34 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-11-195-34.eu-west-2.compute.amazonaws.com
Software: nginx / PHP/7.4.26
Resource Hash: e634cdea6fc8a42921753f7da1799c4719b763400d8891a778bdcc519e43c919

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 16:15:11 GMT
last-modified: Thu, 22 Sep 2022 16:15:11 GMT
server: nginx
x-powered-by: PHP/7.4.26
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: private, max-age=60
access-control-allow-headers: Authorization
expires: Thu, 22 Sep 2022 16:16:11 GMT

GET
H2 200 link.html Show response
track.webgains.com/ Frame EEB3 2 KB
2 KB 97ms
96ms Script
text/html 3.11.195.34
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://track.webgains.com/link.html?wglinkid=713569&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1kqcrg3hfrmq06bz0w8h2e2w4e51yhx16mmp3wer13w90kntbsq270rkaf8mdp7wexcb7vc2w4tk9w90g90g557hdwq5c7yp0ev93tfrdb1zmjrh4s66tdxpcegqsm546d48skeyzxrszmv1pdw118j5t5xnjjgabdqm5cgdnxnfnc0v1m36eby76t5dsnhwzd10vswh1qb2b1p2jmencn48mgk2r83qb1fv0bwav33q36x9yf8k51yy02gagtdtkg%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1hdn96kc1nkcej93ptzah8jbm3pz5f9hkptcnsbe1bjj9t7y7mtt6zbjkemkfr7w116y0bkg38e4svzsmxekhbfx3tf8kgspm5r1ac7125rhtp9b48gpwbv6ayxp84k7c9s7rhqw9bqp257tb9wk65w70p30ce9wkzxp2w4vanszkqpm630gawhfkabgkyqmrea0x9315csgnzx1sx62rs6fj2x14snxeyr5hsn010g9mz1d9591bt4g87bxhn0jhqeyfrp5bspbc%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCHD-JDoosY__uEteGjuwP3oaSkAqQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0xMjc2NjQxNDM0NjUxMzYwoAHCrujdA8gBCakCLi0QhmKOsD7gAgCoAwGqBJACT9BmouPZbLVQ9ib4JGHIeWIHB1gRCfQGzI4U37WJT7mSE1E3sI4VOroH2CcIK0NASODSRekDHLB18Xylws3j0KQdwmlVQvpDd7X7LEQrU-ywaM1rH4NIZdQ7reu77EK7ZZnspKUx-fnDaKBOlQxfHnMVOsyMl07uzFE_ghyHhV6F6RFJ8Tb-aeSHTkOQQ5sKdrDdGMtfLhU8HiDYCGl-8VB4OBvY-9UgyUYjWQtpJ6oKZlcUN_DgbtkY6KVU8JsOQEZX4rlXjUk7MJ8nqLfGOSEmiwu3sSQQqw9hAGY_1whS-yXIA8saspuLAudO51Frd_IH3QNZR5VnUDS8fZW_iF0B54thoxEpNXoyPLtAIAXgBAGABr_Lica30_nRW6AGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_2CPKrYPM6QwJIIZ3wICQOCLldv1g%252526client%25253Dca-pub-1276641434651360%252526adurl%25253D&clickref=oneidr2GcQf9fd3jTAH7HjtJCBwxuYS8TKxdhdoneid__dc_reach_suite02wkz&viewref=oneid4rehEf5fRAzhGH9HdtAtmJAsbSpTr6XuKoneid__dc_reach_suite02wkz
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=19840%2C196439%2C24673&b=Vx7fwfmf7p4TVHbHAtRtDJxaBSzTzQkTQ%2CJBeszf5f3drKCBH6H7tptrjQtxSgTbWguX%2C4rehEf5fRAzhGH9HdtAtmJAsbSpTr6XuK&f=m3AsefGfARbfmHZHZtQC6rQtKSwTX8AfA%2CGjeTBfpfXwxkcKHeHGtBC31dHZSYTeA9tE%2Cr2GcQf9fd3jTAH7HjtJCBwxuYS8TKxdhd&c=728&d=90&e=&g=16c2e55e4a9590aea04ea0fb6b0c5928%2F7858400548227888840&i=22610%2C25174%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1663863311551&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hdn96kc1nkcej93ptzah8jbm3pz5f9hkptcnsbe1bjj9t7y7mtt6zbjkemkfr7w116y0bkg38e4svzsmxekhbfx3tf8kgspm5r1ac7125rhtp9b48gpwbv6ayxp84k7c9s7rhqw9bqp257tb9wk65w70p30ce9wkzxp2w4vanszkqpm630gawhfkabgkyqmrea0x9315csgnzx1sx62rs6fj2x14snxeyr5hsn010g9mz1d9591bt4g87bxhn0jhqeyfrp5bspbc%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCHD-JDoosY__uEteGjuwP3oaSkAqQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0xMjc2NjQxNDM0NjUxMzYwoAHCrujdA8gBCakCLi0QhmKOsD7gAgCoAwGqBJACT9BmouPZbLVQ9ib4JGHIeWIHB1gRCfQGzI4U37WJT7mSE1E3sI4VOroH2CcIK0NASODSRekDHLB18Xylws3j0KQdwmlVQvpDd7X7LEQrU-ywaM1rH4NIZdQ7reu77EK7ZZnspKUx-fnDaKBOlQxfHnMVOsyMl07uzFE_ghyHhV6F6RFJ8Tb-aeSHTkOQQ5sKdrDdGMtfLhU8HiDYCGl-8VB4OBvY-9UgyUYjWQtpJ6oKZlcUN_DgbtkY6KVU8JsOQEZX4rlXjUk7MJ8nqLfGOSEmiwu3sSQQqw9hAGY_1whS-yXIA8saspuLAudO51Frd_IH3QNZR5VnUDS8fZW_iF0B54thoxEpNXoyPLtAIAXgBAGABr_Lica30_nRW6AGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_2CPKrYPM6QwJIIZ3wICQOCLldv1g%2526client%253Dca-pub-1276641434651360%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.11.195.34 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-11-195-34.eu-west-2.compute.amazonaws.com
Software: nginx / PHP/7.4.26
Resource Hash: 4d1d586b7d52d92ce26f60bc981fc78e78e7a8244698430bbb476a1ce887bdab

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 16:15:11 GMT
last-modified: Thu, 22 Sep 2022 16:15:11 GMT
server: nginx
x-powered-by: PHP/7.4.26
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=60
access-control-allow-headers: Authorization
expires: Thu, 22 Sep 2022 16:16:11 GMT

GET
H2 200 pvClk.min.js Show response
analytics.webgains.io/ Frame DAD7 85 KB
85 KB 92ms
91ms Script
text/javascript 18.66.15.79
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.webgains.io/pvClk.min.js
Requested by: Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=3247651&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1hde56hg2fgcqjzsg7jsrx3th2n13x4yzjw4hj3papx81b5vq9ths0kcmrkpck2gsja3vxkmjfeh9nnd9qr2n07gqyyfdnkmefdn8z51dsjcv8w5a5ngjpbzzrvwvsc3srv99fmxcskfeg4p0eyyf7rdeqbvy8vp3fqqfmdw41amvnd16n5m1b9ghbr1cshp1k2n3r10m9v3tffczm7detsjenk54bdx3bpmxjwzhtfc2jbd5x6h86v3pp16kjq28d6g%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1jf3mkc71hjdf4nyyrw9b89n2jbf5xdnncxj76fsb6frdb7wkmr2xqfr1sg3tmf9962vag9jpyr6b0d64heajcchw04pxwpqe9mmsx5k47s2dw0kabrhgwnhdedvvhbkwqvp9z7gk85b84srkkwasg4xksth4274mjhwf01g2kmfq818xfjt93q66ckfr2cdbz70c94w8sctp18mwpqfr8wbr6nepts8x3has9f4tgsbm64fyz8rj7pqxhc7p4b403n4qch8mb4et%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DC3lCADoosY6jpBqXH3gOZ5JWIBJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTEyNzY2NDE0MzQ2NTEzNjCgAcKu6N0DyAEJqQIuLRCGYo6wPuACAKgDAaoEkQJP0NoYi9FYHQWhNM3Wn_xvJlS210HholWBIvR6IZzwTBZD1CJLYV0sjWU2tmXdHDgC81NjgYIQrOfE9X1kX23Dc9ylCWviynz8A0W2EK9kN1MKK-xk8U3adznRfS2ver8CB_vc0VaAzwkz6MBI3_zDH7tBMzt0HoZSHdbxILdqQsEdzFWLNiX16enGjHpsz2wLtPagfk3gmlDhwHuDUXyDQCZ3WHmHuyYa7KvULI77BeqECi9gtguOz1PHLj8NNq1KSwNS9wZNfgxytqhm9sA0MByAeAj1fFx4msWXmKX7NuyDcRR7GawymQoK8OjWm-LPF66II7_gZFimXgPFzh8Gh8HpXMMVAuKfA_HP4W93WSbgBAGABr_Lica30_nRW6AGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_1XAk5I2W0F_xNOk2wvfC2j7UuKWQ%252526client%25253Dca-pub-1276641434651360%252526adurl%25253D&clickref=oneidxEbfQfAf6gJUPHdHztDC3jqh7S6TqkxSAoneid__dc_reach_suite02wkz&viewref=oneidjpBHEfGfjp9hYHEH2t6tx1WsZSzTDRGT9oneid__dc_reach_suite02wkz
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.15.79 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-15-79.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ddf89cdacf98bb3a625393cc6301c0e57d1a40b9aab4e246c21c9a37301580dc

