www.grandturf.net Open in urlscan Pro
185.176.40.222 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.grandturf.net/
Submission: On July 17 via manual (July 17th 2023, 12:30:45 pm UTC) from ML — Scanned from DE

Summary HTTP 246 Redirects Links 50 Behaviour Indicators

Summary

This website contacted 46 IPs in 8 countries across 46 domains to perform 246 HTTP transactions. The main IP is 185.176.40.222, located in Bulgaria and belongs to ZETTA-AS, BG. The main domain is www.grandturf.net.
TLS certificate: Issued by R3 on June 10th 2023. Valid for: 3 months.

This is the only time www.grandturf.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
45	185.176.40.222 185.176.40.222	44476 (ZETTA-AS) (ZETTA-AS)
70	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:813::200a	15169 (GOOGLE) (GOOGLE)
1	194.146.226.159 194.146.226.159	13193 (ASN-NERIM) (ASN-NERIM)
1	185.103.141.178 185.103.141.178	51269 (HEXATOM) (HEXATOM)
17	18.66.97.18 18.66.97.18	16509 (AMAZON-02) (AMAZON-02)
4	91.198.105.122 91.198.105.122	35393 (EURO-WEB-AS) (EURO-WEB-AS)
1	2606:4700:303... 2606:4700:3038::6815:ea1b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	46.105.249.221 46.105.249.221	16276 (OVH) (OVH)
1 2	54.37.56.116 54.37.56.116	16276 (OVH) (OVH)
1 2	46.105.249.222 46.105.249.222	16276 (OVH) (OVH)
1	193.37.145.64 193.37.145.64	210403 (LWS) (LWS)
1	2a00:7ee0:1:0... 2a00:7ee0:1:0:3:102:0:275	16347 (ADISTA-SAS) (ADISTA-SAS)
1 2	2001:41d0:100... 2001:41d0:1008:1b95::1	16276 (OVH) (OVH)
1	173.225.100.28 173.225.100.28	19318 (IS-AS-1) (IS-AS-1)
1	91.121.110.88 91.121.110.88	16276 (OVH) (OVH)
1	51.91.236.193 51.91.236.193	16276 (OVH) (OVH)
1 2	213.186.33.2 213.186.33.2	16276 (OVH) (OVH)
9	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:81c::2003	15169 (GOOGLE) (GOOGLE)
1	2400:52e0:1e0... 2400:52e0:1e00::1076:1	200325 (BUNNYCDN) (BUNNYCDN)
2	2a00:1450:400... 2a00:1450:4001:811::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:831::2008	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
24	2606:4700:20:... 2606:4700:20::ac43:4a81	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a00:1450:400... 2a00:1450:4001:82a::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82a::2004	15169 (GOOGLE) (GOOGLE)
1 2	46.228.164.11 46.228.164.11	56396 (AMOBEE) (AMOBEE)
2 11	142.250.186.130 142.250.186.130	15169 (GOOGLE) (GOOGLE)
2 2	151.101.66.49 151.101.66.49	54113 (FASTLY) (FASTLY)
1	98.98.134.243 98.98.134.243	21859 (ZEN-ECN) (ZEN-ECN)
1	52.58.212.116 52.58.212.116	16509 (AMAZON-02) (AMAZON-02)
3 3	37.157.6.233 37.157.6.233	198622 (ADFORM) (ADFORM)
1 1	35.186.193.173 35.186.193.173	15169 (GOOGLE) (GOOGLE)
1 2	104.102.35.84 104.102.35.84	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2600:1901:0:7... 2600:1901:0:76b9::	15169 (GOOGLE) (GOOGLE)
1	2620:116:800d... 2620:116:800d:21:b314:a0ef:ab7c:d546	16509 (AMAZON-02) (AMAZON-02)
1	2a02:fa8:8806... 2a02:fa8:8806:13::1400	41041 (VCLK-EU-SE) (VCLK-EU-SE)
1 1	185.29.132.241 185.29.132.241	30419 (MEDIAMATH...) (MEDIAMATH-INC)
1 1	35.204.74.118 35.204.74.118	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	178.250.7.11 178.250.7.11	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	2606:4700:20:... 2606:4700:20::681a:61b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2606:4700:20:... 2606:4700:20::681a:ad1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	104.102.45.165 104.102.45.165	16625 (AKAMAI-AS) (AKAMAI-AS)
6	18.169.161.72 18.169.161.72	16509 (AMAZON-02) (AMAZON-02)
2	18.66.147.52 18.66.147.52	16509 (AMAZON-02) (AMAZON-02)
2	18.155.129.96 18.155.129.96	16509 (AMAZON-02) (AMAZON-02)
8	3.10.237.144 3.10.237.144	16509 (AMAZON-02) (AMAZON-02)
246	46

45 185.176.40.222 (Bulgaria)

ASN44476 (ZETTA-AS, BG)

www.grandturf.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

70 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 194.146.226.159 (France)

ASN13193 (ASN-NERIM, FR)
PTR: turf-fr.com

www.turf-fr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.103.141.178 (France)

ASN51269 (HEXATOM, FR)
PTR: p178.x1.fr

www.canalturf.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 18.66.97.18 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-18.fra56.r.cloudfront.net

www.zone-turf.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 91.198.105.122 (France)

ASN35393 (EURO-WEB-AS, FR)

www.gambling-affiliation.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static.gambling-affiliation.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3038::6815:ea1b (United States)

ASN13335 (CLOUDFLARENET, US)

img.root-top.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 46.105.249.221 (Ivry-sur-Seine, France)

ASN16276 (OVH, FR)
PTR: ip221.ip-46-105-249.eu

www.best-fr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.37.56.116 (France) 1 redirects

ASN16276 (OVH, FR)
PTR: ip116.ip-54-37-56.eu

www.ajoutezvotresite.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 46.105.249.222 (Ivry-sur-Seine, France) 1 redirects

ASN16276 (OVH, FR)
PTR: ip222.ip-46-105-249.eu

www.classement.pro	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 193.37.145.64 (France)

ASN210403 (LWS, FR)

www.turfsur.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:7ee0:1:0:3:102:0:275 (France)

ASN16347 (ADISTA-SAS, FR)

gagnant-au-pmu.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:41d0:1008:1b95::1 (France) 1 redirects

ASN16276 (OVH, FR)

logo.gralon.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 173.225.100.28 (United States)

ASN19318 (IS-AS-1, US)

cplemaire.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 91.121.110.88 (France)

ASN16276 (OVH, FR)
PTR: smtp.polydev.com

www.choixdunet.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.91.236.193 (France)

ASN16276 (OVH, FR)
PTR: cluster028.hosting.ovh.net

www.cheval2000.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.186.33.2 (France) 1 redirects

ASN16276 (OVH, FR)
PTR: cluster002.ovh.net

www.meilleurduweb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
meilleurduweb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:81c::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2400:52e0:1e00::1076:1 (Germany)

ASN200325 (BUNNYCDN, SI)

widgets.getsitecontrol.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:811::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 2606:4700:20::ac43:4a81 (United States)

ASN13335 (CLOUDFLARENET, US)

as.ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
assets.ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 46.228.164.11 (United Kingdom) 1 redirects

ASN56396 (AMOBEE, GB)

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
r.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 142.250.186.130 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.66.49 (United States) 2 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 98.98.134.243 (United States)

ASN21859 (ZEN-ECN, US)

pixel-sync.sitescout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.58.212.116 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-58-212-116.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 37.157.6.233 (Denmark) 3 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.193.173 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com

ius.ctnsnet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.102.35.84 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-102-35-84.deploy.static.akamaitechnologies.com

sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:1901:0:76b9:: (Kansas City, United States)

ASN15169 (GOOGLE, US)

prod-rtb.ad4mat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800d:21:b314:a0ef:ab7c:d546 (United States)

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:fa8:8806:13::1400 (Singapore)

ASN41041 (VCLK-EU-SE, US)

dclk-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.29.132.241 (United Kingdom) 1 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.204.74.118 (Groningen, Netherlands) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 118.74.204.35.bc.googleusercontent.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.7.11 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::681a:61b (United States)

ASN13335 (CLOUDFLARENET, US)

static-de.ad4mat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:20::681a:ad1 (United States)

ASN13335 (CLOUDFLARENET, US)

ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.102.45.165 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-102-45-165.deploy.static.akamaitechnologies.com

www.awin1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 18.169.161.72 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-169-161-72.eu-west-2.compute.amazonaws.com

track.webgains.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.66.147.52 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-147-52.fra60.r.cloudfront.net

analytics.webgains.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.155.129.96 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-155-129-96.cdg52.r.cloudfront.net

cdn.track.production.webgains.team	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 3.10.237.144 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-10-237-144.eu-west-2.compute.amazonaws.com

api.webgains.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
72	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 135 tpc.googlesyndication.com — Cisco Umbrella Rank: 160	195 KB
45	grandturf.net www.grandturf.net	3 MB
28	ad4m.at as.ad4m.at — Cisco Umbrella Rank: 30069 ad4m.at — Cisco Umbrella Rank: 9754 assets.ad4m.at — Cisco Umbrella Rank: 41291	2 MB
20	doubleclick.net 2 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 57 cm.g.doubleclick.net — Cisco Umbrella Rank: 254	47 KB
17	zone-turf.fr www.zone-turf.fr — Cisco Umbrella Rank: 260714	45 KB
10	webgains.io analytics.webgains.io — Cisco Umbrella Rank: 20510 api.webgains.io — Cisco Umbrella Rank: 51644	63 KB
6	webgains.com track.webgains.com — Cisco Umbrella Rank: 39920	146 KB
4	ad4mat.net prod-rtb.ad4mat.net — Cisco Umbrella Rank: 148578 static-de.ad4mat.net — Cisco Umbrella Rank: 192748	8 KB
4	gambling-affiliation.com www.gambling-affiliation.com static.gambling-affiliation.com	874 KB
3	adform.net 3 redirects c1.adform.net — Cisco Umbrella Rank: 633	2 KB
3	google.com adservice.google.com — Cisco Umbrella Rank: 113 www.google.com — Cisco Umbrella Rank: 10	621 B
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 63 region1.google-analytics.com — Cisco Umbrella Rank: 1623	21 KB
3	gstatic.com fonts.gstatic.com	131 KB
2	webgains.team cdn.track.production.webgains.team — Cisco Umbrella Rank: 59854	17 KB
2	awin1.com www.awin1.com — Cisco Umbrella Rank: 16326	1 KB
2	teads.tv 1 redirects sync.teads.tv — Cisco Umbrella Rank: 1425	493 B
2	everesttech.net 2 redirects sync-tm.everesttech.net — Cisco Umbrella Rank: 796	991 B
2	turn.com 1 redirects ad.turn.com — Cisco Umbrella Rank: 1067 r.turn.com — Cisco Umbrella Rank: 3947	869 B
2	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 205	112 KB
2	meilleurduweb.com 1 redirects www.meilleurduweb.com meilleurduweb.com	3 KB
2	gralon.net 1 redirects logo.gralon.net	8 KB
2	classement.pro 1 redirects www.classement.pro	3 KB
2	ajoutezvotresite.com 1 redirects www.ajoutezvotresite.com	2 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 88	2 KB
1	criteo.com dis.criteo.com — Cisco Umbrella Rank: 608	363 B
1	simpli.fi 1 redirects um.simpli.fi — Cisco Umbrella Rank: 981	762 B
1	mathtag.com 1 redirects sync.mathtag.com — Cisco Umbrella Rank: 577	788 B
1	dotomi.com dclk-match.dotomi.com — Cisco Umbrella Rank: 3235	104 B
1	quantserve.com cms.quantserve.com — Cisco Umbrella Rank: 862	464 B
1	ctnsnet.com 1 redirects ius.ctnsnet.com — Cisco Umbrella Rank: 8246	668 B
1	bidswitch.net x.bidswitch.net — Cisco Umbrella Rank: 359	146 B
1	sitescout.com pixel-sync.sitescout.com — Cisco Umbrella Rank: 756	187 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 79	78 KB
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 1129	605 B
1	getsitecontrol.com widgets.getsitecontrol.com — Cisco Umbrella Rank: 31178	863 B
1	cheval2000.com www.cheval2000.com	10 KB
1	choixdunet.fr www.choixdunet.fr
1	cplemaire.net cplemaire.net	1 MB
1	gagnant-au-pmu.com gagnant-au-pmu.com	6 KB
1	turfsur.com www.turfsur.com	11 KB
1	best-fr.com www.best-fr.com	3 KB
1	root-top.com img.root-top.com	5 KB
1	canalturf.com www.canalturf.com — Cisco Umbrella Rank: 483601	30 KB
1	turf-fr.com www.turf-fr.com	50 KB
0	free.fr Failed www.rapidoweb.free.fr Failed
0	allosponsor.com Failed www.allosponsor.com Failed
246	46

	Domain	Requested by
68	pagead2.googlesyndication.com	www.grandturf.net pagead2.googlesyndication.com googleads.g.doubleclick.net
45	www.grandturf.net	www.grandturf.net
17	www.zone-turf.fr	www.grandturf.net
12	assets.ad4m.at	as.ad4m.at
11	cm.g.doubleclick.net	2 redirects googleads.g.doubleclick.net
9	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
8	api.webgains.io	analytics.webgains.io
8	ad4m.at	as.ad4m.at ad4m.at
8	as.ad4m.at	googleads.g.doubleclick.net as.ad4m.at ad4m.at
6	track.webgains.com	as.ad4m.at
4	tpc.googlesyndication.com	googleads.g.doubleclick.net
3	c1.adform.net	3 redirects
3	fonts.gstatic.com	fonts.googleapis.com
2	cdn.track.production.webgains.team	as.ad4m.at
2	analytics.webgains.io	track.webgains.com
2	www.awin1.com	as.ad4m.at
2	static-de.ad4mat.net	as.ad4m.at
2	prod-rtb.ad4mat.net	googleads.g.doubleclick.net
2	sync.teads.tv	1 redirects googleads.g.doubleclick.net
2	sync-tm.everesttech.net	2 redirects
2	www.googletagservices.com	googleads.g.doubleclick.net
2	adservice.google.com	pagead2.googlesyndication.com
2	www.google-analytics.com	www.grandturf.net www.google-analytics.com
2	static.gambling-affiliation.com	www.grandturf.net
2	logo.gralon.net	1 redirects www.grandturf.net
2	www.classement.pro	1 redirects www.grandturf.net
2	www.ajoutezvotresite.com	1 redirects www.grandturf.net
2	www.gambling-affiliation.com	www.grandturf.net
2	fonts.googleapis.com	www.grandturf.net
1	dis.criteo.com	googleads.g.doubleclick.net
1	um.simpli.fi	1 redirects
1	sync.mathtag.com	1 redirects
1	dclk-match.dotomi.com	googleads.g.doubleclick.net
1	cms.quantserve.com	googleads.g.doubleclick.net
1	ius.ctnsnet.com	1 redirects
1	x.bidswitch.net	googleads.g.doubleclick.net
1	pixel-sync.sitescout.com	googleads.g.doubleclick.net
1	r.turn.com	www.grandturf.net
1	ad.turn.com	1 redirects
1	www.google.com	googleads.g.doubleclick.net
1	region1.google-analytics.com	www.googletagmanager.com
1	www.googletagmanager.com	www.google-analytics.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	widgets.getsitecontrol.com	www.grandturf.net
1	meilleurduweb.com	www.grandturf.net
1	www.meilleurduweb.com	1 redirects
1	www.cheval2000.com	www.grandturf.net
1	www.choixdunet.fr	www.grandturf.net
1	cplemaire.net	www.grandturf.net
1	gagnant-au-pmu.com	www.grandturf.net
1	www.turfsur.com	www.grandturf.net
1	www.best-fr.com	www.grandturf.net
1	img.root-top.com	www.grandturf.net
1	www.canalturf.com	www.grandturf.net
1	www.turf-fr.com	www.grandturf.net
0	www.rapidoweb.free.fr Failed	www.grandturf.net
0	www.allosponsor.com Failed	www.grandturf.net
246	57

This site contains links to these domains. Also see Links.

Domain
chat.whatsapp.com
www.zone-turf.fr
www.gambling-affiliation.com
www.ajoutezvotrelien.com
www.rapidoweb.free.fr
www.root-top.com
www.best-fr.com
www.ajoutezvotresite.com
www.classement.pro
www.turfsur.com
www.referencement-google-gratuit.com
www.gagnant-au-pmu.com
www.gralon.net
cplemaire.net
www.choixdunet.fr
www.cheval2000.com
www.meilleurduweb.com

Subject Issuer	Validity	Valid
grandturf.net R3	`2023-06-10` - `2023-09-08`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
*.turf-fr.com Gandi Standard SSL CA 2	`2023-07-05` - `2024-07-09`	a year	crt.sh
www.canalturf.com RapidSSL Global TLS RSA4096 SHA256 2022 CA1	`2022-07-31` - `2023-07-31`	a year	crt.sh
www.zone-turf.fr Amazon RSA 2048 M02	`2022-10-26` - `2023-11-24`	a year	crt.sh
www.gambling-affiliation.com Gandi Standard SSL CA 2	`2022-10-28` - `2023-10-28`	a year	crt.sh
root-top.com E1	`2023-07-04` - `2023-10-02`	3 months	crt.sh
best-fr.com R3	`2023-06-20` - `2023-09-18`	3 months	crt.sh
quartesur.com R3	`2023-05-28` - `2023-08-26`	3 months	crt.sh
gagnant-au-pmu.com R3	`2023-05-30` - `2023-08-28`	3 months	crt.sh
cplemaire.net cPanel, Inc. Certification Authority	`2023-07-07` - `2023-10-05`	3 months	crt.sh
mail.polydev.com R3	`2023-06-23` - `2023-09-21`	3 months	crt.sh
cheval2000.com R3	`2023-06-12` - `2023-09-10`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
static.gambling-affiliation.com Gandi Standard SSL CA 2	`2022-08-22` - `2023-08-22`	a year	crt.sh
*.getsitecontrol.com Go Daddy Secure Certificate Authority - G2	`2023-03-07` - `2024-04-07`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-07` - `2024-05-06`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
*.sitescout.com GeoTrust Global TLS RSA4096 SHA256 2022 CA1	`2023-01-09` - `2024-02-02`	a year	crt.sh
*.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2023-03-23` - `2024-03-23`	a year	crt.sh
prod-rtb.ad4mat.net GTS CA 1D4	`2023-06-04` - `2023-09-02`	3 months	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2022-08-09` - `2023-09-09`	a year	crt.sh
*.dotomi.com GlobalSign RSA OV SSL CA 2018	`2022-08-09` - `2023-09-10`	a year	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-05-12` - `2023-08-10`	3 months	crt.sh
www.awin1.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-10` - `2024-03-09`	a year	crt.sh
*.webgains.com Amazon RSA 2048 M01	`2023-05-15` - `2024-06-13`	a year	crt.sh
*.webgains.io Amazon RSA 2048 M02	`2023-03-02` - `2023-09-21`	7 months	crt.sh
cdn.track.production.webgains.team Amazon RSA 2048 M01	`2023-02-28` - `2023-10-28`	8 months	crt.sh

This page contains 18 frames:

Primary Page: https://www.grandturf.net/
Frame ID: BE9F2C909A8AFC0CC803067156410C9B
Requests: 160 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230711/r20190131/zrt_lookup.html
Frame ID: F25E60606D13A5EE6E5E3B933D8971EB
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6404002326578074&output=html&adk=1812271804&adf=3025194257&lmt=1689597038&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1048576%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x1080_l%7C164x1080_r&format=0x0&url=https%3A%2F%2Fwww.grandturf.net%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689597038240&bpp=24&bdt=300&idt=370&shv=r20230711&mjsv=m202307110102&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4896509340721&frm=20&pv=2&ga_vid=529683509.1689597039&ga_sid=1689597039&ga_hid=1598999568&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759927%2C44759876%2C31075849%2C31076011%2C44788441&oid=2&pvsid=3531930351038728&tmod=718010455&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=397
Frame ID: 9E193855B42B4BC492348066BA555CDA
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6404002326578074&output=html&h=280&adk=1213588912&adf=1119259538&pi=t.aa~a.202848852~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1689597038&rafmt=1&to=qs&pwprc=3975764233&format=1200x280&url=https%3A%2F%2Fwww.grandturf.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689597038264&bpp=2&bdt=325&idt=378&shv=r20230711&mjsv=m202307110102&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=4896509340721&frm=20&pv=1&ga_vid=529683509.1689597039&ga_sid=1689597039&ga_hid=1598999568&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=868&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759927%2C44759876%2C31075849%2C31076011%2C44788441&oid=2&pvsid=3531930351038728&tmod=718010455&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=pbSWHUyTEb&p=https%3A//www.grandturf.net&dtd=381
Frame ID: FF70857954F7140F17B3D02883644ADF
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6404002326578074&output=html&h=280&adk=2245347198&adf=931991694&pi=t.aa~a.1202816626~rp.4&w=360&fwrn=4&fwrnh=100&lmt=1689597038&rafmt=1&to=qs&pwprc=3975764233&format=360x280&url=https%3A%2F%2Fwww.grandturf.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689597038908&bpp=1&bdt=968&idt=-M&shv=r20230711&mjsv=m202307110102&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd1b54429c92bf3cb-22a34575bfe2003b%3AT%3D1689597038%3ART%3D1689597038%3AS%3DALNI_MZlOip74wUMgXe4FQjyC6Fvq79R8g&gpic=UID%3D00000c3ea038b574%3AT%3D1689597038%3ART%3D1689597038%3AS%3DALNI_MYAnMNf1027TZajQClj_Api4V3djg&prev_fmts=0x0%2C1200x280&nras=3&correlator=4896509340721&frm=20&pv=1&ga_vid=529683509.1689597039&ga_sid=1689597039&ga_hid=1598999568&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1010&ady=1939&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759927%2C44759876%2C31075849%2C31076011%2C44788441&oid=2&pvsid=3531930351038728&tmod=718010455&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=sY4ZWQMn01&p=https%3A//www.grandturf.net&dtd=16
Frame ID: 44D03F559BB654783A9DF5834EDD2F82
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6404002326578074&output=html&h=280&adk=2692089315&adf=1695447792&pi=t.aa~a.2665873805~rp.1&w=360&fwrn=4&fwrnh=100&lmt=1689597038&rafmt=1&to=qs&pwprc=3975764233&format=360x280&url=https%3A%2F%2Fwww.grandturf.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689597038908&bpp=1&bdt=969&idt=-M&shv=r20230711&mjsv=m202307110102&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd1b54429c92bf3cb-22a34575bfe2003b%3AT%3D1689597038%3ART%3D1689597038%3AS%3DALNI_MZlOip74wUMgXe4FQjyC6Fvq79R8g&gpic=UID%3D00000c3ea038b574%3AT%3D1689597038%3ART%3D1689597038%3AS%3DALNI_MYAnMNf1027TZajQClj_Api4V3djg&prev_fmts=0x0%2C1200x280%2C360x280&nras=4&correlator=4896509340721&frm=20&pv=1&ga_vid=529683509.1689597039&ga_sid=1689597039&ga_hid=1598999568&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=620&ady=2274&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759927%2C44759876%2C31075849%2C31076011%2C44788441&oid=2&pvsid=3531930351038728&tmod=718010455&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=N6SVaiDgmu&p=https%3A//www.grandturf.net&dtd=21
Frame ID: C2E1D6CF92F5DE6F1B1C70A04359C9F1
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6404002326578074&output=html&h=280&adk=940430000&adf=118710933&pi=t.aa~a.474041843~rp.4&w=1140&fwrn=4&fwrnh=100&lmt=1689597038&rafmt=1&to=qs&pwprc=3975764233&format=1140x280&url=https%3A%2F%2Fwww.grandturf.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689597038908&bpp=1&bdt=968&idt=-M&shv=r20230711&mjsv=m202307110102&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd1b54429c92bf3cb-22a34575bfe2003b%3AT%3D1689597038%3ART%3D1689597038%3AS%3DALNI_MZlOip74wUMgXe4FQjyC6Fvq79R8g&gpic=UID%3D00000c3ea038b574%3AT%3D1689597038%3ART%3D1689597038%3AS%3DALNI_MYAnMNf1027TZajQClj_Api4V3djg&prev_fmts=0x0%2C1200x280%2C360x280%2C360x280&nras=5&correlator=4896509340721&frm=20&pv=1&ga_vid=529683509.1689597039&ga_sid=1689597039&ga_hid=1598999568&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=3893&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759927%2C44759876%2C31075849%2C31076011%2C44788441&oid=2&pvsid=3531930351038728&tmod=718010455&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=iTAfBo2j0I&p=https%3A//www.grandturf.net&dtd=24
Frame ID: 0F1CE1D431CCC317842383F1315FA2F4
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6404002326578074&output=html&h=240&adk=343766305&adf=3891162701&pi=t.aa~a.1910253705~rp.1&w=263&fwrn=4&fwrnh=100&lmt=1689597038&rafmt=1&to=qs&pwprc=3975764233&format=263x240&url=https%3A%2F%2Fwww.grandturf.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689597038908&bpp=1&bdt=969&idt=1&shv=r20230711&mjsv=m202307110102&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd1b54429c92bf3cb-22a34575bfe2003b%3AT%3D1689597038%3ART%3D1689597038%3AS%3DALNI_MZlOip74wUMgXe4FQjyC6Fvq79R8g&gpic=UID%3D00000c3ea038b574%3AT%3D1689597038%3ART%3D1689597038%3AS%3DALNI_MYAnMNf1027TZajQClj_Api4V3djg&prev_fmts=0x0%2C1200x280%2C360x280%2C360x280%2C1140x280&nras=6&correlator=4896509340721&frm=20&pv=1&ga_vid=529683509.1689597039&ga_sid=1689597039&ga_hid=1598999568&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=4228&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759927%2C44759876%2C31075849%2C31076011%2C44788441&oid=2&pvsid=3531930351038728&tmod=718010455&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=vGeR0REqLs&p=https%3A//www.grandturf.net&dtd=27
Frame ID: 034EE7EADDD9C83F0E82E398E879E531
Requests: 1 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1jpz36y62n8twzxrsqbd5x96wbnysx9kp039q4p8eyghq6fks1qq0ty2edc8d536zere64dmn85mdzh38fbhea05knec19xyhbd3adbcjdt195f4tjskd5t3kqakm10fc1zj27df34atns6hq56vbhwf6es4y5p6y8y40df1eswzkygbmbey3np3zhc9yyac3zx4s01k28ba21tpaj8d8dwqdhgc5stanpfv1tgwnb3jqptb1r45ghny7d9ryx39xj18p5f7dev5x7ffmxp8xchtk0v8jkye70tkbv5nkg6gzb4586cftfvryb2f440ynw0dv2xrqrxj01sana6y89rtj1nbbvp4126avgyd2ek7bkhkwm2yrjyzbg76zvrdprtzgexv0h2w4xefqrc0h51gq58g2svdqkdr9a3q0rc4y40jvsqxqbfyqa2yrqmyha0w2zvnsatg&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCAl4FbzS1ZMPAAtSn7wLdgLbAA5DhgYRctqjCivACwI23ARABIABglYKAgJQHggEXY2EtcHViLTY0MDQwMDIzMjY1NzgwNzTIAQmpAk7MbFfT1rI-qAMByAMCqgTrAU_QaOo08QRpFpw3UNF_9jQ4AQer-DF-7fZoONYgf-Sods8SIutpWQUd_Nk3PV95FqSGys9o8hlRA0k_Ed9jHEV8U0nFhnjEKRhXcod6hI10vJCdJEIl_KrxOphQX_P6sNvMnUg01aI2SOQlp94uqu_Co9QOLZ58AZPtA0P-X8GEIDu7nf-jnqHY3YKfgoP7X0QfHo_tySqzazf_WrKJHCSv_6XDwfY45KLf1WLc7f1AogbK3cLxSUcRYRNU1lrTUxKp_nJqRmtHftx_az4gLdZpakw7OX45n93yExYnGQngAYMlboLP7xdx6TSABtyHrq-QxZTacqAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0WwHRBdFsAOIqyrAhA0WQzS7U8AA%26client%3Dca-pub-6404002326578074%26adurl%3D
Frame ID: 14B5043DCBE4A7383D167106893D8546
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/pagead/js/r20230711/r20110914/client/window_focus_fy2021.js
Frame ID: 587FC667F9C1AD047F211F189FBAF8B1
Requests: 7 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 2EFB3A74C471191146C232621262F7CA
Requests: 9 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1hxwmrzqhr4t58x1tm5qvnf7vt2an4a49b2b059xrnrekxp26hw87eh4kskk0y6zdf9tfkrmypsxdh8c0jcrj9hf22gbdfswhv2akd0kyd4hss8w6xpesc31n58sgddv4hfpsjzd2pjaf0f973t96j0cqyk3t8y8n2hvm8yt719x7txh49m55r7wknxxz4jm8q1yr2b2snqmn3cbe3d1pzsahnwzdh84f1s1tqz3y03nz2mjsph6qcq8kxgz5sb56z4b7r5fpyrpx2ewg26xg0xe0xcq6b5cx35r4g7r1e62ktjjkf3ns5fqmg9nq9jjade7jbhd6awqckqh9gw2rpv7fdrv45haseg28gnzfz4ppwjsnhh2fgvmjsh8fspasdx692yyq7hna08hmk0mtzg50agzrgyzd4yr0rrpb3sbxmn0753vchnvpn3vgqawa7y88gjfjvm0&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCtC2mbzS1ZJ7EAoKQ5LcPk7uukA-Q4YGEXLaoworwAsCNtwEQASAAYJWCgICUB4IBF2NhLXB1Yi02NDA0MDAyMzI2NTc4MDc0yAEJqQKyeu4-Vd2yPqgDAcgDAqoE6wFP0BcA8N62bD4AQwm161b12CPyFrF89kWujkq-EejcL9MQ_HJHc3b64P6CN4yUaTnUlpoJ2y-KAVd7FJunT03MzT5Ci5k45O7OFDRnGDQiY7jokGvT82jNY9KNzbeZPOmi1cJ7jBkDsfiEW_JizSbmlb6VC0FjRjPbxoJeOoGgDkjXonImYWkdnJe7p1os8GLtNZ_dgF4nhWlyUzLe8BQ83-rat6Y4fBnsPYwJHyXYiU-DCK_IWOTrbGbK4V7YUPRDRxLVYyLW24riCSlGSOariG2dBxmGL2NZlO60MOtkmcB88kkBxsdAxZoIgAbch66vkMWU2nKgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3oYIUeLgvqwWs34VVQ3HmsgFA1fg%26client%3Dca-pub-6404002326578074%26adurl%3D
Frame ID: B99461710D422CC49FD84AB0EE8184CE
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/pagead/js/r20230711/r20110914/client/window_focus_fy2021.js
Frame ID: 082F84959F18CF4D7337E98D62F497F3
Requests: 6 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 4E317D4C50CADAAC3429D29561B1AC24
Requests: 9 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: 4F6855433AF2CBE6EBB141A35FC21675
Requests: 1 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: C6A1C541AB79FAA68D3C6E386FDC5939
Requests: 1 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=197862%2C117569%2C19769&b=eYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=DXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=300&d=250&e=&g=29831e40dbd34a8d446a8a77ce91d077%2F13709206012508334614&i=71725%2C29981%2C21630&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1689597040042&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1g9yb09d90egfdz2h7hp8hcs9w6kfa612g6hepz8vn9m7yhmv0sqqevrg7f95sv6wx01qr8zype0wpcx189ga7131zv8j55rdmxx4tffg4dw69kfqhzfzxnbs54x48kre0rjcbd9a4vm720kbyak7949m1rjp29yjc9nb186nkvyw6akbhn15nbpmjxt3phec8k2wx175hsamqp4bpsp93a2hck88a3p59xk444sny6fjt5z508jt84tbed92hc1dszjrdmjsbmc68vx15vntwajfg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCAl4FbzS1ZMPAAtSn7wLdgLbAA5DhgYRctqjCivACwI23ARABIABglYKAgJQHggEXY2EtcHViLTY0MDQwMDIzMjY1NzgwNzTIAQmpAk7MbFfT1rI-qAMByAMCqgTrAU_QaOo08QRpFpw3UNF_9jQ4AQer-DF-7fZoONYgf-Sods8SIutpWQUd_Nk3PV95FqSGys9o8hlRA0k_Ed9jHEV8U0nFhnjEKRhXcod6hI10vJCdJEIl_KrxOphQX_P6sNvMnUg01aI2SOQlp94uqu_Co9QOLZ58AZPtA0P-X8GEIDu7nf-jnqHY3YKfgoP7X0QfHo_tySqzazf_WrKJHCSv_6XDwfY45KLf1WLc7f1AogbK3cLxSUcRYRNU1lrTUxKp_nJqRmtHftx_az4gLdZpakw7OX45n93yExYnGQngAYMlboLP7xdx6TSABtyHrq-QxZTacqAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_0WwHRBdFsAOIqyrAhA0WQzS7U8AA%2526client%253Dca-pub-6404002326578074%2526adurl%253D&y=1&s=&z=0
Frame ID: AD764F1295F7DBD3B7F2ECBBD0E66104
Requests: 14 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=183975%2C175059%2C499334&b=rWbTQf9f3XBdaAH7HjtqtBXVaYS8TgJka1JYM%2CQMGH4fjfP2BJaxH5HYtGtbMzjF6S4TG6dTRB7b%2CXJ5UzfrfqKQWS6H4HetqtYx6SQSkT5VeSXZDe&f=P6AhBfbfbJMRC9HjHbtgCP6ASJS9TDpQcjqdY%2C24zt6fqfj2RWSVHWHktwC2JgGHxS7TgQXaEK68%2CeYdU3fVfxr47ajHZHet2CZeJhwSQTKrACYXpb&c=300&d=250&e=&g=ac4c379941008ad21a95a81ea8bf70a7%2F6485158474764828640&i=20597%2C65915%2C28103&j=21%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1689597040059&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1g8p0wsns7rwn6vdzyj4jwzqe0g1esxv36hwdghs1z2k5t4r5pdepda1v55f4hj1k0v5jhzj3f3qpp5nskn0gx1q8ryywm93y1vjgyvhjrqfgqbjje5x7ptnnznfxjk9zj3et269ktrj1qnjr4z47p670e0g4pgt5t0gpjbpxdqyd8hzvb8sg1bmjdk1mh9c4d1bzw6wv6qw02wzvfh3h9n37kt3hcs1aa1r22w83d7y6vc3xgvgnckqasq6008sfv86g2n60w3qtjxp51ech99k0c%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCtC2mbzS1ZJ7EAoKQ5LcPk7uukA-Q4YGEXLaoworwAsCNtwEQASAAYJWCgICUB4IBF2NhLXB1Yi02NDA0MDAyMzI2NTc4MDc0yAEJqQKyeu4-Vd2yPqgDAcgDAqoE6wFP0BcA8N62bD4AQwm161b12CPyFrF89kWujkq-EejcL9MQ_HJHc3b64P6CN4yUaTnUlpoJ2y-KAVd7FJunT03MzT5Ci5k45O7OFDRnGDQiY7jokGvT82jNY9KNzbeZPOmi1cJ7jBkDsfiEW_JizSbmlb6VC0FjRjPbxoJeOoGgDkjXonImYWkdnJe7p1os8GLtNZ_dgF4nhWlyUzLe8BQ83-rat6Y4fBnsPYwJHyXYiU-DCK_IWOTrbGbK4V7YUPRDRxLVYyLW24riCSlGSOariG2dBxmGL2NZlO60MOtkmcB88kkBxsdAxZoIgAbch66vkMWU2nKgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3oYIUeLgvqwWs34VVQ3HmsgFA1fg%2526client%253Dca-pub-6404002326578074%2526adurl%253D&y=1&s=&z=0
Frame ID: B3913720BF41518D5AB7B1D43541598A
Requests: 18 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

GrandTurf - Pronostics et Analyses Quinté+

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

animate.css (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link [^>]+(?:/([\d.]+)/)?animate\.(?:min\.)?css

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Moment.js (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

moment(?:\.min)?\.js

OWL Carousel (Widgets) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*href="[^"]+owl\.carousel(?:\.min)?\.css
owl\.carousel.*\.js

Webgains (Affiliate programs) Expand

Overall confidence: 100%
Detected patterns

analytics\.webgains\.io

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

246
Requests

93 %
HTTPS

42 %
IPv6

46
Domains

57
Subdomains

46
IPs

8
Countries

8484 kB
Transfer

9895 kB
Size

20
Cookies

50 Outgoing links

These are links going to different origins than the main page.