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 03:15:40 GMT
via: 1.1 127e1ddb6224f10ae9e484392afd1b6c.cloudfront.net (CloudFront)
last-modified: Tue, 23 Aug 2022 13:40:24 GMT
server: AmazonS3
age: 46774
etag: "42f12532a1be9c2d028e26e9b82a99a2"
x-cache: Hit from cloudfront
content-type: text/javascript
x-amz-cf-pop: VIE50-P1
content-length: 86537
x-amz-cf-id: g7kbL2nzDwiV41Hnqf5eYeZxkIDIlAHq8z6PE56B8GPuP_yRs5c3zQ==

GET
H2 200 1592578623_bPBVJMhToPkoa1z0pzv2xErGBXVDuFOF.png
cdn.track.production.webgains.team/280795/ Frame DAD7 5 KB
5 KB 18ms
18ms Image
image/png 18.66.15.50
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.track.production.webgains.team/280795/1592578623_bPBVJMhToPkoa1z0pzv2xErGBXVDuFOF.png?Expires=1663863611&Signature=LhZC3jEedDzpeKcXP2QVsNpi6ha-ldPJZaz-yk2RSlDUQ~13J0Pt99EvoGJUurvkdjFJlzyB9vACCQJ7cxLm~sIwqCWCelN94-hLCgJgvWoM9neZRUN3fukyOWS4~Gmf0zh5M5v6CXuRTjnosVs6eZ9JBM5yav0KJ3HW-s8pNTao3rU-BkRkL2WhnukQU2tSvIUwcxGYCc8TX~A4UPNaLNnxAmszh2XC0mjiftLoFH2OrHYRl6R9WRfIFoZI2efibvV9bidlzQdAPzMAHwvohoVOZbmDTuLDG5lWrI4HBTO~-sk4B~HM0jqf3vhi6urmkVneF42XLKTdRJyi-3HHmA__&Key-Pair-Id=K28VXAGA7VWE0O
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=43784%2C13833%2C56666&b=jpBHEfGfjp9hYHEH2t6tx1WsZSzTDRGT9%2C7QZTqfzfzeKSrHXHgtAtX71H4S1Tr9ZuM%2CZxJfwfBfJJ8DumHDHDt3tkBjC6SXTx3qaJ&f=xEbfQfAf6gJUPHdHztDC3jqh7S6TqkxSA%2CEjeTDfEfAJktzHAHjt6CQXYuKSVTZAGT7%2C9jeTMfmf11YBaKHBH2tzCG5zS9SmTZY2Td&c=728&d=90&e=&g=c2a8357628d38ee2f46d2d57bceb7cb6%2F15360957782537916248&i=27720%2C17743%2C22427&j=21%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1663863311464&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jf3mkc71hjdf4nyyrw9b89n2jbf5xdnncxj76fsb6frdb7wkmr2xqfr1sg3tmf9962vag9jpyr6b0d64heajcchw04pxwpqe9mmsx5k47s2dw0kabrhgwnhdedvvhbkwqvp9z7gk85b84srkkwasg4xksth4274mjhwf01g2kmfq818xfjt93q66ckfr2cdbz70c94w8sctp18mwpqfr8wbr6nepts8x3has9f4tgsbm64fyz8rj7pqxhc7p4b403n4qch8mb4et%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC3lCADoosY6jpBqXH3gOZ5JWIBJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTEyNzY2NDE0MzQ2NTEzNjCgAcKu6N0DyAEJqQIuLRCGYo6wPuACAKgDAaoEkQJP0NoYi9FYHQWhNM3Wn_xvJlS210HholWBIvR6IZzwTBZD1CJLYV0sjWU2tmXdHDgC81NjgYIQrOfE9X1kX23Dc9ylCWviynz8A0W2EK9kN1MKK-xk8U3adznRfS2ver8CB_vc0VaAzwkz6MBI3_zDH7tBMzt0HoZSHdbxILdqQsEdzFWLNiX16enGjHpsz2wLtPagfk3gmlDhwHuDUXyDQCZ3WHmHuyYa7KvULI77BeqECi9gtguOz1PHLj8NNq1KSwNS9wZNfgxytqhm9sA0MByAeAj1fFx4msWXmKX7NuyDcRR7GawymQoK8OjWm-LPF66II7_gZFimXgPFzh8Gh8HpXMMVAuKfA_HP4W93WSbgBAGABr_Lica30_nRW6AGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1XAk5I2W0F_xNOk2wvfC2j7UuKWQ%2526client%253Dca-pub-1276641434651360%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.15.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-15-50.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d5d02a818edad774ea1d79f1ca4bf972a9d5f6b4dfa5c757f578145be90a0f23

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-amz-version-id: null
via: 1.1 75373f3f77c169166bbce98d302dff7c.cloudfront.net (CloudFront)
last-modified: Fri, 06 May 2022 10:35:55 GMT
server: AmazonS3
age: 54517
etag: "53d5935187ccf0f24fb7d8441f56e04d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/png
date: Thu, 22 Sep 2022 01:06:34 GMT
x-amz-cf-pop: VIE50-P1
accept-ranges: bytes
content-length: 5257
x-amz-cf-id: -IouNnQPQ1CRGH75n-t-zG4lv4W5_srwGS-TGwD73YGoKvSkAZjIfQ==

GET
H2 200 link.html
track.webgains.com/ Frame DAD7 1 KB
2 KB 66ms
66ms Image
image/gif 3.11.195.34
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track.webgains.com/link.html?wgdedup=1&wgcampaignid=1384975&viewref=oneidZxJfwfBfJJ8DumHDHDt3tkBjC6SXTx3qaJoneid__dc_reach_suite02wkz&wglinkid=496305
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=43784%2C13833%2C56666&b=jpBHEfGfjp9hYHEH2t6tx1WsZSzTDRGT9%2C7QZTqfzfzeKSrHXHgtAtX71H4S1Tr9ZuM%2CZxJfwfBfJJ8DumHDHDt3tkBjC6SXTx3qaJ&f=xEbfQfAf6gJUPHdHztDC3jqh7S6TqkxSA%2CEjeTDfEfAJktzHAHjt6CQXYuKSVTZAGT7%2C9jeTMfmf11YBaKHBH2tzCG5zS9SmTZY2Td&c=728&d=90&e=&g=c2a8357628d38ee2f46d2d57bceb7cb6%2F15360957782537916248&i=27720%2C17743%2C22427&j=21%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1663863311464&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jf3mkc71hjdf4nyyrw9b89n2jbf5xdnncxj76fsb6frdb7wkmr2xqfr1sg3tmf9962vag9jpyr6b0d64heajcchw04pxwpqe9mmsx5k47s2dw0kabrhgwnhdedvvhbkwqvp9z7gk85b84srkkwasg4xksth4274mjhwf01g2kmfq818xfjt93q66ckfr2cdbz70c94w8sctp18mwpqfr8wbr6nepts8x3has9f4tgsbm64fyz8rj7pqxhc7p4b403n4qch8mb4et%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC3lCADoosY6jpBqXH3gOZ5JWIBJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTEyNzY2NDE0MzQ2NTEzNjCgAcKu6N0DyAEJqQIuLRCGYo6wPuACAKgDAaoEkQJP0NoYi9FYHQWhNM3Wn_xvJlS210HholWBIvR6IZzwTBZD1CJLYV0sjWU2tmXdHDgC81NjgYIQrOfE9X1kX23Dc9ylCWviynz8A0W2EK9kN1MKK-xk8U3adznRfS2ver8CB_vc0VaAzwkz6MBI3_zDH7tBMzt0HoZSHdbxILdqQsEdzFWLNiX16enGjHpsz2wLtPagfk3gmlDhwHuDUXyDQCZ3WHmHuyYa7KvULI77BeqECi9gtguOz1PHLj8NNq1KSwNS9wZNfgxytqhm9sA0MByAeAj1fFx4msWXmKX7NuyDcRR7GawymQoK8OjWm-LPF66II7_gZFimXgPFzh8Gh8HpXMMVAuKfA_HP4W93WSbgBAGABr_Lica30_nRW6AGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1XAk5I2W0F_xNOk2wvfC2j7UuKWQ%2526client%253Dca-pub-1276641434651360%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.11.195.34 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-11-195-34.eu-west-2.compute.amazonaws.com
Software: nginx / PHP/7.4.26
Resource Hash: 32b5ea0410bbd7fa1aef6686a84aeb567739bcd71a935ff6214d538b61353f0b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 16:15:11 GMT
last-modified: Thu, 22 Sep 2022 16:15:11 GMT
server: nginx
x-powered-by: PHP/7.4.26
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: private, max-age=60
access-control-allow-headers: Authorization
expires: Thu, 22 Sep 2022 16:16:11 GMT

GET
H2 200 pvClk.min.js Show response
analytics.webgains.io/ Frame EEB3 85 KB
85 KB 24ms
24ms Script
text/javascript 18.66.15.79
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.webgains.io/pvClk.min.js
Requested by: Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=713569&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1kqcrg3hfrmq06bz0w8h2e2w4e51yhx16mmp3wer13w90kntbsq270rkaf8mdp7wexcb7vc2w4tk9w90g90g557hdwq5c7yp0ev93tfrdb1zmjrh4s66tdxpcegqsm546d48skeyzxrszmv1pdw118j5t5xnjjgabdqm5cgdnxnfnc0v1m36eby76t5dsnhwzd10vswh1qb2b1p2jmencn48mgk2r83qb1fv0bwav33q36x9yf8k51yy02gagtdtkg%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1hdn96kc1nkcej93ptzah8jbm3pz5f9hkptcnsbe1bjj9t7y7mtt6zbjkemkfr7w116y0bkg38e4svzsmxekhbfx3tf8kgspm5r1ac7125rhtp9b48gpwbv6ayxp84k7c9s7rhqw9bqp257tb9wk65w70p30ce9wkzxp2w4vanszkqpm630gawhfkabgkyqmrea0x9315csgnzx1sx62rs6fj2x14snxeyr5hsn010g9mz1d9591bt4g87bxhn0jhqeyfrp5bspbc%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCHD-JDoosY__uEteGjuwP3oaSkAqQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0xMjc2NjQxNDM0NjUxMzYwoAHCrujdA8gBCakCLi0QhmKOsD7gAgCoAwGqBJACT9BmouPZbLVQ9ib4JGHIeWIHB1gRCfQGzI4U37WJT7mSE1E3sI4VOroH2CcIK0NASODSRekDHLB18Xylws3j0KQdwmlVQvpDd7X7LEQrU-ywaM1rH4NIZdQ7reu77EK7ZZnspKUx-fnDaKBOlQxfHnMVOsyMl07uzFE_ghyHhV6F6RFJ8Tb-aeSHTkOQQ5sKdrDdGMtfLhU8HiDYCGl-8VB4OBvY-9UgyUYjWQtpJ6oKZlcUN_DgbtkY6KVU8JsOQEZX4rlXjUk7MJ8nqLfGOSEmiwu3sSQQqw9hAGY_1whS-yXIA8saspuLAudO51Frd_IH3QNZR5VnUDS8fZW_iF0B54thoxEpNXoyPLtAIAXgBAGABr_Lica30_nRW6AGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_2CPKrYPM6QwJIIZ3wICQOCLldv1g%252526client%25253Dca-pub-1276641434651360%252526adurl%25253D&clickref=oneidr2GcQf9fd3jTAH7HjtJCBwxuYS8TKxdhdoneid__dc_reach_suite02wkz&viewref=oneid4rehEf5fRAzhGH9HdtAtmJAsbSpTr6XuKoneid__dc_reach_suite02wkz
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.15.79 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-15-79.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ddf89cdacf98bb3a625393cc6301c0e57d1a40b9aab4e246c21c9a37301580dc

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 03:15:40 GMT
via: 1.1 127e1ddb6224f10ae9e484392afd1b6c.cloudfront.net (CloudFront)
last-modified: Tue, 23 Aug 2022 13:40:24 GMT
server: AmazonS3
age: 46774
etag: "42f12532a1be9c2d028e26e9b82a99a2"
x-cache: Hit from cloudfront
content-type: text/javascript
x-amz-cf-pop: VIE50-P1
content-length: 86537
x-amz-cf-id: amMru9YaG3_9_y-OKpR2g6XpRWKMN4RYW-_L8cLPcR4u7mLzOi6IUg==

GET
H2 200 Logo%20RGB.png
cdn.track.production.webgains.team/12607/ Frame EEB3 85 KB
85 KB 21ms
21ms Image
image/png 18.66.15.50
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.track.production.webgains.team/12607/Logo%20RGB.png?Expires=1663863611&Signature=lt-gYhsmuaaZfAsCeNKOQxjCWgHbOzX9SOIV7CvlSY5RR8ve1FXk2XZYOuD4yLjAFxPMLZsiPAX4SPFjJM6foj63lakK8xXYC3AW2GhGd0apWfF~AaYfYPMiTGZVtXwzWCOkro1z6dvNdwDopjaEs7r1ZpfoiElBmCjmxcW0GW-1JRaIrBS6DbYO3nexMPAW9GHXE7q9b5lbnI0bxqT5YivWaCE0MZxg2twS19A98d53YpQrXRQn2Q1BCvBBKvcHqh0OZFyv1InRqf44mFLrEPIQ9crekGScWh9ZuntgIanOwvT6VbXEn3Qvi0BdJ2SQjZnVkTJOqD4GrHA5pKtrBA__&Key-Pair-Id=K28VXAGA7VWE0O
Requested by: Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=713569&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1kqcrg3hfrmq06bz0w8h2e2w4e51yhx16mmp3wer13w90kntbsq270rkaf8mdp7wexcb7vc2w4tk9w90g90g557hdwq5c7yp0ev93tfrdb1zmjrh4s66tdxpcegqsm546d48skeyzxrszmv1pdw118j5t5xnjjgabdqm5cgdnxnfnc0v1m36eby76t5dsnhwzd10vswh1qb2b1p2jmencn48mgk2r83qb1fv0bwav33q36x9yf8k51yy02gagtdtkg%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1hdn96kc1nkcej93ptzah8jbm3pz5f9hkptcnsbe1bjj9t7y7mtt6zbjkemkfr7w116y0bkg38e4svzsmxekhbfx3tf8kgspm5r1ac7125rhtp9b48gpwbv6ayxp84k7c9s7rhqw9bqp257tb9wk65w70p30ce9wkzxp2w4vanszkqpm630gawhfkabgkyqmrea0x9315csgnzx1sx62rs6fj2x14snxeyr5hsn010g9mz1d9591bt4g87bxhn0jhqeyfrp5bspbc%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCHD-JDoosY__uEteGjuwP3oaSkAqQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0xMjc2NjQxNDM0NjUxMzYwoAHCrujdA8gBCakCLi0QhmKOsD7gAgCoAwGqBJACT9BmouPZbLVQ9ib4JGHIeWIHB1gRCfQGzI4U37WJT7mSE1E3sI4VOroH2CcIK0NASODSRekDHLB18Xylws3j0KQdwmlVQvpDd7X7LEQrU-ywaM1rH4NIZdQ7reu77EK7ZZnspKUx-fnDaKBOlQxfHnMVOsyMl07uzFE_ghyHhV6F6RFJ8Tb-aeSHTkOQQ5sKdrDdGMtfLhU8HiDYCGl-8VB4OBvY-9UgyUYjWQtpJ6oKZlcUN_DgbtkY6KVU8JsOQEZX4rlXjUk7MJ8nqLfGOSEmiwu3sSQQqw9hAGY_1whS-yXIA8saspuLAudO51Frd_IH3QNZR5VnUDS8fZW_iF0B54thoxEpNXoyPLtAIAXgBAGABr_Lica30_nRW6AGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_2CPKrYPM6QwJIIZ3wICQOCLldv1g%252526client%25253Dca-pub-1276641434651360%252526adurl%25253D&clickref=oneidr2GcQf9fd3jTAH7HjtJCBwxuYS8TKxdhdoneid__dc_reach_suite02wkz&viewref=oneid4rehEf5fRAzhGH9HdtAtmJAsbSpTr6XuKoneid__dc_reach_suite02wkz
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.15.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-15-50.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 272d25a3bc4e780b90797dc968a382dbccaa40157d7612ace2f59f2768a6bb86

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-amz-version-id: null
via: 1.1 75373f3f77c169166bbce98d302dff7c.cloudfront.net (CloudFront)
last-modified: Fri, 06 May 2022 09:41:36 GMT
server: AmazonS3
age: 43992
etag: "92f323c42d6018008b4cf82e90ac9639"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/png
date: Thu, 22 Sep 2022 04:02:00 GMT
x-amz-cf-pop: VIE50-P1
accept-ranges: bytes
content-length: 86991
x-amz-cf-id: E42qNX9PKQcs2F8qcfStvqyqShOMo7mJnt2JNFPyaLzpabm3p5m_EQ==

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
11 KB 194ms
97ms XHR
application/json 2a00:1450:400d:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022092001&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092001.js?cb=31069792

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f01f4ded32a47dcf730f567ab9cb5a93c87d760a65e88c252a241d586a0b4f87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.secretchina.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 22 Sep 2022 16:15:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11462
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 439ms
438ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092001.js?cb=31069792

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.secretchina.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 16:15:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 22 Sep 2022 16:15:13 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame B656 13 KB
5 KB 40ms
39ms Document
text/html 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.secretchina.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 160
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 22 Sep 2022 16:12:33 GMT
expires: Fri, 22 Sep 2023 16:12:33 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 84F4 783 B
535 B 75ms
74ms Document
text/html 2a00:1450:400d:80d::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80d::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

857f01de45c940ed0e25dc2370e449794bc43c4701823c75d20b414fae8fadf7

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-4AMb0ZxsstuQ01vfWZN8Tg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.secretchina.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-4AMb0ZxsstuQ01vfWZN8Tg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 22 Sep 2022 16:15:13 GMT
expires: Thu, 22 Sep 2022 16:15:13 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

POST
H2 200 tracking-event Show response
api.webgains.io/ Frame EEB3 16 B
232 B 81ms
80ms Fetch
application/json 18.133.56.86
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.webgains.io/tracking-event