URL: https://chat.whatsapp.com/K105adxLnpD8OD48LZYGbZ
Title: CLIQUEZ ICI POUR AVOIR NOTRE PRONOSTIC DE DERNIERE MINUTE PAR WHATSAPP

Search URL Search Domain Scan URL

URL: https://www.zone-turf.fr/quinte/
Title: Quinté

Search URL Search Domain Scan URL

URL: https://www.zone-turf.fr/cheval/farceur-de-conde-707168/
Title: Farceur de Cond.

Search URL Search Domain Scan URL

URL: https://www.zone-turf.fr/jockey/a-collette-88103/
Title: A. Collette

Search URL Search Domain Scan URL

URL: https://www.zone-turf.fr/cheval/heraklion-895190/
Title: Heraklion

Search URL Search Domain Scan URL

URL: https://www.zone-turf.fr/jockey/p-levesque-63/
Title: P. Levesque

Search URL Search Domain Scan URL

URL: https://www.zone-turf.fr/cheval/hautain-918730/
Title: Hautain

Search URL Search Domain Scan URL

URL: https://www.zone-turf.fr/jockey/y-lebourgeois-221/
Title: Y. Lebourgeois

Search URL Search Domain Scan URL

URL: https://www.zone-turf.fr/cheval/hasard-d-erable-895170/
Title: Hasard d"Erable

Search URL Search Domain Scan URL

URL: https://www.zone-turf.fr/jockey/d-thomain-238/
Title: D. Thomain

Search URL Search Domain Scan URL

URL: https://www.zone-turf.fr/cheval/figolu-frazeen-626934/
Title: Figolu Frazeen

Search URL Search Domain Scan URL

URL: https://www.zone-turf.fr/jockey/t-beauchene-65224/
Title: T. Beauchene

Search URL Search Domain Scan URL

URL: https://www.zone-turf.fr/cheval/halicia-bella-968570/
Title: Halicia Bella

Search URL Search Domain Scan URL

URL: https://www.zone-turf.fr/jockey/a-wiels-263/
Title: A. Wiels

Search URL Search Domain Scan URL

URL: https://www.zone-turf.fr/cheval/effigie-royale-594672/
Title: Effigie Royale

Search URL Search Domain Scan URL

URL: https://www.zone-turf.fr/jockey/n-bazire-234046/
Title: N. Bazire

Search URL Search Domain Scan URL

URL: https://www.zone-turf.fr/cheval/epson-d-ariane-555630/
Title: Epson d"Ariane

Search URL Search Domain Scan URL

URL: https://www.zone-turf.fr/jockey/d-bethouart-5472/
Title: D. Bethouart

Search URL Search Domain Scan URL

URL: https://www.zone-turf.fr/cheval/fee-lucernaise-667560/
Title: Fee Lucernaise

Search URL Search Domain Scan URL

URL: https://www.zone-turf.fr/jockey/f-nivard-59318/
Title: F. Nivard

Search URL Search Domain Scan URL

URL: https://www.zone-turf.fr/cheval/guide-moi-forgan-745780/
Title: Guide Moi Forgan

Search URL Search Domain Scan URL

URL: https://www.zone-turf.fr/jockey/b-rochard-89389/
Title: B. Rochard

Search URL Search Domain Scan URL

URL: https://www.zone-turf.fr/cheval/glamour-queen-759260/
Title: Glamour Queen

Search URL Search Domain Scan URL

URL: https://www.zone-turf.fr/jockey/jp-dubois-22857/
Title: J.P. Dubois

Search URL Search Domain Scan URL

URL: https://www.zone-turf.fr/cheval/fanfaronneur-665712/
Title: Fanfaronneur

Search URL Search Domain Scan URL

URL: https://www.zone-turf.fr/jockey/m-mottier-321/
Title: M. Mottier

Search URL Search Domain Scan URL

URL: https://www.zone-turf.fr/cheval/hallix-823810/
Title: Hallix

Search URL Search Domain Scan URL

URL: https://www.zone-turf.fr/jockey/g-gillot-266/
Title: G. Gillot

Search URL Search Domain Scan URL

URL: https://www.zone-turf.fr/cheval/gendreen-726350/
Title: Gendreen

Search URL Search Domain Scan URL

URL: https://www.zone-turf.fr/jockey/a-abrivard-22533/
Title: A. Abrivard

Search URL Search Domain Scan URL

URL: https://www.zone-turf.fr/cheval/eroico-bello-644340/
Title: Eroico Bello

Search URL Search Domain Scan URL

URL: https://www.zone-turf.fr/jockey/d-heon-9264/
Title: D. Heon

Search URL Search Domain Scan URL

URL: https://www.zone-turf.fr/cheval/espace-winner-577738/
Title: Espace Winner

Search URL Search Domain Scan URL

URL: https://www.zone-turf.fr/jockey/k-leblanc-103730/
Title: K. Leblanc

Search URL Search Domain Scan URL

URL: https://www.gambling-affiliation.com/cpc/v=18cn8NT2h5ULswvFmTmrAfl6FPlgU.dJRSJOHtu-G6I_GA7331V2&aff_var_1=

Search URL Search Domain Scan URL

URL: https://www.gambling-affiliation.com/cpc/v=n0AYZmWgb6GYPWJNRHC4YFbmIyDThI9muunAw7DWi3A_GA7331V2&aff_var_1=

Search URL Search Domain Scan URL

URL: https://www.ajoutezvotrelien.com/
Title: Ajoutez votre lien

Search URL Search Domain Scan URL

URL: http://www.rapidoweb.free.fr/topliens/liens.php3?sp=2292

Search URL Search Domain Scan URL

URL: http://www.root-top.com/topsite/classement_general/in.php?ID=2807

Search URL Search Domain Scan URL

URL: https://www.best-fr.com/sports-equestres-p1-251.html

Search URL Search Domain Scan URL

URL: https://www.ajoutezvotresite.com/

Search URL Search Domain Scan URL

URL: https://www.classement.pro/

Search URL Search Domain Scan URL

URL: http://www.turfsur.com/

Search URL Search Domain Scan URL

URL: https://www.referencement-google-gratuit.com/
Title: Referencement Google

Search URL Search Domain Scan URL

URL: http://www.gagnant-au-pmu.com/

Search URL Search Domain Scan URL

URL: https://www.gralon.net/annuaire/sports-et-loisirs/sports-individuel/equitation.htm

Search URL Search Domain Scan URL

URL: http://cplemaire.net/

Search URL Search Domain Scan URL

URL: http://www.choixdunet.fr/annuaire.php

Search URL Search Domain Scan URL

URL: http://www.cheval2000.com/

Search URL Search Domain Scan URL

URL: https://www.meilleurduweb.com/

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 38

https://www.ajoutezvotresite.com/button.php?u=grandturf HTTP 302
https://www.ajoutezvotresite.com/images/button2.gif

Request Chain 39

https://www.classement.pro/button.php?u=grandturf&buttontype=static HTTP 302
https://www.classement.pro/images/button.gif

Request Chain 42

https://logo.gralon.net/plogo-gralon-201464.gif HTTP 302
https://logo.gralon.net/plogo-gralon.gif

Request Chain 46

https://www.meilleurduweb.com/images/pub/banniere_88.31.gif HTTP 301
https://meilleurduweb.com/images/pub/banniere_88.31.gif

Request Chain 172

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEN0I694jySwu5HLO-3za_ek&google_cver=1&google_push=AaAOQGHfuXr9TZbW2fOrOswQ8cxqpBBtqDwPrpPgjgeOmxtJOIGmG3PXYPYFYDS5ONOIBTjhghFNQuH4_po2nUk3rcq1ioK-rEq1pmiWvsZD8yI_cHV4ZSmYwTTMWFAU70Bssiprcm7ARACzAAR4iPD_tkaemkM HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=ODAwMTcxNzE3ODU1NjQ3OTA3OA==&gdpr=&gdpr_consent= HTTP 302
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEFAUzUScZN6j93sTHeHD8jg&google_cver=1

Request Chain 173

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEKIBl6cdqbWGmpBrPLahYSw&google_cver=1&google_push=AaAOQGFCRk7hg3YDonWKj52A7imPzqTleFRdLHYRC3MWuiFEZLy872EJbAqGkyFSeu_0r06Sx0GjUUg1HaSfBYil0neFnAP8TtjJxSy184VMo1gHn64QTzmFu_0IWCiicK8YRtYXQttNiDFVcsQQkoaSl9ew_6Q HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEKIBl6cdqbWGmpBrPLahYSw&google_push=AaAOQGFCRk7hg3YDonWKj52A7imPzqTleFRdLHYRC3MWuiFEZLy872EJbAqGkyFSeu_0r06Sx0GjUUg1HaSfBYil0neFnAP8TtjJxSy184VMo1gHn64QTzmFu_0IWCiicK8YRtYXQttNiDFVcsQQkoaSl9ew_6Q

Request Chain 176

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEAM2uLsyEFu8GmFuK3K48zM&google_cver=1&google_push=AaAOQGGgnR9tX4JDR2gfxCrOyrNAQ6hhxF2JnTBa_0ZDSi_DoDwOrGXLO6FTMxbYLYCgx3AJbWhJjhrXVGNPhtu4rBUn6ntFYZp-0l5zDD77JQGoSEMCUtz3Ci2TrFqPyDPiOw1A-kbN6uEQFO1WySYcGgTQtQ HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEAM2uLsyEFu8GmFuK3K48zM&google_cver=1&google_push=AaAOQGGgnR9tX4JDR2gfxCrOyrNAQ6hhxF2JnTBa_0ZDSi_DoDwOrGXLO6FTMxbYLYCgx3AJbWhJjhrXVGNPhtu4rBUn6ntFYZp-0l5zDD77JQGoSEMCUtz3Ci2TrFqPyDPiOw1A-kbN6uEQFO1WySYcGgTQtQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NjMzMTYyNzcyNTE3NDA2MTM0OQ&google_push=AaAOQGGgnR9tX4JDR2gfxCrOyrNAQ6hhxF2JnTBa_0ZDSi_DoDwOrGXLO6FTMxbYLYCgx3AJbWhJjhrXVGNPhtu4rBUn6ntFYZp-0l5zDD77JQGoSEMCUtz3Ci2TrFqPyDPiOw1A-kbN6uEQFO1WySYcGgTQtQ

Request Chain 177

https://ius.ctnsnet.com/int/cm?exc=1&acc=crimtan_holdings_limited&google_gid=CAESEB3tBtmWAnXD05gUFYy9Skw&google_cver=1&google_push=AaAOQGGUHo2mMCL-UQqdTRpI028-Q3tWOIfbp3SRPbicTLVY64bQkVIAOGLWCiAB5Delb6qEiYW1R3a8a-XP899OfKRj_Y1K9Cl6M09IHNIJzdvu-CncLy5pb4gV2PD2NzKhFtgQ8WGXIt5fyRV_8Vyb8yNVKs8 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=crimtan_holdings_limited&google_push=AaAOQGGUHo2mMCL-UQqdTRpI028-Q3tWOIfbp3SRPbicTLVY64bQkVIAOGLWCiAB5Delb6qEiYW1R3a8a-XP899OfKRj_Y1K9Cl6M09IHNIJzdvu-CncLy5pb4gV2PD2NzKhFtgQ8WGXIt5fyRV_8Vyb8yNVKs8&google_hm=oKVbDtQ9Tn-p88a_68CSSGk

Request Chain 178

https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEAqq46UXDCY89EjBWGjPuMw&google_cver=1&google_push=AaAOQGEEs7PiA0Hqw_NO-Wu_h9dmReQJ3KdNqiW9_xLEcjqcciMf6wdOrCQpICUuJBgKsV-X_YdwEp1awod3KFiwaxuHcvgPV0MRNsQkQN93DoEA6_CtRC7oGD5mgzX3fMxhZ37hloVYGOnk8nYae2ZruIfjClo HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=AaAOQGEEs7PiA0Hqw_NO-Wu_h9dmReQJ3KdNqiW9_xLEcjqcciMf6wdOrCQpICUuJBgKsV-X_YdwEp1awod3KFiwaxuHcvgPV0MRNsQkQN93DoEA6_CtRC7oGD5mgzX3fMxhZ37hloVYGOnk8nYae2ZruIfjClo HTTP 302
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

Request Chain 192

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEBiXA9L8O2VBwuFAO1AQmWQ&google_cver=1&google_push=AaAOQGHpfYk9DtQuTvKZ5TCpIrU-BrQtTjK1eO7fgyT2o5wL79cHqo39MH0MBF3t6beum20Xv8sdxiS6YWj9YPgeyoDamoHOQcZ_RuqgLvhtateibr88GS6n_geBGpV6FEMs-tKpU88CtQqHX8yLcBwYJm6a-oU HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AaAOQGHpfYk9DtQuTvKZ5TCpIrU-BrQtTjK1eO7fgyT2o5wL79cHqo39MH0MBF3t6beum20Xv8sdxiS6YWj9YPgeyoDamoHOQcZ_RuqgLvhtateibr88GS6n_geBGpV6FEMs-tKpU88CtQqHX8yLcBwYJm6a-oU

Request Chain 193

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEIiaQHdGTnZ6V2a7xyVAwVo&google_cver=1&google_push=AaAOQGGCkso1TKAj8Z69IMHBvEPEvuKLzsQTCiX9XBzEuvhKUQ8mK4YPr7zKBSP-hMOdAS4xMYxEJY3JNYWCXMVD37tr0lPTNn7EJZ_xBR1RH0GunvW7tBpeH_X0LVvpq3NN-_Se66An8A8_lgBQjKYiovx_tQQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEIiaQHdGTnZ6V2a7xyVAwVo&google_push=AaAOQGGCkso1TKAj8Z69IMHBvEPEvuKLzsQTCiX9XBzEuvhKUQ8mK4YPr7zKBSP-hMOdAS4xMYxEJY3JNYWCXMVD37tr0lPTNn7EJZ_xBR1RH0GunvW7tBpeH_X0LVvpq3NN-_Se66An8A8_lgBQjKYiovx_tQQ

Request Chain 194

https://um.simpli.fi/gp_match?google_gid=CAESEPCgNCHop3dtf4dr5A56gAc&google_cver=1&google_push=AaAOQGFxdx_N86Ygk1zABa5E-y7vv3DzQswiJjtb3KcMRCh3F7zOuAtOZnCCPXmSzPYKhvxjI_6sVw0YXAEmXrn50VNmoLi59oXHh0pzDO-C-npbxx1NM-6h3N9_pu8Pg-clHNrcoQESPXByLSlmJVVJt-Zlyow HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=63FEE52A70EC4403AD3B637573EF4AD2&google_push=AaAOQGFxdx_N86Ygk1zABa5E-y7vv3DzQswiJjtb3KcMRCh3F7zOuAtOZnCCPXmSzPYKhvxjI_6sVw0YXAEmXrn50VNmoLi59oXHh0pzDO-C-npbxx1NM-6h3N9_pu8Pg-clHNrcoQESPXByLSlmJVVJt-Zlyow

Request Chain 195

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEGIiKoUnJavOWGBz8VlNSg4&google_cver=1&google_push=AaAOQGHF7sk7v4iUA5TTgVZ8XHcWyQZ2HyLTh75NgUeLjuCtX2FSSz5Cu-qMvuc5ylPZ6zc_I1-_G4uk3REf2icNSPlY5ej211vg5_sybkGlkK1fiUtB-o1ytd4HYy4epx79Du9FgHsU8h-lWqeyDAgbY3kD8mE HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NjMzMTYyNzcyNTE3NDA2MTM0OQ&google_push=AaAOQGHF7sk7v4iUA5TTgVZ8XHcWyQZ2HyLTh75NgUeLjuCtX2FSSz5Cu-qMvuc5ylPZ6zc_I1-_G4uk3REf2icNSPlY5ej211vg5_sybkGlkK1fiUtB-o1ytd4HYy4epx79Du9FgHsU8h-lWqeyDAgbY3kD8mE

246 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
www.grandturf.net/ 32 KB
32 KB 700ms
229ms Document
text/html 185.176.40.222
ZETTA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.grandturf.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.176.40.222 , Bulgaria, ASN44476 (ZETTA-AS, BG),
Reverse DNS
Software: Apache /
Resource Hash: 8344e743b5471cd31791eb2afe2f6481bf9f7a6a7f91daf7ae1fa30c43aa5f6d

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-type: text/html; charset=UTF-8
date: Mon, 17 Jul 2023 12:30:37 GMT
server: Apache

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 147 KB
50 KB 202ms
101ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6404002326578074

Requested by

Host: www.grandturf.net
URL: https://www.grandturf.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5bd427917573ec01a8402c07117fa32cad36b4db84321e5859ba7225f6f94012

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.grandturf.net/
Origin: https://www.grandturf.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 17 Jul 2023 12:30:38 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50957
x-xss-protection: 0
server: cafe
etag: 9369053366473373267
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 17 Jul 2023 12:30:38 GMT

GET
H2 200 bootstrap.min.css
www.grandturf.net/plugins/bootstrap/css/ 118 KB
118 KB 76ms
72ms Stylesheet
text/css 185.176.40.222
ZETTA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.grandturf.net/plugins/bootstrap/css/bootstrap.min.css
Requested by: Host: www.grandturf.net
URL: https://www.grandturf.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.176.40.222 , Bulgaria, ASN44476 (ZETTA-AS, BG),
Reverse DNS
Software: Apache /
Resource Hash: 225162601e3c34983338a7a8a51618c7f4b34478563be87dae04a12e636c353c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.grandturf.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 17 Jul 2023 12:30:37 GMT
last-modified: Tue, 06 Jun 2023 01:06:33 GMT
server: Apache
accept-ranges: bytes
etag: "1d974-5fd6ba155f647"
content-length: 121204
content-type: text/css

GET
H2 200 select_option1.css
www.grandturf.net/plugins/selectbox/ 4 KB
4 KB 74ms
71ms Stylesheet
text/css 185.176.40.222
ZETTA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.grandturf.net/plugins/selectbox/select_option1.css
Requested by: Host: www.grandturf.net
URL: https://www.grandturf.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.176.40.222 , Bulgaria, ASN44476 (ZETTA-AS, BG),
Reverse DNS
Software: Apache /
Resource Hash: 6ded07b6588335f989145a20162274b99144a03b569863fc257198fc4fde6314

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.grandturf.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 17 Jul 2023 12:30:37 GMT
last-modified: Tue, 06 Jun 2023 01:06:24 GMT
server: Apache
accept-ranges: bytes
etag: "1173-5fd6ba0cd8bb1"
content-length: 4467
content-type: text/css

GET
H2 200 font-awesome.min.css
www.grandturf.net/plugins/font-awesome/css/ 30 KB
30 KB 211ms
208ms Stylesheet
text/css 185.176.40.222
ZETTA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.grandturf.net/plugins/font-awesome/css/font-awesome.min.css
Requested by: Host: www.grandturf.net
URL: https://www.grandturf.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.176.40.222 , Bulgaria, ASN44476 (ZETTA-AS, BG),
Reverse DNS
Software: Apache /
Resource Hash: 1fd4c882b277b1733f27be78e59f2318df771113cfc3981f4c4ad1b287238880

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.grandturf.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 17 Jul 2023 12:30:37 GMT
last-modified: Tue, 06 Jun 2023 01:06:45 GMT
server: Apache
accept-ranges: bytes
etag: "7930-5fd6ba20cc41b"
content-length: 31024
content-type: text/css

GET
H2 200 flexslider.css
www.grandturf.net/plugins/flexslider/ 4 KB
4 KB 215ms
212ms Stylesheet
text/css 185.176.40.222
ZETTA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.grandturf.net/plugins/flexslider/flexslider.css
Requested by: Host: www.grandturf.net
URL: https://www.grandturf.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.176.40.222 , Bulgaria, ASN44476 (ZETTA-AS, BG),
Reverse DNS
Software: Apache /
Resource Hash: fd11626f81716f4102bc68392b7e1c2d065bb58012e2d19931d00e7ac3f0cf73

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.grandturf.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 17 Jul 2023 12:30:37 GMT
last-modified: Tue, 06 Jun 2023 01:06:12 GMT
server: Apache
accept-ranges: bytes
etag: "1135-5fd6ba017a83f"
content-length: 4405
content-type: text/css

GET
H2 200 fullcalendar.min.css
www.grandturf.net/plugins/calender/ 15 KB
15 KB 211ms
208ms Stylesheet
text/css 185.176.40.222
ZETTA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.grandturf.net/plugins/calender/fullcalendar.min.css
Requested by: Host: www.grandturf.net
URL: https://www.grandturf.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.176.40.222 , Bulgaria, ASN44476 (ZETTA-AS, BG),
Reverse DNS
Software: Apache /
Resource Hash: df582ea9cfb2d41ecb074551a3d8787cb66f63a076b41b16cecb30c81411b5e5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.grandturf.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 17 Jul 2023 12:30:37 GMT
last-modified: Tue, 06 Jun 2023 01:06:09 GMT
server: Apache
accept-ranges: bytes
etag: "3c02-5fd6b9fe6aced"
content-length: 15362
content-type: text/css

GET
H2 200 animate.css
www.grandturf.net/plugins/ 55 KB
55 KB 211ms
208ms Stylesheet
text/css 185.176.40.222
ZETTA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.grandturf.net/plugins/animate.css
Requested by: Host: www.grandturf.net
URL: https://www.grandturf.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.176.40.222 , Bulgaria, ASN44476 (ZETTA-AS, BG),
Reverse DNS
Software: Apache /
Resource Hash: 9d0b84bc44aa63972cab1da29110bec5b7f9f11b81e66a7a8023a5b3d5efcfb1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.grandturf.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 17 Jul 2023 12:30:37 GMT
last-modified: Tue, 06 Jun 2023 01:06:05 GMT
server: Apache
accept-ranges: bytes
etag: "dc2f-5fd6b9fa9a39c"
content-length: 56367
content-type: text/css

GET
H2 200 magnific-popup.css
www.grandturf.net/plugins/pop-up/ 5 KB
5 KB 213ms
211ms Stylesheet
text/css 185.176.40.222
ZETTA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.grandturf.net/plugins/pop-up/magnific-popup.css
Requested by: Host: www.grandturf.net
URL: https://www.grandturf.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.176.40.222 , Bulgaria, ASN44476 (ZETTA-AS, BG),
Reverse DNS
Software: Apache /
Resource Hash: 65ab95b0a57d4fa12ccb83a19088bfc1a593c982dc9fe6f1e7ecc1eb8ab313d0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.grandturf.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 17 Jul 2023 12:30:37 GMT
last-modified: Tue, 06 Jun 2023 01:06:19 GMT
server: Apache
accept-ranges: bytes
etag: "1474-5fd6ba07754ee"
content-length: 5236
content-type: text/css

GET
H2 200 settings.css
www.grandturf.net/plugins/rs-plugin/css/ 54 KB
54 KB 214ms
211ms Stylesheet
text/css 185.176.40.222
ZETTA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.grandturf.net/plugins/rs-plugin/css/settings.css
Requested by: Host: www.grandturf.net
URL: https://www.grandturf.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.176.40.222 , Bulgaria, ASN44476 (ZETTA-AS, BG),
Reverse DNS
Software: Apache /
Resource Hash: 8bf737e01036d9d3bc2e752dd60074375fd11368ba1f94cda57a258ae6a323b2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.grandturf.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 17 Jul 2023 12:30:37 GMT
last-modified: Tue, 06 Jun 2023 01:07:06 GMT
server: Apache
accept-ranges: bytes
etag: "d939-5fd6ba34d3507"
content-length: 55609
content-type: text/css

GET
H2 200 owl.carousel.css
www.grandturf.net/plugins/owl-carousel/ 3 KB
3 KB 214ms
211ms Stylesheet
text/css 185.176.40.222
ZETTA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.grandturf.net/plugins/owl-carousel/owl.carousel.css
Requested by: Host: www.grandturf.net
URL: https://www.grandturf.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.176.40.222 , Bulgaria, ASN44476 (ZETTA-AS, BG),
Reverse DNS
Software: Apache /
Resource Hash: c64bb7423772cf882de13effd5a01bfe77864ac60c217fb020d9da4486ed5a75

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.grandturf.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 17 Jul 2023 12:30:37 GMT
last-modified: Tue, 06 Jun 2023 01:06:16 GMT
server: Apache
accept-ranges: bytes
etag: "c0b-5fd6ba04bfef4"
content-length: 3083
content-type: text/css

GET
H2 200 css
fonts.googleapis.com/ 13 KB
1 KB 157ms
56ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:400,600,600italic,400italic,700

Requested by

Host: www.grandturf.net
URL: https://www.grandturf.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

404fe0a28ada73f929d978604c6538721cf12331bedfc4a484875b5dd3d322e0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.grandturf.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 17 Jul 2023 12:30:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 17 Jul 2023 12:22:21 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 17 Jul 2023 12:30:38 GMT

GET
H2 200 css
fonts.googleapis.com/ 4 KB
711 B 174ms
73ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto+Slab:400,700

Requested by

Host: www.grandturf.net
URL: https://www.grandturf.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5b429ade88142a72a78e179b524632b1b5a72e6a2f0a497f134c176167e8e3e0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.grandturf.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 17 Jul 2023 12:30:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 17 Jul 2023 12:11:09 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 17 Jul 2023 12:30:38 GMT

GET
H2 200 style.css
www.grandturf.net/css/ 118 KB
118 KB 214ms
212ms Stylesheet
text/css 185.176.40.222
ZETTA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.grandturf.net/css/style.css
Requested by: Host: www.grandturf.net
URL: https://www.grandturf.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.176.40.222 , Bulgaria, ASN44476 (ZETTA-AS, BG),
Reverse DNS
Software: Apache /
Resource Hash: 56384af3fa259fc7fe398476fed8661e25a8ab8e06ac7c96ce565e381d0b90fd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.grandturf.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 17 Jul 2023 12:30:37 GMT
last-modified: Tue, 06 Jun 2023 01:07:26 GMT
server: Apache
accept-ranges: bytes
etag: "1d79f-5fd6ba47f4e00"
content-length: 120735
content-type: text/css

GET
H2 404 color-option2.css
www.grandturf.net/css/ 0
0 295ms
293ms Stylesheet
text/html 185.176.40.222
ZETTA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.grandturf.net/css/color-option2.css
Requested by: Host: www.grandturf.net
URL: https://www.grandturf.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.176.40.222 , Bulgaria, ASN44476 (ZETTA-AS, BG),
Reverse DNS
Software: Apache /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.grandturf.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 17 Jul 2023 12:30:38 GMT
server: Apache
content-length: 315
content-type: text/html; charset=iso-8859-1

GET
H2 200 logo.png
www.grandturf.net/img/ 128 KB
128 KB 346ms
339ms Image
image/png 185.176.40.222
ZETTA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.grandturf.net/img/logo.png
Requested by: Host: www.grandturf.net
URL: https://www.grandturf.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.176.40.222 , Bulgaria, ASN44476 (ZETTA-AS, BG),
Reverse DNS
Software: Apache /
Resource Hash: 4fe2a56a3392746e72d66169a9d5c2dc2a43814f015b53f2dbd3e05c0bb85a3e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.grandturf.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 17 Jul 2023 12:30:38 GMT
last-modified: Sat, 03 Jun 2023 06:11:22 GMT
server: Apache
accept-ranges: bytes
etag: "1ffe4-5fd3389ebe6eb"
content-length: 131044
content-type: image/png

GET
H2 200 membres.png
www.grandturf.net/img/ 53 KB
53 KB 345ms
339ms Image
image/png 185.176.40.222
ZETTA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.grandturf.net/img/membres.png
Requested by: Host: www.grandturf.net
URL: https://www.grandturf.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.176.40.222 , Bulgaria, ASN44476 (ZETTA-AS, BG),
Reverse DNS
Software: Apache /
Resource Hash: 8bbc480457940a3fdd6e4e71021056f947b3eea2b84a6686aba008c3a431e9cd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.grandturf.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 17 Jul 2023 12:30:38 GMT
last-modified: Sat, 03 Jun 2023 06:11:30 GMT
server: Apache
accept-ranges: bytes
etag: "d3a8-5fd338a67f55f"
content-length: 54184
content-type: image/png

GET
H2 200 slider_image_1.jpg
www.grandturf.net/img/home/slider/ 185 KB
185 KB 348ms
342ms Image
image/jpeg 185.176.40.222
ZETTA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.grandturf.net/img/home/slider/slider_image_1.jpg
Requested by: Host: www.grandturf.net
URL: https://www.grandturf.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.176.40.222 , Bulgaria, ASN44476 (ZETTA-AS, BG),
Reverse DNS
Software: Apache /
Resource Hash: 9fecbc2782fbfcd8dde271c8351a18cbbb38d216ce41293bcbcba317ac4ce5a8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.grandturf.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 17 Jul 2023 12:30:38 GMT
last-modified: Sat, 03 Jun 2023 06:14:50 GMT
server: Apache
accept-ranges: bytes
etag: "2e21d-5fd33965303d2"
content-length: 188957
content-type: image/jpeg

GET
H2 200 slider_image_2.jpg
www.grandturf.net/img/home/slider/ 172 KB
172 KB 346ms
340ms Image
image/jpeg 185.176.40.222
ZETTA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.grandturf.net/img/home/slider/slider_image_2.jpg
Requested by: Host: www.grandturf.net
URL: https://www.grandturf.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.176.40.222 , Bulgaria, ASN44476 (ZETTA-AS, BG),
Reverse DNS
Software: Apache /
Resource Hash: 751c09432383403a96eed0559d397ec896546a9ea75d8503fc1864af3379ff0c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.grandturf.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 17 Jul 2023 12:30:38 GMT
last-modified: Sat, 03 Jun 2023 06:14:53 GMT
server: Apache
accept-ranges: bytes
etag: "2b149-5fd339675f550"
content-length: 176457
content-type: image/jpeg

GET
H2 200 slider_image_3.jpg
www.grandturf.net/img/home/slider/ 201 KB
202 KB 346ms
340ms Image
image/jpeg 185.176.40.222
ZETTA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.grandturf.net/img/home/slider/slider_image_3.jpg
Requested by: Host: www.grandturf.net
URL: https://www.grandturf.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.176.40.222 , Bulgaria, ASN44476 (ZETTA-AS, BG),
Reverse DNS
Software: Apache /
Resource Hash: 30600877b16ce9344201b810c93dbafce6805b015e0db197df7bef6cbac030e0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.grandturf.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 17 Jul 2023 12:30:38 GMT
last-modified: Sat, 03 Jun 2023 06:14:54 GMT
server: Apache
accept-ranges: bytes
etag: "3255d-5fd33969404c8"
content-length: 206173
content-type: image/jpeg

GET
H2 200 slider_image_4.jpg
www.grandturf.net/img/home/slider/ 221 KB
222 KB 346ms
340ms Image
image/jpeg 185.176.40.222
ZETTA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.grandturf.net/img/home/slider/slider_image_4.jpg
Requested by: Host: www.grandturf.net
URL: https://www.grandturf.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.176.40.222 , Bulgaria, ASN44476 (ZETTA-AS, BG),
Reverse DNS
Software: Apache /
Resource Hash: d764a47f3253e810636677ffbb7657b000b5cb3e13358b3f18b51712d706c444

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.grandturf.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 17 Jul 2023 12:30:38 GMT
last-modified: Sat, 03 Jun 2023 06:15:10 GMT
server: Apache
accept-ranges: bytes
etag: "37588-5fd3397814c32"
content-length: 226696
content-type: image/jpeg

GET
H2 200 prev.png
www.grandturf.net/img/home/slider/ 318 B
389 B 347ms
341ms Image
image/png 185.176.40.222
ZETTA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.grandturf.net/img/home/slider/prev.png
Requested by: Host: www.grandturf.net
URL: https://www.grandturf.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.176.40.222 , Bulgaria, ASN44476 (ZETTA-AS, BG),
Reverse DNS
Software: Apache /
Resource Hash: e584e05707bfaeefdcaab16c32e9ad2e810e979e84eda8081f150c32e4e14a81

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.grandturf.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 17 Jul 2023 12:30:38 GMT
last-modified: Sat, 03 Jun 2023 06:14:48 GMT
server: Apache
accept-ranges: bytes
etag: "13e-5fd33962cde00"
content-length: 318
content-type: image/png

GET
H2 200 next.png
www.grandturf.net/img/home/slider/ 317 B
388 B 346ms
341ms Image
image/png 185.176.40.222
ZETTA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.grandturf.net/img/home/slider/next.png
Requested by: Host: www.grandturf.net
URL: https://www.grandturf.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.176.40.222 , Bulgaria, ASN44476 (ZETTA-AS, BG),
Reverse DNS
Software: Apache /
Resource Hash: 97fa4e008f0ef6cca41f8e68d3d6942a43e96a2b3769a47fb28bd5d2a1b22b80

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.grandturf.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 17 Jul 2023 12:30:38 GMT
last-modified: Sat, 03 Jun 2023 06:14:46 GMT
server: Apache
accept-ranges: bytes
etag: "13d-5fd33960ea778"
content-length: 317
content-type: image/png

GET
H2 200 plat.jpg
www.grandturf.net/img/ 38 KB
38 KB 347ms
341ms Image
image/jpeg 185.176.40.222
ZETTA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.grandturf.net/img/plat.jpg
Requested by: Host: www.grandturf.net
URL: https://www.grandturf.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.176.40.222 , Bulgaria, ASN44476 (ZETTA-AS, BG),
Reverse DNS
Software: Apache /
Resource Hash: 7159839ee5a3f86251db5cc4180f9c03b5f53bdf089adf64847abdae9a9f46d3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.grandturf.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 17 Jul 2023 12:30:38 GMT
last-modified: Sat, 03 Jun 2023 06:11:49 GMT
server: Apache
accept-ranges: bytes
etag: "999c-5fd338b82b5a5"
content-length: 39324
content-type: image/jpeg

GET
H2 200 attele.jpg
www.grandturf.net/img/ 57 KB
57 KB 346ms
341ms Image
image/jpeg 185.176.40.222
ZETTA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.grandturf.net/img/attele.jpg
Requested by: Host: www.grandturf.net
URL: https://www.grandturf.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.176.40.222 , Bulgaria, ASN44476 (ZETTA-AS, BG),
Reverse DNS
Software: Apache /
Resource Hash: 18ac7fa3a1d70cf4d007655bb62dba10ba11a91394550443499608ae8710524d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.grandturf.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 17 Jul 2023 12:30:38 GMT
last-modified: Sat, 03 Jun 2023 06:10:53 GMT
server: Apache
accept-ranges: bytes
etag: "e50f-5fd33883226b3"
content-length: 58639
content-type: image/jpeg

GET
H2 200 newyear.jpg
www.grandturf.net/img/ 573 KB
573 KB 352ms
347ms Image
image/jpeg 185.176.40.222
ZETTA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.grandturf.net/img/newyear.jpg
Requested by: Host: www.grandturf.net
URL: https://www.grandturf.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.176.40.222 , Bulgaria, ASN44476 (ZETTA-AS, BG),
Reverse DNS
Software: Apache /
Resource Hash: 16a59550e64102cf0759a1a8fad173710a7fd9116a87bba42c4baae7b2a365df

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.grandturf.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 17 Jul 2023 12:30:38 GMT
last-modified: Sat, 03 Jun 2023 06:11:44 GMT
server: Apache
accept-ranges: bytes
etag: "8f333-5fd338b33aadd"
content-length: 586547
content-type: image/jpeg