Requested by

Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.133.56.86 London, United Kingdom, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-133-56-86.eu-west-2.compute.amazonaws.com

Software

nginx / PHP/7.4.26

Resource Hash

c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 22 Sep 2022 16:15:14 GMT
x-content-type-options: nosniff
server: nginx
x-powered-by: PHP/7.4.26
x-frame-options: SAMEORIGIN
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, private
x-xss-protection: 1; mode=block

OPTIONS
H2 204 tracking-event
api.webgains.io/ Frame 0
0 126ms
18ms Preflight 18.133.56.86
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.webgains.io/tracking-event
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.133.56.86 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-133-56-86.eu-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://as.ad4m.at
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-headers: Content-Type
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: *
date: Thu, 22 Sep 2022 16:15:14 GMT
server: nginx

POST
H2 200 tracking-event Show response
api.webgains.io/ Frame 4DAD 16 B
232 B 75ms
74ms Fetch
application/json 18.133.56.86
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.webgains.io/tracking-event

Requested by

Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.133.56.86 London, United Kingdom, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-133-56-86.eu-west-2.compute.amazonaws.com

Software

nginx / PHP/7.4.26

Resource Hash

c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 22 Sep 2022 16:15:14 GMT
x-content-type-options: nosniff
server: nginx
x-powered-by: PHP/7.4.26
x-frame-options: SAMEORIGIN
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, private
x-xss-protection: 1; mode=block

OPTIONS
H2 204 tracking-event
api.webgains.io/ Frame 0
0 121ms
21ms Preflight 18.133.56.86
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.webgains.io/tracking-event
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.133.56.86 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-133-56-86.eu-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://as.ad4m.at
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-headers: Content-Type
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: *
date: Thu, 22 Sep 2022 16:15:14 GMT
server: nginx

POST
H2 200 tracking-event Show response
api.webgains.io/ Frame 3FEB 16 B
232 B 80ms
79ms Fetch
application/json 18.133.56.86
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.webgains.io/tracking-event

Requested by

Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.133.56.86 London, United Kingdom, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-133-56-86.eu-west-2.compute.amazonaws.com

Software

nginx / PHP/7.4.26

Resource Hash

c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 22 Sep 2022 16:15:14 GMT
x-content-type-options: nosniff
server: nginx
x-powered-by: PHP/7.4.26
x-frame-options: SAMEORIGIN
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, private
x-xss-protection: 1; mode=block

OPTIONS
H2 204 tracking-event
api.webgains.io/ Frame 0
0 112ms
20ms Preflight 18.133.56.86
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.webgains.io/tracking-event
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.133.56.86 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-133-56-86.eu-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://as.ad4m.at
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-headers: Content-Type
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: *
date: Thu, 22 Sep 2022 16:15:14 GMT
server: nginx

POST
H2 200 tracking-event Show response
api.webgains.io/ Frame 9B98 16 B
232 B 67ms
65ms Fetch
application/json 18.133.56.86
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.webgains.io/tracking-event

Requested by

Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.133.56.86 London, United Kingdom, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-133-56-86.eu-west-2.compute.amazonaws.com

Software

nginx / PHP/7.4.26

Resource Hash

c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 22 Sep 2022 16:15:14 GMT
x-content-type-options: nosniff
server: nginx
x-powered-by: PHP/7.4.26
x-frame-options: SAMEORIGIN
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, private
x-xss-protection: 1; mode=block

OPTIONS
H2 204 tracking-event
api.webgains.io/ Frame 0
0 102ms
20ms Preflight 18.133.56.86
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.webgains.io/tracking-event
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.133.56.86 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-133-56-86.eu-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://as.ad4m.at
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-headers: Content-Type
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: *
date: Thu, 22 Sep 2022 16:15:14 GMT
server: nginx

POST
H2 200 tracking-event Show response
api.webgains.io/ Frame F412 16 B
232 B 75ms
75ms Fetch
application/json 18.133.56.86
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.webgains.io/tracking-event

Requested by

Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.133.56.86 London, United Kingdom, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-133-56-86.eu-west-2.compute.amazonaws.com

Software

nginx / PHP/7.4.26

Resource Hash

c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 22 Sep 2022 16:15:14 GMT
x-content-type-options: nosniff
server: nginx
x-powered-by: PHP/7.4.26
x-frame-options: SAMEORIGIN
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, private
x-xss-protection: 1; mode=block

OPTIONS
H2 204 tracking-event
api.webgains.io/ Frame 0
0 94ms
22ms Preflight 18.133.56.86
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.webgains.io/tracking-event
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.133.56.86 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-133-56-86.eu-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://as.ad4m.at
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-headers: Content-Type
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: *
date: Thu, 22 Sep 2022 16:15:14 GMT
server: nginx

POST
H2 200 tracking-event Show response
api.webgains.io/ Frame DAD7 16 B
232 B 62ms
61ms Fetch
application/json 18.133.56.86
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.webgains.io/tracking-event

Requested by

Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.133.56.86 London, United Kingdom, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-133-56-86.eu-west-2.compute.amazonaws.com

Software

nginx / PHP/7.4.26

Resource Hash

c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 22 Sep 2022 16:15:14 GMT
x-content-type-options: nosniff
server: nginx
x-powered-by: PHP/7.4.26
x-frame-options: SAMEORIGIN
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, private
x-xss-protection: 1; mode=block

OPTIONS
H2 204 tracking-event
api.webgains.io/ Frame 0
0 64ms
21ms Preflight 18.133.56.86
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.webgains.io/tracking-event
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.133.56.86 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-133-56-86.eu-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://as.ad4m.at
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-headers: Content-Type
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: *
date: Thu, 22 Sep 2022 16:15:14 GMT
server: nginx

POST
H2 200 tracking-event Show response
api.webgains.io/ Frame DAD7 16 B
232 B 68ms
68ms Fetch
application/json 18.133.56.86
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.webgains.io/tracking-event

Requested by

Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.133.56.86 London, United Kingdom, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-133-56-86.eu-west-2.compute.amazonaws.com

Software

nginx / PHP/7.4.26

Resource Hash

c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 22 Sep 2022 16:15:14 GMT
x-content-type-options: nosniff
server: nginx
x-powered-by: PHP/7.4.26
x-frame-options: SAMEORIGIN
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, private
x-xss-protection: 1; mode=block

OPTIONS
H2 204 tracking-event
api.webgains.io/ Frame 0
0 57ms
23ms Preflight 18.133.56.86
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.webgains.io/tracking-event
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.133.56.86 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-133-56-86.eu-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://as.ad4m.at
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-headers: Content-Type
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: *
date: Thu, 22 Sep 2022 16:15:14 GMT
server: nginx

GET
H3 200 6BYXhZMCT46-9MEs0mF7PtO-2LtaEInKrtcRBPC9dKM.js Show response
pagead2.googlesyndication.com/bg/ Frame B656 36 KB
16 KB 47ms
47ms Script
text/javascript 2a00:1450:400d:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/6BYXhZMCT46-9MEs0mF7PtO-2LtaEInKrtcRBPC9dKM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e816178593024f8ebef4c12cd2617b3ed3bed8bb5a1089caaed71104f0bd74a3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 19:18:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 75419
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15952
x-xss-protection: 0
last-modified: Tue, 13 Sep 2022 10:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 21 Sep 2023 19:18:14 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 84F4 0
0 79ms
79ms Image
text/html 2a00:1450:400d:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022092001&jk=1944477135176017&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame B656 0
12 B 38ms
38ms Image
text/plain 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?NWnALw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 16:15:14 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 82ms
82ms Image
text/html 2a00:1450:400d:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022092001&jk=1944477135176017&bg=!eXqlej7NAAZqQh0mSkI7ACkAdvg8Wu0XT19uXvVBzdZte86FSUPpwqR7i5CPa55wWC74DT6VDXiLwwIAAABXUgAAAAFoAQcKAOun2fVyT0dIqyfwD-fwl_XKXKNRI8SJfVGpPW523QManXhvv7yS6Z_5vicJWKqgqArB86C_30vEL9-JAGt2W-Bs2s3Qm-SrfmWww8kbotDkWdnjPrNR2L4foC0avz3wdhyNBBzFXgWCyWK7Ai4G7zu6R3ZO8m6UzUXUmbequ-FH_A8UoX-Xv877mVxLmDf4qXRitioii5JSgK-_-llb24GvbuRKko8fTY1XRK2o8kJsJhMQRppzi7YdK9L0y8SC3rhnRc85fp3pCSjH7dm9r3mpvXfKDcpj4rTizJZSm3dtGrGKK5yQFvFn8BC7mQKnyDQHkAQbi3-llpctWTIMoYwZ39kbSY-dBldbpKzom6Oyt2mAhqDyHBAY97Gh41Jr8QfTi0peAg2TafqNlCE8ykYodGncJXiTzGDNfDLAz5VBCli7ShKaNZ1buZUM61tuCfzrNYklR_2CBr0zMkI2lMjNqzhYrDX94lxyABscP2TzJCmAkixjR2nmaN4g2lPqbaFWyDwskv4CaxdQf5VrOo6-Ve1puCTQm0YiPxAOOp5ZDY4FbDMXQ3wnmfICsXzP2oCMiyeOAGIdB7pHMHuCj9oIPumuPzaEjVJBW2_CKCwoibp0mrNUyQcVuScyu5LfqaB9S-I82veTHzMhLqu_bjATa38_1KwnBkshf6OoXaC266OwLvImyQ8bkSrxq94z_gFLulUH9lvUU8R2HPF1tnbk6f6hpt5qkHIIyh5feL3szRt_JvVrCBhej2JgBVcMYb75uuWPr-eQNY_yf7GzgbvM9GeYGVPbGhpY6mzOjCP46m5ZXrZ9dGaS7jx4WDZ74GR_NubDNVjEcW8bsz6w6-oe4QpV0RXRdANRFq04czQlrkTszjiVVYg57PFdE-_AZQ2AMlHMvXJVKgqCPYlMBWM5BKY6jhho3Szaoh_Vy69Iq2tE6b20sQlgVXxwumbhiONQYwyqCMu1Zpgcd9GZJNeMAN7B2so0cimqtSRbLgV6vwVUKtyv0p2dhOqTJWFdIIDth6Gc0wo1Omnpf7XsUgEbmdY-y21Ud5RLPCGOPSHvttjZfNgNTtGlpQhZFU65ASwPM4ZgchWQGRxzkE6BvWK0Zq_0AgWPdG8ELvIjVWX7JUm7dmBwKYdRbnEJ6CjAsKOFd0rDZI9zjtrePjGtAdwgp9WkGAi2FqI-G1OXTnPi9D4MuBFt_Ome318lWiiy_3K_dG0QmA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.secretchina.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: googlecm.hit.gemius.pl
URL: https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESENeUWsaFvAA7uMSUGRJaheU&google_cver=1&google_push=AZmPxg9CbzrwAxi7dxxr5Zhk2FbwB4mveL2spqZUFrwQcHoF2KouCYejJn1Rat2LQMttrNcj1n31WGU_G-HPYow0PwNemaIyeDLlPA