GET
H2 200 PANORAMIC_130475_0011.jpg
www.turf-fr.com/images/file_actus/ 50 KB
50 KB 317ms
106ms Image
image/jpeg 194.146.226.159
ASN-NERIM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.turf-fr.com/images/file_actus/PANORAMIC_130475_0011.jpg
Requested by: Host: www.grandturf.net
URL: https://www.grandturf.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 194.146.226.159 , France, ASN13193 (ASN-NERIM, FR),
Reverse DNS: turf-fr.com
Software: Apache/2.4.25 (Debian) /
Resource Hash: 45814f1905a66c9258f1bc70eb92be897e8835b46dee558691a54cb40064db94

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.grandturf.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 17 Jul 2023 12:30:38 GMT
last-modified: Fri, 14 Jul 2023 11:45:57 GMT
server: Apache/2.4.25 (Debian)
etag: "c633-60070fdf0bcb6"
content-type: image/jpeg
cache-control: max-age=604800, *
accept-ranges: bytes
content-length: 50739
expires: Wed, 16 Aug 2023 12:30:38 GMT

GET
H/1.1 200
OK selections_place_gagnant.jpg
www.canalturf.com/interface/operations/ 29 KB
30 KB 259ms
120ms Image
image/jpeg 185.103.141.178
HEXATOM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.canalturf.com/interface/operations/selections_place_gagnant.jpg

Requested by

Host: www.grandturf.net
URL: https://www.grandturf.net/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

185.103.141.178 , France, ASN51269 (HEXATOM, FR),

Reverse DNS

p178.x1.fr

Software

nginx/1.10.3 /

Resource Hash

1c9d28cd75f854886afe8de101404b9b8d0b5d52803910b57b6f24c8c03264e3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.grandturf.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Expires: Fri, 21 Jul 2023 10:12:19 GMT
Date: Mon, 17 Jul 2023 12:30:38 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Last-Modified: Mon, 19 Feb 2018 15:01:06 GMT
Server: nginx/1.10.3
ETag: "756e-56591f6a19080"
Content-Type: image/jpeg
Cache-Control: max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=2
Content-Length: 30062
X-Proxy-Cache: HIT

GET
H2 200 module_webmaster.php Show response
www.zone-turf.fr/module/ 19 KB
3 KB 263ms
133ms Script
application/x-javascript 18.66.97.18
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.zone-turf.fr/module/module_webmaster.php?e=partants&f=medium
Requested by: Host: www.grandturf.net
URL: https://www.grandturf.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-97-18.fra56.r.cloudfront.net
Software: Apache /
Resource Hash: 25242296b18a150c54cc6be8b9400ffe472da53d8d5a975f11f2c54a585b43d8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.grandturf.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 17 Jul 2023 12:30:38 GMT
via: 1.1 varnish, 1.1 4a502b22092e94faddf9a5b056e273ae.cloudfront.net (CloudFront)
content-encoding: gzip
x-amz-cf-pop: FRA56-P2
age: 0
x-cache: Miss from cloudfront
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
alt-svc: h3=":443"; ma=86400
pragma: cache
server: Apache
vary: Accept-Encoding
content-type: application/x-javascript
x-varnish: 2256136390
cache-control: max-age=60
x-amz-cf-id: MiQQKQmAjdrmxfx9gidkp5Jd0qNreSLBZD3yhSLsHcOdMl0eyfnCxQ==
expires: Mon, 17 Jul 2023 12:31:38 GMT

GET
H2 200 grandturf.jpg
www.grandturf.net/img/ 61 KB
61 KB 364ms
359ms Image
image/jpeg 185.176.40.222
ZETTA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.grandturf.net/img/grandturf.jpg
Requested by: Host: www.grandturf.net
URL: https://www.grandturf.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.176.40.222 , Bulgaria, ASN44476 (ZETTA-AS, BG),
Reverse DNS
Software: Apache /
Resource Hash: b193abbbbf9d9deb34b76472a6009d6a615321e6f1a9a8f750584c2663612231

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.grandturf.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 17 Jul 2023 12:30:38 GMT
last-modified: Sat, 03 Jun 2023 06:11:06 GMT
server: Apache
accept-ranges: bytes
etag: "f468-5fd3388f3a2f3"
content-length: 62568
content-type: image/jpeg

GET iframe_sponsor.eur
www.allosponsor.com/cgi-bin/ 0
0

GET
H2 200 v=18cn8NT2h5ULswvFmTmrAfl6FPlgU.dJRSJOHtu-G6I_GA7331V2&aff_var_1= Show response
www.gambling-affiliation.com/cpm/ 339 B
476 B 372ms
229ms Script
application/javascript 91.198.105.122
EURO-WEB-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gambling-affiliation.com/cpm/v=18cn8NT2h5ULswvFmTmrAfl6FPlgU.dJRSJOHtu-G6I_GA7331V2&aff_var_1=
Requested by: Host: www.grandturf.net
URL: https://www.grandturf.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 91.198.105.122 , France, ASN35393 (EURO-WEB-AS, FR),
Reverse DNS
Software: Apache/2.4.39 (Unix) PHP/5.6.40 / PHP/5.6.40
Resource Hash: 6c3eb1288b2e86b9eb3b6e4e8c55e7e5db5ce79f54e20749d96a07022492b9f7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.grandturf.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 17 Jul 2023 12:30:38 GMT
server: Apache/2.4.39 (Unix) PHP/5.6.40
x-powered-by: PHP/5.6.40
content-length: 339
content-type: application/javascript

GET
H2 200 v=n0AYZmWgb6GYPWJNRHC4YFbmIyDThI9muunAw7DWi3A_GA7331V2&aff_var_1= Show response
www.gambling-affiliation.com/cpm/ 339 B
477 B 323ms
181ms Script
application/javascript 91.198.105.122
EURO-WEB-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gambling-affiliation.com/cpm/v=n0AYZmWgb6GYPWJNRHC4YFbmIyDThI9muunAw7DWi3A_GA7331V2&aff_var_1=
Requested by: Host: www.grandturf.net
URL: https://www.grandturf.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 91.198.105.122 , France, ASN35393 (EURO-WEB-AS, FR),
Reverse DNS
Software: Apache/2.4.39 (Unix) PHP/5.6.40 / PHP/5.6.40
Resource Hash: 01975ad0a8a211800f8c0263e7f28f592fb4cbf904c204035d8331cc1dfd53ea

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.grandturf.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 17 Jul 2023 12:30:37 GMT
server: Apache/2.4.39 (Unix) PHP/5.6.40
x-powered-by: PHP/5.6.40
content-length: 339
content-type: application/javascript

GET
H2 200 paiement.png
www.grandturf.net/img/cart/ 191 KB
191 KB 411ms
406ms Image
image/png 185.176.40.222
ZETTA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.grandturf.net/img/cart/paiement.png
Requested by: Host: www.grandturf.net
URL: https://www.grandturf.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.176.40.222 , Bulgaria, ASN44476 (ZETTA-AS, BG),
Reverse DNS
Software: Apache /
Resource Hash: c2a18a74f4d3abcc47f7f7bd6b3c5914be3ded2a29e50ef428f4f619d4b48d14

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.grandturf.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 17 Jul 2023 12:30:38 GMT
last-modified: Sat, 03 Jun 2023 06:12:41 GMT
server: Apache
accept-ranges: bytes
etag: "2fa0c-5fd338e9eede2"
content-length: 195084
content-type: image/png

GET
H2 200 facebook.png
www.grandturf.net/img/news/ 315 KB
315 KB 411ms
406ms Image
image/png 185.176.40.222
ZETTA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.grandturf.net/img/news/facebook.png
Requested by: Host: www.grandturf.net
URL: https://www.grandturf.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.176.40.222 , Bulgaria, ASN44476 (ZETTA-AS, BG),
Reverse DNS
Software: Apache /
Resource Hash: 03b6dc57b5409764d2aa5520ff946a90da2a6b6c32b170f1f350b503cc4005ca

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.grandturf.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 17 Jul 2023 12:30:38 GMT
last-modified: Sat, 03 Jun 2023 06:14:11 GMT
server: Apache
accept-ranges: bytes
etag: "4eba7-5fd3393fd50ec"
content-length: 322471
content-type: image/png

GET
H2 200 arrivee.png
www.grandturf.net/img/ 50 KB
50 KB 415ms
411ms Image
image/png 185.176.40.222
ZETTA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.grandturf.net/img/arrivee.png
Requested by: Host: www.grandturf.net
URL: https://www.grandturf.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.176.40.222 , Bulgaria, ASN44476 (ZETTA-AS, BG),
Reverse DNS
Software: Apache /
Resource Hash: 85346c55407f0447836033dd6cb44d90accba7533ed1ab646e7c750c1b1bcc33

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.grandturf.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 17 Jul 2023 12:30:38 GMT
last-modified: Sat, 03 Jun 2023 06:10:52 GMT
server: Apache
accept-ranges: bytes
etag: "c905-5fd3388199582"
content-length: 51461
content-type: image/png

GET topliens.gif
www.rapidoweb.free.fr/images/ 0
0

GET
H2 200 banner.gif
img.root-top.com/topsite/classement_general/ 4 KB
5 KB 176ms
60ms Image
image/png 2606:4700:3038::6815:ea1b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.root-top.com/topsite/classement_general/banner.gif
Requested by: Host: www.grandturf.net
URL: https://www.grandturf.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3038::6815:ea1b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 597b8d67ab1ae1248dc69b6ef66b49d95eedc1ab74ae74234d86e3668d72e58e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.grandturf.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 17 Jul 2023 12:30:38 GMT
cf-cache-status: HIT
last-modified: Tue, 29 Nov 2022 12:52:50 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 821782
etag: "1229025579"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AJsOmrgY42YKjOwCS4a3KyVewnnX7mvElUmjxFjx3DaBeUXpqnQZuOBbCiu%2F%2FNRy6l03JtFv9DKWkEMqFtBc8YsNu7gMwKX5j4s7w2Y0adt%2B3O8Tv%2BZyT1yMT7Z1OdHx9pflTEeGwNLUJxG4SDXR"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 7e827f501c790892-LHR
alt-svc: h3=":443"; ma=86400
content-length: 4424

GET
H/1.1 200
OK best-fr-88x31.gif
www.best-fr.com/ 3 KB
3 KB 656ms
55ms Image
image/gif 46.105.249.221
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.best-fr.com/best-fr-88x31.gif
Requested by: Host: www.grandturf.net
URL: https://www.grandturf.net/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 46.105.249.221 Ivry-sur-Seine, France, ASN16276 (OVH, FR),
Reverse DNS: ip221.ip-46-105-249.eu
Software: Apache / PleskLin
Resource Hash: 6ba68603fc009fe9595202627c232d60bb24f8842d08013b0a1806447172ced3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.grandturf.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Mon, 17 Jul 2023 12:30:38 GMT
Last-Modified: Thu, 29 Aug 2013 23:30:05 GMT
Server: Apache
ETag: "a32-4e51e7c5b9940"
X-Powered-By: PleskLin
Content-Type: image/gif
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 2610

GET
H/1.1

200
OK

button2.gif
www.ajoutezvotresite.com/images/
Redirect Chain

https://www.ajoutezvotresite.com/button.php?u=grandturf
https://www.ajoutezvotresite.com/images/button2.gif

829 B
1 KB

55ms
55ms

Image
image/gif

54.37.56.116
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.ajoutezvotresite.com/images/button2.gif
Requested by: Host: www.grandturf.net
URL: https://www.grandturf.net/
Protocol: HTTP/1.1
Server: 54.37.56.116 , France, ASN16276 (OVH, FR),
Reverse DNS: ip116.ip-54-37-56.eu
Software: Apache / PleskLin
Resource Hash: 93f4f2e78870a1e1da1d5891afe1215857b0ba31124e06da83de52ac24f5eaa1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.grandturf.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Mon, 17 Jul 2023 12:30:38 GMT
Last-Modified: Mon, 01 May 2017 04:30:20 GMT
Server: Apache
ETag: "33d-54e6ee18c5872"
X-Powered-By: PleskLin
Content-Type: image/gif
Cache-Control: max-age=2592000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 829
Expires: Wed, 16 Aug 2023 12:30:38 GMT

Redirect headers

Date: Mon, 17 Jul 2023 12:30:38 GMT
Server: Apache
X-Powered-By: PHP/5.5.38, PleskLin
Content-Type: text/html
Location: https://www.ajoutezvotresite.com/images/button2.gif
Cache-Control: max-age=0
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
Content-Length: 0
Expires: Mon, 17 Jul 2023 12:30:38 GMT

GET
H/1.1

200
OK

button.gif
www.classement.pro/images/
Redirect Chain

https://www.classement.pro/button.php?u=grandturf&buttontype=static
https://www.classement.pro/images/button.gif

3 KB
3 KB

55ms
55ms

Image
image/gif

46.105.249.222
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.classement.pro/images/button.gif
Requested by: Host: www.grandturf.net
URL: https://www.grandturf.net/
Protocol: HTTP/1.1
Server: 46.105.249.222 Ivry-sur-Seine, France, ASN16276 (OVH, FR),
Reverse DNS: ip222.ip-46-105-249.eu
Software: Apache / PleskLin
Resource Hash: c7b51b192c60e9a6a8b9187ef89ac37f6ab24ab65719f552f93e133421eab391

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.grandturf.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Mon, 17 Jul 2023 12:30:38 GMT
Last-Modified: Thu, 29 Aug 2013 23:48:42 GMT
Server: Apache
X-Powered-By: PleskLin
Content-Type: image/gif
Cache-Control: max-age=2592000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 2703
Expires: Wed, 16 Aug 2023 12:30:38 GMT

Redirect headers

Date: Mon, 17 Jul 2023 12:30:38 GMT
Server: Apache
X-Powered-By: PHP/5.6.40, PleskLin
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
Location: https://www.classement.pro/images/button.gif
Cache-Control: max-age=0
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
Expires: Mon, 17 Jul 2023 12:30:38 GMT

GET
H2 200 logo.gif
www.turfsur.com/img/ 11 KB
11 KB 299ms
83ms Image
image/gif 193.37.145.64
LWS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.turfsur.com/img/logo.gif
Requested by: Host: www.grandturf.net
URL: https://www.grandturf.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 193.37.145.64 , France, ASN210403 (LWS, FR),
Reverse DNS
Software: /
Resource Hash: 9bd0c1e96f9d3b63b53ba8c355ada916479d8815034cab0aad1540c3c602d896

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.grandturf.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 17 Jul 2023 12:30:38 GMT
last-modified: Thu, 25 May 2023 06:20:01 GMT
x-cache-key: https://www.turfsur.com/img/logo.gif
etag: "2cb9-5fc7e9c416567"
x-cache-status: BYPASS
content-type: image/gif
accept-ranges: bytes
content-length: 11449

GET
H2 200 gagnant-au-pmu_90_60.gif
gagnant-au-pmu.com/web_images/ 6 KB
6 KB 254ms
68ms Image
image/gif 2a00:7ee0:1:0:3:102:0:275
ADISTA-SAS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gagnant-au-pmu.com/web_images/gagnant-au-pmu_90_60.gif
Requested by: Host: www.grandturf.net
URL: https://www.grandturf.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a00:7ee0:1:0:3:102:0:275 , France, ASN16347 (ADISTA-SAS, FR),
Reverse DNS
Software: /
Resource Hash: 4879622d871597f08abd7431c087f31eadf30ed7a1c5f10ed6b7dfc1faea4fa4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.grandturf.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 17 Jul 2023 12:30:38 GMT
last-modified: Sat, 10 Nov 2012 14:30:48 GMT
x-cache-key: https://gagnant-au-pmu.com/web_images/gagnant-au-pmu_90_60.gif
etag: "1871-4ce24ea117600"
x-cache-status: BYPASS
vary: Host
content-type: image/gif
accept-ranges: bytes
content-length: 6257

GET
H/1.1

200
OK

plogo-gralon.gif
logo.gralon.net/
Redirect Chain

https://logo.gralon.net/plogo-gralon-201464.gif
https://logo.gralon.net/plogo-gralon.gif

8 KB
8 KB

54ms
54ms

Image
image/gif

2001:41d0:1008:1b95::1
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://logo.gralon.net/plogo-gralon.gif
Requested by: Host: www.grandturf.net
URL: https://www.grandturf.net/
Protocol: HTTP/1.1
Server: 2001:41d0:1008:1b95::1 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: Apache /
Resource Hash: 8eb3393fdefbb4858cfd08a16826e254db919dd0b4778e72f5bb05b329212319

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.grandturf.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Mon, 17 Jul 2023 12:30:38 GMT
Last-Modified: Thu, 02 Jun 2016 19:25:14 GMT
Server: Apache
ETag: "1e17-5345090c3a20c"
Content-Type: image/gif
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 7703

Redirect headers

Date: Mon, 17 Jul 2023 12:30:38 GMT
Server: Apache
Vary: User-Agent
Content-Type: text/html; charset=UTF-8
Location: https://logo.gralon.net/plogo-gralon.gif
Cache-control: public, no-cache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
Content-Length: 1

GET
H2 200 logo1.gif
cplemaire.net/lien/ 1 MB
1 MB 1037ms
168ms Image
image/gif 173.225.100.28
IS-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cplemaire.net/lien/logo1.gif
Requested by: Host: www.grandturf.net
URL: https://www.grandturf.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 173.225.100.28 , United States, ASN19318 (IS-AS-1, US),
Reverse DNS
Software: LiteSpeed /
Resource Hash: c1d0750b8b8eb37d85e4426f4c03be533467406d3f1deaf9b2fe0e2f38c2f770

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.grandturf.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 17 Jul 2023 12:30:39 GMT
last-modified: Wed, 06 Jan 2021 22:45:30 GMT
server: LiteSpeed
content-type: image/gif
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 1412202
expires: Mon, 24 Jul 2023 12:30:39 GMT

GET
H/1.1 404
Not Found logo_cdn_200.jpg
www.choixdunet.fr/media/image/ 0
0 427ms
115ms Image
text/html 91.121.110.88
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.choixdunet.fr/media/image/logo_cdn_200.jpg
Requested by: Host: www.grandturf.net
URL: https://www.grandturf.net/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 91.121.110.88 , France, ASN16276 (OVH, FR),
Reverse DNS: smtp.polydev.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.grandturf.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

GET
H2 200 cheval2000.gif
www.cheval2000.com/ 10 KB
10 KB 232ms
60ms Image
image/gif 51.91.236.193
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.cheval2000.com/cheval2000.gif
Requested by: Host: www.grandturf.net
URL: https://www.grandturf.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 51.91.236.193 , France, ASN16276 (OVH, FR),
Reverse DNS: cluster028.hosting.ovh.net
Software: Apache /
Resource Hash: 97a28ae68cc81fb5c061a3e15e3311aaa39ddbbc7e3289fbf35a2c8bcd29870b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.grandturf.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 17 Jul 2023 12:30:38 GMT
last-modified: Tue, 22 Jun 2021 15:47:25 GMT
server: Apache
content-type: image/gif
cache-control: max-age=900
accept-ranges: bytes
content-length: 9876
expires: Mon, 17 Jul 2023 12:45:38 GMT

GET
H2

200

banniere_88.31.gif
meilleurduweb.com/images/pub/
Redirect Chain

https://www.meilleurduweb.com/images/pub/banniere_88.31.gif
https://meilleurduweb.com/images/pub/banniere_88.31.gif

3 KB
3 KB

57ms
56ms

Image
image/gif

213.186.33.2
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://meilleurduweb.com/images/pub/banniere_88.31.gif
Requested by: Host: www.grandturf.net
URL: https://www.grandturf.net/
Protocol: H2
Server: 213.186.33.2 , France, ASN16276 (OVH, FR),
Reverse DNS: cluster002.ovh.net
Software: Apache /
Resource Hash: a1c21ce15fa88bb9908e133f0698132c766caeec2c4dda4ca7c0adf09f933e9a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.grandturf.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 17 Jul 2023 12:30:38 GMT
last-modified: Thu, 08 Dec 2011 20:02:53 GMT
server: Apache
content-type: image/gif
cache-control: max-age=900
accept-ranges: bytes
content-length: 2735
expires: Mon, 17 Jul 2023 12:45:38 GMT

Redirect headers

location: https://meilleurduweb.com/images/pub/banniere_88.31.gif
date: Mon, 17 Jul 2023 12:30:38 GMT
server: Apache
content-length: 263
content-type: text/html; charset=iso-8859-1

GET
H2 200 jquery-1.11.1.min.js Show response
www.grandturf.net/plugins/jquery/ 94 KB
94 KB 277ms
268ms Script
application/x-javascript 185.176.40.222
ZETTA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.grandturf.net/plugins/jquery/jquery-1.11.1.min.js
Requested by: Host: www.grandturf.net
URL: https://www.grandturf.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.176.40.222 , Bulgaria, ASN44476 (ZETTA-AS, BG),
Reverse DNS
Software: Apache /
Resource Hash: 24262baafef17092927c3dafe764aaa52a2a371b83ed2249cca7e414df99fac1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.grandturf.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 17 Jul 2023 12:30:38 GMT
last-modified: Tue, 06 Jun 2023 01:06:16 GMT
server: Apache
accept-ranges: bytes
etag: "17629-5fd6ba04aed83"
content-length: 95785
content-type: application/x-javascript

GET
H2 200 bootstrap.min.js Show response
www.grandturf.net/plugins/bootstrap/js/ 36 KB
36 KB 290ms
281ms Script
application/x-javascript 185.176.40.222
ZETTA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.grandturf.net/plugins/bootstrap/js/bootstrap.min.js
Requested by: Host: www.grandturf.net
URL: https://www.grandturf.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.176.40.222 , Bulgaria, ASN44476 (ZETTA-AS, BG),
Reverse DNS
Software: Apache /
Resource Hash: 53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.grandturf.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 17 Jul 2023 12:30:38 GMT
last-modified: Tue, 06 Jun 2023 01:06:38 GMT
server: Apache
accept-ranges: bytes
etag: "90b5-5fd6ba1a54f31"
content-length: 37045
content-type: application/x-javascript

GET
H2 200 jquery.flexslider.js Show response
www.grandturf.net/plugins/flexslider/ 31 KB
31 KB 289ms
281ms Script
application/x-javascript 185.176.40.222
ZETTA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.grandturf.net/plugins/flexslider/jquery.flexslider.js
Requested by: Host: www.grandturf.net
URL: https://www.grandturf.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.176.40.222 , Bulgaria, ASN44476 (ZETTA-AS, BG),
Reverse DNS
Software: Apache /
Resource Hash: b18b6fdefec474ff891e9244d50d189eeb40fcaad7720ec6953f51b407ed5a7f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.grandturf.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 17 Jul 2023 12:30:38 GMT
last-modified: Tue, 06 Jun 2023 01:06:13 GMT
server: Apache
accept-ranges: bytes
etag: "7afa-5fd6ba020f71b"
content-length: 31482
content-type: application/x-javascript

GET
H2 200 jquery.themepunch.tools.min.js Show response
www.grandturf.net/plugins/rs-plugin/js/ 96 KB
96 KB 291ms
282ms Script
application/x-javascript 185.176.40.222
ZETTA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.grandturf.net/plugins/rs-plugin/js/jquery.themepunch.tools.min.js
Requested by: Host: www.grandturf.net
URL: https://www.grandturf.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.176.40.222 , Bulgaria, ASN44476 (ZETTA-AS, BG),
Reverse DNS
Software: Apache /
Resource Hash: bf47bc03c1c1ff93c041eb5a34e4c9471e4e64e0e0c672599f996fc7a972b119

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.grandturf.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 17 Jul 2023 12:30:38 GMT
last-modified: Tue, 06 Jun 2023 01:07:11 GMT
server: Apache
accept-ranges: bytes
etag: "180cf-5fd6ba3900ac0"
content-length: 98511
content-type: application/x-javascript

GET
H2 200 jquery.themepunch.revolution.min.js Show response
www.grandturf.net/plugins/rs-plugin/js/ 110 KB
111 KB 291ms
282ms Script
application/x-javascript 185.176.40.222
ZETTA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.grandturf.net/plugins/rs-plugin/js/jquery.themepunch.revolution.min.js
Requested by: Host: www.grandturf.net
URL: https://www.grandturf.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.176.40.222 , Bulgaria, ASN44476 (ZETTA-AS, BG),
Reverse DNS
Software: Apache /
Resource Hash: 770f981d80f084f2d2271a8c751756449a11b5ccae8525459f6cb1d37ab89453

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.grandturf.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 17 Jul 2023 12:30:38 GMT
last-modified: Tue, 06 Jun 2023 01:07:10 GMT
server: Apache
accept-ranges: bytes
etag: "1b9f2-5fd6ba38f205f"
content-length: 113138
content-type: application/x-javascript

GET
H2 200 jquery.selectbox-0.1.3.min.js Show response
www.grandturf.net/plugins/selectbox/ 7 KB
7 KB 347ms
339ms Script
application/x-javascript 185.176.40.222
ZETTA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.grandturf.net/plugins/selectbox/jquery.selectbox-0.1.3.min.js
Requested by: Host: www.grandturf.net
URL: https://www.grandturf.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.176.40.222 , Bulgaria, ASN44476 (ZETTA-AS, BG),
Reverse DNS
Software: Apache /
Resource Hash: 31b4235e4b23d8f123fdfaaab04eeb50c383b2accefca3dcc37d94accbdc4851

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.grandturf.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 17 Jul 2023 12:30:38 GMT
last-modified: Tue, 06 Jun 2023 01:06:24 GMT
server: Apache
accept-ranges: bytes
etag: "1baa-5fd6ba0cffcb5"
content-length: 7082
content-type: application/x-javascript

GET
H2 200 jquery.magnific-popup.js Show response
www.grandturf.net/plugins/pop-up/ 28 KB
28 KB 343ms
335ms Script
application/x-javascript 185.176.40.222
ZETTA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.grandturf.net/plugins/pop-up/jquery.magnific-popup.js
Requested by: Host: www.grandturf.net
URL: https://www.grandturf.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.176.40.222 , Bulgaria, ASN44476 (ZETTA-AS, BG),
Reverse DNS
Software: Apache /
Resource Hash: 2b5c6fefbc9cf825ebc533e5debfff5fb482c831e783d79198f1c1b6946fcce2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.grandturf.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 17 Jul 2023 12:30:38 GMT
last-modified: Tue, 06 Jun 2023 01:06:19 GMT
server: Apache
accept-ranges: bytes
etag: "6e83-5fd6ba07cac25"
content-length: 28291
content-type: application/x-javascript

GET
H2 200 waypoints.min.js Show response
www.grandturf.net/plugins/animation/ 9 KB
9 KB 344ms
336ms Script
application/x-javascript 185.176.40.222
ZETTA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.grandturf.net/plugins/animation/waypoints.min.js
Requested by: Host: www.grandturf.net
URL: https://www.grandturf.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.176.40.222 , Bulgaria, ASN44476 (ZETTA-AS, BG),
Reverse DNS
Software: Apache /
Resource Hash: 368daab67b1a5b2b2802edbbac79a2aa4ba992a2ebf9c67b98ad784d8004018c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.grandturf.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 17 Jul 2023 12:30:38 GMT
last-modified: Tue, 06 Jun 2023 01:06:06 GMT
server: Apache
accept-ranges: bytes
etag: "2344-5fd6b9fb75f4e"
content-length: 9028
content-type: application/x-javascript

GET
H2 200 jquery.counterup.js Show response
www.grandturf.net/plugins/count-up/ 1 KB
1 KB 344ms
337ms Script
application/x-javascript 185.176.40.222
ZETTA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.grandturf.net/plugins/count-up/jquery.counterup.js
Requested by: Host: www.grandturf.net
URL: https://www.grandturf.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.176.40.222 , Bulgaria, ASN44476 (ZETTA-AS, BG),
Reverse DNS
Software: Apache /
Resource Hash: 270e89af63a8fce509f53cb845165c2d2be251024d1cce7fa05f709081b12664

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.grandturf.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 17 Jul 2023 12:30:38 GMT
last-modified: Tue, 06 Jun 2023 01:06:12 GMT
server: Apache
accept-ranges: bytes
etag: "587-5fd6ba00f1cb3"
content-length: 1415
content-type: application/x-javascript

GET
H2 200 wow.min.js Show response
www.grandturf.net/plugins/animation/ 8 KB
8 KB 344ms
336ms Script
application/x-javascript 185.176.40.222
ZETTA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.grandturf.net/plugins/animation/wow.min.js
Requested by: Host: www.grandturf.net
URL: https://www.grandturf.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.176.40.222 , Bulgaria, ASN44476 (ZETTA-AS, BG),
Reverse DNS
Software: Apache /
Resource Hash: 0ec632e6ab02d4fdd514da7f5edc74aa28c9d4c71af76f1c8b93a1fba85bcc69

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.grandturf.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 17 Jul 2023 12:30:38 GMT
last-modified: Tue, 06 Jun 2023 01:06:07 GMT
server: Apache
accept-ranges: bytes
etag: "20df-5fd6b9fc2f81e"
content-length: 8415
content-type: application/x-javascript

GET
H2 200 moment.min.js Show response
www.grandturf.net/plugins/animation/ 50 KB
50 KB 344ms
337ms Script
application/x-javascript 185.176.40.222
ZETTA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.grandturf.net/plugins/animation/moment.min.js
Requested by: Host: www.grandturf.net
URL: https://www.grandturf.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.176.40.222 , Bulgaria, ASN44476 (ZETTA-AS, BG),
Reverse DNS
Software: Apache /
Resource Hash: d618d4869738e0dc22360f0ec0cbb6433257843f24723fac240dda0906685238

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.grandturf.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 17 Jul 2023 12:30:38 GMT
last-modified: Tue, 06 Jun 2023 01:06:06 GMT
server: Apache
accept-ranges: bytes
etag: "c909-5fd6b9fba93a2"
content-length: 51465
content-type: application/x-javascript

GET
H2 200 fullcalendar.min.js Show response
www.grandturf.net/plugins/calender/ 137 KB
138 KB 345ms
337ms Script
application/x-javascript 185.176.40.222
ZETTA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.grandturf.net/plugins/calender/fullcalendar.min.js
Requested by: Host: www.grandturf.net
URL: https://www.grandturf.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.176.40.222 , Bulgaria, ASN44476 (ZETTA-AS, BG),
Reverse DNS
Software: Apache /
Resource Hash: 29fbac2ca97b945e65273877fa183aca2344ea2d0d00557cb8d896ad59fbf6ee

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.grandturf.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 17 Jul 2023 12:30:38 GMT
last-modified: Tue, 06 Jun 2023 01:06:10 GMT
server: Apache
accept-ranges: bytes
etag: "225c9-5fd6b9fee4e17"
content-length: 140745
content-type: application/x-javascript

GET
H2 200 owl.carousel.js Show response
www.grandturf.net/plugins/owl-carousel/ 48 KB
48 KB 345ms
338ms Script
application/x-javascript 185.176.40.222
ZETTA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.grandturf.net/plugins/owl-carousel/owl.carousel.js
Requested by: Host: www.grandturf.net
URL: https://www.grandturf.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.176.40.222 , Bulgaria, ASN44476 (ZETTA-AS, BG),
Reverse DNS
Software: Apache /
Resource Hash: 6dd89d351610fc9576fc7347a3748e4af9733c1b980512391a71909aec075c32

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.grandturf.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 17 Jul 2023 12:30:38 GMT
last-modified: Tue, 06 Jun 2023 01:06:17 GMT
server: Apache
accept-ranges: bytes
etag: "bf08-5fd6ba05e759d"
content-length: 48904
content-type: application/x-javascript

GET
H2 200 jquery.syotimer.js Show response
www.grandturf.net/plugins/timer/ 4 KB
4 KB 345ms
338ms Script
application/x-javascript 185.176.40.222
ZETTA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.grandturf.net/plugins/timer/jquery.syotimer.js
Requested by: Host: www.grandturf.net
URL: https://www.grandturf.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.176.40.222 , Bulgaria, ASN44476 (ZETTA-AS, BG),
Reverse DNS
Software: Apache /
Resource Hash: 40f230de2ab6aaeb1c0af22b30a4c6036ccd8dae7363ac58908993fb9b74d39f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.grandturf.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 17 Jul 2023 12:30:38 GMT
last-modified: Tue, 06 Jun 2023 01:06:29 GMT
server: Apache
accept-ranges: bytes
etag: "10ee-5fd6ba11a9aa8"
content-length: 4334
content-type: application/x-javascript

GET
H2 200 SmoothScroll.js Show response
www.grandturf.net/plugins/smoothscroll/ 11 KB
11 KB 345ms
338ms Script
application/x-javascript 185.176.40.222
ZETTA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.grandturf.net/plugins/smoothscroll/SmoothScroll.js
Requested by: Host: www.grandturf.net
URL: https://www.grandturf.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.176.40.222 , Bulgaria, ASN44476 (ZETTA-AS, BG),
Reverse DNS
Software: Apache /
Resource Hash: a36be1d1a71228a22884834595ab431e10c1384b4cdbbf600c45c76c0289e151

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.grandturf.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 17 Jul 2023 12:30:38 GMT
last-modified: Tue, 06 Jun 2023 01:06:29 GMT
server: Apache
accept-ranges: bytes
etag: "2b9b-5fd6ba1171834"
content-length: 11163
content-type: application/x-javascript

GET
H2 200 custom.js Show response
www.grandturf.net/js/ 8 KB
8 KB 346ms
339ms Script
application/x-javascript 185.176.40.222
ZETTA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.grandturf.net/js/custom.js
Requested by: Host: www.grandturf.net
URL: https://www.grandturf.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.176.40.222 , Bulgaria, ASN44476 (ZETTA-AS, BG),
Reverse DNS
Software: Apache /
Resource Hash: cbfbb0f0416e4a3c39f84f96a6423fe59d94baf83530dc6ab202d535de5c9564

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.grandturf.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 17 Jul 2023 12:30:38 GMT
last-modified: Tue, 06 Jun 2023 01:07:25 GMT
server: Apache
accept-ranges: bytes
etag: "1e5c-5fd6ba467ce40"
content-length: 7772
content-type: application/x-javascript

GET
H2 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307110102/ 356 KB
123 KB 214ms
115ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307110102/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6404002326578074&plah=www.grandturf.net

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6404002326578074

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5a3218e68d2157c0812d1bbe9b0323bd8c08c567441e58098aad4685baefb7b5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.grandturf.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 17 Jul 2023 12:30:38 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 125349
x-xss-protection: 0
server: cafe
etag: 10044014819924466129
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 17 Jul 2023 12:30:38 GMT

GET
H2 200 fontawesome-webfont3e6e.woff2
www.grandturf.net/plugins/font-awesome/fonts/ 75 KB
75 KB 186ms
185ms Font
application/octet-stream 185.176.40.222
ZETTA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.grandturf.net/plugins/font-awesome/fonts/fontawesome-webfont3e6e.woff2?v=4.7.0
Requested by: Host: www.grandturf.net
URL: https://www.grandturf.net/plugins/font-awesome/css/font-awesome.min.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.176.40.222 , Bulgaria, ASN44476 (ZETTA-AS, BG),
Reverse DNS
Software: Apache /
Resource Hash: 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Referer: https://www.grandturf.net/plugins/font-awesome/css/font-awesome.min.css
Origin: https://www.grandturf.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 17 Jul 2023 12:30:38 GMT
last-modified: Tue, 06 Jun 2023 01:06:49 GMT
server: Apache
accept-ranges: bytes
etag: "12d68-5fd6ba24c1760"
content-length: 77160

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230711/r20190131/ Frame F25E 10 KB
5 KB 151ms
46ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230711/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6404002326578074

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18e7a53e3b3abd7ac0242719f7f62cb56b8efe7065091585b8ad22cbc2b8c41c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.grandturf.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 6857
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4544
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 17 Jul 2023 10:36:21 GMT
etag: 12368291122986407432
expires: Mon, 31 Jul 2023 10:36:21 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
349 B 143ms
79ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_exclusion_zone&typ=noex&cor=919716955901187&num=0&dvc=0&eid=44759842%2C44759927%2C44759876%2C31075849%2C31076011%2C44788441

Requested by

Host: www.grandturf.net
URL: https://www.grandturf.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.grandturf.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 Jul 2023 12:30:38 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 fm-morin-52447.gif
www.zone-turf.fr/media/picture/casaque/ 2 KB
3 KB 65ms
52ms Image
image/gif 18.66.97.18
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.zone-turf.fr/media/picture/casaque/fm-morin-52447.gif
Requested by: Host: www.grandturf.net
URL: https://www.grandturf.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-97-18.fra56.r.cloudfront.net
Software: Apache /
Resource Hash: ec159e0fe7edb7af30169b929c9c9302707beb70463ac14d7d806bdc58585066

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.grandturf.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 17 Jul 2023 12:25:28 GMT
via: 1.1 varnish, 1.1 4a502b22092e94faddf9a5b056e273ae.cloudfront.net (CloudFront)
x-backend: default
x-amz-cf-pop: FRA56-P2
age: 4249
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 2227
last-modified: Sun, 16 Jul 2023 21:50:39 GMT
server: Apache
etag: "9d2d1354-8b3-600a1ac418666"
content-type: image/gif
x-varnish: 3035954840 3035529328
cache-control: max-age=259200
accept-ranges: bytes
x-amz-cf-id: nwy3Bbp36oMs80HoE9jValJEldjCmCrTTdJUBrhyEUsagJaOr_VuBA==
expires: Thu, 20 Jul 2023 11:19:50 GMT

GET
H2 200 ec-pierre-levesque-23196.gif
www.zone-turf.fr/media/picture/casaque/ 2 KB
3 KB 65ms
51ms Image
image/gif 18.66.97.18
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.zone-turf.fr/media/picture/casaque/ec-pierre-levesque-23196.gif
Requested by: Host: www.grandturf.net
URL: https://www.grandturf.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-97-18.fra56.r.cloudfront.net
Software: Apache /
Resource Hash: b96a472a5b9f0564ae6910712794a463bb6d4b88b37270f084d0f3b80fd0dd81

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.grandturf.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 17 Jul 2023 11:42:22 GMT
via: 1.1 varnish, 1.1 4a502b22092e94faddf9a5b056e273ae.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
age: 63457
x-cache: Hit from cloudfront
x-cache-hist: 99
alt-svc: h3=":443"; ma=86400
content-length: 2307
last-modified: Sun, 16 Jul 2023 14:50:42 GMT
server: Apache
etag: "9d21dcec-903-6009bce5ebf6e"
content-type: image/gif
x-varnish: 2255818079 2253147645
cache-control: max-age=259200
accept-ranges: bytes
x-amz-cf-id: L1w738tJ8y-ZQ4HEZv_N57yZOq7Fz0X73cnBSp1HMVnxSU4TE4P-pg==
expires: Wed, 19 Jul 2023 18:53:01 GMT

GET
H2 200 ec-comte-p-de-montesson-45048.gif
www.zone-turf.fr/media/picture/casaque/ 2 KB
3 KB 67ms
53ms Image
image/gif 18.66.97.18
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.zone-turf.fr/media/picture/casaque/ec-comte-p-de-montesson-45048.gif
Requested by: Host: www.grandturf.net
URL: https://www.grandturf.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-97-18.fra56.r.cloudfront.net
Software: Apache /
Resource Hash: 0f1eb94c66f8d3f865ffb420e463dbe23de46daa480e2313ca284e42a5cf7054

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.grandturf.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 17 Jul 2023 12:04:30 GMT
via: 1.1 varnish, 1.1 4a502b22092e94faddf9a5b056e273ae.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
age: 239350
x-cache: Hit from cloudfront
x-cache-hist: 198
alt-svc: h3=":443"; ma=86400
content-length: 2185
last-modified: Thu, 13 Jul 2023 21:48:41 GMT
server: Apache
etag: "9d23e813-889-600654ba7930f"
vary: Accept-Encoding
x-varnish: 2254357802 2241196439
content-type: image/gif
cache-control: max-age=259200
accept-ranges: bytes
x-amz-cf-id: H_1JoFpUyDQqt1pfZq8BDYcPEATWfMguaJVtRdcQjLsiadlj6LJv_g==
expires: Mon, 17 Jul 2023 18:01:28 GMT

GET
H2 200 ec-du-haras-du-haras-d-erable-1678.gif
www.zone-turf.fr/media/picture/casaque/ 2 KB
3 KB 66ms
52ms Image
image/gif 18.66.97.18
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.zone-turf.fr/media/picture/casaque/ec-du-haras-du-haras-d-erable-1678.gif
Requested by: Host: www.grandturf.net
URL: https://www.grandturf.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-97-18.fra56.r.cloudfront.net
Software: Apache /
Resource Hash: 7854853821360fe40e77cfa2f4ad1b210ef81b81914f4a9e8a75bfe407d7ba5b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.grandturf.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 17 Jul 2023 11:35:21 GMT
via: 1.1 varnish, 1.1 4a502b22092e94faddf9a5b056e273ae.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
age: 54329
x-cache: Hit from cloudfront
x-cache-hist: 72
alt-svc: h3=":443"; ma=86400
content-length: 2486
last-modified: Sun, 16 Jul 2023 14:50:43 GMT
server: Apache
etag: "9d3f2346-9b6-6009bce6823a7"
content-type: image/gif
x-varnish: 2255783090 2253515579
cache-control: max-age=259200
accept-ranges: bytes
x-amz-cf-id: KPTyOU0ZUguUBAAoBNlRZhnwkxXEOEWUkkVA8lq66nn9BrzfICrfXg==
expires: Wed, 19 Jul 2023 21:25:09 GMT

GET
H2 200 ec-victo-339424.gif
www.zone-turf.fr/media/picture/casaque/ 1 KB
2 KB 66ms
52ms Image
image/gif 18.66.97.18
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.zone-turf.fr/media/picture/casaque/ec-victo-339424.gif
Requested by: Host: www.grandturf.net
URL: https://www.grandturf.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-97-18.fra56.r.cloudfront.net
Software: Apache /
Resource Hash: ab7a06cdce34d5913c5b3db7a1570e87f6b59ec8fd29780e06ec8f6bc45a3055

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.grandturf.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 17 Jul 2023 11:35:52 GMT
via: 1.1 varnish, 1.1 4a502b22092e94faddf9a5b056e273ae.cloudfront.net (CloudFront)
x-backend: default
x-amz-cf-pop: FRA56-P2
age: 136370
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 1506
last-modified: Sat, 15 Jul 2023 22:02:25 GMT
server: Apache
etag: "9d67f885-5e2-6008db8735ecb"
vary: Accept-Encoding
x-varnish: 3034961367 3028533103
content-type: image/gif
cache-control: max-age=259200
accept-ranges: bytes
x-amz-cf-id: i-HZS9nUpCw84x-cZROYuao6g4xfjvddNB8SsCaQsX19LHM5MJGFXg==
expires: Tue, 18 Jul 2023 22:37:48 GMT

GET
H2 200 ec-jean-paul-marmion-68.gif
www.zone-turf.fr/media/picture/casaque/ 2 KB
3 KB 73ms
59ms Image
image/gif 18.66.97.18
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.zone-turf.fr/media/picture/casaque/ec-jean-paul-marmion-68.gif
Requested by: Host: www.grandturf.net
URL: https://www.grandturf.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-97-18.fra56.r.cloudfront.net
Software: Apache /
Resource Hash: 421f1dd0dccf088fdba166a7d41b1d11b71074389b7a5ffc329c6f438a7321d1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.grandturf.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 17 Jul 2023 12:15:43 GMT
via: 1.1 varnish, 1.1 4a502b22092e94faddf9a5b056e273ae.cloudfront.net (CloudFront)
x-backend: default
x-amz-cf-pop: FRA56-P2
age: 60098
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 2356
last-modified: Sun, 16 Jul 2023 14:50:43 GMT
server: Apache
etag: "9d2c2be4-934-6009bce6ff39a"
x-varnish: 3035500430 3033144865
content-type: image/gif
cache-control: max-age=259200
accept-ranges: bytes
x-amz-cf-id: QgR0v_HUM-U44EBhRF3928LwiQ9wxc3EUDhAoNxpnnsF-Qk6UArTvg==
expires: Wed, 19 Jul 2023 19:49:00 GMT

GET
H2 200 ec-des-contrelles-570162.gif
www.zone-turf.fr/media/picture/casaque/ 2 KB
3 KB 67ms
53ms Image
image/gif 18.66.97.18
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.zone-turf.fr/media/picture/casaque/ec-des-contrelles-570162.gif
Requested by: Host: www.grandturf.net
URL: https://www.grandturf.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-97-18.fra56.r.cloudfront.net
Software: Apache /
Resource Hash: 9bd0ba76a6a64e852bd112aed04e200cb292cf92167b4ce097ae3bfe0e4d9a0e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.grandturf.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 17 Jul 2023 11:42:32 GMT
via: 1.1 varnish, 1.1 4a502b22092e94faddf9a5b056e273ae.cloudfront.net (CloudFront)
x-backend: default
x-amz-cf-pop: FRA56-P2
age: 79671
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 2439
last-modified: Sat, 15 Jul 2023 22:02:25 GMT
server: Apache
etag: "9db7927f-987-6008db87961d7"
vary: Accept-Encoding
x-varnish: 3034736443 3031670845
content-type: image/gif
cache-control: max-age=259200
accept-ranges: bytes
x-amz-cf-id: cZQ2iWsD1L3j2V42OBw9sxewv2Ks-8eAhj2bsDGF0-7EldfzgRcbyw==
expires: Wed, 19 Jul 2023 14:22:47 GMT

GET
H2 200 d-bethouart-3726.gif
www.zone-turf.fr/media/picture/casaque/ 2 KB
3 KB 70ms
57ms Image
image/gif 18.66.97.18
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.zone-turf.fr/media/picture/casaque/d-bethouart-3726.gif
Requested by: Host: www.grandturf.net
URL: https://www.grandturf.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-97-18.fra56.r.cloudfront.net
Software: Apache /
Resource Hash: cf79ca07357134736bcd7e7d5182eaa509577ff4fea70d1b6fe0c418384f54bd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.grandturf.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 17 Jul 2023 12:04:30 GMT
via: 1.1 varnish, 1.1 4a502b22092e94faddf9a5b056e273ae.cloudfront.net (CloudFront)
x-backend: default
x-amz-cf-pop: FRA56-P2
age: 218830
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 2446
last-modified: Sun, 18 Jun 2023 21:48:41 GMT
server: Apache
etag: "9d2063a3-98e-5fe6e61a177fa"
vary: Accept-Encoding
x-varnish: 3034083358 3026360944
content-type: image/gif
cache-control: max-age=259200
accept-ranges: bytes
x-amz-cf-id: gRrI2SsZ0LJKzJIYFjve6lV_-42c-MBrGncYaPxhykk4K7xVGhH-Jw==
expires: Mon, 17 Jul 2023 23:43:27 GMT

GET
H2 200 p-leveille-142454.gif
www.zone-turf.fr/media/picture/casaque/ 2 KB
2 KB 66ms
53ms Image
image/gif 18.66.97.18
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.zone-turf.fr/media/picture/casaque/p-leveille-142454.gif
Requested by: Host: www.grandturf.net
URL: https://www.grandturf.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-97-18.fra56.r.cloudfront.net
Software: Apache /
Resource Hash: 44e4a28b71fa99bc5d4220ec68ee2044c8c5824254b1c9d2a11add736f7ca6cd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.grandturf.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 17 Jul 2023 12:04:30 GMT
via: 1.1 varnish, 1.1 4a502b22092e94faddf9a5b056e273ae.cloudfront.net (CloudFront)
x-backend: default
x-amz-cf-pop: FRA56-P2
age: 66522
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 1951
last-modified: Sun, 16 Jul 2023 14:50:44 GMT
server: Apache
etag: "9d3d75f2-79f-6009bce795daa"
vary: Accept-Encoding
x-varnish: 3035435527 3032877675
content-type: image/gif
cache-control: max-age=259200
accept-ranges: bytes
x-amz-cf-id: KYSswcFqh1PaW0H-ltqSfLW7zs5dEfJXtnoW0GYprdvxAgt-MwYTmw==
expires: Wed, 19 Jul 2023 18:01:56 GMT

GET
H2 200 mme-s-loncke-184662.gif
www.zone-turf.fr/media/picture/casaque/ 2 KB
3 KB 68ms
55ms Image
image/gif 18.66.97.18
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.zone-turf.fr/media/picture/casaque/mme-s-loncke-184662.gif
Requested by: Host: www.grandturf.net
URL: https://www.grandturf.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-97-18.fra56.r.cloudfront.net
Software: Apache /
Resource Hash: 6dc80ef72dbaa654bff29bff176d8fa881b6d87b508a432a6f467cae80b9a77f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.grandturf.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 17 Jul 2023 12:04:23 GMT
via: 1.1 varnish, 1.1 4a502b22092e94faddf9a5b056e273ae.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
age: 227669
x-cache: Hit from cloudfront
x-cache-hist: 199
alt-svc: h3=":443"; ma=86400
content-length: 2358
last-modified: Sat, 01 Jul 2023 21:51:08 GMT
server: Apache
etag: "9d33eeac-936-5ff73ee53a4f2"
content-type: image/gif
x-varnish: 2255955790 2243181206
cache-control: max-age=259200
accept-ranges: bytes
x-amz-cf-id: saPcPrIt0rmx8lMzJQRlVJRSPBrPcCmeHBqVbplX1CaSTprrnRJ71Q==
expires: Mon, 17 Jul 2023 21:16:10 GMT

GET
H2 200 ec-victoria-victoria-dreams-81015.gif
www.zone-turf.fr/media/picture/casaque/ 2 KB
3 KB 111ms
98ms Image
image/gif 18.66.97.18
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.zone-turf.fr/media/picture/casaque/ec-victoria-victoria-dreams-81015.gif
Requested by: Host: www.grandturf.net
URL: https://www.grandturf.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-97-18.fra56.r.cloudfront.net
Software: Apache /
Resource Hash: bf9687b17cd209ce5915274a723855aa6d99a0f8a4e2f80786418f024ad74bca

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.grandturf.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 17 Jul 2023 12:04:30 GMT
via: 1.1 varnish, 1.1 4a502b22092e94faddf9a5b056e273ae.cloudfront.net (CloudFront)
x-backend: default
x-amz-cf-pop: FRA56-P2
age: 236841
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 2341
last-modified: Thu, 13 Jul 2023 21:50:40 GMT
server: Apache
etag: "9d237278-925-6006552c35de6"
vary: Accept-Encoding
x-varnish: 3034083359 3022486632
content-type: image/gif
cache-control: max-age=259200
accept-ranges: bytes
x-amz-cf-id: 1QedNH7fXjzG3DoJ5IK_iaRF9ctzxp4Am1R2AuFi74F_J4r8zIYqdA==
expires: Mon, 17 Jul 2023 18:43:17 GMT

GET
H2 200 h-le-bec-47376.gif
www.zone-turf.fr/media/picture/casaque/ 2 KB
2 KB 113ms
100ms Image
image/gif 18.66.97.18
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.zone-turf.fr/media/picture/casaque/h-le-bec-47376.gif
Requested by: Host: www.grandturf.net
URL: https://www.grandturf.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-97-18.fra56.r.cloudfront.net
Software: Apache /
Resource Hash: 2020b560cf20d80970e31a53aa8869200bd0d172a6df95d15fa77af33510f011

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.grandturf.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 17 Jul 2023 11:35:49 GMT
via: 1.1 varnish, 1.1 4a502b22092e94faddf9a5b056e273ae.cloudfront.net (CloudFront)
x-backend: default
x-amz-cf-pop: FRA56-P2
age: 57351
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 1972
last-modified: Sun, 16 Jul 2023 14:50:44 GMT
server: Apache
etag: "9d395139-7b4-6009bce809d18"
vary: Accept-Encoding
x-varnish: 3034144704 3033051637
content-type: image/gif
cache-control: max-age=259200
accept-ranges: bytes
x-amz-cf-id: 3QjR_YdhO_eV5qtxRsxNvyNQ2oARWjW9ECg2GTAs8HYtwxjNnUNIjg==
expires: Wed, 19 Jul 2023 20:34:47 GMT

GET
H2 200 ec-cheffreville-35430.gif
www.zone-turf.fr/media/picture/casaque/ 2 KB
3 KB 115ms
103ms Image
image/gif 18.66.97.18
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.zone-turf.fr/media/picture/casaque/ec-cheffreville-35430.gif
Requested by: Host: www.grandturf.net
URL: https://www.grandturf.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-97-18.fra56.r.cloudfront.net
Software: Apache /
Resource Hash: 51c59f06c12f218cb47767488c058197ddf375dadc2f1f3c6dd9db977b3b8a2e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.grandturf.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 17 Jul 2023 11:45:47 GMT
via: 1.1 varnish, 1.1 4a502b22092e94faddf9a5b056e273ae.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
age: 91238
x-cache: Hit from cloudfront
x-cache-hist: 114
alt-svc: h3=":443"; ma=86400
content-length: 2446
last-modified: Sat, 15 Jul 2023 22:02:26 GMT
server: Apache
etag: "9d3f24c2-98e-6008db88c1e96"
vary: Accept-Encoding
x-varnish: 2255478977 2250519328
content-type: image/gif
cache-control: max-age=259200
accept-ranges: bytes
x-amz-cf-id: fpZ5dx2WvYvX6bgSFWKBK9tXLDlMV0nbdF5bDinqesbEgmTEYWizfw==
expires: Wed, 19 Jul 2023 11:10:01 GMT

GET
H2 200 p-grumetz-35671.gif
www.zone-turf.fr/media/picture/casaque/ 2 KB
3 KB 112ms
99ms Image
image/gif 18.66.97.18
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.zone-turf.fr/media/picture/casaque/p-grumetz-35671.gif
Requested by: Host: www.grandturf.net
URL: https://www.grandturf.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-97-18.fra56.r.cloudfront.net
Software: Apache /
Resource Hash: 209ab0f60c166bf286b93e888503c2c2c399d4936888a27a2b6f12e150661e9c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.grandturf.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 17 Jul 2023 11:39:23 GMT
via: 1.1 varnish, 1.1 4a502b22092e94faddf9a5b056e273ae.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
age: 89676
x-cache: Hit from cloudfront
x-cache-hist: 115
alt-svc: h3=":443"; ma=86400
content-length: 2312
last-modified: Sat, 15 Jul 2023 22:02:26 GMT
server: Apache
etag: "9d35b833-908-6008db88d2c33"
vary: Accept-Encoding
x-varnish: 2255439265 2250664437
content-type: image/gif
cache-control: max-age=259200
accept-ranges: bytes
x-amz-cf-id: fffiRjqdIbqd5VLil9u2r9WD_Wkt3sm9vwkflSHTQsqh6-QQEgSvCw==
expires: Wed, 19 Jul 2023 11:36:02 GMT

GET
H2 200 ec-rene-kergueris-69835.gif
www.zone-turf.fr/media/picture/casaque/ 2 KB
3 KB 114ms
101ms Image
image/gif 18.66.97.18
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.zone-turf.fr/media/picture/casaque/ec-rene-kergueris-69835.gif
Requested by: Host: www.grandturf.net
URL: https://www.grandturf.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-97-18.fra56.r.cloudfront.net
Software: Apache /
Resource Hash: 48f4ae01fcfe3a8b73fc1f4d4525d607b0c4372b514b921d620abe6306d56404

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.grandturf.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 17 Jul 2023 12:04:13 GMT
via: 1.1 varnish, 1.1 4a502b22092e94faddf9a5b056e273ae.cloudfront.net (CloudFront)
x-backend: default
x-amz-cf-pop: FRA56-P2
age: 90584
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 2299
last-modified: Sat, 15 Jul 2023 22:02:26 GMT
server: Apache
etag: "9d3ee84d-8fb-6008db88dd801"
content-type: image/gif
x-varnish: 3035803935 3030491419
cache-control: max-age=259200
accept-ranges: bytes
x-amz-cf-id: j3KbGjSoO6wa7jmBZ9OWgw3dCndRmN6WbTkJESV4mC4isBKHKbSW5w==
expires: Wed, 19 Jul 2023 11:20:53 GMT

GET
H2 200 o-ponzio-226678.gif
www.zone-turf.fr/media/picture/casaque/ 3 KB
3 KB 116ms
104ms Image
image/gif 18.66.97.18
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.zone-turf.fr/media/picture/casaque/o-ponzio-226678.gif
Requested by: Host: www.grandturf.net
URL: https://www.grandturf.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-97-18.fra56.r.cloudfront.net
Software: Apache /
Resource Hash: f0d9db5390161cf9f92b3e3477facd030c03d3c2e9bb04114256e19e65d4fbb6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.grandturf.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 17 Jul 2023 11:49:37 GMT
via: 1.1 varnish, 1.1 4a502b22092e94faddf9a5b056e273ae.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
age: 207818
x-cache: Hit from cloudfront
x-cache-hist: 164
alt-svc: h3=":443"; ma=86400
content-length: 2583
last-modified: Fri, 07 Jul 2023 21:50:42 GMT
server: Apache
etag: "9d345424-a17-5ffec9fce5648"
vary: Accept-Encoding
x-varnish: 2255503646 2243780203
content-type: image/gif
cache-control: max-age=259200
accept-ranges: bytes
x-amz-cf-id: Govn21cbpGSMpaOR2ijiBNnpqam1OFCodGBH8MLGATc2FzCGPmKplA==
expires: Tue, 18 Jul 2023 02:47:00 GMT

GET
H2 200 007.png
www.grandturf.net/img/patterns/ 61 KB
61 KB 145ms
134ms Image
image/png 185.176.40.222
ZETTA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.grandturf.net/img/patterns/007.png
Requested by: Host: www.grandturf.net
URL: https://www.grandturf.net/css/style.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.176.40.222 , Bulgaria, ASN44476 (ZETTA-AS, BG),
Reverse DNS
Software: Apache /
Resource Hash: 42cfbd9f467e46a5e814dc36a10476d6c3ed4f1d6461882c4889de8d160da3cf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.grandturf.net/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 17 Jul 2023 12:30:38 GMT
last-modified: Sat, 03 Jun 2023 06:14:35 GMT
server: Apache
accept-ranges: bytes
etag: "f4e5-5fd3395721889"
content-length: 62693
content-type: image/png

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v35/ 47 KB
48 KB 154ms
45ms Font
font/woff2 2a00:1450:4001:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v35/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,600,600italic,400italic,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7c7818c25a18e8a38553fcbcbc2ad0b5e964103a7d2e494f82815e3f70bf3fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.grandturf.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 15 Jul 2023 00:21:44 GMT
x-content-type-options: nosniff
age: 216534
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48412
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:08:53 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 14 Jul 2024 00:21:44 GMT

GET
H2 200 BngMUXZYTXPIvIBgJJSb6ufN5qU.woff2
fonts.gstatic.com/s/robotoslab/v25/ 34 KB
34 KB 223ms
114ms Font
font/woff2 2a00:1450:4001:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/robotoslab/v25/BngMUXZYTXPIvIBgJJSb6ufN5qU.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Slab:400,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

20b588b86dac6a605b4baefd6a9d46f2c1ac84dd78a230dfb4b962c3155096f4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.grandturf.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 15 Jul 2023 13:31:14 GMT
x-content-type-options: nosniff
age: 169164
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34432
x-xss-protection: 0
last-modified: Tue, 02 May 2023 17:01:44 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 14 Jul 2024 13:31:14 GMT

GET
H2 200 54290.jpg
static.gambling-affiliation.com/uploads/ads/ 169 KB
169 KB 403ms
107ms Image
image/jpeg 91.198.105.122
EURO-WEB-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.gambling-affiliation.com/uploads/ads/54290.jpg
Requested by: Host: www.grandturf.net
URL: https://www.grandturf.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 91.198.105.122 , France, ASN35393 (EURO-WEB-AS, FR),
Reverse DNS
Software: nginx/1.15.5 /
Resource Hash: b892c6d9e157522789e1d17b0f6906f0caad804432f16290b094c4a2de43b8a4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.grandturf.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 17 Jul 2023 12:30:38 GMT
last-modified: Wed, 19 May 2021 07:04:47 GMT
server: nginx/1.15.5
accept-ranges: bytes
etag: "60a4b88f-2a2f1"
content-length: 172785
content-type: image/jpeg

GET
H2 200 61269.gif
static.gambling-affiliation.com/uploads/ads/ 704 KB
704 KB 207ms
109ms Image
image/gif 91.198.105.122
EURO-WEB-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.gambling-affiliation.com/uploads/ads/61269.gif
Requested by: Host: www.grandturf.net
URL: https://www.grandturf.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 91.198.105.122 , France, ASN35393 (EURO-WEB-AS, FR),
Reverse DNS
Software: nginx/1.15.5 /
Resource Hash: e569c5845cd53e6362ca2400126373379989ea0bd9431fdc51dde95686295c65

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.grandturf.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 17 Jul 2023 12:30:38 GMT
last-modified: Tue, 27 Sep 2022 14:50:11 GMT
server: nginx/1.15.5
accept-ranges: bytes
etag: "63330da3-afe34"
content-length: 720436
content-type: image/gif

GET
H2 200 memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2
fonts.gstatic.com/s/opensans/v35/ 49 KB
49 KB 122ms
122ms Font
font/woff2 2a00:1450:4001:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v35/memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,600,600italic,400italic,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3642c7e774562f7483d7b0de93dd1759fc6928e85eebd7e62ddae72e9d46c9cb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.grandturf.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 15 Jul 2023 12:23:10 GMT
x-content-type-options: nosniff
age: 173248
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50440
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:13:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 14 Jul 2024 12:23:10 GMT

GET
H2 200 script.js Show response
widgets.getsitecontrol.com/46851/ 52 B
863 B 412ms
157ms Script
text/javascript 2400:52e0:1e00::1076:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.getsitecontrol.com/46851/script.js
Requested by: Host: www.grandturf.net
URL: https://www.grandturf.net/js/custom.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1076:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1076 /
Resource Hash: 54456556640a2a051e8222dc7e15f43dad3c80560b704b291bb2596d7c0be418

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.grandturf.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 17 Jul 2023 12:30:38 GMT
content-encoding: br
cdn-edgestorageid: 874
x-amz-request-id: X31FYS807J08W4GF
cdn-cachedat: 02/22/2023 20:45:08
cdn-pullzone: 44619
x-amz-id-2: ZM56/YBjFGE69kgH0YFa8C2oTFAWQlfOoDGqFodmcflefSUvNVnxpO8wNlsK2d/SLWysfpEFhBI=
last-modified: Tue, 04 Jun 2019 14:09:16 GMT
server: BunnyCDN-DE1-1076
cdn-proxyver: 1.03
cdn-requestpullcode: 200
etag: W/"f31a420d9c1c5d1412ff8037cdefc346"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cdn-cache: REVALIDATED
cdn-uid: e3a1246b-2fdd-4153-9207-6ca707c9379d
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=0
cdn-requestid: dd1361506d0d21a88dc0e4d17b48dac1
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 145ms
45ms Script
text/javascript 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.grandturf.net
URL: https://www.grandturf.net/js/custom.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.grandturf.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 17 Jul 2023 10:35:19 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 6919
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Mon, 17 Jul 2023 12:35:19 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 393 B
605 B 156ms
55ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.grandturf.net&callback=_gfp_s_&client=ca-pub-6404002326578074

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307110102/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6404002326578074&plah=www.grandturf.net

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cf624f7aafb862c1b27b7ee25eabf4b30bc1a1988c46c5c08116bd7f6033cb1c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.grandturf.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 17 Jul 2023 12:30:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 253
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
456 B 161ms
54ms Script
application/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.grandturf.net

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.grandturf.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 17 Jul 2023 12:30:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 9E19 27 KB
6 KB 230ms
229ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6404002326578074&output=html&adk=1812271804&adf=3025194257&lmt=1689597038&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1048576%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x1080_l%7C164x1080_r&format=0x0&url=https%3A%2F%2Fwww.grandturf.net%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689597038240&bpp=24&bdt=300&idt=370&shv=r20230711&mjsv=m202307110102&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4896509340721&frm=20&pv=2&ga_vid=529683509.1689597039&ga_sid=1689597039&ga_hid=1598999568&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759927%2C44759876%2C31075849%2C31076011%2C44788441&oid=2&pvsid=3531930351038728&tmod=718010455&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=397

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8c86d8e19630fce6d91734cec5dc887a52909d9bfa3e5e90171536238e5852a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.grandturf.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 6011
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 17 Jul 2023 12:30:38 GMT
expires: Mon, 17 Jul 2023 12:30:38 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame FF70 430 B
427 B 180ms
179ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6404002326578074&output=html&h=280&adk=1213588912&adf=1119259538&pi=t.aa~a.202848852~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1689597038&rafmt=1&to=qs&pwprc=3975764233&format=1200x280&url=https%3A%2F%2Fwww.grandturf.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689597038264&bpp=2&bdt=325&idt=378&shv=r20230711&mjsv=m202307110102&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=4896509340721&frm=20&pv=1&ga_vid=529683509.1689597039&ga_sid=1689597039&ga_hid=1598999568&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=868&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759927%2C44759876%2C31075849%2C31076011%2C44788441&oid=2&pvsid=3531930351038728&tmod=718010455&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=pbSWHUyTEb&p=https%3A//www.grandturf.net&dtd=381

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0730d4657116a89ac0f27b8878c74d1a074410933d6742e240d2ec1031841faa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.grandturf.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 207
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 17 Jul 2023 12:30:38 GMT
expires: Mon, 17 Jul 2023 12:30:38 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 200 collect Show response
www.google-analytics.com/j/ 15 B
223 B 53ms
52ms XHR
text/plain 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1598999568&t=pageview&_s=1&dl=https%3A%2F%2Fwww.grandturf.net%2F&ul=en-us&de=UTF-8&dt=GrandTurf%20-%20Pronostics%20et%20Analyses%20Quint%C3%A9%2B&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IAhAAEABAAAAACAAI~&jid=546229428&gjid=745091048&cid=529683509.1689597039&tid=UA-71155940-1&_gid=1956226854.1689597039&_r=1&_slc=1&z=2070823825

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

bcfc5ff664aefd9655eeed25e79426054df2ec19afe1fdb3936f560a74e21efa

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.grandturf.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 17 Jul 2023 12:30:38 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.grandturf.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 219 KB
78 KB 166ms
65ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-PMEZ0XHEC4&cx=c&_slc=1

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c6dbf07f81c3ff950a255dd738d854df5b43f72eb0b07ad5e95c3ed8ebc2325c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.grandturf.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 17 Jul 2023 12:30:38 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 79739
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 17 Jul 2023 12:30:38 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 81ms
81ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=resize&scrl=0&adk=1213588912&adf=1119259538&fmt=1200x280&str=false&ad_y=867.578125&vph=1200&r_nh=0&r_ifr=true&qid=CIS0uLrflYADFR9mFQgd6KoHgA&w=1200&h=280&err=1&url=https%3A%2F%2Fwww.grandturf.net%2F&eid=44759842%2C44759927%2C44759876%2C31075849%2C31076011%2C44788441

Requested by

Host: www.grandturf.net
URL: https://www.grandturf.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.grandturf.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 Jul 2023 12:30:38 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 79ms
78ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_exclusion_zone&typ=noex&cor=883697055407149&num=0&dvc=0&eid=44759842%2C44759927%2C44759876%2C31075849%2C31076011%2C44788441

Requested by

Host: www.grandturf.net
URL: https://www.grandturf.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.grandturf.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 Jul 2023 12:30:38 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 91ms
82ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_exclusion_zone&typ=noex&cor=883697055407149&num=1&dvc=0&eid=44759842%2C44759927%2C44759876%2C31075849%2C31076011%2C44788441

Requested by

Host: www.grandturf.net
URL: https://www.grandturf.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.grandturf.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 Jul 2023 12:30:38 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 93ms
84ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_exclusion_zone&typ=noex&cor=883697055407149&num=2&dvc=0&eid=44759842%2C44759927%2C44759876%2C31075849%2C31076011%2C44788441

Requested by

Host: www.grandturf.net
URL: https://www.grandturf.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.grandturf.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 Jul 2023 12:30:38 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 94ms
85ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_exclusion_zone&typ=noex&cor=883697055407149&num=3&dvc=0&eid=44759842%2C44759927%2C44759876%2C31075849%2C31076011%2C44788441

Requested by

Host: www.grandturf.net
URL: https://www.grandturf.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.grandturf.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 Jul 2023 12:30:38 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 94ms
85ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_exclusion_zone&typ=noex&cor=883697055407149&num=4&dvc=0&eid=44759842%2C44759927%2C44759876%2C31075849%2C31076011%2C44788441

Requested by

Host: www.grandturf.net
URL: https://www.grandturf.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.grandturf.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 Jul 2023 12:30:38 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 94ms
85ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_exclusion_zone&typ=noex&cor=883697055407149&num=5&dvc=0&eid=44759842%2C44759927%2C44759876%2C31075849%2C31076011%2C44788441

Requested by

Host: www.grandturf.net
URL: https://www.grandturf.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.grandturf.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 Jul 2023 12:30:38 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 95ms
86ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_exclusion_zone&typ=noex&cor=883697055407149&num=6&dvc=0&eid=44759842%2C44759927%2C44759876%2C31075849%2C31076011%2C44788441

Requested by

Host: www.grandturf.net
URL: https://www.grandturf.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.grandturf.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 Jul 2023 12:30:38 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 94ms
86ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_exclusion_zone&typ=noex&cor=883697055407149&num=7&dvc=0&eid=44759842%2C44759927%2C44759876%2C31075849%2C31076011%2C44788441

Requested by

Host: www.grandturf.net
URL: https://www.grandturf.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.grandturf.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 Jul 2023 12:30:38 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 94ms
86ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_exclusion_zone&typ=noex&cor=883697055407149&num=8&dvc=0&eid=44759842%2C44759927%2C44759876%2C31075849%2C31076011%2C44788441

Requested by

Host: www.grandturf.net
URL: https://www.grandturf.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.grandturf.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 Jul 2023 12:30:38 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 95ms
87ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_exclusion_zone&typ=noex&cor=883697055407149&num=9&dvc=0&eid=44759842%2C44759927%2C44759876%2C31075849%2C31076011%2C44788441

Requested by

Host: www.grandturf.net
URL: https://www.grandturf.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.grandturf.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 Jul 2023 12:30:38 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 95ms
86ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_exclusion_zone&typ=noex&cor=883697055407149&num=10&dvc=0&eid=44759842%2C44759927%2C44759876%2C31075849%2C31076011%2C44788441

Requested by

Host: www.grandturf.net
URL: https://www.grandturf.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.grandturf.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 Jul 2023 12:30:38 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 95ms
87ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_exclusion_zone&typ=noex&cor=883697055407149&num=11&dvc=0&eid=44759842%2C44759927%2C44759876%2C31075849%2C31076011%2C44788441

Requested by

Host: www.grandturf.net
URL: https://www.grandturf.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.grandturf.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 Jul 2023 12:30:38 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 96ms
87ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_exclusion_zone&typ=noex&cor=883697055407149&num=12&dvc=0&eid=44759842%2C44759927%2C44759876%2C31075849%2C31076011%2C44788441

Requested by

Host: www.grandturf.net
URL: https://www.grandturf.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.grandturf.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 Jul 2023 12:30:38 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 95ms
87ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_exclusion_zone&typ=noex&cor=883697055407149&num=13&dvc=0&eid=44759842%2C44759927%2C44759876%2C31075849%2C31076011%2C44788441