Verdicts & Comments Add Verdict or Comment

120 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

49 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.secretchina.com/	1970-01-20 08:20:39	Name: _gcl_au Value: 1.1.226597933.1663863309
.secretchina.com/	1970-01-20 06:11:06	Name: nt Value: 0
.secretchina.com/	1970-01-20 06:12:29	Name: _gid Value: GA1.2.1011911951.1663863309
.secretchina.com/	1970-01-20 06:11:03	Name: _gat_gtag_UA_34047140_1 Value: 1
.secretchina.com/	1970-01-20 15:47:03	Name: _ga_REM371LJ0Y Value: GS1.1.1663863309.1.0.1663863309.0.0.0
.secretchina.com/	1970-01-20 15:47:03	Name: _ga Value: GA1.1.1254467972.1663863309
.quantserve.com/	1970-01-20 08:20:39	Name: d Value: ECsBCQGUJ4EA
.quantserve.com/	1970-01-20 15:41:17	Name: mc Value: 632c8a0e-2e227-12fcc-0754e
.casalemedia.com/	1970-01-20 14:56:39	Name: CMID Value: YyyKDpjq3SH2WD84L9GHAgAA
.casalemedia.com/	1970-01-20 08:20:39	Name: CMPS Value: 5180
.casalemedia.com/	1970-01-20 08:20:39	Name: CMPRO Value: 5180
.doubleclick.net/	1970-01-20 15:32:39	Name: IDE Value: AHWqTUm96YIzoCsgmAb81LqYIBfiHEL3erI04ya99Zc_SYQl8mz_MQyXagzNbWPlkcg
.doubleclick.net/	1970-01-20 06:11:06	Name: DSID Value: NO_DATA
.secretchina.com/	1970-01-20 15:32:39	Name: __gads Value: ID=7ba81d10fdb21367:T=1663863309:S=ALNI_MY_E_zGdnmYcRwRUYzasopBjEW4Uw
.3lift.com/	1970-01-20 08:20:39	Name: tluid Value: 772147409548578924388
.simpli.fi/	1970-01-20 14:58:05	Name: suid Value: D31F31B4462D4913BE88CADC94B18DF1
.blismedia.com/	1970-01-20 14:56:43	Name: b Value: 632C8A0ECF030800733FA0E7BLIS
.ctnsnet.com/	1970-01-20 14:56:39	Name: gid_CAESEA9Tbgxh8K_DaYNPTzH4bkk Value: 1
.ctnsnet.com/	1970-01-20 14:56:39	Name: cid_c097655e3acc4ec992c7c3e74125d1f5 Value: 1
.e.dlx.addthis.com/	1970-01-20 15:41:17	Name: na_tc Value: Y
.addthis.com/	1970-01-20 15:41:17	Name: na_tc Value: Y
.dlx.addthis.com/	1970-01-20 06:54:15	Name: na_rn Value: 0
.dlx.addthis.com/	1970-01-20 06:54:15	Name: na_sr Value: 20220922
.dlx.addthis.com/	1970-01-20 06:11:03	Name: na_srp Value: 3614
.dlx.addthis.com/	1970-01-20 06:54:15	Name: na_sc_e Value: 0
.casalemedia.com/	1970-01-20 08:20:39	Name: CMTS Value: 1205
.innovid.com/	1970-01-20 08:20:39	Name: uuid Value: f2a542ac-2d3c-4ad3-a9d0-d838c99b52a9-20220922 12:15:11
.awin1.com/	1970-01-20 06:13:56	Name: awpv20044 Value: 412871\|1663863311\|bbebdfe0-3a91-11ed-9471-2264f100ad21
.awin1.com/	1970-01-20 06:21:08	Name: awpv14098 Value: 412871\|1663863311\|bbecca40-3a91-11ed-9471-2264f100ad21
.awin1.com/	1970-01-20 06:13:56	Name: awpv11671 Value: 412871\|1663863311\|bbf9c291-3a91-11ed-9471-2264f100ad21
.awin1.com/	1970-01-20 06:13:56	Name: awpv17927 Value: 412871\|1663863311\|bbfdba30-3a91-11ed-9471-2264f100ad21
.addthis.com/	1970-01-20 15:41:17	Name: na_id Value: 2022092216151100049876063403
.addthis.com/	1970-01-20 15:41:17	Name: uid Value: 632c8a0f2b7158cd
.addthis.com/	1970-01-20 15:41:17	Name: ouid Value: 632c8a0f000103cb0de9e27e49b9ae1fc6c3acd4af154c948302
.awin1.com/	1970-01-20 06:15:22	Name: awpv11354 Value: 412871\|1663863311\|bbfc3390-3a91-11ed-945d-2266f18be32e
.awin1.com/	1970-01-20 06:21:08	Name: awpv11938 Value: 412871\|1663863311\|bc0b9ce1-3a91-11ed-94c6-223782b38f54
.awin1.com/	1969-12-31 23:59:59	Name: AWSESS Value: 367022:2542680
.blau.de/	1970-01-20 06:21:08	Name: nscT486 Value: v01MTQyMTExMjExMTExMTExMTEwMTQyNjIwMDAwMDAwMDYxNjYzODYzMzExdmxlYTFkZTIwMjIwOTIyMTgxNTExNzY3MDU5NTY0MDdYMTE3NjYzVjEyMjUxMzExMDZNU21tX1NVQklEVEVTVF92aWV3MTE3NjYz
.blau.de/	1970-01-20 06:21:08	Name: nscQ486 Value: V
.blau.de/	1970-01-20 06:21:08	Name: webShopPV Value: ?partnerId=BLU_AFF_POV_EXA_35008&mediacode=AFF_la_117663_-HTLP&utm_term=AFF_la_117663_-HTLP&utm_content=BLU_AFF_POV_EXA_35008&spid=2022092218151176705956407X117663V1225131106MSmm_SUBIDTEST_view&wfid=117663
.o2online.de/	1970-01-20 06:21:08	Name: nscT485 Value: v01MTQyMTExMzExMTExMTExMTEwMTQyMTEzMDAwMDAwMDA2MTY2Mzg2MzMxMXZsZWExZGUyMDIyMDkyMjE4MTUxMTc2NzA1OTU2NDA5WDExNzY3OVYxMjI2MTMyNzAyTVN2aWV3b25laWRNeGVmemZyZnc0UXNXSEVIR3REdDY2QlRCUzRUYjZrdTNvbmVpZF9fZGNfcmVhY2hfc3VpdGUwMndrejExNzY3OQ
.o2online.de/	1970-01-20 06:21:08	Name: nscQ485 Value: V
.o2online.de/	1970-01-20 06:21:08	Name: webShopPV Value: ?partnerId=O2_AFF_POV_EXA_15008&mediacode=AFF_la_117679_-HTLP&utm_term=AFF_la_117679_-HTLP&utm_content=O2_AFF_POV_EXA_15008&spid=2022092218151176705956409X117679V1226132702MSviewoneidMxefzfrfw4QsWHEHGtDt66BTBS4Tb6ku3oneid__dc_reach_suite02wkz&wfid=117679&affiliateId=v01MTQyMTExMzExMTExMTExMTEwMTQyMTEzMDAwMDAwMDA2MTY2Mzg2MzMxMXZsZWExZGUyMDIyMDkyMjE4MTUxMTc2NzA1OTU2NDA5WDExNzY3OVYxMjI2MTMyNzAyT
.zenaps.com/	1969-12-31 23:59:59	Name: AWSESS Value: 377129:2470185
.zenaps.com/	1970-01-20 06:15:22	Name: awpv11354 Value: 412871\|1663863311\|bbecca41-3a91-11ed-945d-2266f18be32e
www.conrad.de/	1970-01-20 06:18:15	Name: HTLP_timestamp Value: 1663863312
www.conrad.de/	1970-01-20 06:18:15	Name: CEAffHA Value: YD
.www.conrad.de/	1970-01-20 06:11:05	Name: __cf_bm Value: rdYUtexY1FJDf.BSUBoM_emsOt1QQAckHCeajQA7zw4-1663863312-0-AV1O+VhqzZrfmTUdbqfSjACkPuNIFHz1+3jBd9FDD2eIvYA9DFJSxgwCRtuX2438tF3PalXzXvmksTGYxKQM6Kc=
.congstar.de/	1970-01-20 06:21:15	Name: staticentry Value: %7B%22spfr%22%3A%22412871%22%2C%22awc%22%3A%2211938_412871_1663863311_bc0b9ce1-3a91-11ed-94c6-223782b38f54%22%2C%22sp%22%3A%22awin%22%7D