Requested by

Host: www.grandturf.net
URL: https://www.grandturf.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.grandturf.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 Jul 2023 12:30:38 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 96ms
88ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_exclusion_zone&typ=noex&cor=883697055407149&num=14&dvc=0&eid=44759842%2C44759927%2C44759876%2C31075849%2C31076011%2C44788441

Requested by

Host: www.grandturf.net
URL: https://www.grandturf.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.grandturf.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 Jul 2023 12:30:38 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 96ms
87ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_exclusion_zone&typ=noex&cor=883697055407149&num=15&dvc=0&eid=44759842%2C44759927%2C44759876%2C31075849%2C31076011%2C44788441

Requested by

Host: www.grandturf.net
URL: https://www.grandturf.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.grandturf.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 Jul 2023 12:30:38 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 96ms
88ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_exclusion_zone&typ=noex&cor=883697055407149&num=16&dvc=0&eid=44759842%2C44759927%2C44759876%2C31075849%2C31076011%2C44788441

Requested by

Host: www.grandturf.net
URL: https://www.grandturf.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.grandturf.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 Jul 2023 12:30:38 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 96ms
88ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_exclusion_zone&typ=noex&cor=883697055407149&num=17&dvc=0&eid=44759842%2C44759927%2C44759876%2C31075849%2C31076011%2C44788441

Requested by

Host: www.grandturf.net
URL: https://www.grandturf.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.grandturf.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 Jul 2023 12:30:38 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 98ms
90ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_exclusion_zone&typ=noex&cor=174071532665550&num=0&dvc=0&eid=44759842%2C44759927%2C44759876%2C31075849%2C31076011%2C44788441

Requested by

Host: www.grandturf.net
URL: https://www.grandturf.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.grandturf.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 Jul 2023 12:30:38 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 133ms
124ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_exclusion_zone&typ=noex&cor=174071532665550&num=1&dvc=0&eid=44759842%2C44759927%2C44759876%2C31075849%2C31076011%2C44788441

Requested by

Host: www.grandturf.net
URL: https://www.grandturf.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.grandturf.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 Jul 2023 12:30:39 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 134ms
125ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_exclusion_zone&typ=noex&cor=174071532665550&num=2&dvc=0&eid=44759842%2C44759927%2C44759876%2C31075849%2C31076011%2C44788441

Requested by

Host: www.grandturf.net
URL: https://www.grandturf.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.grandturf.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 Jul 2023 12:30:39 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 132ms
124ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_exclusion_zone&typ=noex&cor=174071532665550&num=3&dvc=0&eid=44759842%2C44759927%2C44759876%2C31075849%2C31076011%2C44788441

Requested by

Host: www.grandturf.net
URL: https://www.grandturf.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.grandturf.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 Jul 2023 12:30:39 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 133ms
125ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_exclusion_zone&typ=noex&cor=174071532665550&num=4&dvc=0&eid=44759842%2C44759927%2C44759876%2C31075849%2C31076011%2C44788441

Requested by

Host: www.grandturf.net
URL: https://www.grandturf.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.grandturf.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 Jul 2023 12:30:39 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 135ms
127ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_exclusion_zone&typ=noex&cor=174071532665550&num=5&dvc=0&eid=44759842%2C44759927%2C44759876%2C31075849%2C31076011%2C44788441

Requested by

Host: www.grandturf.net
URL: https://www.grandturf.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.grandturf.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 Jul 2023 12:30:39 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 136ms
128ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_exclusion_zone&typ=noex&cor=174071532665550&num=6&dvc=0&eid=44759842%2C44759927%2C44759876%2C31075849%2C31076011%2C44788441

Requested by

Host: www.grandturf.net
URL: https://www.grandturf.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.grandturf.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 Jul 2023 12:30:39 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 134ms
126ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_exclusion_zone&typ=noex&cor=174071532665550&num=7&dvc=0&eid=44759842%2C44759927%2C44759876%2C31075849%2C31076011%2C44788441

Requested by

Host: www.grandturf.net
URL: https://www.grandturf.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.grandturf.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 Jul 2023 12:30:39 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 136ms
128ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_exclusion_zone&typ=noex&cor=174071532665550&num=8&dvc=0&eid=44759842%2C44759927%2C44759876%2C31075849%2C31076011%2C44788441

Requested by

Host: www.grandturf.net
URL: https://www.grandturf.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.grandturf.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 Jul 2023 12:30:39 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 135ms
127ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_exclusion_zone&typ=noex&cor=174071532665550&num=9&dvc=0&eid=44759842%2C44759927%2C44759876%2C31075849%2C31076011%2C44788441

Requested by

Host: www.grandturf.net
URL: https://www.grandturf.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.grandturf.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 Jul 2023 12:30:39 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 138ms
130ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_exclusion_zone&typ=noex&cor=174071532665550&num=10&dvc=0&eid=44759842%2C44759927%2C44759876%2C31075849%2C31076011%2C44788441

Requested by

Host: www.grandturf.net
URL: https://www.grandturf.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.grandturf.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 Jul 2023 12:30:39 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 140ms
132ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_exclusion_zone&typ=noex&cor=174071532665550&num=11&dvc=0&eid=44759842%2C44759927%2C44759876%2C31075849%2C31076011%2C44788441

Requested by

Host: www.grandturf.net
URL: https://www.grandturf.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.grandturf.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 Jul 2023 12:30:39 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 138ms
130ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_exclusion_zone&typ=noex&cor=174071532665550&num=12&dvc=0&eid=44759842%2C44759927%2C44759876%2C31075849%2C31076011%2C44788441

Requested by

Host: www.grandturf.net
URL: https://www.grandturf.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.grandturf.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 Jul 2023 12:30:39 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 136ms
128ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_exclusion_zone&typ=noex&cor=174071532665550&num=13&dvc=0&eid=44759842%2C44759927%2C44759876%2C31075849%2C31076011%2C44788441

Requested by

Host: www.grandturf.net
URL: https://www.grandturf.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.grandturf.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 Jul 2023 12:30:39 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 164ms
156ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_exclusion_zone&typ=noex&cor=174071532665550&num=14&dvc=0&eid=44759842%2C44759927%2C44759876%2C31075849%2C31076011%2C44788441

Requested by

Host: www.grandturf.net
URL: https://www.grandturf.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.grandturf.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 Jul 2023 12:30:39 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 137ms
129ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_exclusion_zone&typ=noex&cor=174071532665550&num=15&dvc=0&eid=44759842%2C44759927%2C44759876%2C31075849%2C31076011%2C44788441

Requested by

Host: www.grandturf.net
URL: https://www.grandturf.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.grandturf.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 Jul 2023 12:30:39 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 136ms
129ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_exclusion_zone&typ=noex&cor=174071532665550&num=16&dvc=0&eid=44759842%2C44759927%2C44759876%2C31075849%2C31076011%2C44788441

Requested by

Host: www.grandturf.net
URL: https://www.grandturf.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.grandturf.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 Jul 2023 12:30:39 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 135ms
127ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_exclusion_zone&typ=noex&cor=767160113216164&num=0&dvc=0&eid=44759842%2C44759927%2C44759876%2C31075849%2C31076011%2C44788441

Requested by

Host: www.grandturf.net
URL: https://www.grandturf.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.grandturf.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 Jul 2023 12:30:39 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 136ms
128ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_exclusion_zone&typ=noex&cor=767160113216164&num=1&dvc=0&eid=44759842%2C44759927%2C44759876%2C31075849%2C31076011%2C44788441

Requested by

Host: www.grandturf.net
URL: https://www.grandturf.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.grandturf.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 Jul 2023 12:30:39 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 164ms
156ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_exclusion_zone&typ=noex&cor=767160113216164&num=2&dvc=0&eid=44759842%2C44759927%2C44759876%2C31075849%2C31076011%2C44788441

Requested by

Host: www.grandturf.net
URL: https://www.grandturf.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.grandturf.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 Jul 2023 12:30:39 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 162ms
155ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_exclusion_zone&typ=noex&cor=767160113216164&num=3&dvc=0&eid=44759842%2C44759927%2C44759876%2C31075849%2C31076011%2C44788441

Requested by

Host: www.grandturf.net
URL: https://www.grandturf.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.grandturf.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 Jul 2023 12:30:39 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 137ms
129ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_exclusion_zone&typ=noex&cor=767160113216164&num=4&dvc=0&eid=44759842%2C44759927%2C44759876%2C31075849%2C31076011%2C44788441

Requested by

Host: www.grandturf.net
URL: https://www.grandturf.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.grandturf.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 Jul 2023 12:30:39 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 164ms
157ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_exclusion_zone&typ=noex&cor=767160113216164&num=5&dvc=0&eid=44759842%2C44759927%2C44759876%2C31075849%2C31076011%2C44788441

Requested by

Host: www.grandturf.net
URL: https://www.grandturf.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.grandturf.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 Jul 2023 12:30:39 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 138ms
131ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_exclusion_zone&typ=noex&cor=767160113216164&num=6&dvc=0&eid=44759842%2C44759927%2C44759876%2C31075849%2C31076011%2C44788441

Requested by

Host: www.grandturf.net
URL: https://www.grandturf.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.grandturf.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 Jul 2023 12:30:39 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 164ms
156ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_exclusion_zone&typ=noex&cor=767160113216164&num=7&dvc=0&eid=44759842%2C44759927%2C44759876%2C31075849%2C31076011%2C44788441

Requested by

Host: www.grandturf.net
URL: https://www.grandturf.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.grandturf.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 Jul 2023 12:30:39 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 164ms
157ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_exclusion_zone&typ=noex&cor=767160113216164&num=8&dvc=0&eid=44759842%2C44759927%2C44759876%2C31075849%2C31076011%2C44788441

Requested by

Host: www.grandturf.net
URL: https://www.grandturf.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.grandturf.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 Jul 2023 12:30:39 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 137ms
130ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_exclusion_zone&typ=noex&cor=767160113216164&num=9&dvc=0&eid=44759842%2C44759927%2C44759876%2C31075849%2C31076011%2C44788441

Requested by

Host: www.grandturf.net
URL: https://www.grandturf.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.grandturf.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 Jul 2023 12:30:39 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 137ms
130ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_exclusion_zone&typ=noex&cor=767160113216164&num=10&dvc=0&eid=44759842%2C44759927%2C44759876%2C31075849%2C31076011%2C44788441

Requested by

Host: www.grandturf.net
URL: https://www.grandturf.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.grandturf.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 Jul 2023 12:30:39 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 139ms
131ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_exclusion_zone&typ=noex&cor=767160113216164&num=11&dvc=0&eid=44759842%2C44759927%2C44759876%2C31075849%2C31076011%2C44788441

Requested by

Host: www.grandturf.net
URL: https://www.grandturf.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.grandturf.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 Jul 2023 12:30:39 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 153ms
146ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_exclusion_zone&typ=noex&cor=767160113216164&num=12&dvc=0&eid=44759842%2C44759927%2C44759876%2C31075849%2C31076011%2C44788441

Requested by

Host: www.grandturf.net
URL: https://www.grandturf.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.grandturf.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 Jul 2023 12:30:39 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 186ms
179ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_exclusion_zone&typ=noex&cor=767160113216164&num=13&dvc=0&eid=44759842%2C44759927%2C44759876%2C31075849%2C31076011%2C44788441

Requested by

Host: www.grandturf.net
URL: https://www.grandturf.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.grandturf.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 Jul 2023 12:30:39 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 161ms
154ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_exclusion_zone&typ=noex&cor=767160113216164&num=14&dvc=0&eid=44759842%2C44759927%2C44759876%2C31075849%2C31076011%2C44788441

Requested by

Host: www.grandturf.net
URL: https://www.grandturf.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.grandturf.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 Jul 2023 12:30:39 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 260ms
253ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_exclusion_zone&typ=noex&cor=767160113216164&num=15&dvc=0&eid=44759842%2C44759927%2C44759876%2C31075849%2C31076011%2C44788441

Requested by

Host: www.grandturf.net
URL: https://www.grandturf.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.grandturf.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 Jul 2023 12:30:39 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 261ms
253ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_exclusion_zone&typ=noex&cor=126695171006900&num=0&dvc=0&eid=44759842%2C44759927%2C44759876%2C31075849%2C31076011%2C44788441

Requested by

Host: www.grandturf.net
URL: https://www.grandturf.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.grandturf.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 Jul 2023 12:30:39 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 263ms
255ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_exclusion_zone&typ=noex&cor=126695171006900&num=1&dvc=0&eid=44759842%2C44759927%2C44759876%2C31075849%2C31076011%2C44788441

Requested by

Host: www.grandturf.net
URL: https://www.grandturf.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.grandturf.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 Jul 2023 12:30:39 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 263ms
255ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_exclusion_zone&typ=noex&cor=126695171006900&num=2&dvc=0&eid=44759842%2C44759927%2C44759876%2C31075849%2C31076011%2C44788441

Requested by

Host: www.grandturf.net
URL: https://www.grandturf.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.grandturf.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 Jul 2023 12:30:39 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 265ms
257ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_exclusion_zone&typ=noex&cor=218406135022671&num=0&dvc=0&eid=44759842%2C44759927%2C44759876%2C31075849%2C31076011%2C44788441

Requested by

Host: www.grandturf.net
URL: https://www.grandturf.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.grandturf.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 Jul 2023 12:30:39 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 262ms
254ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_exclusion_zone&typ=noex&cor=218406135022671&num=1&dvc=0&eid=44759842%2C44759927%2C44759876%2C31075849%2C31076011%2C44788441

Requested by

Host: www.grandturf.net
URL: https://www.grandturf.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.grandturf.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 Jul 2023 12:30:39 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 263ms
255ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_exclusion_zone&typ=noex&cor=218406135022671&num=2&dvc=0&eid=44759842%2C44759927%2C44759876%2C31075849%2C31076011%2C44788441

Requested by

Host: www.grandturf.net
URL: https://www.grandturf.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.grandturf.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 Jul 2023 12:30:39 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 261ms
253ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_exclusion_zone&typ=noex&cor=218406135022671&num=3&dvc=0&eid=44759842%2C44759927%2C44759876%2C31075849%2C31076011%2C44788441

Requested by

Host: www.grandturf.net
URL: https://www.grandturf.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.grandturf.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 Jul 2023 12:30:39 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 263ms
255ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_exclusion_zone&typ=noex&cor=189912182833204&num=0&dvc=0&eid=44759842%2C44759927%2C44759876%2C31075849%2C31076011%2C44788441

Requested by

Host: www.grandturf.net
URL: https://www.grandturf.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.grandturf.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 Jul 2023 12:30:39 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 62ms
54ms Script
application/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.grandturf.net

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.grandturf.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 17 Jul 2023 12:30:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 44D0 46 KB
17 KB 544ms
543ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6404002326578074&output=html&h=280&adk=2245347198&adf=931991694&pi=t.aa~a.1202816626~rp.4&w=360&fwrn=4&fwrnh=100&lmt=1689597038&rafmt=1&to=qs&pwprc=3975764233&format=360x280&url=https%3A%2F%2Fwww.grandturf.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689597038908&bpp=1&bdt=968&idt=-M&shv=r20230711&mjsv=m202307110102&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd1b54429c92bf3cb-22a34575bfe2003b%3AT%3D1689597038%3ART%3D1689597038%3AS%3DALNI_MZlOip74wUMgXe4FQjyC6Fvq79R8g&gpic=UID%3D00000c3ea038b574%3AT%3D1689597038%3ART%3D1689597038%3AS%3DALNI_MYAnMNf1027TZajQClj_Api4V3djg&prev_fmts=0x0%2C1200x280&nras=3&correlator=4896509340721&frm=20&pv=1&ga_vid=529683509.1689597039&ga_sid=1689597039&ga_hid=1598999568&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1010&ady=1939&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759927%2C44759876%2C31075849%2C31076011%2C44788441&oid=2&pvsid=3531930351038728&tmod=718010455&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=sY4ZWQMn01&p=https%3A//www.grandturf.net&dtd=16

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8b7c556ac47cd35887108e0b5ab0b353c316b33830c345d45aa96d1291b6f05f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.grandturf.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 16888
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 17 Jul 2023 12:30:39 GMT
expires: Mon, 17 Jul 2023 12:30:39 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame C2E1 46 KB
17 KB 773ms
773ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6404002326578074&output=html&h=280&adk=2692089315&adf=1695447792&pi=t.aa~a.2665873805~rp.1&w=360&fwrn=4&fwrnh=100&lmt=1689597038&rafmt=1&to=qs&pwprc=3975764233&format=360x280&url=https%3A%2F%2Fwww.grandturf.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689597038908&bpp=1&bdt=969&idt=-M&shv=r20230711&mjsv=m202307110102&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd1b54429c92bf3cb-22a34575bfe2003b%3AT%3D1689597038%3ART%3D1689597038%3AS%3DALNI_MZlOip74wUMgXe4FQjyC6Fvq79R8g&gpic=UID%3D00000c3ea038b574%3AT%3D1689597038%3ART%3D1689597038%3AS%3DALNI_MYAnMNf1027TZajQClj_Api4V3djg&prev_fmts=0x0%2C1200x280%2C360x280&nras=4&correlator=4896509340721&frm=20&pv=1&ga_vid=529683509.1689597039&ga_sid=1689597039&ga_hid=1598999568&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=620&ady=2274&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759927%2C44759876%2C31075849%2C31076011%2C44788441&oid=2&pvsid=3531930351038728&tmod=718010455&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=N6SVaiDgmu&p=https%3A//www.grandturf.net&dtd=21

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

73a60fac0d7c3733fe6d3ac9ef1d0f9d04eeb5237996cfa78624d67dd0abb408

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.grandturf.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 16879
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 17 Jul 2023 12:30:39 GMT
expires: Mon, 17 Jul 2023 12:30:39 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 0F1C 430 B
232 B 201ms
200ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6404002326578074&output=html&h=280&adk=940430000&adf=118710933&pi=t.aa~a.474041843~rp.4&w=1140&fwrn=4&fwrnh=100&lmt=1689597038&rafmt=1&to=qs&pwprc=3975764233&format=1140x280&url=https%3A%2F%2Fwww.grandturf.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689597038908&bpp=1&bdt=968&idt=-M&shv=r20230711&mjsv=m202307110102&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd1b54429c92bf3cb-22a34575bfe2003b%3AT%3D1689597038%3ART%3D1689597038%3AS%3DALNI_MZlOip74wUMgXe4FQjyC6Fvq79R8g&gpic=UID%3D00000c3ea038b574%3AT%3D1689597038%3ART%3D1689597038%3AS%3DALNI_MYAnMNf1027TZajQClj_Api4V3djg&prev_fmts=0x0%2C1200x280%2C360x280%2C360x280&nras=5&correlator=4896509340721&frm=20&pv=1&ga_vid=529683509.1689597039&ga_sid=1689597039&ga_hid=1598999568&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=3893&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759927%2C44759876%2C31075849%2C31076011%2C44788441&oid=2&pvsid=3531930351038728&tmod=718010455&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=iTAfBo2j0I&p=https%3A//www.grandturf.net&dtd=24

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

833d1cdd964ca2261a748ca48168f394eff2cc4af48dca884f7c6fb4a277f65d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.grandturf.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 207
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 17 Jul 2023 12:30:39 GMT
expires: Mon, 17 Jul 2023 12:30:39 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 034E 430 B
233 B 585ms
585ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6404002326578074&output=html&h=240&adk=343766305&adf=3891162701&pi=t.aa~a.1910253705~rp.1&w=263&fwrn=4&fwrnh=100&lmt=1689597038&rafmt=1&to=qs&pwprc=3975764233&format=263x240&url=https%3A%2F%2Fwww.grandturf.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689597038908&bpp=1&bdt=969&idt=1&shv=r20230711&mjsv=m202307110102&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd1b54429c92bf3cb-22a34575bfe2003b%3AT%3D1689597038%3ART%3D1689597038%3AS%3DALNI_MZlOip74wUMgXe4FQjyC6Fvq79R8g&gpic=UID%3D00000c3ea038b574%3AT%3D1689597038%3ART%3D1689597038%3AS%3DALNI_MYAnMNf1027TZajQClj_Api4V3djg&prev_fmts=0x0%2C1200x280%2C360x280%2C360x280%2C1140x280&nras=6&correlator=4896509340721&frm=20&pv=1&ga_vid=529683509.1689597039&ga_sid=1689597039&ga_hid=1598999568&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=4228&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759927%2C44759876%2C31075849%2C31076011%2C44788441&oid=2&pvsid=3531930351038728&tmod=718010455&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=vGeR0REqLs&p=https%3A//www.grandturf.net&dtd=27

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bc155d5be919d0f7e5f20d8eb80dec6949a9aecf325971848c7375a6df179805

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.grandturf.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 208
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 17 Jul 2023 12:30:39 GMT
expires: Mon, 17 Jul 2023 12:30:39 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 239ms
239ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_success&c=6&wpc=ca-pub-6404002326578074&w=1600&h=1200&pp=0&ppp=0&eatf=false&eatfAbg=false&reatf=false&a=6%2C1%2C5%2C7&apv=20230712_103852&sat=1689360641150&afm=0&as_count=0&d_count=0&ng_count=0&am_count=6&atf_count=1&mdns=0&alldns=0.270&allp=50&fd=(0%2C27%2C18)%2C(1%2C2%2C0)%2C(2%2C0%2C0)&pgh=5927&abl=false&rr=n&su=www.grandturf.net&pvc=3531930351038728&r=0.1&eid=44759842%2C44759927%2C44759876%2C31075849%2C31076011%2C44788441

Requested by

Host: www.grandturf.net
URL: https://www.grandturf.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.grandturf.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 Jul 2023 12:30:39 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
256 B 155ms
52ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-PMEZ0XHEC4&gtm=45je37c0&_p=1598999568&ul=en-us&sr=1600x1200&cid=529683509.1689597039&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=ABA&ngs=1&_s=1&dl=https%3A%2F%2Fwww.grandturf.net%2F&dt=GrandTurf%20-%20Pronostics%20et%20Analyses%20Quint%C3%A9%2B&sid=1689597039&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-PMEZ0XHEC4&cx=c&_slc=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.grandturf.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 Jul 2023 12:30:39 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.grandturf.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 79ms
79ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=resize&scrl=0&adk=940430000&adf=118710933&fmt=1140x280&str=true&ad_y=3892.5625&vph=1200&r_nh=0&r_ifr=true&qid=CMm8ybrflYADFZZdFQgdaAAGdw&w=1140&h=280&nh=0&rsz=%7C%7CeE%7C&abl=CS&frsz=false&err=0&url=https%3A%2F%2Fwww.grandturf.net%2F&eid=44759842%2C44759927%2C44759876%2C31075849%2C31076011%2C44788441

Requested by

Host: www.grandturf.net
URL: https://www.grandturf.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.grandturf.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 Jul 2023 12:30:39 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dr Show response
as.ad4m.at/ad/ Frame 14B5 2 KB
3 KB 188ms
76ms Document
text/html 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/dr?ed=1jpz36y62n8twzxrsqbd5x96wbnysx9kp039q4p8eyghq6fks1qq0ty2edc8d536zere64dmn85mdzh38fbhea05knec19xyhbd3adbcjdt195f4tjskd5t3kqakm10fc1zj27df34atns6hq56vbhwf6es4y5p6y8y40df1eswzkygbmbey3np3zhc9yyac3zx4s01k28ba21tpaj8d8dwqdhgc5stanpfv1tgwnb3jqptb1r45ghny7d9ryx39xj18p5f7dev5x7ffmxp8xchtk0v8jkye70tkbv5nkg6gzb4586cftfvryb2f440ynw0dv2xrqrxj01sana6y89rtj1nbbvp4126avgyd2ek7bkhkwm2yrjyzbg76zvrdprtzgexv0h2w4xefqrc0h51gq58g2svdqkdr9a3q0rc4y40jvsqxqbfyqa2yrqmyha0w2zvnsatg&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCAl4FbzS1ZMPAAtSn7wLdgLbAA5DhgYRctqjCivACwI23ARABIABglYKAgJQHggEXY2EtcHViLTY0MDQwMDIzMjY1NzgwNzTIAQmpAk7MbFfT1rI-qAMByAMCqgTrAU_QaOo08QRpFpw3UNF_9jQ4AQer-DF-7fZoONYgf-Sods8SIutpWQUd_Nk3PV95FqSGys9o8hlRA0k_Ed9jHEV8U0nFhnjEKRhXcod6hI10vJCdJEIl_KrxOphQX_P6sNvMnUg01aI2SOQlp94uqu_Co9QOLZ58AZPtA0P-X8GEIDu7nf-jnqHY3YKfgoP7X0QfHo_tySqzazf_WrKJHCSv_6XDwfY45KLf1WLc7f1AogbK3cLxSUcRYRNU1lrTUxKp_nJqRmtHftx_az4gLdZpakw7OX45n93yExYnGQngAYMlboLP7xdx6TSABtyHrq-QxZTacqAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0WwHRBdFsAOIqyrAhA0WQzS7U8AA%26client%3Dca-pub-6404002326578074%26adurl%3D

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6404002326578074&output=html&h=280&adk=2245347198&adf=931991694&pi=t.aa~a.1202816626~rp.4&w=360&fwrn=4&fwrnh=100&lmt=1689597038&rafmt=1&to=qs&pwprc=3975764233&format=360x280&url=https%3A%2F%2Fwww.grandturf.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689597038908&bpp=1&bdt=968&idt=-M&shv=r20230711&mjsv=m202307110102&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd1b54429c92bf3cb-22a34575bfe2003b%3AT%3D1689597038%3ART%3D1689597038%3AS%3DALNI_MZlOip74wUMgXe4FQjyC6Fvq79R8g&gpic=UID%3D00000c3ea038b574%3AT%3D1689597038%3ART%3D1689597038%3AS%3DALNI_MYAnMNf1027TZajQClj_Api4V3djg&prev_fmts=0x0%2C1200x280&nras=3&correlator=4896509340721&frm=20&pv=1&ga_vid=529683509.1689597039&ga_sid=1689597039&ga_hid=1598999568&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1010&ady=1939&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759927%2C44759876%2C31075849%2C31076011%2C44788441&oid=2&pvsid=3531930351038728&tmod=718010455&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=sY4ZWQMn01&p=https%3A//www.grandturf.net&dtd=16

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3537ba09f3a62d0b6646b6455a3995112a0573d66e7767bffd4435890d26c7e7

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-src ;img-src data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 7e827f59ae773665-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Mon, 17 Jul 2023 12:30:39 GMT
expires: 0
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230711/r20110914/client/ Frame 587F 3 KB
1 KB 163ms
50ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230711/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 17 Jul 2023 09:13:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 11820
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 31 Jul 2023 09:13:39 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 2EFB 1 KB
643 B 46ms
45ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 81820
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 16 Jul 2023 13:46:59 GMT
etag: 48472445140208031
expires: Mon, 17 Jul 2023 13:46:59 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230711/r20110914/client/ Frame 587F 20 KB
9 KB 156ms
45ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230711/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5dff1c5185bfe98d10fd4b80ad1e2a04d57365a09e631840dce7fd3c79d19971

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 16 Jul 2023 13:55:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 81332
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8314
x-xss-protection: 0
server: cafe
etag: 15120507268597061312
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 30 Jul 2023 13:55:07 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 587F 0
0 153ms
53ms Image
text/html 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTaDr4A_84txKhCSymV3VctyezgmUdg3J5eks9Y1HbOUKA0gSLuJ6MX8sEd2oRwaULPKKK6P3PiYIH1RiaN-INW04FLKQ
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6404002326578074&output=html&h=280&adk=2245347198&adf=931991694&pi=t.aa~a.1202816626~rp.4&w=360&fwrn=4&fwrnh=100&lmt=1689597038&rafmt=1&to=qs&pwprc=3975764233&format=360x280&url=https%3A%2F%2Fwww.grandturf.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689597038908&bpp=1&bdt=968&idt=-M&shv=r20230711&mjsv=m202307110102&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd1b54429c92bf3cb-22a34575bfe2003b%3AT%3D1689597038%3ART%3D1689597038%3AS%3DALNI_MZlOip74wUMgXe4FQjyC6Fvq79R8g&gpic=UID%3D00000c3ea038b574%3AT%3D1689597038%3ART%3D1689597038%3AS%3DALNI_MYAnMNf1027TZajQClj_Api4V3djg&prev_fmts=0x0%2C1200x280&nras=3&correlator=4896509340721&frm=20&pv=1&ga_vid=529683509.1689597039&ga_sid=1689597039&ga_hid=1598999568&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1010&ady=1939&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759927%2C44759876%2C31075849%2C31076011%2C44788441&oid=2&pvsid=3531930351038728&tmod=718010455&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=sY4ZWQMn01&p=https%3A//www.grandturf.net&dtd=16
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 587F 179 KB
56 KB 63ms
62ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b72dda235b143194413283de53498a1e9c2cc2142558b6fe8b80f6ac551520c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 17 Jul 2023 12:30:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57311
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1689162493659380"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 17 Jul 2023 12:30:39 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 80ms
79ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=resize&scrl=0&adk=343766305&adf=3891162701&fmt=263x240&str=true&ad_y=3947.5625&vph=1200&r_nh=0&r_ifr=true&qid=CNj7zbrflYADFQfEZAodm5EAAg&w=263&h=240&nh=0&rsz=%7C%7CeE%7C&abl=CS&frsz=false&err=0&url=https%3A%2F%2Fwww.grandturf.net%2F&eid=44759842%2C44759927%2C44759876%2C31075849%2C31076011%2C44788441

Requested by

Host: www.grandturf.net
URL: https://www.grandturf.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.grandturf.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 Jul 2023 12:30:39 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame 2EFB
Redirect Chain

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEN0I694jySwu5HLO-3za_ek&google_cver=1&google_push=AaAOQGHfuXr9TZbW2fOrOswQ8cxqpBBtqDwPrpPgjgeOmxtJOIGmG3PXYPYFYDS5ONOIBTjhghFNQuH4_po2nUk3rcq1ioK-rEq1p...
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=ODAwMTcxNzE3ODU1NjQ3OTA3OA==&gdpr=&gdpr_consent=
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEFAUzUScZN6j93sTHeHD8jg&google_cver=1

43 B
398 B

99ms
51ms

Image
image/gif

46.228.164.11
AMOBEE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEFAUzUScZN6j93sTHeHD8jg&google_cver=1
Requested by: Host: www.grandturf.net
URL: https://www.grandturf.net/
Protocol: H2
Server: 46.228.164.11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software: /
Resource Hash: 48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Mon, 17 Jul 2023 12:30:39 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 43
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma: no-cache
date: Mon, 17 Jul 2023 12:30:40 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEFAUzUScZN6j93sTHeHD8jg&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 2EFB
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEKIBl6cdqbWGmpBrPLahYSw&google_push=AaAOQGFCRk7hg3YDonWKj52A7imPzqTleFRdLHYRC3MWuiFEZLy872EJbA...

170 B
232 B

57ms
57ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEKIBl6cdqbWGmpBrPLahYSw&google_push=AaAOQGFCRk7hg3YDonWKj52A7imPzqTleFRdLHYRC3MWuiFEZLy872EJbAqGkyFSeu_0r06Sx0GjUUg1HaSfBYil0neFnAP8TtjJxSy184VMo1gHn64QTzmFu_0IWCiicK8YRtYXQttNiDFVcsQQkoaSl9ew_6Q

Requested by

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 Jul 2023 12:30:39 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by: cache-fra-eddf8230089-FRA
pragma: no-cache
date: Mon, 17 Jul 2023 12:30:39 GMT
via: 1.1 varnish
server: Jetty(9.4.35.v20201120)
x-timer: S1689597040.688907,VS0,VE95
x-cache: MISS
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin: *
location: https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEKIBl6cdqbWGmpBrPLahYSw&google_push=AaAOQGFCRk7hg3YDonWKj52A7imPzqTleFRdLHYRC3MWuiFEZLy872EJbAqGkyFSeu_0r06Sx0GjUUg1HaSfBYil0neFnAP8TtjJxSy184VMo1gHn64QTzmFu_0IWCiicK8YRtYXQttNiDFVcsQQkoaSl9ew_6Q
cache-control: no-cache
accept-ranges: bytes
content-length: 0
x-cache-hits: 0

GET
H2 204 pixelSync
pixel-sync.sitescout.com/dmp/ Frame 2EFB 0
187 B 179ms
51ms Image
text/plain 98.98.134.243
ZEN-ECN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel-sync.sitescout.com/dmp/pixelSync?nid=8&google_gid=CAESEMTQEOkoc_hbrLPatlB3a8U&google_cver=1&google_push=AaAOQGHz1KnitakCIPSARQaQR66D-FXEUKmS5vVRix4ymAR30qTiAqDdyXtNH1a2rUExU0u6gY077rZqi8r-rkE47M_UIVp78j9gYkT4wcPy1Ckhlek3OFn-ysHcG_lKMPGuUtrZ4g8lAAaJEuTSnvnR3GYfZA
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6404002326578074&output=html&h=280&adk=2245347198&adf=931991694&pi=t.aa~a.1202816626~rp.4&w=360&fwrn=4&fwrnh=100&lmt=1689597038&rafmt=1&to=qs&pwprc=3975764233&format=360x280&url=https%3A%2F%2Fwww.grandturf.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689597038908&bpp=1&bdt=968&idt=-M&shv=r20230711&mjsv=m202307110102&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd1b54429c92bf3cb-22a34575bfe2003b%3AT%3D1689597038%3ART%3D1689597038%3AS%3DALNI_MZlOip74wUMgXe4FQjyC6Fvq79R8g&gpic=UID%3D00000c3ea038b574%3AT%3D1689597038%3ART%3D1689597038%3AS%3DALNI_MYAnMNf1027TZajQClj_Api4V3djg&prev_fmts=0x0%2C1200x280&nras=3&correlator=4896509340721&frm=20&pv=1&ga_vid=529683509.1689597039&ga_sid=1689597039&ga_hid=1598999568&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1010&ady=1939&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759927%2C44759876%2C31075849%2C31076011%2C44788441&oid=2&pvsid=3531930351038728&tmod=718010455&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=sY4ZWQMn01&p=https%3A//www.grandturf.net&dtd=16
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 98.98.134.243 , United States, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software: A /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma: no-cache
date: Mon, 17 Jul 2023 12:30:39 GMT
cache-control: max-age=0,no-cache,no-store
server: A
expires: Tue, 11 Oct 1977 12:34:56 GMT

GET
H2 200 sync
x.bidswitch.net/ Frame 2EFB 43 B
146 B 270ms
46ms Image
image/gif 52.58.212.116
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEPSaVJ5wgpGJihpbb2lEEZA&google_cver=1&google_push=AaAOQGEJwfEBVg6oIXPiIOsQu7VZERbn7SFdrL8jsczUXSkfagNB10KFatO0N5cK6TzaSrY2iae9N7xxSLaE13f0saqPrXCyINOXHrcK5jQT0rX415LJMGBDG_zLzRR8viBxtylkv_pSbCo7v2iMpNiJsnF9Itk
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6404002326578074&output=html&h=280&adk=2245347198&adf=931991694&pi=t.aa~a.1202816626~rp.4&w=360&fwrn=4&fwrnh=100&lmt=1689597038&rafmt=1&to=qs&pwprc=3975764233&format=360x280&url=https%3A%2F%2Fwww.grandturf.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689597038908&bpp=1&bdt=968&idt=-M&shv=r20230711&mjsv=m202307110102&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd1b54429c92bf3cb-22a34575bfe2003b%3AT%3D1689597038%3ART%3D1689597038%3AS%3DALNI_MZlOip74wUMgXe4FQjyC6Fvq79R8g&gpic=UID%3D00000c3ea038b574%3AT%3D1689597038%3ART%3D1689597038%3AS%3DALNI_MYAnMNf1027TZajQClj_Api4V3djg&prev_fmts=0x0%2C1200x280&nras=3&correlator=4896509340721&frm=20&pv=1&ga_vid=529683509.1689597039&ga_sid=1689597039&ga_hid=1598999568&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1010&ady=1939&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759927%2C44759876%2C31075849%2C31076011%2C44788441&oid=2&pvsid=3531930351038728&tmod=718010455&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=sY4ZWQMn01&p=https%3A//www.grandturf.net&dtd=16
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.58.212.116 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-58-212-116.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 17 Jul 2023 12:30:39 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 2EFB
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEAM2uLsyEFu8GmFuK3K48zM&google_cver=1&google_push=AaAOQGGgnR9tX4JDR2gfxCrOyrNAQ6hhxF2JnTBa_0ZDSi_DoDwOrGXLO6FTMxbYLYCgx3AJbWhJjhrX...
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEAM2uLsyEFu8GmFuK3K48zM&google_cver=1&google_push=AaAOQGGgnR9tX4JDR2gfxCrOyrNAQ6hhxF2JnTBa_0ZDSi_DoDwOrGXLO6FTMxbYLYCgx3AJbWh...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NjMzMTYyNzcyNTE3NDA2MTM0OQ&google_push=AaAOQGGgnR9tX4JDR2gfxCrOyrNAQ6hhxF2JnTBa_0ZDSi_DoDwOrGXLO6FTMxbYLYCgx3AJbWhJjh...

170 B
232 B

57ms
57ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NjMzMTYyNzcyNTE3NDA2MTM0OQ&google_push=AaAOQGGgnR9tX4JDR2gfxCrOyrNAQ6hhxF2JnTBa_0ZDSi_DoDwOrGXLO6FTMxbYLYCgx3AJbWhJjhrXVGNPhtu4rBUn6ntFYZp-0l5zDD77JQGoSEMCUtz3Ci2TrFqPyDPiOw1A-kbN6uEQFO1WySYcGgTQtQ

Requested by

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 Jul 2023 12:30:39 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 17 Jul 2023 12:30:40 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NjMzMTYyNzcyNTE3NDA2MTM0OQ&google_push=AaAOQGGgnR9tX4JDR2gfxCrOyrNAQ6hhxF2JnTBa_0ZDSi_DoDwOrGXLO6FTMxbYLYCgx3AJbWhJjhrXVGNPhtu4rBUn6ntFYZp-0l5zDD77JQGoSEMCUtz3Ci2TrFqPyDPiOw1A-kbN6uEQFO1WySYcGgTQtQ
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 2EFB
Redirect Chain

https://ius.ctnsnet.com/int/cm?exc=1&acc=crimtan_holdings_limited&google_gid=CAESEB3tBtmWAnXD05gUFYy9Skw&google_cver=1&google_push=AaAOQGGUHo2mMCL-UQqdTRpI028-Q3tWOIfbp3SRPbicTLVY64bQkVIAOGLWCiAB5D...
https://cm.g.doubleclick.net/pixel?google_nid=crimtan_holdings_limited&google_push=AaAOQGGUHo2mMCL-UQqdTRpI028-Q3tWOIfbp3SRPbicTLVY64bQkVIAOGLWCiAB5Delb6qEiYW1R3a8a-XP899OfKRj_Y1K9Cl6M09IHNIJzdvu-C...

170 B
329 B

56ms
56ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=crimtan_holdings_limited&google_push=AaAOQGGUHo2mMCL-UQqdTRpI028-Q3tWOIfbp3SRPbicTLVY64bQkVIAOGLWCiAB5Delb6qEiYW1R3a8a-XP899OfKRj_Y1K9Cl6M09IHNIJzdvu-CncLy5pb4gV2PD2NzKhFtgQ8WGXIt5fyRV_8Vyb8yNVKs8&google_hm=oKVbDtQ9Tn-p88a_68CSSGk

Requested by

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 Jul 2023 12:30:39 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 17 Jul 2023 12:30:39 GMT
via: 1.1 google
server: Apache-Coyote/1.1
p3p: CP="NOI DSP COR NID CUR OUR NOR"
status: 302
location: https://cm.g.doubleclick.net/pixel?google_nid=crimtan_holdings_limited&google_push=AaAOQGGUHo2mMCL-UQqdTRpI028-Q3tWOIfbp3SRPbicTLVY64bQkVIAOGLWCiAB5Delb6qEiYW1R3a8a-XP899OfKRj_Y1K9Cl6M09IHNIJzdvu-CncLy5pb4gV2PD2NzKhFtgQ8WGXIt5fyRV_8Vyb8yNVKs8&google_hm=oKVbDtQ9Tn-p88a_68CSSGk
content-type: text/html;charset=UTF-8
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

report
sync.teads.tv/um/ Frame 2EFB
Redirect Chain

https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEAqq46UXDCY8...
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=AaAOQGEEs7PiA0Hqw_NO-Wu_h9dmReQJ3KdNqiW9_xLEcjqcciMf6wdOrCQpICUuJBgKsV-X_YdwEp1awod3KFiwaxuHcvgPV0MRNsQkQN93DoEA6_CtR...
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

23 B
163 B

72ms
72ms

Image
image/gif

104.102.35.84
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6404002326578074&output=html&h=280&adk=2245347198&adf=931991694&pi=t.aa~a.1202816626~rp.4&w=360&fwrn=4&fwrnh=100&lmt=1689597038&rafmt=1&to=qs&pwprc=3975764233&format=360x280&url=https%3A%2F%2Fwww.grandturf.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689597038908&bpp=1&bdt=968&idt=-M&shv=r20230711&mjsv=m202307110102&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd1b54429c92bf3cb-22a34575bfe2003b%3AT%3D1689597038%3ART%3D1689597038%3AS%3DALNI_MZlOip74wUMgXe4FQjyC6Fvq79R8g&gpic=UID%3D00000c3ea038b574%3AT%3D1689597038%3ART%3D1689597038%3AS%3DALNI_MYAnMNf1027TZajQClj_Api4V3djg&prev_fmts=0x0%2C1200x280&nras=3&correlator=4896509340721&frm=20&pv=1&ga_vid=529683509.1689597039&ga_sid=1689597039&ga_hid=1598999568&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1010&ady=1939&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759927%2C44759876%2C31075849%2C31076011%2C44788441&oid=2&pvsid=3531930351038728&tmod=718010455&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=sY4ZWQMn01&p=https%3A//www.grandturf.net&dtd=16
Protocol: H2
Server: 104.102.35.84 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-102-35-84.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.10 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

expires: Mon, 17 Jul 2023 12:30:39 GMT
pragma: no-cache
date: Mon, 17 Jul 2023 12:30:39 GMT
cache-control: max-age=0, no-cache, no-store
server: akka-http/10.2.10
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Mon, 17 Jul 2023 12:30:39 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 260
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 2EFB 0
139 B 174ms
53ms Image
text/html 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13L9V12-ePmKhx3x7gtssvPiYEFrQZ9qPG70j9vF91b3OdWTrNIs3Eq7a10BX7A04PhRsX7FBV0

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 17 Jul 2023 12:30:39 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
DATA 200
OK truncated
/ Frame 587F 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9d7eab005f4e31417ef805f0cd01dc89230f75177e88c427c20b6cbb39204cd0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 587F 0
19 B 89ms
89ms Image
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C08cPbzS1ZMPAAtSn7wLdgLbAA5DhgYRctqjCivACwI23ARABIABglYKAgJQHggEXY2EtcHViLTY0MDQwMDIzMjY1NzgwNzTIAQmpAk7MbFfT1rI-qAMByAMCqgToAU_QaOo08QRpFpw3UNF_9jQ4AQer-DF-7fZoONYgf-Sods8SIutpWQUd_Nk3PV95FqSGys9o8hlRA0k_Ed9jHEV8U0nFhnjEKRhXcod6hI10vJCdJEIl_KrxOphQX_P6sNvMnUg01aI2SOQlp94uqu_Co9QOLZ58AZPtA0P-X8GEIDu7nf-jnqHY3YKfgoP7X0QfHo_tySqzazf_WrKJHCSv_6XDwfY45KLf1WLc7f1AogbK3cLxSUcRYRNU1lrTUxKpvHBL1Ly--Zy37Ha295_7mHUvM9MzscUvk9Rui_F0H689u15Qr9-ABtyHrq-QxZTacqAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOoAKAfoLAggBgAwB0BUBgBcBshcaChgSFHB1Yi02NDA0MDAyMzI2NTc4MDc0GAA&sigh=uc3QIq35pOE&uach_m=[UACH]&cid=CAQSPABpAlJWPNj_jH5ztEfkc57syjhoK4nIkrDwoHqValxX_DTys714oGddJQ0pBONOPEXzFblf4DtQvC4CsBgB&cbvp=2&vis=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6404002326578074&output=html&h=280&adk=2245347198&adf=931991694&pi=t.aa~a.1202816626~rp.4&w=360&fwrn=4&fwrnh=100&lmt=1689597038&rafmt=1&to=qs&pwprc=3975764233&format=360x280&url=https%3A%2F%2Fwww.grandturf.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689597038908&bpp=1&bdt=968&idt=-M&shv=r20230711&mjsv=m202307110102&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd1b54429c92bf3cb-22a34575bfe2003b%3AT%3D1689597038%3ART%3D1689597038%3AS%3DALNI_MZlOip74wUMgXe4FQjyC6Fvq79R8g&gpic=UID%3D00000c3ea038b574%3AT%3D1689597038%3ART%3D1689597038%3AS%3DALNI_MYAnMNf1027TZajQClj_Api4V3djg&prev_fmts=0x0%2C1200x280&nras=3&correlator=4896509340721&frm=20&pv=1&ga_vid=529683509.1689597039&ga_sid=1689597039&ga_hid=1598999568&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1010&ady=1939&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759927%2C44759876%2C31075849%2C31076011%2C44788441&oid=2&pvsid=3531930351038728&tmod=718010455&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=sY4ZWQMn01&p=https%3A//www.grandturf.net&dtd=16
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 17 Jul 2023 12:30:39 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 204 winResponse
prod-rtb.ad4mat.net/ Frame 587F 0
103 B 165ms
55ms Image
image/gif 2600:1901:0:76b9::
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://prod-rtb.ad4mat.net/winResponse?a=1h8fc5gzzv208mc8hde5pwcp4kchdxn85s1he85fnvz2604n7y5japas9rqv7x3t3swqnym06rm7426mpcrxcp2k9tyx1w3b1mmphgyptvtkm0tx8t23a3q5hjvk3tdey678z90t18wtqh2p64gppmk2rc62w6bnm7wxstg7xevf4qw9pmsyq1de7m38q5j9hanqgsqfzwq9we4d5psvdabc9qtvq2xg9dtq4rx6ave5a1e136a7c6v8ddyf9c6hke1qtbwezpetwch0xspbc62ddd4fchbjhzfayep3qt26mf9b50befhszypzh64f06tcsrh93zbv17hg20wzd16jt38qb93zd27qrs2cpp2qxw4dxwqwtzeaxb17yb66dmcd2n3md37m57q78&b=ZLU0bwAAoEMKW9PUAA2AXYptKRXewZ36BbhDvQ&cbvp=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6404002326578074&output=html&h=280&adk=2245347198&adf=931991694&pi=t.aa~a.1202816626~rp.4&w=360&fwrn=4&fwrnh=100&lmt=1689597038&rafmt=1&to=qs&pwprc=3975764233&format=360x280&url=https%3A%2F%2Fwww.grandturf.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689597038908&bpp=1&bdt=968&idt=-M&shv=r20230711&mjsv=m202307110102&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd1b54429c92bf3cb-22a34575bfe2003b%3AT%3D1689597038%3ART%3D1689597038%3AS%3DALNI_MZlOip74wUMgXe4FQjyC6Fvq79R8g&gpic=UID%3D00000c3ea038b574%3AT%3D1689597038%3ART%3D1689597038%3AS%3DALNI_MYAnMNf1027TZajQClj_Api4V3djg&prev_fmts=0x0%2C1200x280&nras=3&correlator=4896509340721&frm=20&pv=1&ga_vid=529683509.1689597039&ga_sid=1689597039&ga_hid=1598999568&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1010&ady=1939&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759927%2C44759876%2C31075849%2C31076011%2C44788441&oid=2&pvsid=3531930351038728&tmod=718010455&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=sY4ZWQMn01&p=https%3A//www.grandturf.net&dtd=16
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 17 Jul 2023 12:30:39 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: image/gif

GET
H2 200 default.css
as.ad4m.at/ad/style/0.1.48/one-ad/ Frame 14B5 114 KB
14 KB 59ms
59ms Stylesheet
text/css 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.48/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1jpz36y62n8twzxrsqbd5x96wbnysx9kp039q4p8eyghq6fks1qq0ty2edc8d536zere64dmn85mdzh38fbhea05knec19xyhbd3adbcjdt195f4tjskd5t3kqakm10fc1zj27df34atns6hq56vbhwf6es4y5p6y8y40df1eswzkygbmbey3np3zhc9yyac3zx4s01k28ba21tpaj8d8dwqdhgc5stanpfv1tgwnb3jqptb1r45ghny7d9ryx39xj18p5f7dev5x7ffmxp8xchtk0v8jkye70tkbv5nkg6gzb4586cftfvryb2f440ynw0dv2xrqrxj01sana6y89rtj1nbbvp4126avgyd2ek7bkhkwm2yrjyzbg76zvrdprtzgexv0h2w4xefqrc0h51gq58g2svdqkdr9a3q0rc4y40jvsqxqbfyqa2yrqmyha0w2zvnsatg&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCAl4FbzS1ZMPAAtSn7wLdgLbAA5DhgYRctqjCivACwI23ARABIABglYKAgJQHggEXY2EtcHViLTY0MDQwMDIzMjY1NzgwNzTIAQmpAk7MbFfT1rI-qAMByAMCqgTrAU_QaOo08QRpFpw3UNF_9jQ4AQer-DF-7fZoONYgf-Sods8SIutpWQUd_Nk3PV95FqSGys9o8hlRA0k_Ed9jHEV8U0nFhnjEKRhXcod6hI10vJCdJEIl_KrxOphQX_P6sNvMnUg01aI2SOQlp94uqu_Co9QOLZ58AZPtA0P-X8GEIDu7nf-jnqHY3YKfgoP7X0QfHo_tySqzazf_WrKJHCSv_6XDwfY45KLf1WLc7f1AogbK3cLxSUcRYRNU1lrTUxKp_nJqRmtHftx_az4gLdZpakw7OX45n93yExYnGQngAYMlboLP7xdx6TSABtyHrq-QxZTacqAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0WwHRBdFsAOIqyrAhA0WQzS7U8AA%26client%3Dca-pub-6404002326578074%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 032aee61923ef53fb2b9efbb5d55f771f780e9c2fce9c076638b809a9607eee3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/dr?ed=1jpz36y62n8twzxrsqbd5x96wbnysx9kp039q4p8eyghq6fks1qq0ty2edc8d536zere64dmn85mdzh38fbhea05knec19xyhbd3adbcjdt195f4tjskd5t3kqakm10fc1zj27df34atns6hq56vbhwf6es4y5p6y8y40df1eswzkygbmbey3np3zhc9yyac3zx4s01k28ba21tpaj8d8dwqdhgc5stanpfv1tgwnb3jqptb1r45ghny7d9ryx39xj18p5f7dev5x7ffmxp8xchtk0v8jkye70tkbv5nkg6gzb4586cftfvryb2f440ynw0dv2xrqrxj01sana6y89rtj1nbbvp4126avgyd2ek7bkhkwm2yrjyzbg76zvrdprtzgexv0h2w4xefqrc0h51gq58g2svdqkdr9a3q0rc4y40jvsqxqbfyqa2yrqmyha0w2zvnsatg&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCAl4FbzS1ZMPAAtSn7wLdgLbAA5DhgYRctqjCivACwI23ARABIABglYKAgJQHggEXY2EtcHViLTY0MDQwMDIzMjY1NzgwNzTIAQmpAk7MbFfT1rI-qAMByAMCqgTrAU_QaOo08QRpFpw3UNF_9jQ4AQer-DF-7fZoONYgf-Sods8SIutpWQUd_Nk3PV95FqSGys9o8hlRA0k_Ed9jHEV8U0nFhnjEKRhXcod6hI10vJCdJEIl_KrxOphQX_P6sNvMnUg01aI2SOQlp94uqu_Co9QOLZ58AZPtA0P-X8GEIDu7nf-jnqHY3YKfgoP7X0QfHo_tySqzazf_WrKJHCSv_6XDwfY45KLf1WLc7f1AogbK3cLxSUcRYRNU1lrTUxKp_nJqRmtHftx_az4gLdZpakw7OX45n93yExYnGQngAYMlboLP7xdx6TSABtyHrq-QxZTacqAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0WwHRBdFsAOIqyrAhA0WQzS7U8AA%26client%3Dca-pub-6404002326578074%26adurl%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 17 Jul 2023 12:30:39 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime: 1687950287
age: 436652
cf-polished: origSize=117335
x-guploader-uploadid: ADPycdu7Pb84Y6vCPqpUShyJrQGb98f4yuF1LiyC2B7DeEN9kG_1SbpI2iXm6tsp7d5fI22nNzf0l66mXGhEIUVspATbXw
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 28 Jun 2023 11:05:15 GMT
server: cloudflare
etag: W/"5d49535c2a84a9762127b3d9e77d7e02"
vary: Accept-Encoding
x-goog-generation: 1687950315098833
content-type: text/css
x-goog-hash: crc32c=aWAnwg==, md5=XUlTXCqEqXYhJ7PZ531+Ag==
cache-control: public, max-age=3600
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m2uJ2cu4PTJCoqn0Fm4X8aMTA7nPFs%2FpS8%2FWsHz0ZETBmCuFAhNT6TKfwsV2U7AbBostgYck%2FnyQFabXCSWaTywh9%2FQZkRKwzJoHYHjfSCRE%2Blz9bUyJ5ySHJLKaz5Vh3sCr6YZhN0g%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 117335
cf-ray: 7e827f5a4f383665-FRA
expires: Mon, 17 Jul 2023 13:30:39 GMT

GET
H2 200 r62eglto.js Show response
ad4m.at/ Frame 14B5 25 KB
10 KB 80ms
65ms Script
application/javascript 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/r62eglto.js
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1jpz36y62n8twzxrsqbd5x96wbnysx9kp039q4p8eyghq6fks1qq0ty2edc8d536zere64dmn85mdzh38fbhea05knec19xyhbd3adbcjdt195f4tjskd5t3kqakm10fc1zj27df34atns6hq56vbhwf6es4y5p6y8y40df1eswzkygbmbey3np3zhc9yyac3zx4s01k28ba21tpaj8d8dwqdhgc5stanpfv1tgwnb3jqptb1r45ghny7d9ryx39xj18p5f7dev5x7ffmxp8xchtk0v8jkye70tkbv5nkg6gzb4586cftfvryb2f440ynw0dv2xrqrxj01sana6y89rtj1nbbvp4126avgyd2ek7bkhkwm2yrjyzbg76zvrdprtzgexv0h2w4xefqrc0h51gq58g2svdqkdr9a3q0rc4y40jvsqxqbfyqa2yrqmyha0w2zvnsatg&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCAl4FbzS1ZMPAAtSn7wLdgLbAA5DhgYRctqjCivACwI23ARABIABglYKAgJQHggEXY2EtcHViLTY0MDQwMDIzMjY1NzgwNzTIAQmpAk7MbFfT1rI-qAMByAMCqgTrAU_QaOo08QRpFpw3UNF_9jQ4AQer-DF-7fZoONYgf-Sods8SIutpWQUd_Nk3PV95FqSGys9o8hlRA0k_Ed9jHEV8U0nFhnjEKRhXcod6hI10vJCdJEIl_KrxOphQX_P6sNvMnUg01aI2SOQlp94uqu_Co9QOLZ58AZPtA0P-X8GEIDu7nf-jnqHY3YKfgoP7X0QfHo_tySqzazf_WrKJHCSv_6XDwfY45KLf1WLc7f1AogbK3cLxSUcRYRNU1lrTUxKp_nJqRmtHftx_az4gLdZpakw7OX45n93yExYnGQngAYMlboLP7xdx6TSABtyHrq-QxZTacqAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0WwHRBdFsAOIqyrAhA0WQzS7U8AA%26client%3Dca-pub-6404002326578074%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ba4a0c91bdda0c6f615970c6c39dbe9e47f84613f5460c2b21bf5d1eec6277a3

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 17 Jul 2023 12:30:39 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 11 Jul 2023 16:29:57 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 504017
etag: W/"8f7b47e4fef4e58c4cfeb4f6c445dcb6"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=c1BOq4yodlUZ2eQTJ2lc7%2FvH8Jeh4cEisEdx7fAmB%2BcZyZA3IkRCFdzZ67caQO3Bz1zAO5%2B8PTIhLGQaulSjkwRSshnXHZRsBIQv7HASpkkUp3hwFFQefRHYj8oklSNqqXPkpUs%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray: 7e827f5a5f573665-FRA
alt-svc: h3=":443"; ma=86400
expires: Tue, 11 Jul 2023 16:30:12 GMT

GET
H2 200 dr Show response
as.ad4m.at/ad/ Frame B994 2 KB
2 KB 73ms
70ms Document
text/html 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/dr?ed=1hxwmrzqhr4t58x1tm5qvnf7vt2an4a49b2b059xrnrekxp26hw87eh4kskk0y6zdf9tfkrmypsxdh8c0jcrj9hf22gbdfswhv2akd0kyd4hss8w6xpesc31n58sgddv4hfpsjzd2pjaf0f973t96j0cqyk3t8y8n2hvm8yt719x7txh49m55r7wknxxz4jm8q1yr2b2snqmn3cbe3d1pzsahnwzdh84f1s1tqz3y03nz2mjsph6qcq8kxgz5sb56z4b7r5fpyrpx2ewg26xg0xe0xcq6b5cx35r4g7r1e62ktjjkf3ns5fqmg9nq9jjade7jbhd6awqckqh9gw2rpv7fdrv45haseg28gnzfz4ppwjsnhh2fgvmjsh8fspasdx692yyq7hna08hmk0mtzg50agzrgyzd4yr0rrpb3sbxmn0753vchnvpn3vgqawa7y88gjfjvm0&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCtC2mbzS1ZJ7EAoKQ5LcPk7uukA-Q4YGEXLaoworwAsCNtwEQASAAYJWCgICUB4IBF2NhLXB1Yi02NDA0MDAyMzI2NTc4MDc0yAEJqQKyeu4-Vd2yPqgDAcgDAqoE6wFP0BcA8N62bD4AQwm161b12CPyFrF89kWujkq-EejcL9MQ_HJHc3b64P6CN4yUaTnUlpoJ2y-KAVd7FJunT03MzT5Ci5k45O7OFDRnGDQiY7jokGvT82jNY9KNzbeZPOmi1cJ7jBkDsfiEW_JizSbmlb6VC0FjRjPbxoJeOoGgDkjXonImYWkdnJe7p1os8GLtNZ_dgF4nhWlyUzLe8BQ83-rat6Y4fBnsPYwJHyXYiU-DCK_IWOTrbGbK4V7YUPRDRxLVYyLW24riCSlGSOariG2dBxmGL2NZlO60MOtkmcB88kkBxsdAxZoIgAbch66vkMWU2nKgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3oYIUeLgvqwWs34VVQ3HmsgFA1fg%26client%3Dca-pub-6404002326578074%26adurl%3D

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6404002326578074&output=html&h=280&adk=2692089315&adf=1695447792&pi=t.aa~a.2665873805~rp.1&w=360&fwrn=4&fwrnh=100&lmt=1689597038&rafmt=1&to=qs&pwprc=3975764233&format=360x280&url=https%3A%2F%2Fwww.grandturf.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689597038908&bpp=1&bdt=969&idt=-M&shv=r20230711&mjsv=m202307110102&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd1b54429c92bf3cb-22a34575bfe2003b%3AT%3D1689597038%3ART%3D1689597038%3AS%3DALNI_MZlOip74wUMgXe4FQjyC6Fvq79R8g&gpic=UID%3D00000c3ea038b574%3AT%3D1689597038%3ART%3D1689597038%3AS%3DALNI_MYAnMNf1027TZajQClj_Api4V3djg&prev_fmts=0x0%2C1200x280%2C360x280&nras=4&correlator=4896509340721&frm=20&pv=1&ga_vid=529683509.1689597039&ga_sid=1689597039&ga_hid=1598999568&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=620&ady=2274&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759927%2C44759876%2C31075849%2C31076011%2C44788441&oid=2&pvsid=3531930351038728&tmod=718010455&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=N6SVaiDgmu&p=https%3A//www.grandturf.net&dtd=21

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

09e1039e6ad71d4dd12ebec52bb739d192462249da709a1b27766d376f83b92c

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-src ;img-src data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 7e827f5a6f693665-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Mon, 17 Jul 2023 12:30:39 GMT
expires: 0
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230711/r20110914/client/ Frame 082F 3 KB
1 KB 47ms
45ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230711/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 17 Jul 2023 09:13:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 11820
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 31 Jul 2023 09:13:39 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 4E31 1 KB
643 B 46ms
44ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 81820
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 16 Jul 2023 13:46:59 GMT
etag: 48472445140208031
expires: Mon, 17 Jul 2023 13:46:59 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230711/r20110914/client/ Frame 082F 20 KB
8 KB 47ms
45ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230711/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5dff1c5185bfe98d10fd4b80ad1e2a04d57365a09e631840dce7fd3c79d19971

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 16 Jul 2023 13:55:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 81332
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8314
x-xss-protection: 0
server: cafe
etag: 15120507268597061312
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 30 Jul 2023 13:55:07 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 082F 179 KB
56 KB 60ms
59ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b72dda235b143194413283de53498a1e9c2cc2142558b6fe8b80f6ac551520c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 17 Jul 2023 12:30:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57311
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1689162493659380"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 17 Jul 2023 12:30:39 GMT

GET
H2 200 dpixel
cms.quantserve.com/ Frame 4E31 35 B
464 B 145ms
47ms Image
image/gif 2620:116:800d:21:b314:a0ef:ab7c:d546
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEDP-XcmH6NIRo_gDs-FicxU&google_cver=1&google_push=AaAOQGFcnnfuf_41mhyGUEC7UvwH3ZdY7_eLgozrYj5vUzZMwojIMggEm9l450chdaL9mvqtktK4wz-7hRM_GdnNMXnk1olonWLDBNOtDopN8sEtsejuHjiwP-EHWk0AKt1rtfJX_cBrWEv96tE2ZC6S8Y-gpO4

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:b314:a0ef:ab7c:d546 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 Jul 2023 12:30:39 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 204 current
dclk-match.dotomi.com/match/bounce/ Frame 4E31 0
104 B 255ms
105ms Image
text/plain 2a02:fa8:8806:13::1400
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEN92BpC_JRExLhwGYfQm5z0&google_cver=1&google_push=AaAOQGGkHp54xMI_ZTUNngGCJC66sEG_9VkjuL-pWxDTWmJgIhHP40Tu3PtFNwxD1CanjJpPFj_faGwyaCfPymgKbM_lFK4yh1FuKCwno8OOu8o04c5fJgYtVyYTcVaBiH-M_LDaYyrJpX-hfIcxO9bYYx_bxiQ
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6404002326578074&output=html&h=280&adk=2692089315&adf=1695447792&pi=t.aa~a.2665873805~rp.1&w=360&fwrn=4&fwrnh=100&lmt=1689597038&rafmt=1&to=qs&pwprc=3975764233&format=360x280&url=https%3A%2F%2Fwww.grandturf.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689597038908&bpp=1&bdt=969&idt=-M&shv=r20230711&mjsv=m202307110102&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd1b54429c92bf3cb-22a34575bfe2003b%3AT%3D1689597038%3ART%3D1689597038%3AS%3DALNI_MZlOip74wUMgXe4FQjyC6Fvq79R8g&gpic=UID%3D00000c3ea038b574%3AT%3D1689597038%3ART%3D1689597038%3AS%3DALNI_MYAnMNf1027TZajQClj_Api4V3djg&prev_fmts=0x0%2C1200x280%2C360x280&nras=4&correlator=4896509340721&frm=20&pv=1&ga_vid=529683509.1689597039&ga_sid=1689597039&ga_hid=1598999568&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=620&ady=2274&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759927%2C44759876%2C31075849%2C31076011%2C44788441&oid=2&pvsid=3531930351038728&tmod=718010455&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=N6SVaiDgmu&p=https%3A//www.grandturf.net&dtd=21
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:13::1400 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 Jul 2023 12:30:39 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 4E31
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEBiXA9L8O2VBwuFAO1AQmWQ&google_cver=1&google_push=AaAOQGHpfYk9DtQuTvKZ5TCpIrU-BrQtTjK1eO7fgyT2o5wL79cHqo39MH0MBF3t6beum20Xv8sdxiS6YWj9YPge...
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AaAOQGHpfYk9DtQuTvKZ5TCpIrU-BrQtTjK1eO7fgyT2o5wL79cHqo39MH0MBF3t6beum20Xv8sdxiS6YWj9YPgeyoDamoHOQcZ_RuqgLvhtateibr88GS...

170 B
188 B

57ms
56ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AaAOQGHpfYk9DtQuTvKZ5TCpIrU-BrQtTjK1eO7fgyT2o5wL79cHqo39MH0MBF3t6beum20Xv8sdxiS6YWj9YPgeyoDamoHOQcZ_RuqgLvhtateibr88GS6n_geBGpV6FEMs-tKpU88CtQqHX8yLcBwYJm6a-oU

Requested by

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 Jul 2023 12:30:39 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Mon, 17 Jul 2023 12:30:39 GMT
Server: MT3 1031 59fd23a master zrh zrh-pixel-x26 config_version:"1524"
Content-Type: image/gif
Access-Control-Allow-Origin: *
location: https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AaAOQGHpfYk9DtQuTvKZ5TCpIrU-BrQtTjK1eO7fgyT2o5wL79cHqo39MH0MBF3t6beum20Xv8sdxiS6YWj9YPgeyoDamoHOQcZ_RuqgLvhtateibr88GS6n_geBGpV6FEMs-tKpU88CtQqHX8yLcBwYJm6a-oU
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 0
Expires: Mon, 17 Jul 2023 12:30:38 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 4E31
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEIiaQHdGTnZ6V2a7xyVAwVo&google_push=AaAOQGGCkso1TKAj8Z69IMHBvEPEvuKLzsQTCiX9XBzEuvhKUQ8mK4YPr7...

170 B
188 B

56ms
56ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEIiaQHdGTnZ6V2a7xyVAwVo&google_push=AaAOQGGCkso1TKAj8Z69IMHBvEPEvuKLzsQTCiX9XBzEuvhKUQ8mK4YPr7zKBSP-hMOdAS4xMYxEJY3JNYWCXMVD37tr0lPTNn7EJZ_xBR1RH0GunvW7tBpeH_X0LVvpq3NN-_Se66An8A8_lgBQjKYiovx_tQQ

Requested by

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 Jul 2023 12:30:39 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by: cache-fra-eddf8230089-FRA
pragma: no-cache
date: Mon, 17 Jul 2023 12:30:39 GMT
via: 1.1 varnish
server: Jetty(9.4.35.v20201120)
x-timer: S1689597040.805120,VS0,VE98
x-cache: MISS
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin: *
location: https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEIiaQHdGTnZ6V2a7xyVAwVo&google_push=AaAOQGGCkso1TKAj8Z69IMHBvEPEvuKLzsQTCiX9XBzEuvhKUQ8mK4YPr7zKBSP-hMOdAS4xMYxEJY3JNYWCXMVD37tr0lPTNn7EJZ_xBR1RH0GunvW7tBpeH_X0LVvpq3NN-_Se66An8A8_lgBQjKYiovx_tQQ
cache-control: no-cache
accept-ranges: bytes
content-length: 0
x-cache-hits: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 4E31
Redirect Chain

https://um.simpli.fi/gp_match?google_gid=CAESEPCgNCHop3dtf4dr5A56gAc&google_cver=1&google_push=AaAOQGFxdx_N86Ygk1zABa5E-y7vv3DzQswiJjtb3KcMRCh3F7zOuAtOZnCCPXmSzPYKhvxjI_6sVw0YXAEmXrn50VNmoLi59oXHh0...
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=63FEE52A70EC4403AD3B637573EF4AD2&google_push=AaAOQGFxdx_N86Ygk1zABa5E-y7vv3DzQswiJjtb3KcMRCh3F7zOuAtOZnCCPXmSzPYKhvxjI_6sVw0YXAEmXrn...

170 B
188 B

55ms
55ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=63FEE52A70EC4403AD3B637573EF4AD2&google_push=AaAOQGFxdx_N86Ygk1zABa5E-y7vv3DzQswiJjtb3KcMRCh3F7zOuAtOZnCCPXmSzPYKhvxjI_6sVw0YXAEmXrn50VNmoLi59oXHh0pzDO-C-npbxx1NM-6h3N9_pu8Pg-clHNrcoQESPXByLSlmJVVJt-Zlyow

Requested by

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 Jul 2023 12:30:39 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Mon, 17 Jul 2023 12:30:39 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=63FEE52A70EC4403AD3B637573EF4AD2&google_push=AaAOQGFxdx_N86Ygk1zABa5E-y7vv3DzQswiJjtb3KcMRCh3F7zOuAtOZnCCPXmSzPYKhvxjI_6sVw0YXAEmXrn50VNmoLi59oXHh0pzDO-C-npbxx1NM-6h3N9_pu8Pg-clHNrcoQESPXByLSlmJVVJt-Zlyow
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Sun, 16 Jul 2023 12:30:39 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 4E31
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEGIiKoUnJavOWGBz8VlNSg4&google_cver=1&google_push=AaAOQGHF7sk7v4iUA5TTgVZ8XHcWyQZ2HyLTh75NgUeLjuCtX2FSSz5Cu-qMvuc5ylPZ6zc_I1-_G4uk...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NjMzMTYyNzcyNTE3NDA2MTM0OQ&google_push=AaAOQGHF7sk7v4iUA5TTgVZ8XHcWyQZ2HyLTh75NgUeLjuCtX2FSSz5Cu-qMvuc5ylPZ6zc_I1-_G4...