7 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESENeUWsaFvAA7uMSUGRJaheU&google_cver=1&google_push=AZmPxg9CbzrwAxi7dxxr5Zhk2FbwB4mveL2spqZUFrwQcHoF2KouCYejJn1Rat2LQMttrNcj1n31WGU_G-HPYow0PwNemaIyeDLlPA Message: Failed to load resource: net::ERR_ADDRESS_UNREACHABLE
other	warning	URL: https://cdn.ampproject.org/rtv/012209072154000/v0/amp-ad-exit-0.1.mjs(Line 1) Message: Unrecognized feature: 'attribution-reporting'.
other	warning	URL: https://cdn.ampproject.org/rtv/012209072154000/v0/amp-ad-exit-0.1.mjs(Line 1) Message: Unrecognized feature: 'attribution-reporting'.
network	error	URL: https://id.rlcdn.com/466606.gif?cparams=google_push%3DAZmPxg-A5HTXBCGNs6BAaUWBU_D6eD0foh0ZxTRA-7pQXJ38-OaRqVB2fB0gWRZq_v621tRT4yv6w2w0FOBbE70Y6uZy6fmJq74N&google_gid=CAESEI4MGrmE4f68IkKO6FuYPEY&google_cver=1 Message: Failed to load resource: the server responded with a status of 451 ()
network	error	URL: https://id.rlcdn.com/466606.gif?cparams=google_push%3DAZmPxg92celgG_6oPr8F0DqV_xScxusmxVvsSAZbBTGpXH3idcqPIARhrfLXNfOTuPwlCWC2AZwQV3jsAAWHHncgaFmtel3ef9Jh&google_gid=CAESELEZKa14JMa-AZJ79GitPxY&google_cver=1 Message: Failed to load resource: the server responded with a status of 451 ()
network	error	URL: https://id.rlcdn.com/466606.gif?cparams=google_push%3DAZmPxg9AdpAWM62gvQdsm5YSSpe3u-qEzZDdlTGUX98yv-qWqk_gjiyS2FPn4kTQXcjtyLCDRSv-NaZsgJzhIqazBznkpEWLkGCS&google_gid=CAESEJOFoQdkJWnA9HaLRP0hqP8&google_cver=1 Message: Failed to load resource: the server responded with a status of 451 ()
network	error	URL: https://id.rlcdn.com/466606.gif?cparams=google_push%3DAZmPxg_OdScYuLiiBgyG_DKL1lv1-iJBOqI5_ykCLE02wG6xOWAaeTmYee_GlvRGSFF87BjW4d6sTyHZJl-svrBzX654-6RgHu6T&google_gid=CAESEJOFoQdkJWnA9HaLRP0hqP8&google_cver=1 Message: Failed to load resource: the server responded with a status of 451 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