170 B
232 B

55ms
54ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NjMzMTYyNzcyNTE3NDA2MTM0OQ&google_push=AaAOQGHF7sk7v4iUA5TTgVZ8XHcWyQZ2HyLTh75NgUeLjuCtX2FSSz5Cu-qMvuc5ylPZ6zc_I1-_G4uk3REf2icNSPlY5ej211vg5_sybkGlkK1fiUtB-o1ytd4HYy4epx79Du9FgHsU8h-lWqeyDAgbY3kD8mE

Requested by

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 Jul 2023 12:30:39 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 17 Jul 2023 12:30:40 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NjMzMTYyNzcyNTE3NDA2MTM0OQ&google_push=AaAOQGHF7sk7v4iUA5TTgVZ8XHcWyQZ2HyLTh75NgUeLjuCtX2FSSz5Cu-qMvuc5ylPZ6zc_I1-_G4uk3REf2icNSPlY5ej211vg5_sybkGlkK1fiUtB-o1ytd4HYy4epx79Du9FgHsU8h-lWqeyDAgbY3kD8mE
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2 200 usersync.aspx
dis.criteo.com/dis/ Frame 4E31 43 B
363 B 187ms
58ms Image
image/gif 178.250.7.11
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DPUSH_DATA&google_gid=CAESEAyJb51Rm8I1_Kd9iuJJr7w&google_cver=1&google_push=AaAOQGEd39MqJI_TPL1ly9z_BZSM61CGYVY73l_8jJlUlyGH-menzFGZ99nA7qrjA2M0VkHrCeLE2HYrsHUm-Trt1pIEKC58VdHM3nXcHSB_1H29O6X3E7iyP3oiRxaWIwSB3NLxmzX3att8kmAH2W5iX8YoXZ4

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.7.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 Jul 2023 12:30:39 GMT
x-errorlevel: 0
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 317185
expires: Mon, 17 Jul 2023 00:00:00 GMT

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 4E31 0
40 B 55ms
53ms Image
text/html 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IHAKUfFAOLxZLawph0FJOuxbaZY9R2WC_hz4LLmLOOvoVUig98dpiEYBaCDl6C8urLFs9s

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 17 Jul 2023 12:30:39 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame 14B5 3 KB
4 KB 169ms
58ms Image
image/png 2606:4700:20::681a:61b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/style/0.1.48/one-ad/default.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:61b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 17 Jul 2023 12:30:39 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1143
x-guploader-uploadid: ADPycdsbbnt5NrGD8XWC9mz7OThy64CUbvokcgdlXT8JWFSQN4ce5RerNBbtgxA17hV5xErngQFpZk-j06mXgsBB8zaIBw
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
content-length: 3262
last-modified: Tue, 21 Jun 2022 12:31:17 GMT
server: cloudflare
etag: "794c84d30e213ec6a144d64215f07551"
vary: Accept-Encoding
x-goog-generation: 1655814677405990
content-type: image/png
content-language: en
x-goog-hash: crc32c=v7nNsg==, md5=eUyE0w4hPsahRNZCFfB1UQ==
cache-control: public, max-age=7200
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MW53leSkt%2B6XAHcnYaanImzb9H9jazypZcx%2BwZbAbTWfEo5ReJ1PSNLigKdMREOFusgCG7ANhgB1kSd23cguz%2FbBwMqbm0tUl%2B528J10xHsONHIOhPwDHv%2BXoJaxqp8aZhPkUqSIywF4seJJpOdRmtLe"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 3262
accept-ranges: bytes
cf-ray: 7e827f5b8b2d2bb4-FRA
expires: Mon, 17 Jul 2023 12:18:05 GMT

GET
H3 200 frame.html Show response
ad4m.at/ Frame 4F68 2 KB
1 KB 102ms
102ms Document
text/html 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/frame.html
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 2251487
alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=3600
cf-cache-status: HIT
cf-ray: 7e827f5adabe0497-FRA
content-encoding: br
content-language: en
content-type: text/html; charset=utf-8
date: Mon, 17 Jul 2023 12:30:39 GMT
expires: Thu, 08 Jun 2023 00:41:56 GMT
last-modified: Thu, 25 Aug 2022 14:12:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ram1Sg38Uf8f6yN25LIY3SqjvELV%2FjNJIrTqYI9a0ok10wtuXBdYAKkUnzNZxsj2%2FQF9xI8sNQcScu%2BAdiLD9Az%2BKuDYyrB1%2FGPXKb4FaTUn5rZU9RI14%2BKJ3dhsnP9AYYRJWao%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.48/one-ad/ Frame B994 114 KB
14 KB 58ms
58ms Stylesheet
text/css 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.48/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1hxwmrzqhr4t58x1tm5qvnf7vt2an4a49b2b059xrnrekxp26hw87eh4kskk0y6zdf9tfkrmypsxdh8c0jcrj9hf22gbdfswhv2akd0kyd4hss8w6xpesc31n58sgddv4hfpsjzd2pjaf0f973t96j0cqyk3t8y8n2hvm8yt719x7txh49m55r7wknxxz4jm8q1yr2b2snqmn3cbe3d1pzsahnwzdh84f1s1tqz3y03nz2mjsph6qcq8kxgz5sb56z4b7r5fpyrpx2ewg26xg0xe0xcq6b5cx35r4g7r1e62ktjjkf3ns5fqmg9nq9jjade7jbhd6awqckqh9gw2rpv7fdrv45haseg28gnzfz4ppwjsnhh2fgvmjsh8fspasdx692yyq7hna08hmk0mtzg50agzrgyzd4yr0rrpb3sbxmn0753vchnvpn3vgqawa7y88gjfjvm0&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCtC2mbzS1ZJ7EAoKQ5LcPk7uukA-Q4YGEXLaoworwAsCNtwEQASAAYJWCgICUB4IBF2NhLXB1Yi02NDA0MDAyMzI2NTc4MDc0yAEJqQKyeu4-Vd2yPqgDAcgDAqoE6wFP0BcA8N62bD4AQwm161b12CPyFrF89kWujkq-EejcL9MQ_HJHc3b64P6CN4yUaTnUlpoJ2y-KAVd7FJunT03MzT5Ci5k45O7OFDRnGDQiY7jokGvT82jNY9KNzbeZPOmi1cJ7jBkDsfiEW_JizSbmlb6VC0FjRjPbxoJeOoGgDkjXonImYWkdnJe7p1os8GLtNZ_dgF4nhWlyUzLe8BQ83-rat6Y4fBnsPYwJHyXYiU-DCK_IWOTrbGbK4V7YUPRDRxLVYyLW24riCSlGSOariG2dBxmGL2NZlO60MOtkmcB88kkBxsdAxZoIgAbch66vkMWU2nKgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3oYIUeLgvqwWs34VVQ3HmsgFA1fg%26client%3Dca-pub-6404002326578074%26adurl%3D
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 032aee61923ef53fb2b9efbb5d55f771f780e9c2fce9c076638b809a9607eee3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/dr?ed=1hxwmrzqhr4t58x1tm5qvnf7vt2an4a49b2b059xrnrekxp26hw87eh4kskk0y6zdf9tfkrmypsxdh8c0jcrj9hf22gbdfswhv2akd0kyd4hss8w6xpesc31n58sgddv4hfpsjzd2pjaf0f973t96j0cqyk3t8y8n2hvm8yt719x7txh49m55r7wknxxz4jm8q1yr2b2snqmn3cbe3d1pzsahnwzdh84f1s1tqz3y03nz2mjsph6qcq8kxgz5sb56z4b7r5fpyrpx2ewg26xg0xe0xcq6b5cx35r4g7r1e62ktjjkf3ns5fqmg9nq9jjade7jbhd6awqckqh9gw2rpv7fdrv45haseg28gnzfz4ppwjsnhh2fgvmjsh8fspasdx692yyq7hna08hmk0mtzg50agzrgyzd4yr0rrpb3sbxmn0753vchnvpn3vgqawa7y88gjfjvm0&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCtC2mbzS1ZJ7EAoKQ5LcPk7uukA-Q4YGEXLaoworwAsCNtwEQASAAYJWCgICUB4IBF2NhLXB1Yi02NDA0MDAyMzI2NTc4MDc0yAEJqQKyeu4-Vd2yPqgDAcgDAqoE6wFP0BcA8N62bD4AQwm161b12CPyFrF89kWujkq-EejcL9MQ_HJHc3b64P6CN4yUaTnUlpoJ2y-KAVd7FJunT03MzT5Ci5k45O7OFDRnGDQiY7jokGvT82jNY9KNzbeZPOmi1cJ7jBkDsfiEW_JizSbmlb6VC0FjRjPbxoJeOoGgDkjXonImYWkdnJe7p1os8GLtNZ_dgF4nhWlyUzLe8BQ83-rat6Y4fBnsPYwJHyXYiU-DCK_IWOTrbGbK4V7YUPRDRxLVYyLW24riCSlGSOariG2dBxmGL2NZlO60MOtkmcB88kkBxsdAxZoIgAbch66vkMWU2nKgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3oYIUeLgvqwWs34VVQ3HmsgFA1fg%26client%3Dca-pub-6404002326578074%26adurl%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 17 Jul 2023 12:30:39 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime: 1687950287
age: 436652
cf-polished: origSize=117335
x-guploader-uploadid: ADPycdu7Pb84Y6vCPqpUShyJrQGb98f4yuF1LiyC2B7DeEN9kG_1SbpI2iXm6tsp7d5fI22nNzf0l66mXGhEIUVspATbXw
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 28 Jun 2023 11:05:15 GMT
server: cloudflare
etag: W/"5d49535c2a84a9762127b3d9e77d7e02"
vary: Accept-Encoding
x-goog-generation: 1687950315098833
content-type: text/css
x-goog-hash: crc32c=aWAnwg==, md5=XUlTXCqEqXYhJ7PZ531+Ag==
cache-control: public, max-age=3600
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QsBaHiEzDlimgh4jK7Vb%2Bp%2FBBDEn5z7UQYIGAhemVRtgSGuRhxhP8%2BZK3sd3TbG5zb3miXdj11zFssyRvZKkOcGRIO35OuMe0iVoUoz86UprIrBbBehFIsJjg31GZCrpj5KmVtn6ZqA%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 117335
cf-ray: 7e827f5adac10497-FRA
expires: Mon, 17 Jul 2023 13:30:39 GMT

GET
H3 200 r62eglto.js Show response
ad4m.at/ Frame B994 25 KB
10 KB 56ms
56ms Script
application/javascript 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/r62eglto.js
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1hxwmrzqhr4t58x1tm5qvnf7vt2an4a49b2b059xrnrekxp26hw87eh4kskk0y6zdf9tfkrmypsxdh8c0jcrj9hf22gbdfswhv2akd0kyd4hss8w6xpesc31n58sgddv4hfpsjzd2pjaf0f973t96j0cqyk3t8y8n2hvm8yt719x7txh49m55r7wknxxz4jm8q1yr2b2snqmn3cbe3d1pzsahnwzdh84f1s1tqz3y03nz2mjsph6qcq8kxgz5sb56z4b7r5fpyrpx2ewg26xg0xe0xcq6b5cx35r4g7r1e62ktjjkf3ns5fqmg9nq9jjade7jbhd6awqckqh9gw2rpv7fdrv45haseg28gnzfz4ppwjsnhh2fgvmjsh8fspasdx692yyq7hna08hmk0mtzg50agzrgyzd4yr0rrpb3sbxmn0753vchnvpn3vgqawa7y88gjfjvm0&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCtC2mbzS1ZJ7EAoKQ5LcPk7uukA-Q4YGEXLaoworwAsCNtwEQASAAYJWCgICUB4IBF2NhLXB1Yi02NDA0MDAyMzI2NTc4MDc0yAEJqQKyeu4-Vd2yPqgDAcgDAqoE6wFP0BcA8N62bD4AQwm161b12CPyFrF89kWujkq-EejcL9MQ_HJHc3b64P6CN4yUaTnUlpoJ2y-KAVd7FJunT03MzT5Ci5k45O7OFDRnGDQiY7jokGvT82jNY9KNzbeZPOmi1cJ7jBkDsfiEW_JizSbmlb6VC0FjRjPbxoJeOoGgDkjXonImYWkdnJe7p1os8GLtNZ_dgF4nhWlyUzLe8BQ83-rat6Y4fBnsPYwJHyXYiU-DCK_IWOTrbGbK4V7YUPRDRxLVYyLW24riCSlGSOariG2dBxmGL2NZlO60MOtkmcB88kkBxsdAxZoIgAbch66vkMWU2nKgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3oYIUeLgvqwWs34VVQ3HmsgFA1fg%26client%3Dca-pub-6404002326578074%26adurl%3D
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ba4a0c91bdda0c6f615970c6c39dbe9e47f84613f5460c2b21bf5d1eec6277a3

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 17 Jul 2023 12:30:39 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 11 Jul 2023 16:29:57 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 504017
etag: W/"8f7b47e4fef4e58c4cfeb4f6c445dcb6"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LroU%2FVgxHAAIikUu4%2FZwdrtrs08RLz5Qc3HrIzpp5LR%2BlLWD%2Bq5KwyuaT6skDnck7HvT9xZJUAEz3S3%2FplZc%2F%2BSvQf4CLzdRQbTzb4inr2VFXW90O%2BAJa5XCoHod%2Ff7fE951q9k%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray: 7e827f5adac30497-FRA
alt-svc: h3=":443"; ma=86400
expires: Tue, 11 Jul 2023 16:30:12 GMT

GET
DATA 200
OK truncated
/ Frame 082F 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fe9181adaf44a80f1b82c9f92d2fe6d172fbafb643041411fdc23a8372142c7a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame B994 3 KB
3 KB 58ms
57ms Image
image/png 2606:4700:20::681a:61b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/style/0.1.48/one-ad/default.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:61b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 17 Jul 2023 12:30:39 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1143
x-guploader-uploadid: ADPycdsbbnt5NrGD8XWC9mz7OThy64CUbvokcgdlXT8JWFSQN4ce5RerNBbtgxA17hV5xErngQFpZk-j06mXgsBB8zaIBw
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
content-length: 3262
last-modified: Tue, 21 Jun 2022 12:31:17 GMT
server: cloudflare
etag: "794c84d30e213ec6a144d64215f07551"
vary: Accept-Encoding
x-goog-generation: 1655814677405990
content-type: image/png
content-language: en
x-goog-hash: crc32c=v7nNsg==, md5=eUyE0w4hPsahRNZCFfB1UQ==
cache-control: public, max-age=7200
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JALR4L%2B56oKAywS%2BPz0HVNf5TBhjlZIElr%2BWeIdMJTJIONm%2FXR7jpn95diuZDCOV7i%2BExEvxvM1jf6fFHL8XlBVEkYJQvJnBTtTb0UO4EkoAyxVDUynyNS%2FjV9d8r5fkhCgiM5BR0PVcdoy%2FgXLiSZwo"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 3262
accept-ranges: bytes
cf-ray: 7e827f5b9b522bb4-FRA
expires: Mon, 17 Jul 2023 12:18:05 GMT

GET
H3 200 frame.html Show response
ad4m.at/ Frame C6A1 2 KB
1 KB 59ms
59ms Document
text/html 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/frame.html
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 2251487
alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=3600
cf-cache-status: HIT
cf-ray: 7e827f5babcc0497-FRA
content-encoding: br
content-language: en
content-type: text/html; charset=utf-8
date: Mon, 17 Jul 2023 12:30:39 GMT
expires: Thu, 08 Jun 2023 00:41:56 GMT
last-modified: Thu, 25 Aug 2022 14:12:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hkR68YxEfq43JJo0MyYVWf%2BUitsyoo7SuOnGITqukFiZN0Em9en54HvhFVyBYNHiG5RkbhQdKcTBrL3n7bXHw4weJL7ZWscfj6eICwHM5LXanIa8sSy4ieToqx3lEWvtw5ki194%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

OPTIONS
H3 200 rs
ad4m.at/ Frame 0
0 123ms
73ms Preflight
text/plain 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://as.ad4m.at
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin: https://as.ad4m.at
access-control-max-age: 1800
allow: HEAD,POST,GET,OPTIONS
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7e827f5bf8873732-FRA
content-length: 24
content-type: text/plain
date: Mon, 17 Jul 2023 12:30:40 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J7mbTyqcwD%2BpxlKaul39lLPH%2BSuxF1SuraFLVvpgwSDhQcOWtj81%2F7Xq1PCtXDxbypEreHmJfO5Vc9Iz%2BK1AgYe5VQvkgvRpiHiYSvX9wIbFUmvghQPH5dHREe9MOyxJKIDzigU%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
via: 1.1 google
x-backend-server: aa-reachservice-group-europe-west1-k9sb

POST
H3 200 rs Show response
ad4m.at/ Frame 14B5 2 KB
2 KB 68ms
68ms XHR
text/plain 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 17da04daf8905189935883c68c67739ee11dd7eafcfcceb1e66ed0dd29bd6dfe

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 17 Jul 2023 12:30:40 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XqfNekyJGZKmHqJaDXfFBFGUhnScT798xAEnUgs%2FpM7HNjtbuepg6ZQ2eFY%2BMgcOtQGvvZwggztTtY1KrOJGVF1cujpFYrWHEfs7WYAgibWQ2cyyTjBm%2F2PmSNDiGEAPgh0jhKI%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain
access-control-allow-origin: https://as.ad4m.at
access-control-allow-credentials: true
cf-ray: 7e827f5c69323732-FRA
x-backend-server: aa-reachservice-group-europe-west1-k9sb
alt-svc: h3=":443"; ma=86400

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 082F 0
19 B 90ms
89ms Image
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CLh-DbzS1ZJ7EAoKQ5LcPk7uukA-Q4YGEXLaoworwAsCNtwEQASAAYJWCgICUB4IBF2NhLXB1Yi02NDA0MDAyMzI2NTc4MDc0yAEJqQKyeu4-Vd2yPqgDAcgDAqoE6AFP0BcA8N62bD4AQwm161b12CPyFrF89kWujkq-EejcL9MQ_HJHc3b64P6CN4yUaTnUlpoJ2y-KAVd7FJunT03MzT5Ci5k45O7OFDRnGDQiY7jokGvT82jNY9KNzbeZPOmi1cJ7jBkDsfiEW_JizSbmlb6VC0FjRjPbxoJeOoGgDkjXonImYWkdnJe7p1os8GLtNZ_dgF4nhWlyUzLe8BQ83-rat6Y4fBnsPYwJHyXYiU-DCK_IWOTrbGbK4V7YUPRDR1DXQrABIg2iwa4O3jziGp-kExMrJU1BSW52eXmcDd5Q6pzdWYeIgAbch66vkMWU2nKgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTqACgH6CwIIAYAMAdAVAYAXAbIXGgoYEhRwdWItNjQwNDAwMjMyNjU3ODA3NBgA&sigh=Zj8x2rzkffc&uach_m=[UACH]&cid=CAQSPABpAlJWg_Gr18g4rQnK-Cp6DBt2kEoHsyB0Sd0W-kBALhLTN73YuD15q-Zo5IuWmxqOoDaseVG7HfFYRBgB&cbvp=2&vis=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6404002326578074&output=html&h=280&adk=2692089315&adf=1695447792&pi=t.aa~a.2665873805~rp.1&w=360&fwrn=4&fwrnh=100&lmt=1689597038&rafmt=1&to=qs&pwprc=3975764233&format=360x280&url=https%3A%2F%2Fwww.grandturf.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689597038908&bpp=1&bdt=969&idt=-M&shv=r20230711&mjsv=m202307110102&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd1b54429c92bf3cb-22a34575bfe2003b%3AT%3D1689597038%3ART%3D1689597038%3AS%3DALNI_MZlOip74wUMgXe4FQjyC6Fvq79R8g&gpic=UID%3D00000c3ea038b574%3AT%3D1689597038%3ART%3D1689597038%3AS%3DALNI_MYAnMNf1027TZajQClj_Api4V3djg&prev_fmts=0x0%2C1200x280%2C360x280&nras=4&correlator=4896509340721&frm=20&pv=1&ga_vid=529683509.1689597039&ga_sid=1689597039&ga_hid=1598999568&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=620&ady=2274&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759927%2C44759876%2C31075849%2C31076011%2C44788441&oid=2&pvsid=3531930351038728&tmod=718010455&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=N6SVaiDgmu&p=https%3A//www.grandturf.net&dtd=21
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 17 Jul 2023 12:30:40 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 204 winResponse
prod-rtb.ad4mat.net/ Frame 082F 0
39 B 57ms
55ms Image
image/gif 2600:1901:0:76b9::
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://prod-rtb.ad4mat.net/winResponse?a=1gddp6b8ep9hpqmnm9qbxpkxjpek3pg0c0ejk84zxcz1v2pr3fxmha9mpxq0apgh5qyw96ryamrn7hn6q45jdz7e63da7g4dp3625qjqypn5848nfp27c0j4g2b116d9jehwwenq5ctqqtame5n5r1kkdkj4hpg8dg8hqxvhpz0c8thnknepfsmgdwkqffv15ygee4cq72emvz85anq69v1407z5w90225ctkfrpwpgm5k8rxgy3fk2b0ppz6qw44jqxn7qy212mkqsq9jct898hevh49gpcj5g4h39nnsq2qfxgg75r4bhf4s7cf0xg11petewqkv26ymvs4s1e1pjfpt1qjdf23zcs6jc294jvbqm9dnzscwfhtytkmd5ceapbrcwgtrfypzh4&b=ZLU0bwAAoh4A-QgCAAudk9ynSqSrz5Y1iIc5rw&cbvp=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6404002326578074&output=html&h=280&adk=2692089315&adf=1695447792&pi=t.aa~a.2665873805~rp.1&w=360&fwrn=4&fwrnh=100&lmt=1689597038&rafmt=1&to=qs&pwprc=3975764233&format=360x280&url=https%3A%2F%2Fwww.grandturf.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689597038908&bpp=1&bdt=969&idt=-M&shv=r20230711&mjsv=m202307110102&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd1b54429c92bf3cb-22a34575bfe2003b%3AT%3D1689597038%3ART%3D1689597038%3AS%3DALNI_MZlOip74wUMgXe4FQjyC6Fvq79R8g&gpic=UID%3D00000c3ea038b574%3AT%3D1689597038%3ART%3D1689597038%3AS%3DALNI_MYAnMNf1027TZajQClj_Api4V3djg&prev_fmts=0x0%2C1200x280%2C360x280&nras=4&correlator=4896509340721&frm=20&pv=1&ga_vid=529683509.1689597039&ga_sid=1689597039&ga_hid=1598999568&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=620&ady=2274&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759927%2C44759876%2C31075849%2C31076011%2C44788441&oid=2&pvsid=3531930351038728&tmod=718010455&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=N6SVaiDgmu&p=https%3A//www.grandturf.net&dtd=21
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 17 Jul 2023 12:30:40 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: image/gif

POST
H3 200 rs Show response
ad4m.at/ Frame B994 2 KB
2 KB 68ms
68ms XHR
text/plain 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c17e8678de2985b844159f5e42ffe4ad92e0b84e5aaa23bb12a558fb6e83a8aa

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 17 Jul 2023 12:30:40 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eJVW%2FhWU3xBbvp1okE%2FPmyDVYZbuGKdlAcmvb1WfuWMVO%2F2VrTxGGcmVoQgAnBKFTynzZ5et5PbytKY1kpjuDPGnvBGXhwR%2BpQroqUUa%2Fdhex1NnzuboK9UAH%2BQQEL0r4W%2F2hZY%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain
access-control-allow-origin: https://as.ad4m.at
access-control-allow-credentials: true
cf-ray: 7e827f5c894e3732-FRA
x-backend-server: aa-reachservice-group-europe-west1-k9sb
alt-svc: h3=":443"; ma=86400

OPTIONS
H3 200 rs
ad4m.at/ Frame 0
0 74ms
73ms Preflight
text/plain 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://as.ad4m.at
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin: https://as.ad4m.at
access-control-max-age: 1800
allow: HEAD,POST,GET,OPTIONS
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7e827f5c08ac3732-FRA
content-length: 24
content-type: text/plain
date: Mon, 17 Jul 2023 12:30:40 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6pegmkg%2BK3xUe81jHTHfQT4iLWNzAnqCVJoiWNB8vvw7AULCXX9Eii7aJ%2BA3pBGrpG6WOJ1W7iFsjOtVLGqkSSCCnWw1Dd8MSEESikk1mEFXt3f59LdBQBIGerrfQtaWVrUas%2F4%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
via: 1.1 google
x-backend-server: aa-reachservice-group-europe-west1-k9sb

GET
H3 200 rar Show response
as.ad4m.at/ad/ Frame AD76 11 KB
4 KB 76ms
76ms Document
text/html 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/rar?a=197862%2C117569%2C19769&b=eYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=DXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=300&d=250&e=&g=29831e40dbd34a8d446a8a77ce91d077%2F13709206012508334614&i=71725%2C29981%2C21630&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1689597040042&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1g9yb09d90egfdz2h7hp8hcs9w6kfa612g6hepz8vn9m7yhmv0sqqevrg7f95sv6wx01qr8zype0wpcx189ga7131zv8j55rdmxx4tffg4dw69kfqhzfzxnbs54x48kre0rjcbd9a4vm720kbyak7949m1rjp29yjc9nb186nkvyw6akbhn15nbpmjxt3phec8k2wx175hsamqp4bpsp93a2hck88a3p59xk444sny6fjt5z508jt84tbed92hc1dszjrdmjsbmc68vx15vntwajfg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCAl4FbzS1ZMPAAtSn7wLdgLbAA5DhgYRctqjCivACwI23ARABIABglYKAgJQHggEXY2EtcHViLTY0MDQwMDIzMjY1NzgwNzTIAQmpAk7MbFfT1rI-qAMByAMCqgTrAU_QaOo08QRpFpw3UNF_9jQ4AQer-DF-7fZoONYgf-Sods8SIutpWQUd_Nk3PV95FqSGys9o8hlRA0k_Ed9jHEV8U0nFhnjEKRhXcod6hI10vJCdJEIl_KrxOphQX_P6sNvMnUg01aI2SOQlp94uqu_Co9QOLZ58AZPtA0P-X8GEIDu7nf-jnqHY3YKfgoP7X0QfHo_tySqzazf_WrKJHCSv_6XDwfY45KLf1WLc7f1AogbK3cLxSUcRYRNU1lrTUxKp_nJqRmtHftx_az4gLdZpakw7OX45n93yExYnGQngAYMlboLP7xdx6TSABtyHrq-QxZTacqAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_0WwHRBdFsAOIqyrAhA0WQzS7U8AA%2526client%253Dca-pub-6404002326578074%2526adurl%253D&y=1&s=&z=0

Requested by

Host: ad4m.at
URL: https://ad4m.at/r62eglto.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8bb0c3082fb502c022715b1fcce44f8099b69da24b6182b1ca94a81322e2cd94

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-src ;img-src data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://as.ad4m.at/ad/dr?ed=1jpz36y62n8twzxrsqbd5x96wbnysx9kp039q4p8eyghq6fks1qq0ty2edc8d536zere64dmn85mdzh38fbhea05knec19xyhbd3adbcjdt195f4tjskd5t3kqakm10fc1zj27df34atns6hq56vbhwf6es4y5p6y8y40df1eswzkygbmbey3np3zhc9yyac3zx4s01k28ba21tpaj8d8dwqdhgc5stanpfv1tgwnb3jqptb1r45ghny7d9ryx39xj18p5f7dev5x7ffmxp8xchtk0v8jkye70tkbv5nkg6gzb4586cftfvryb2f440ynw0dv2xrqrxj01sana6y89rtj1nbbvp4126avgyd2ek7bkhkwm2yrjyzbg76zvrdprtzgexv0h2w4xefqrc0h51gq58g2svdqkdr9a3q0rc4y40jvsqxqbfyqa2yrqmyha0w2zvnsatg&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCAl4FbzS1ZMPAAtSn7wLdgLbAA5DhgYRctqjCivACwI23ARABIABglYKAgJQHggEXY2EtcHViLTY0MDQwMDIzMjY1NzgwNzTIAQmpAk7MbFfT1rI-qAMByAMCqgTrAU_QaOo08QRpFpw3UNF_9jQ4AQer-DF-7fZoONYgf-Sods8SIutpWQUd_Nk3PV95FqSGys9o8hlRA0k_Ed9jHEV8U0nFhnjEKRhXcod6hI10vJCdJEIl_KrxOphQX_P6sNvMnUg01aI2SOQlp94uqu_Co9QOLZ58AZPtA0P-X8GEIDu7nf-jnqHY3YKfgoP7X0QfHo_tySqzazf_WrKJHCSv_6XDwfY45KLf1WLc7f1AogbK3cLxSUcRYRNU1lrTUxKp_nJqRmtHftx_az4gLdZpakw7OX45n93yExYnGQngAYMlboLP7xdx6TSABtyHrq-QxZTacqAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0WwHRBdFsAOIqyrAhA0WQzS7U8AA%26client%3Dca-pub-6404002326578074%26adurl%3D
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 7e827f5cdd7f0497-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Mon, 17 Jul 2023 12:30:40 GMT
expires: 0
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H3 200 rar Show response
as.ad4m.at/ad/ Frame B391 14 KB
4 KB 72ms
71ms Document
text/html 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/rar?a=183975%2C175059%2C499334&b=rWbTQf9f3XBdaAH7HjtqtBXVaYS8TgJka1JYM%2CQMGH4fjfP2BJaxH5HYtGtbMzjF6S4TG6dTRB7b%2CXJ5UzfrfqKQWS6H4HetqtYx6SQSkT5VeSXZDe&f=P6AhBfbfbJMRC9HjHbtgCP6ASJS9TDpQcjqdY%2C24zt6fqfj2RWSVHWHktwC2JgGHxS7TgQXaEK68%2CeYdU3fVfxr47ajHZHet2CZeJhwSQTKrACYXpb&c=300&d=250&e=&g=ac4c379941008ad21a95a81ea8bf70a7%2F6485158474764828640&i=20597%2C65915%2C28103&j=21%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1689597040059&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1g8p0wsns7rwn6vdzyj4jwzqe0g1esxv36hwdghs1z2k5t4r5pdepda1v55f4hj1k0v5jhzj3f3qpp5nskn0gx1q8ryywm93y1vjgyvhjrqfgqbjje5x7ptnnznfxjk9zj3et269ktrj1qnjr4z47p670e0g4pgt5t0gpjbpxdqyd8hzvb8sg1bmjdk1mh9c4d1bzw6wv6qw02wzvfh3h9n37kt3hcs1aa1r22w83d7y6vc3xgvgnckqasq6008sfv86g2n60w3qtjxp51ech99k0c%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCtC2mbzS1ZJ7EAoKQ5LcPk7uukA-Q4YGEXLaoworwAsCNtwEQASAAYJWCgICUB4IBF2NhLXB1Yi02NDA0MDAyMzI2NTc4MDc0yAEJqQKyeu4-Vd2yPqgDAcgDAqoE6wFP0BcA8N62bD4AQwm161b12CPyFrF89kWujkq-EejcL9MQ_HJHc3b64P6CN4yUaTnUlpoJ2y-KAVd7FJunT03MzT5Ci5k45O7OFDRnGDQiY7jokGvT82jNY9KNzbeZPOmi1cJ7jBkDsfiEW_JizSbmlb6VC0FjRjPbxoJeOoGgDkjXonImYWkdnJe7p1os8GLtNZ_dgF4nhWlyUzLe8BQ83-rat6Y4fBnsPYwJHyXYiU-DCK_IWOTrbGbK4V7YUPRDRxLVYyLW24riCSlGSOariG2dBxmGL2NZlO60MOtkmcB88kkBxsdAxZoIgAbch66vkMWU2nKgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3oYIUeLgvqwWs34VVQ3HmsgFA1fg%2526client%253Dca-pub-6404002326578074%2526adurl%253D&y=1&s=&z=0

Requested by

Host: ad4m.at
URL: https://ad4m.at/r62eglto.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

25a7c2ff50210eab3974f5d56e1b46be0fb70c6b7db92229e9bf35137641e166

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-src ;img-src data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://as.ad4m.at/ad/dr?ed=1hxwmrzqhr4t58x1tm5qvnf7vt2an4a49b2b059xrnrekxp26hw87eh4kskk0y6zdf9tfkrmypsxdh8c0jcrj9hf22gbdfswhv2akd0kyd4hss8w6xpesc31n58sgddv4hfpsjzd2pjaf0f973t96j0cqyk3t8y8n2hvm8yt719x7txh49m55r7wknxxz4jm8q1yr2b2snqmn3cbe3d1pzsahnwzdh84f1s1tqz3y03nz2mjsph6qcq8kxgz5sb56z4b7r5fpyrpx2ewg26xg0xe0xcq6b5cx35r4g7r1e62ktjjkf3ns5fqmg9nq9jjade7jbhd6awqckqh9gw2rpv7fdrv45haseg28gnzfz4ppwjsnhh2fgvmjsh8fspasdx692yyq7hna08hmk0mtzg50agzrgyzd4yr0rrpb3sbxmn0753vchnvpn3vgqawa7y88gjfjvm0&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCtC2mbzS1ZJ7EAoKQ5LcPk7uukA-Q4YGEXLaoworwAsCNtwEQASAAYJWCgICUB4IBF2NhLXB1Yi02NDA0MDAyMzI2NTc4MDc0yAEJqQKyeu4-Vd2yPqgDAcgDAqoE6wFP0BcA8N62bD4AQwm161b12CPyFrF89kWujkq-EejcL9MQ_HJHc3b64P6CN4yUaTnUlpoJ2y-KAVd7FJunT03MzT5Ci5k45O7OFDRnGDQiY7jokGvT82jNY9KNzbeZPOmi1cJ7jBkDsfiEW_JizSbmlb6VC0FjRjPbxoJeOoGgDkjXonImYWkdnJe7p1os8GLtNZ_dgF4nhWlyUzLe8BQ83-rat6Y4fBnsPYwJHyXYiU-DCK_IWOTrbGbK4V7YUPRDRxLVYyLW24riCSlGSOariG2dBxmGL2NZlO60MOtkmcB88kkBxsdAxZoIgAbch66vkMWU2nKgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3oYIUeLgvqwWs34VVQ3HmsgFA1fg%26client%3Dca-pub-6404002326578074%26adurl%3D
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 7e827f5cfda30497-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Mon, 17 Jul 2023 12:30:40 GMT
expires: 0
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.48/one-ad/ Frame AD76 114 KB
14 KB 58ms
58ms Stylesheet
text/css 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.48/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C117569%2C19769&b=eYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=DXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=300&d=250&e=&g=29831e40dbd34a8d446a8a77ce91d077%2F13709206012508334614&i=71725%2C29981%2C21630&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1689597040042&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1g9yb09d90egfdz2h7hp8hcs9w6kfa612g6hepz8vn9m7yhmv0sqqevrg7f95sv6wx01qr8zype0wpcx189ga7131zv8j55rdmxx4tffg4dw69kfqhzfzxnbs54x48kre0rjcbd9a4vm720kbyak7949m1rjp29yjc9nb186nkvyw6akbhn15nbpmjxt3phec8k2wx175hsamqp4bpsp93a2hck88a3p59xk444sny6fjt5z508jt84tbed92hc1dszjrdmjsbmc68vx15vntwajfg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCAl4FbzS1ZMPAAtSn7wLdgLbAA5DhgYRctqjCivACwI23ARABIABglYKAgJQHggEXY2EtcHViLTY0MDQwMDIzMjY1NzgwNzTIAQmpAk7MbFfT1rI-qAMByAMCqgTrAU_QaOo08QRpFpw3UNF_9jQ4AQer-DF-7fZoONYgf-Sods8SIutpWQUd_Nk3PV95FqSGys9o8hlRA0k_Ed9jHEV8U0nFhnjEKRhXcod6hI10vJCdJEIl_KrxOphQX_P6sNvMnUg01aI2SOQlp94uqu_Co9QOLZ58AZPtA0P-X8GEIDu7nf-jnqHY3YKfgoP7X0QfHo_tySqzazf_WrKJHCSv_6XDwfY45KLf1WLc7f1AogbK3cLxSUcRYRNU1lrTUxKp_nJqRmtHftx_az4gLdZpakw7OX45n93yExYnGQngAYMlboLP7xdx6TSABtyHrq-QxZTacqAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_0WwHRBdFsAOIqyrAhA0WQzS7U8AA%2526client%253Dca-pub-6404002326578074%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 032aee61923ef53fb2b9efbb5d55f771f780e9c2fce9c076638b809a9607eee3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/rar?a=197862%2C117569%2C19769&b=eYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=DXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=300&d=250&e=&g=29831e40dbd34a8d446a8a77ce91d077%2F13709206012508334614&i=71725%2C29981%2C21630&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1689597040042&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1g9yb09d90egfdz2h7hp8hcs9w6kfa612g6hepz8vn9m7yhmv0sqqevrg7f95sv6wx01qr8zype0wpcx189ga7131zv8j55rdmxx4tffg4dw69kfqhzfzxnbs54x48kre0rjcbd9a4vm720kbyak7949m1rjp29yjc9nb186nkvyw6akbhn15nbpmjxt3phec8k2wx175hsamqp4bpsp93a2hck88a3p59xk444sny6fjt5z508jt84tbed92hc1dszjrdmjsbmc68vx15vntwajfg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCAl4FbzS1ZMPAAtSn7wLdgLbAA5DhgYRctqjCivACwI23ARABIABglYKAgJQHggEXY2EtcHViLTY0MDQwMDIzMjY1NzgwNzTIAQmpAk7MbFfT1rI-qAMByAMCqgTrAU_QaOo08QRpFpw3UNF_9jQ4AQer-DF-7fZoONYgf-Sods8SIutpWQUd_Nk3PV95FqSGys9o8hlRA0k_Ed9jHEV8U0nFhnjEKRhXcod6hI10vJCdJEIl_KrxOphQX_P6sNvMnUg01aI2SOQlp94uqu_Co9QOLZ58AZPtA0P-X8GEIDu7nf-jnqHY3YKfgoP7X0QfHo_tySqzazf_WrKJHCSv_6XDwfY45KLf1WLc7f1AogbK3cLxSUcRYRNU1lrTUxKp_nJqRmtHftx_az4gLdZpakw7OX45n93yExYnGQngAYMlboLP7xdx6TSABtyHrq-QxZTacqAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_0WwHRBdFsAOIqyrAhA0WQzS7U8AA%2526client%253Dca-pub-6404002326578074%2526adurl%253D&y=1&s=&z=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 17 Jul 2023 12:30:40 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime: 1687950287
age: 436653
cf-polished: origSize=117335
x-guploader-uploadid: ADPycdu7Pb84Y6vCPqpUShyJrQGb98f4yuF1LiyC2B7DeEN9kG_1SbpI2iXm6tsp7d5fI22nNzf0l66mXGhEIUVspATbXw
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 28 Jun 2023 11:05:15 GMT
server: cloudflare
etag: W/"5d49535c2a84a9762127b3d9e77d7e02"
vary: Accept-Encoding
x-goog-generation: 1687950315098833
content-type: text/css
x-goog-hash: crc32c=aWAnwg==, md5=XUlTXCqEqXYhJ7PZ531+Ag==
cache-control: public, max-age=3600
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gPi04XUDH9qNl5mtnM4z8ePHvB%2B8vidp%2FOJ9BtBDCUsZiTCoAhXnp7ph8pxAavIRFEgCHJREtevD%2B5Vab6snV8FyUrT16AUnOiNQH8FbXVMSRr7ms1eUXk8rzSSZCaadzwrD2b4jcO4%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 117335
cf-ray: 7e827f5d5e3a0497-FRA
expires: Mon, 17 Jul 2023 13:30:40 GMT