82949896b9ac300f85ab93d8e62ae5e8.safeframe.googlesyndication.com
ad.doubleclick.net
ad4m.at
adservice.google.com
adservice.google.de
ag.innovid.com
analytics.webgains.io
api.webgains.io
as.ad4m.at
assets.ad4m.at
banner.congstar.de
cdn.ampproject.org
cdn.track.production.webgains.team
cm.g.doubleclick.net
cms.quantserve.com
counter.secretchina.com
dclk-match.dotomi.com
e.dlx.addthis.com
eb2.3lift.com
fonts.googleapis.com
gcm.ctnsnet.com
googleads.g.doubleclick.net
googlecm.hit.gemius.pl
id.rlcdn.com
image6.pubmatic.com
img3.secretchina.com
img5.secretchina.com
match.adsrvr.org
odr.mookie1.com
pagead2.googlesyndication.com
partner.blau.de
partner.googleadservices.com
partner.o2online.de
pixel.rubiconproject.com
prod-rtb.ad4mat.net
region1.google-analytics.com
rtb.openx.net
s.ad.smaato.net
secretchina.com
securepubads.g.doubleclick.net
ssum-sec.casalemedia.com
static-de.ad4mat.net
stats.g.doubleclick.net
tpc.googlesyndication.com
tr.blismedia.com
track.webgains.com
um.simpli.fi
www.awin1.com
www.conrad.de
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.lead-alliance.net
www.secretchina.com
www.telefonica-partner.de
www.zenaps.com
googlecm.hit.gemius.pl
104.18.18.126
142.250.180.226
142.250.185.134
142.250.185.226
148.251.139.77
15.197.193.217
169.50.137.190
18.133.56.86
18.66.15.50
18.66.15.79
185.64.190.78
2001:4860:4802:32::36
2001:4860:4802:36::178
216.58.212.162
23.7.201.234
2600:1901:0:76b9::
2600:9000:2104:9c00:1b:5138:8a40:93a1
2606:4700:10::6814:4e9d
2606:4700:10::ac43:3a4
2606:4700:20::681a:71b
2606:4700:20::681a:bd1
2606:4700:20::ac43:4a81
2606:4700::6812:7f05
2620:116:800d:21:b314:a0ef:ab7c:d546
2a00:1450:4001:801::2002
2a00:1450:4001:806::2008
2a00:1450:4001:80f::2003
2a00:1450:4001:810::2001
2a00:1450:4001:813::200a
2a00:1450:400c:c06::9c
2a00:1450:400d:804::2001
2a00:1450:400d:805::2002
2a00:1450:400d:806::2001
2a00:1450:400d:806::2002
2a00:1450:400d:807::2002
2a00:1450:400d:80a::2003
2a00:1450:400d:80d::2002
2a00:1450:400d:80d::2004
2a02:fa8:8806:12::1370
2a05:d01c:1d8:8101:fce4:7d96:66d4:9311
3.11.195.34
34.96.105.8
34.98.67.61
35.186.193.173
35.227.252.103
35.244.174.68
69.173.144.138
76.223.111.18
78.46.85.162
84.200.5.215
88.99.63.132
92.123.17.141
00c754ef29dfe378afb1e05bc2f4425cbb65dd4d4a3e2b0ea0ff2e1a48d35418
0614b9e015b9a646c5bb4099edb68390666b12c572a6b4712681be7d4bb9bfe4
0b585a57221f6a06c9fc8f387c50521ce3ccd93f4cae528ba0bbfdde9cc59dbe
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
0c2d5358c7df05018004b5ff5434f854385d8fe8a64593901d9ae662564592d3
0d71b1f9bb2c1439edff9c640fedc7e649eeaa3a1d5b5b08199a6877b3328a71
0daa7a72d33617c769fcf92b8f1a13dcc3bd95fb1306d3cccbd4cf8d3168ebf6
0f25bd55b3eb354ec37ee11a21c70fc84b2ef9ba91d66c1c3be0a6caa1768d8c
0ffcf3aff7299466635b70c8562870bd1853a859a488ad86d51b9a9da1e93a7a
127166833879114664cdae4a72863088d40084c4145837a58d13021bf4af57ad
1386f72c4762f5ca640ecd2be0306526d2ab07406ad7fca1ffc4c492d970d8d7
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1857569588d94b9d98ce5b638553d93053bd19eb4366c93b51439b03ddbf7fcd
198c146d1a283aee0829516325381542a20b0c7b969850f47fe73c787739e3f3
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944
20c10df6a16228d9258ba2a1eb43cb582df169e05b1ab0bbbaa97348602034a5
22cadce4f1aad2a4af3657f90efa02d4e3d32217fdf307ff69512771d1fb08ab
23a45d2de13262a908d1fddee18d1bf78240c4772eeb660cb5e81608e18465b2
23f3d9a38dc9e91081e8a6f9cadca8745fda6255f75e784f3fd1f9c5bee28ea3
267bef73fd1873ec46f7a5827c2d313696a1acf7b38a192398ab38bc49982a7e
26b8bd6c401570a6b7af50e1df34c65c285d12303ac9b04c54481233b0afa638
272d25a3bc4e780b90797dc968a382dbccaa40157d7612ace2f59f2768a6bb86
2868d4a79fc4f9f4cf79e69bf6a0e5f60e9a205259075f096514be26b17333bf
29bb765f4277c81b96213b3915a0bc7b7fa8489dc9d02a1c67854de2db8144e7
29c47a40d6072d5ef93b506714a9ae678e62cb5c57602d519dbbc0515cae1e3a
2ad91c6bb69d1ee823cec3995bb19ca816f03a26453354b3cc40adced338269d
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2ecd295d295bec062cedebe177e54b9d6b19fc0a841dc5c178c654c9ccff09c0
2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e
2fe2ea1dca949d6cba57e8b57f633943505ff2111a4a2786f7c7f92cac88cf6d
32156c8a346c5445b2068b5137c2ab4d354aa66c88de0c12f1d297f6f6a101a4
32815ff741aadf5695bcd86d7a4c9717d0e853ff4f9c34bb3ec148e5489bc7a3
32b5ea0410bbd7fa1aef6686a84aeb567739bcd71a935ff6214d538b61353f0b
343e8bb1ac79eaf674b71ae9b5da8696724016649576600cdeaf11b69704ea40
34c3ae81cd958df09f8912557b0a7c53fea002cc24b4d6058d852da53811e414
35139e52e8748e48ba6cc57b279cbd9d520f163fca5456f1ba492fb670ff3284
37b8ca5fafc31bb13e15cb7e25f6b75e803d3e37bd4553d1a0e09bbcefbf6328
37e77411b44e1a48419cd77af863dd79188230adb43e0eb120631f28062f2e3d
38537685dc69434985639cca9d6d200a2f3530f302c7863a2cd56bf46ead5b67
3c3a0321547809818914bf6666db8a6b4f882b487d3e08e334566d25d5d38e55
3c4a1bb7ce3234407184f0d80cc4dec075e4ad616b44dcc5778e1cfb1bc24019
3d350a927fe3af2e47158c3e76ba2c08e93e9f90f20bed535dc87a80c6ecfca9
3d94de70e22272f5ca28a2235cc6bba15ad236cbd0f297f5c3e615800318468f
3e26784d9a26af8520ef485c1040abb0d613063d08f5b4f01e9e4ab96a3ad1ab
3fdf01239a6b029934043e6139398024aa4c1423ca27e1a2e4f78b5d3f87b597
426d76224de25de48c22820280fb851e7d9ebc04bfc915b4aec6dfc21821ea37
42e8de9192dee3b3ee8a7529c5883dac20b868000168362d9f287125c95e18a8
42f1100954ec9fe34190bd640e4f72ae70707be29020cb9b9162eca77ade1540
438be98bf60b7696afd59fba0aa8ec03b2890af7986e0a2d0c99d96669bed764
4570ddb70e94ca42497663daeb0352356c137ccde1bac94bc2cd9375869b220d
46b98a3787c3de05a63a522c71300ef713f78660098ae524fda5e19bb8567a83
472d12ac7eb0e516b0656fd74f66ee06ae5a8591e4ab040f35722b71ca6eea70
47395347833919b1b83bb90b7487da0d9213502fb8f18af28230b9c4a199affa
47ec02e18941bc1fe215e0bf1b47eaef6dd674b8adfb18d17e980203a94b9ff4
48d3f1eea8eb991be984e7df1530f50765552a8c003c5b0a067faf3b8072cc3f
48f67a152acf6ef2df67acd63779bee22382effa8a37b241811e04b683e312b1
48fc4c6cbcf1e761e48b4af0c0ec6fc0c6690874aaf73cc488288a0215792414
491ab785d4783060084da7bea1a6b046ae825f9648a882829bde79e7879eb276
4cf6f3dffbc65f9231255bf31f40ddc84a45bc57428b41d6786afc7153b90b7a
4d1d586b7d52d92ce26f60bc981fc78e78e7a8244698430bbb476a1ce887bdab
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e249aef61e2d675b41a8d764b5b9c9a8ee9ebc5e512386625516f6d2c8a4977
5017ad29559d761bb429ea2085e4aff5e28f65c78d1effefed01a60c45753f33
527d0808216e24ce838e14ffd686947cd4a8719fd9562a21412ed08c8ac14614
538f7c7752504def5c4903458449025d0827ada6ee25ffe0f9cc8efd9038452a
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
54d35e66675f9cc2ab471d0c389573b5ab0902937b397914a177712b27678a46
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
566cf6379f6dd5e58f7630de3285135f945ba08376cc76f0be3c8966fc2e7ce9
5a80b6106ad076c28110bd576bb5371b7aa92160509a8779daa934bea64f0712
5af3e29a96c87ca5bbce0d15ee3cf0c58c2d16e65ca06447d4797d4908f91533
5c4855666e3ecdd01da9664d8da573fab1c6eac6fdc34492d8a111754e39b902
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab
5eeedf9055f9efab9127642b4c44135be9f404caa7ce08e51a5ea734dfd28828
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9
607150d742ffb67d983e9bd23ab87e0d436f68776c67898c57db306319840cb5
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
642ada83ca98d3d5b2b326999a9af8fabb7598d9bf50801411af313a6ef1aee3
651ac4f16a5ffc3729754a695afb26d4909b0d75a8a3a08d4e5e4ebd356fa510
6bd6868432be69f0993949e38005e2b8ad544210bdc32aabe680fd6bd7ac0c72
6cafd00f0d8d407cbcdf16218b2f8ba83f57c830003875b114ab2e51006da4f9
6ee06f62f16850514e81466ef3b01ce9a0d76e7a699274d76a0421420c400b5b
7024493525030ecd098ce0dcb2f0aea839373775120b40580028137b1d125ac9
7076af8edcc49cb9dcd89531128333710112f3ba1dc9223fcc2b4b4a4c7547fe
733207f5e543350f025af0bdc9887a602e96ab4b509b04fc1e897430274bd533
739cd6e87c765fb38da617ec950af02f81a65828da89c59089dda152524982d9
73a86c3613fe501f70617a18d4a156671f852fb75f8955b20d5e1e4837e9cfc9
768686e989a8f39ac9cf934d0c967d218feef8319e8cd4b73ad5dc38631a2451
79fd3c4a612676cfe51b579104ff56ee024be43f14c51a6c84ca569f2799a20f
7a5cb930efcce8102297188813b8c2e1c7bea204a166f3a56ca3e193c6454d3b
7ab17d7c830048456601619d3a6422eb5e419b1d0bfef58d8b1c533435d2e054
7bcbe327243628310e84027b85bca98a20d208f66f64685d979c6ccfa587d2d2
7ce3eee4cd598dd52e7b937de204d78dc2459a9dc379d0d70c478364e7b1bfcd
7d2a23d9da3ee5c2a2e38af67bf2bea7de91b63bb6c01c9436d7e4a4753f71d4
7e41fc1bae872b2a5362f6be4747810651d0d5a6451b060d77fdf753d706fdb9
803a9ee603cec5aa5667a1e2c519546306fd9c80e24bd2077ae4db3c6b1a3a89
8167b3275adf51614740ced2eaac6a5f961c66a49c0dae19680009500b61b1e1
829ad186198b945e530eaed93d543ba37a3ee36c4bd5cd5002c383920f5da8c6
82a44d888b5ac1fb59510e918927655f721973faf02da75315d2675582f5f626
84311bd0dc2298a0ab71b53b28a5cc78d782914f3775ef9e4ec3e7e5467d90e4
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
84ffdf7e7dd4c44328f1217ba1f8b070f864cca12bbdd3d0025ced15f9ffea6f
855b7c8b4b4aab871e9b6abc3d52078ae7573e5e46a945dbbb8fcb7727d93b9f
857f01de45c940ed0e25dc2370e449794bc43c4701823c75d20b414fae8fadf7
85ec93efa934554dea347ce5342e522232832dd9f991c8959322d1b714958709
8638f3568cf35b04429b02b36b4f4e37baa12bf47b618e530dfa728022c1d41c
86508c980dd7b8d5b446adf730b076703676dd73e018418fa28eab8bd806fe4f
867c8a88d02e093991da07c498200ac5160e9eb8f7c1846b96b69dab46bc1fa2
86be52bdb7547413cafb3ed175a806a798c65de98b40849e0b974c47d187de65
88c4ce8d34a9daa60952a5e3c77f6a430e87ef15ad67d03105131dcdeb04131d
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8b06ee7322964225af9c5f879971180be48ef42bac3933c73bfe6c1ea4c0f699
8b5b42dcee2d01db3cc335da9dec2039688f8278014a7b876faec10248a676be
8c52d8201af3bcfb7245fad3aefb2d3503320b4c896cd4547aad215ad8063686
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8db8a02c2c9339160146ebe57a345b1f5791a6076c14dfcaadef211935ff2117
8e49b984d20b3e7cb3f2c4a08805dc3f66bb8a58ec08c365d0cf955dd57c77c7
8e82ac1ec5acf59251e8560b62ba41630b890325a9ecfc16f17418c16ae9871d
8e93c7cb6294ff3894e9c613e07259cbea3e3087cbf6187e806f42ba34c8a6fc
8ebc05861d6690e4e588f21d7eddd3538267931a4599dea310b5fb535ebe9602
8fa7cd53bc66417a6b1e19e3ef3e6430aa5773d7ceb5ee5b175b93abeb467ba9
902cdb5ec93a596170074a2b7323de782ad2b87f0ea0ffd02f8dd20684d36c40
928f6b3bbf417ce97e1c9445a39c11ddcff59e586f257cdb4910f3da8d85e23f
94731a704ac58784dd892e856d3469593ef02ea3e1eeabdc34abdf584c0d50a7
952cd46d81b99b263cb2d0fbe2316e64d330cfbba54e1d599508087ab25b8547
96a349b855f893db532ed1e918862f3ef7a7a2aa93646520e2259a063a71c53f
97e6bda52130a8da7876cc4068cdd3eaf0a2f6a1e3420d27df0c3f8c057731ab
981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0
9933db16b59d87e8491b38586122494440569cd29bbcab8977e3679cb494e98f
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9bfc7d34cd8bc7df36a984d6f3da50799752e33c48bbf07a4a1ee959b51476d0
9e25469f734732205f33dd80ff8ca12080406c18d2fa99a1f368103e51f7999f
9ea9e22c698cd73d76b50c68568bbc7d45b27befcaa78b18eed190317ab7124d
9fde4d4d6b7dd282a87c1897ff499d712a7e9d6d263f41651675ac43a3bc4f8c
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a2f02d8e9279992c13b519d117a1cf097c276d1fc959ff1bc5ebdd5362655fe5
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a6c0660a534027da674ddc11f8c2970c17dd96bf111649103b9f5c089eba4e61
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a80508bf63af592a7c7c949686613cc9c1b448fa22e2b4ce8c695bf7a6bcaee6
a99644bc91da89a412fed44f9c214bfbc6727daf9485edd3c8ab2c7b4006a623
ab43b82750f08cb0e29eb04770d88b2db804b2e0afec33600c5ca860b0aff8e7
ab720224c1548ed676ca1a6e9f2ecbb3d92fe43ab4e573de9246e48f440a4636
ad15f01955a4bac7a25be5b59162642cc0c0b03ec7dce7352d398e9ab51e0b58
ad6789ab78a8f1a9fb9864311d88770462e447bc53b4720799a58b726dec69c6
ae242a93977473858caf65fefaa05deb7b88b2a53bf52021b0ee1861c385795e
af34ef4446fd98e2bebb8c69e7ca9cf35ecd4f00df69c6d931bf3f47e3519a9f
af7a66542220ecfb2b8fa0286b60ffa95c1c8047df094654a90e1ff75f848ef5
b287987abdcc38e98f8d96f5fcff98d98460c0002b2fec0f0b625b77f2948055
b2c860752030c2103f252f81663cf87bffb5f488a005bbdd82f0aa6d569a8b3d
b413f500a3af4bca4c144fa8bddf381faa5f1ff1be518efe8211e487f361480d
b70e7500e2bf18aa7f7d863d25348ca9033430926ffabae3b558c5ca193606f8
b8b272ebd77102be3d01933ba453145a96b7185b4907a3557bb61f6286cf95ce
ba5692e47aa9696b1e6c3b470e2a3f87a963028091d60eca9b5a2bfd652f5371
bbf537ba4b0de439c28e5a5224e0bf6a3adf935c721032367e46b9f6e9ee5ace
be8dc547b91f0491ca3e19f9a41cc19ee6872ce0672b47df47b6f2163a105260
c1895630dd470cf7cec36822c5d6367191d530ee9979fc72f0bb96a79da4122c
c1f242c0ca41b5205d903c5e63adbfaea5caffe0961c686132e9db15f3d1e5a2
c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205
c3d082e72e93441dc851b93e7a1a3bd60fa6485def0c7247d8f4a3d73fa69587
c3e97d1c4bccb2f5e94904254a1e2abfbf473a59ff424076faafd4a0908f64c5
c4afd9aca73a61decc1adaf5ea0d8da19862ea1c088b5946fe78c51fd0061c49
c6aca523f474928696e86017d3937e7994a04f3b643a9ead4b1306466a30c65f
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
cb89e64898f73c735a6127109782b3674029fa3473b746685ba428a8e54d5766
ccd56192935bead3c190529fa8a4aa18908c58089a415adcd26bbbece8719548
cd0c6c7552e7604e37627effc9888c151bcc6ff6ecdcb693813c96e66fd1fdaa
cd5afed888d1c2c1ee7e27e82bb125a2e7bad609f8dbab2e82ea3b39263f846a
ce0dc340e76e902222017578b86f00381a97a3c54aa1ac433b18f1c34675e634
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d03da595c6c699e32cceb251c4e071f40100ffd8af54f4b6194fc23f0a475e20
d0e0df8d7d8ae1634279fe885ff801b14c45627734765518da9eafd5651c426e
d2c15578d402aa9cfd3ebe10dc36b95090fad5a4f81344e0b77ffd0e1d1a2d31
d5d02a818edad774ea1d79f1ca4bf972a9d5f6b4dfa5c757f578145be90a0f23
d7ab7338f30670957aaf471ca493ac902b9a9aaf12f1bcbac1cbc924c8dc29d0
d997fba7832cb78b0933a9eb2ce191d53234c978e25c6c8fc50c75923ea8405e
db78a901e8db319d248a5eace31f8782f75fc74933daf07e8e6dcae93b0ce3f8
dc49c8638e9deb8d9bf42e600d6df0882c4ae92a12b89680a441495a603baaae
dce8abefd46a31ae13945b2f096b9a9f09459e4f78c9ebc0eb155a105f8c69c5
dce8bab583656b27d41ee90b6fcc33e5b38f7ec7b937ecee92fdfde5553e6119
dd22c52347ad42343ca4c6fa76a783715312f1f4a35e97f937611a5b26aa2354
ddf89cdacf98bb3a625393cc6301c0e57d1a40b9aab4e246c21c9a37301580dc
de09365c5a1290ab8b69797e3d02ef5b995c4bc684706e75ab72a8fe27e1c2ca
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de3b6f1ff5b8b679e0e54d395a0550c598f92a72c6c800d3f4cc8197a9e72d56
de3e48d53dbda70907592005c1b2cde635d692ecdee8e4acdc96af21f2c59c58
e108851e31ceefe2af3becd54cd7880b731665da2cca6fda6abe4d5d3257b009
e14ac1dde40c374c7e07ea437dac3a735936a947ebaec6ab0cdb0b8c7f456339
e1ff2845f11ddcc05e0ad3c383c375bf618611b2c0a46755d06cda1b93b51f85
e3539d3eee69eebe924850b7e253e0d255b519d795d58cbdc2409faed2a59112
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e467476ba7643856db749705a0ed3d5e6d3ad96db189bf40ae48b85e74fe1fe0
e634cdea6fc8a42921753f7da1799c4719b763400d8891a778bdcc519e43c919
e6480171803c66741b9d13c44e06e9817bb8f51479574044d5226cb2dc28a897
e70ad80d1c3f67c5a927df30171b129fe3a633e8f25bde20424a364c5fb358da
e808c8667c5e9214e0f4da8f409407221373ac3a86b62de782b13b1492aab028
e816178593024f8ebef4c12cd2617b3ed3bed8bb5a1089caaed71104f0bd74a3
ec335cbc056796d69797fd1ef82fc0abd9159579add0bf72e3f54fc0acba786b
ee06ac69de1f1b1b31908cab4c57ae12c5e94f8f38fcb6b1a1b740b1cb9df99a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
eff806571321e3914780a7f927c7931c1a6844da3559aa4359ae3411cdbaa40f
efff01c62418d6f4467c02e31f8c01ec7c4459e9310654f6dcbc30120a385209
f01f4ded32a47dcf730f567ab9cb5a93c87d760a65e88c252a241d586a0b4f87
f4f7728e999f7f8fcf32d4974fe1c1f53c906f7af3d1467f8e8492fe20b0f58e
f52afbdc9b50ea83386ec3f01d5b7f960c612515f6904541b370334f8d9676c0
f5352ccf08f34afdab201e48bb1de006ed4321ecaeed67f4cb4defad85b3be7e
f581f89ff823429c2034395ed6a4fa2aad86916aebad46e4cc96dc6f126954f4
f7408c25067cd0a9d9fe835cb4c05e394a50751d3fcde0c461db19a309abb02a
f75a001bec4bdf424466cdc150b0aac769554195c5bf3105cd369a9861aa7103
f7cdf71044448cb736733f5163fff96081d51ba4101567d61d22ee5998a7a399
f8f1cd84c57ffc81f8865b1ebba353154e383b75192cd0beac7d63b1773f9bba
fb99807d9c2d9b98d417acd2a3e897a28cc0829d4815642cb9bd1ab640b98454
fc2c758ce5e5368aec458bc18bb4d8c625b81d1048ca01280830e9d438b371b5
ff472beb03fc419e846da81d972be74882579ffbd1ee920a404b145acdf1f57d

www.secretchina.com Open in urlscan Pro 2606:4700:10::6814:4e9d Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

433 Requests

91 %HTTPS

52 %IPv6

42 Domains

60 Subdomains

43 IPs

8 Countries

7525 kBTransfer

12278 kBSize

49 Cookies

14 Outgoing links

Page URL History

Redirected requests

433 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 8 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.secretchina.com Open in urlscan Pro
2606:4700:10::6814:4e9d Public Scan

Screenshot
Live screenshot

Full Image

433
Requests

91 %
HTTPS

52 %
IPv6

42
Domains

60
Subdomains

43
IPs

8
Countries

7525 kB
Transfer

12278 kB
Size

49
Cookies

433 HTTP transactions
8 data transactions