GET
H2 200 C3FCB3AB04505A8F1D79D1D5953F5207FE6F49EF4C517E920A79B423A52F9E2DCCD658FDD21E3D8209A640CEE47D02AAD52D272924710EAE6BAB80FD9B483022
assets.ad4m.at/logo/ Frame AD76 5 KB
5 KB 137ms
121ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/C3FCB3AB04505A8F1D79D1D5953F5207FE6F49EF4C517E920A79B423A52F9E2DCCD658FDD21E3D8209A640CEE47D02AAD52D272924710EAE6BAB80FD9B483022
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C117569%2C19769&b=eYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=DXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=300&d=250&e=&g=29831e40dbd34a8d446a8a77ce91d077%2F13709206012508334614&i=71725%2C29981%2C21630&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1689597040042&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1g9yb09d90egfdz2h7hp8hcs9w6kfa612g6hepz8vn9m7yhmv0sqqevrg7f95sv6wx01qr8zype0wpcx189ga7131zv8j55rdmxx4tffg4dw69kfqhzfzxnbs54x48kre0rjcbd9a4vm720kbyak7949m1rjp29yjc9nb186nkvyw6akbhn15nbpmjxt3phec8k2wx175hsamqp4bpsp93a2hck88a3p59xk444sny6fjt5z508jt84tbed92hc1dszjrdmjsbmc68vx15vntwajfg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCAl4FbzS1ZMPAAtSn7wLdgLbAA5DhgYRctqjCivACwI23ARABIABglYKAgJQHggEXY2EtcHViLTY0MDQwMDIzMjY1NzgwNzTIAQmpAk7MbFfT1rI-qAMByAMCqgTrAU_QaOo08QRpFpw3UNF_9jQ4AQer-DF-7fZoONYgf-Sods8SIutpWQUd_Nk3PV95FqSGys9o8hlRA0k_Ed9jHEV8U0nFhnjEKRhXcod6hI10vJCdJEIl_KrxOphQX_P6sNvMnUg01aI2SOQlp94uqu_Co9QOLZ58AZPtA0P-X8GEIDu7nf-jnqHY3YKfgoP7X0QfHo_tySqzazf_WrKJHCSv_6XDwfY45KLf1WLc7f1AogbK3cLxSUcRYRNU1lrTUxKp_nJqRmtHftx_az4gLdZpakw7OX45n93yExYnGQngAYMlboLP7xdx6TSABtyHrq-QxZTacqAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_0WwHRBdFsAOIqyrAhA0WQzS7U8AA%2526client%253Dca-pub-6404002326578074%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9c63890b7f3f2e513fa085cd7b198f9ab91721a9e8aa7180806ff4aa7b4089a4

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 17 Jul 2023 12:30:40 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1747928
cf-polished: origFmt=png, origSize=10283
alt-svc: h3=":443"; ma=86400
content-length: 4736
cf-bgj: imgq:85,h2pri
last-modified: Thu, 06 Apr 2023 12:21:02 GMT
server: cloudflare
etag: "b90d04a587c2a1ab6749e51d8bb195d1"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FDW3XKhSVXvQVMCYVYNXzLY7HzFSKKs040rDDUilgkrKNfTB4sUKRYg6o3v%2BiwUxwNvZQVNFLSBtdsz39CeCCjiAIcLBYhIwrF82iQXzXu6VXZvaDeV67vBz34KmmD9%2BnZIoOvqGz7gImxGd"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7e827f5d7b603665-FRA
expires: Tue, 18 Jul 2023 12:30:40 GMT

GET
H2 200 A36DAD0D440985CF6ABFA23492945CE5BC6D94350A66B19418CB771AFE823AD9B48ADE8E2F007546F0A50A710172EEFC2CAC1468E38852CE2028C22592AAFB75
assets.ad4m.at/product_image/ Frame AD76 91 KB
91 KB 136ms
122ms Image
image/png 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/A36DAD0D440985CF6ABFA23492945CE5BC6D94350A66B19418CB771AFE823AD9B48ADE8E2F007546F0A50A710172EEFC2CAC1468E38852CE2028C22592AAFB75
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C117569%2C19769&b=eYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=DXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=300&d=250&e=&g=29831e40dbd34a8d446a8a77ce91d077%2F13709206012508334614&i=71725%2C29981%2C21630&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1689597040042&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1g9yb09d90egfdz2h7hp8hcs9w6kfa612g6hepz8vn9m7yhmv0sqqevrg7f95sv6wx01qr8zype0wpcx189ga7131zv8j55rdmxx4tffg4dw69kfqhzfzxnbs54x48kre0rjcbd9a4vm720kbyak7949m1rjp29yjc9nb186nkvyw6akbhn15nbpmjxt3phec8k2wx175hsamqp4bpsp93a2hck88a3p59xk444sny6fjt5z508jt84tbed92hc1dszjrdmjsbmc68vx15vntwajfg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCAl4FbzS1ZMPAAtSn7wLdgLbAA5DhgYRctqjCivACwI23ARABIABglYKAgJQHggEXY2EtcHViLTY0MDQwMDIzMjY1NzgwNzTIAQmpAk7MbFfT1rI-qAMByAMCqgTrAU_QaOo08QRpFpw3UNF_9jQ4AQer-DF-7fZoONYgf-Sods8SIutpWQUd_Nk3PV95FqSGys9o8hlRA0k_Ed9jHEV8U0nFhnjEKRhXcod6hI10vJCdJEIl_KrxOphQX_P6sNvMnUg01aI2SOQlp94uqu_Co9QOLZ58AZPtA0P-X8GEIDu7nf-jnqHY3YKfgoP7X0QfHo_tySqzazf_WrKJHCSv_6XDwfY45KLf1WLc7f1AogbK3cLxSUcRYRNU1lrTUxKp_nJqRmtHftx_az4gLdZpakw7OX45n93yExYnGQngAYMlboLP7xdx6TSABtyHrq-QxZTacqAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_0WwHRBdFsAOIqyrAhA0WQzS7U8AA%2526client%253Dca-pub-6404002326578074%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c3222903b284496abdef15963fa04202511e222f17463bcd9d756e26e1effa08

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 17 Jul 2023 12:30:40 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2306810
cf-polished: origSize=105738, status=vary_header_present
alt-svc: h3=":443"; ma=86400
content-length: 92686
cf-bgj: imgq:85,h2pri
last-modified: Mon, 04 Jul 2022 08:55:40 GMT
server: cloudflare
etag: "147be38db57f89c69c9e65b05983ff0e"
vary: X-Goog-Allowed-Resources, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sirhg%2FzUZKBCVpB9anXtS2E5Intfvs7eThRGHtGtf4WOGJZMY9QdxSY9wQ93%2BFiTH%2FHUkxd%2B4BBqfZ0sHYeEOeqZaho%2BuRpgSjM2miuK8JW1IJ0WobY6AYxoJOadLRUGaSntx7UcjhOtNR8D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7e827f5d7b673665-FRA
expires: Tue, 18 Jul 2023 12:30:40 GMT

GET
H2 200 A0843E9156C9D7335C02FDBAB8781B4AFFEEE9E59ABD085E1EDF62037D970710A817E95DBBFD727CE4E28B26524C9A8F4A33EB1E826BD3A7B2541F094E39D266
assets.ad4m.at/logo/ Frame AD76 2 KB
3 KB 107ms
93ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/A0843E9156C9D7335C02FDBAB8781B4AFFEEE9E59ABD085E1EDF62037D970710A817E95DBBFD727CE4E28B26524C9A8F4A33EB1E826BD3A7B2541F094E39D266
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C117569%2C19769&b=eYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=DXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=300&d=250&e=&g=29831e40dbd34a8d446a8a77ce91d077%2F13709206012508334614&i=71725%2C29981%2C21630&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1689597040042&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1g9yb09d90egfdz2h7hp8hcs9w6kfa612g6hepz8vn9m7yhmv0sqqevrg7f95sv6wx01qr8zype0wpcx189ga7131zv8j55rdmxx4tffg4dw69kfqhzfzxnbs54x48kre0rjcbd9a4vm720kbyak7949m1rjp29yjc9nb186nkvyw6akbhn15nbpmjxt3phec8k2wx175hsamqp4bpsp93a2hck88a3p59xk444sny6fjt5z508jt84tbed92hc1dszjrdmjsbmc68vx15vntwajfg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCAl4FbzS1ZMPAAtSn7wLdgLbAA5DhgYRctqjCivACwI23ARABIABglYKAgJQHggEXY2EtcHViLTY0MDQwMDIzMjY1NzgwNzTIAQmpAk7MbFfT1rI-qAMByAMCqgTrAU_QaOo08QRpFpw3UNF_9jQ4AQer-DF-7fZoONYgf-Sods8SIutpWQUd_Nk3PV95FqSGys9o8hlRA0k_Ed9jHEV8U0nFhnjEKRhXcod6hI10vJCdJEIl_KrxOphQX_P6sNvMnUg01aI2SOQlp94uqu_Co9QOLZ58AZPtA0P-X8GEIDu7nf-jnqHY3YKfgoP7X0QfHo_tySqzazf_WrKJHCSv_6XDwfY45KLf1WLc7f1AogbK3cLxSUcRYRNU1lrTUxKp_nJqRmtHftx_az4gLdZpakw7OX45n93yExYnGQngAYMlboLP7xdx6TSABtyHrq-QxZTacqAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_0WwHRBdFsAOIqyrAhA0WQzS7U8AA%2526client%253Dca-pub-6404002326578074%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: af7a66542220ecfb2b8fa0286b60ffa95c1c8047df094654a90e1ff75f848ef5

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 17 Jul 2023 12:30:40 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 585595
cf-polished: origFmt=png, origSize=9357
alt-svc: h3=":443"; ma=86400
content-length: 2330
cf-bgj: imgq:85,h2pri
last-modified: Thu, 08 Apr 2021 14:26:03 GMT
server: cloudflare
etag: "8cc161b392f5744da5319a4da549b763"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ELu4U0EXdxkPk%2BUpHB0dj2Ara54lwuIhPAoutvp0F4bN0YDdsb%2F3QjVS71ZnLFpuzq9q38B744fWvnxnrEO7%2FMyCFqwl6kspqD0MzWdSdjlgf1oKK1xxOIh12h%2FAYMCY%2FvHvOtIw9O7sRkex"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7e827f5d7b503665-FRA
expires: Tue, 18 Jul 2023 12:30:40 GMT

GET
H2 200 B4A4D4AE24A1FC5067FA06DB00E21DA5A143F663CF3153C1D2812B519806D793E1E07140C733352966C6C7C037FF39882FAEB141999BF28A93837E2C21DB35B1
assets.ad4m.at/ Frame AD76 253 KB
254 KB 108ms
94ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/B4A4D4AE24A1FC5067FA06DB00E21DA5A143F663CF3153C1D2812B519806D793E1E07140C733352966C6C7C037FF39882FAEB141999BF28A93837E2C21DB35B1
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C117569%2C19769&b=eYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=DXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=300&d=250&e=&g=29831e40dbd34a8d446a8a77ce91d077%2F13709206012508334614&i=71725%2C29981%2C21630&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1689597040042&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1g9yb09d90egfdz2h7hp8hcs9w6kfa612g6hepz8vn9m7yhmv0sqqevrg7f95sv6wx01qr8zype0wpcx189ga7131zv8j55rdmxx4tffg4dw69kfqhzfzxnbs54x48kre0rjcbd9a4vm720kbyak7949m1rjp29yjc9nb186nkvyw6akbhn15nbpmjxt3phec8k2wx175hsamqp4bpsp93a2hck88a3p59xk444sny6fjt5z508jt84tbed92hc1dszjrdmjsbmc68vx15vntwajfg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCAl4FbzS1ZMPAAtSn7wLdgLbAA5DhgYRctqjCivACwI23ARABIABglYKAgJQHggEXY2EtcHViLTY0MDQwMDIzMjY1NzgwNzTIAQmpAk7MbFfT1rI-qAMByAMCqgTrAU_QaOo08QRpFpw3UNF_9jQ4AQer-DF-7fZoONYgf-Sods8SIutpWQUd_Nk3PV95FqSGys9o8hlRA0k_Ed9jHEV8U0nFhnjEKRhXcod6hI10vJCdJEIl_KrxOphQX_P6sNvMnUg01aI2SOQlp94uqu_Co9QOLZ58AZPtA0P-X8GEIDu7nf-jnqHY3YKfgoP7X0QfHo_tySqzazf_WrKJHCSv_6XDwfY45KLf1WLc7f1AogbK3cLxSUcRYRNU1lrTUxKp_nJqRmtHftx_az4gLdZpakw7OX45n93yExYnGQngAYMlboLP7xdx6TSABtyHrq-QxZTacqAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_0WwHRBdFsAOIqyrAhA0WQzS7U8AA%2526client%253Dca-pub-6404002326578074%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2754d47be946d2394bce4008332826d0491b510a2a624ae6609d042b143732d1

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 17 Jul 2023 12:30:40 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2632354
cf-polished: origFmt=png, origSize=431531
alt-svc: h3=":443"; ma=86400
content-length: 259252
cf-bgj: imgq:85,h2pri
last-modified: Fri, 16 Jun 2023 10:20:07 GMT
server: cloudflare
etag: "16f7fe8ce7119ba0f513f8179ecb2d3a"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MtqApbjuMqWGVQTpgvWC6dzgZfHnkUp8nwxGUegf2lXQvaY4d8hlHdKtTMH1aGQLcymXSDofEbLDaop3lFquVffB7L4vCuJGbzV9X3d17Fg6SVj2AQtnwK9c0URplsy4f4YMlBM6hPI64r8B"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7e827f5d7b5c3665-FRA
expires: Tue, 18 Jul 2023 12:30:40 GMT

GET
H/1.1 200
OK cshow.php
www.awin1.com/ Frame AD76 43 B
705 B 246ms
136ms Image
image/gif 104.102.45.165
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.awin1.com/cshow.php?s=2904924&v=20044&q=415363&r=412871&pv=1&pref3=oneidk7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6oneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&gdpr_consent=&gdpr=0&gdpr_pd=0

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C117569%2C19769&b=eYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=DXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=300&d=250&e=&g=29831e40dbd34a8d446a8a77ce91d077%2F13709206012508334614&i=71725%2C29981%2C21630&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1689597040042&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1g9yb09d90egfdz2h7hp8hcs9w6kfa612g6hepz8vn9m7yhmv0sqqevrg7f95sv6wx01qr8zype0wpcx189ga7131zv8j55rdmxx4tffg4dw69kfqhzfzxnbs54x48kre0rjcbd9a4vm720kbyak7949m1rjp29yjc9nb186nkvyw6akbhn15nbpmjxt3phec8k2wx175hsamqp4bpsp93a2hck88a3p59xk444sny6fjt5z508jt84tbed92hc1dszjrdmjsbmc68vx15vntwajfg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCAl4FbzS1ZMPAAtSn7wLdgLbAA5DhgYRctqjCivACwI23ARABIABglYKAgJQHggEXY2EtcHViLTY0MDQwMDIzMjY1NzgwNzTIAQmpAk7MbFfT1rI-qAMByAMCqgTrAU_QaOo08QRpFpw3UNF_9jQ4AQer-DF-7fZoONYgf-Sods8SIutpWQUd_Nk3PV95FqSGys9o8hlRA0k_Ed9jHEV8U0nFhnjEKRhXcod6hI10vJCdJEIl_KrxOphQX_P6sNvMnUg01aI2SOQlp94uqu_Co9QOLZ58AZPtA0P-X8GEIDu7nf-jnqHY3YKfgoP7X0QfHo_tySqzazf_WrKJHCSv_6XDwfY45KLf1WLc7f1AogbK3cLxSUcRYRNU1lrTUxKp_nJqRmtHftx_az4gLdZpakw7OX45n93yExYnGQngAYMlboLP7xdx6TSABtyHrq-QxZTacqAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_0WwHRBdFsAOIqyrAhA0WQzS7U8AA%2526client%253Dca-pub-6404002326578074%2526adurl%253D&y=1&s=&z=0

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.102.45.165 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-102-45-165.deploy.static.akamaitechnologies.com

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 17 Jul 2023 12:30:40 GMT
Strict-Transport-Security: max-age=86400
Node: Helix
Content-Type: image/gif
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set: default
Connection: keep-alive
Content-Length: 43
Expires: 0

GET
H2 200 90E11D2E4CFB32857DB7C2E1317DD53401EA4F6F6F9CD68E6E871CA9D0C876402E8B3C561F20D09E5FFCF6D6F6634B28F60F47276020F60158747BE09B58F826
assets.ad4m.at/logo/ Frame AD76 36 KB
36 KB 137ms
123ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/90E11D2E4CFB32857DB7C2E1317DD53401EA4F6F6F9CD68E6E871CA9D0C876402E8B3C561F20D09E5FFCF6D6F6634B28F60F47276020F60158747BE09B58F826
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C117569%2C19769&b=eYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=DXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=300&d=250&e=&g=29831e40dbd34a8d446a8a77ce91d077%2F13709206012508334614&i=71725%2C29981%2C21630&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1689597040042&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1g9yb09d90egfdz2h7hp8hcs9w6kfa612g6hepz8vn9m7yhmv0sqqevrg7f95sv6wx01qr8zype0wpcx189ga7131zv8j55rdmxx4tffg4dw69kfqhzfzxnbs54x48kre0rjcbd9a4vm720kbyak7949m1rjp29yjc9nb186nkvyw6akbhn15nbpmjxt3phec8k2wx175hsamqp4bpsp93a2hck88a3p59xk444sny6fjt5z508jt84tbed92hc1dszjrdmjsbmc68vx15vntwajfg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCAl4FbzS1ZMPAAtSn7wLdgLbAA5DhgYRctqjCivACwI23ARABIABglYKAgJQHggEXY2EtcHViLTY0MDQwMDIzMjY1NzgwNzTIAQmpAk7MbFfT1rI-qAMByAMCqgTrAU_QaOo08QRpFpw3UNF_9jQ4AQer-DF-7fZoONYgf-Sods8SIutpWQUd_Nk3PV95FqSGys9o8hlRA0k_Ed9jHEV8U0nFhnjEKRhXcod6hI10vJCdJEIl_KrxOphQX_P6sNvMnUg01aI2SOQlp94uqu_Co9QOLZ58AZPtA0P-X8GEIDu7nf-jnqHY3YKfgoP7X0QfHo_tySqzazf_WrKJHCSv_6XDwfY45KLf1WLc7f1AogbK3cLxSUcRYRNU1lrTUxKp_nJqRmtHftx_az4gLdZpakw7OX45n93yExYnGQngAYMlboLP7xdx6TSABtyHrq-QxZTacqAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_0WwHRBdFsAOIqyrAhA0WQzS7U8AA%2526client%253Dca-pub-6404002326578074%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a2b9eefee68fa18c6be3c3bbe11d769b5affc01b84ea94c7ec68ae4ffacd858a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 17 Jul 2023 12:30:40 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1750759
cf-polished: origFmt=png, origSize=62828
alt-svc: h3=":443"; ma=86400
content-length: 36446
cf-bgj: imgq:85,h2pri
last-modified: Tue, 18 Oct 2022 15:02:47 GMT
server: cloudflare
etag: "e12c1a9f1887c09d377658838eaaa06d"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=osfSknVqOLIYfO3MTSCMTC8DT6u4YzzjQ4qeirgFJPT3ZrpPrYWh6RZvmKlRJGJghMBGDBLPojJXlASxL67UO%2FbhobAYcqrPbrta9NKqr1JQs8N88I3IS%2Bnjw2g%2F7Neuor6QITH5n4N6eJwF"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7e827f5dbbe83665-FRA
expires: Tue, 18 Jul 2023 12:30:40 GMT

GET
H2 200 287435BEDBEF5210566F91ED2E6D57494D1CBA241E887A111712FB8ADF6747B3B44CBC7EE390AD74BB6985CDD69339A9B2EDEE7334ACD70F503D0812F8C7EBF1
assets.ad4m.at/ Frame AD76 28 KB
29 KB 105ms
91ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/287435BEDBEF5210566F91ED2E6D57494D1CBA241E887A111712FB8ADF6747B3B44CBC7EE390AD74BB6985CDD69339A9B2EDEE7334ACD70F503D0812F8C7EBF1
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C117569%2C19769&b=eYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=DXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=300&d=250&e=&g=29831e40dbd34a8d446a8a77ce91d077%2F13709206012508334614&i=71725%2C29981%2C21630&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1689597040042&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1g9yb09d90egfdz2h7hp8hcs9w6kfa612g6hepz8vn9m7yhmv0sqqevrg7f95sv6wx01qr8zype0wpcx189ga7131zv8j55rdmxx4tffg4dw69kfqhzfzxnbs54x48kre0rjcbd9a4vm720kbyak7949m1rjp29yjc9nb186nkvyw6akbhn15nbpmjxt3phec8k2wx175hsamqp4bpsp93a2hck88a3p59xk444sny6fjt5z508jt84tbed92hc1dszjrdmjsbmc68vx15vntwajfg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCAl4FbzS1ZMPAAtSn7wLdgLbAA5DhgYRctqjCivACwI23ARABIABglYKAgJQHggEXY2EtcHViLTY0MDQwMDIzMjY1NzgwNzTIAQmpAk7MbFfT1rI-qAMByAMCqgTrAU_QaOo08QRpFpw3UNF_9jQ4AQer-DF-7fZoONYgf-Sods8SIutpWQUd_Nk3PV95FqSGys9o8hlRA0k_Ed9jHEV8U0nFhnjEKRhXcod6hI10vJCdJEIl_KrxOphQX_P6sNvMnUg01aI2SOQlp94uqu_Co9QOLZ58AZPtA0P-X8GEIDu7nf-jnqHY3YKfgoP7X0QfHo_tySqzazf_WrKJHCSv_6XDwfY45KLf1WLc7f1AogbK3cLxSUcRYRNU1lrTUxKp_nJqRmtHftx_az4gLdZpakw7OX45n93yExYnGQngAYMlboLP7xdx6TSABtyHrq-QxZTacqAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_0WwHRBdFsAOIqyrAhA0WQzS7U8AA%2526client%253Dca-pub-6404002326578074%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e944aa2add7d89134400d6d51b9b0954ad0e988edd934eccff8907ab90e1c853

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 17 Jul 2023 12:30:40 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 975713
cf-polished: qual=85, origFmt=jpeg, origSize=133780
alt-svc: h3=":443"; ma=86400
content-length: 28740
cf-bgj: imgq:85,h2pri
last-modified: Tue, 18 Feb 2020 10:22:01 GMT
server: cloudflare
etag: "d061ca155f758f490340e147604dc3ee"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CM7S3XeW7WF2UyuZ5y%2BKeVipPl5iKDj1ji382z7SgvqKJaZZ4sexjt7xmnmug2OGyHqrl0CBdKodDlTW4TS9ELUQBy2FhKqPT9OaJ2VW1fL04wJxfFfEPaPUuyHE%2BMQuB0Q2zBJPNL0qUfKW"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7e827f5d7b533665-FRA
expires: Tue, 18 Jul 2023 12:30:40 GMT

GET
H/1.1 200
OK cshow.php
www.awin1.com/ Frame AD76 43 B
705 B 219ms
109ms Image
image/gif 104.102.45.165
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.awin1.com/cshow.php?s=2531885&v=14702&q=365825&r=412871&pv=1&pref3=oneidppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkroneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&gdpr_consent=&gdpr=0&gdpr_pd=0

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.102.45.165 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-102-45-165.deploy.static.akamaitechnologies.com

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 17 Jul 2023 12:30:40 GMT
Strict-Transport-Security: max-age=86400
Node: Helix
Content-Type: image/gif
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set: default
Connection: keep-alive
Content-Length: 43
Expires: 0

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.48/one-ad/ Frame B391 114 KB
14 KB 66ms
66ms Stylesheet
text/css 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.48/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=183975%2C175059%2C499334&b=rWbTQf9f3XBdaAH7HjtqtBXVaYS8TgJka1JYM%2CQMGH4fjfP2BJaxH5HYtGtbMzjF6S4TG6dTRB7b%2CXJ5UzfrfqKQWS6H4HetqtYx6SQSkT5VeSXZDe&f=P6AhBfbfbJMRC9HjHbtgCP6ASJS9TDpQcjqdY%2C24zt6fqfj2RWSVHWHktwC2JgGHxS7TgQXaEK68%2CeYdU3fVfxr47ajHZHet2CZeJhwSQTKrACYXpb&c=300&d=250&e=&g=ac4c379941008ad21a95a81ea8bf70a7%2F6485158474764828640&i=20597%2C65915%2C28103&j=21%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1689597040059&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1g8p0wsns7rwn6vdzyj4jwzqe0g1esxv36hwdghs1z2k5t4r5pdepda1v55f4hj1k0v5jhzj3f3qpp5nskn0gx1q8ryywm93y1vjgyvhjrqfgqbjje5x7ptnnznfxjk9zj3et269ktrj1qnjr4z47p670e0g4pgt5t0gpjbpxdqyd8hzvb8sg1bmjdk1mh9c4d1bzw6wv6qw02wzvfh3h9n37kt3hcs1aa1r22w83d7y6vc3xgvgnckqasq6008sfv86g2n60w3qtjxp51ech99k0c%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCtC2mbzS1ZJ7EAoKQ5LcPk7uukA-Q4YGEXLaoworwAsCNtwEQASAAYJWCgICUB4IBF2NhLXB1Yi02NDA0MDAyMzI2NTc4MDc0yAEJqQKyeu4-Vd2yPqgDAcgDAqoE6wFP0BcA8N62bD4AQwm161b12CPyFrF89kWujkq-EejcL9MQ_HJHc3b64P6CN4yUaTnUlpoJ2y-KAVd7FJunT03MzT5Ci5k45O7OFDRnGDQiY7jokGvT82jNY9KNzbeZPOmi1cJ7jBkDsfiEW_JizSbmlb6VC0FjRjPbxoJeOoGgDkjXonImYWkdnJe7p1os8GLtNZ_dgF4nhWlyUzLe8BQ83-rat6Y4fBnsPYwJHyXYiU-DCK_IWOTrbGbK4V7YUPRDRxLVYyLW24riCSlGSOariG2dBxmGL2NZlO60MOtkmcB88kkBxsdAxZoIgAbch66vkMWU2nKgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3oYIUeLgvqwWs34VVQ3HmsgFA1fg%2526client%253Dca-pub-6404002326578074%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 032aee61923ef53fb2b9efbb5d55f771f780e9c2fce9c076638b809a9607eee3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/rar?a=183975%2C175059%2C499334&b=rWbTQf9f3XBdaAH7HjtqtBXVaYS8TgJka1JYM%2CQMGH4fjfP2BJaxH5HYtGtbMzjF6S4TG6dTRB7b%2CXJ5UzfrfqKQWS6H4HetqtYx6SQSkT5VeSXZDe&f=P6AhBfbfbJMRC9HjHbtgCP6ASJS9TDpQcjqdY%2C24zt6fqfj2RWSVHWHktwC2JgGHxS7TgQXaEK68%2CeYdU3fVfxr47ajHZHet2CZeJhwSQTKrACYXpb&c=300&d=250&e=&g=ac4c379941008ad21a95a81ea8bf70a7%2F6485158474764828640&i=20597%2C65915%2C28103&j=21%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1689597040059&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1g8p0wsns7rwn6vdzyj4jwzqe0g1esxv36hwdghs1z2k5t4r5pdepda1v55f4hj1k0v5jhzj3f3qpp5nskn0gx1q8ryywm93y1vjgyvhjrqfgqbjje5x7ptnnznfxjk9zj3et269ktrj1qnjr4z47p670e0g4pgt5t0gpjbpxdqyd8hzvb8sg1bmjdk1mh9c4d1bzw6wv6qw02wzvfh3h9n37kt3hcs1aa1r22w83d7y6vc3xgvgnckqasq6008sfv86g2n60w3qtjxp51ech99k0c%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCtC2mbzS1ZJ7EAoKQ5LcPk7uukA-Q4YGEXLaoworwAsCNtwEQASAAYJWCgICUB4IBF2NhLXB1Yi02NDA0MDAyMzI2NTc4MDc0yAEJqQKyeu4-Vd2yPqgDAcgDAqoE6wFP0BcA8N62bD4AQwm161b12CPyFrF89kWujkq-EejcL9MQ_HJHc3b64P6CN4yUaTnUlpoJ2y-KAVd7FJunT03MzT5Ci5k45O7OFDRnGDQiY7jokGvT82jNY9KNzbeZPOmi1cJ7jBkDsfiEW_JizSbmlb6VC0FjRjPbxoJeOoGgDkjXonImYWkdnJe7p1os8GLtNZ_dgF4nhWlyUzLe8BQ83-rat6Y4fBnsPYwJHyXYiU-DCK_IWOTrbGbK4V7YUPRDRxLVYyLW24riCSlGSOariG2dBxmGL2NZlO60MOtkmcB88kkBxsdAxZoIgAbch66vkMWU2nKgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3oYIUeLgvqwWs34VVQ3HmsgFA1fg%2526client%253Dca-pub-6404002326578074%2526adurl%253D&y=1&s=&z=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 17 Jul 2023 12:30:40 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime: 1687950287
age: 436653
cf-polished: origSize=117335
x-guploader-uploadid: ADPycdu7Pb84Y6vCPqpUShyJrQGb98f4yuF1LiyC2B7DeEN9kG_1SbpI2iXm6tsp7d5fI22nNzf0l66mXGhEIUVspATbXw
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 28 Jun 2023 11:05:15 GMT
server: cloudflare
etag: W/"5d49535c2a84a9762127b3d9e77d7e02"
vary: Accept-Encoding
x-goog-generation: 1687950315098833
content-type: text/css
x-goog-hash: crc32c=aWAnwg==, md5=XUlTXCqEqXYhJ7PZ531+Ag==
cache-control: public, max-age=3600
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gVxL1cxsWzMWwOI5eUb32Rp%2Fgd%2BpsZjth64SWZVa2fs2i2Tbmlq%2FszGZn1Tr0ENUNvam7iRSLXi6CWhhP6O9VBuVIKo7YrvDyE1AUH%2Bro%2F4N%2B3qAkcyTxDTZx0l6CxtWMHVF%2FF2YFoQ%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 117335
cf-ray: 7e827f5d7e540497-FRA
expires: Mon, 17 Jul 2023 13:30:40 GMT

GET
H2 200 F9B39585BFA0505D63AEC15D6DB1B02D9089CB0BB1445FD9678DBB04C32C81A56DC3B966E24F60B1752A92F908AA27DE3F0994E5B1621436EB0D2328EC61055B
assets.ad4m.at/logo/ Frame B391 219 KB
220 KB 96ms
93ms Image
image/png 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/F9B39585BFA0505D63AEC15D6DB1B02D9089CB0BB1445FD9678DBB04C32C81A56DC3B966E24F60B1752A92F908AA27DE3F0994E5B1621436EB0D2328EC61055B
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=183975%2C175059%2C499334&b=rWbTQf9f3XBdaAH7HjtqtBXVaYS8TgJka1JYM%2CQMGH4fjfP2BJaxH5HYtGtbMzjF6S4TG6dTRB7b%2CXJ5UzfrfqKQWS6H4HetqtYx6SQSkT5VeSXZDe&f=P6AhBfbfbJMRC9HjHbtgCP6ASJS9TDpQcjqdY%2C24zt6fqfj2RWSVHWHktwC2JgGHxS7TgQXaEK68%2CeYdU3fVfxr47ajHZHet2CZeJhwSQTKrACYXpb&c=300&d=250&e=&g=ac4c379941008ad21a95a81ea8bf70a7%2F6485158474764828640&i=20597%2C65915%2C28103&j=21%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1689597040059&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1g8p0wsns7rwn6vdzyj4jwzqe0g1esxv36hwdghs1z2k5t4r5pdepda1v55f4hj1k0v5jhzj3f3qpp5nskn0gx1q8ryywm93y1vjgyvhjrqfgqbjje5x7ptnnznfxjk9zj3et269ktrj1qnjr4z47p670e0g4pgt5t0gpjbpxdqyd8hzvb8sg1bmjdk1mh9c4d1bzw6wv6qw02wzvfh3h9n37kt3hcs1aa1r22w83d7y6vc3xgvgnckqasq6008sfv86g2n60w3qtjxp51ech99k0c%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCtC2mbzS1ZJ7EAoKQ5LcPk7uukA-Q4YGEXLaoworwAsCNtwEQASAAYJWCgICUB4IBF2NhLXB1Yi02NDA0MDAyMzI2NTc4MDc0yAEJqQKyeu4-Vd2yPqgDAcgDAqoE6wFP0BcA8N62bD4AQwm161b12CPyFrF89kWujkq-EejcL9MQ_HJHc3b64P6CN4yUaTnUlpoJ2y-KAVd7FJunT03MzT5Ci5k45O7OFDRnGDQiY7jokGvT82jNY9KNzbeZPOmi1cJ7jBkDsfiEW_JizSbmlb6VC0FjRjPbxoJeOoGgDkjXonImYWkdnJe7p1os8GLtNZ_dgF4nhWlyUzLe8BQ83-rat6Y4fBnsPYwJHyXYiU-DCK_IWOTrbGbK4V7YUPRDRxLVYyLW24riCSlGSOariG2dBxmGL2NZlO60MOtkmcB88kkBxsdAxZoIgAbch66vkMWU2nKgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3oYIUeLgvqwWs34VVQ3HmsgFA1fg%2526client%253Dca-pub-6404002326578074%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c2ae6a18b973d0fbd53cd575408e3720cec1b94418b180ab6b83a82611eb1906

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 17 Jul 2023 12:30:40 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 970500
cf-polished: origSize=233620, status=vary_header_present
alt-svc: h3=":443"; ma=86400
content-length: 224653
cf-bgj: imgq:85,h2pri
last-modified: Tue, 29 Mar 2022 07:10:51 GMT
server: cloudflare
etag: "d1d171dd651522f41a2fc0dba256a546"
vary: X-Goog-Allowed-Resources, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5e1ldm4ZqRpk4XH%2FSAjnRUaMJ0sUawn1qoXz2EIuWrvJ8xPMKKuL6fP50gwTpp3CQ5P9brb3QEo18eNnXiMKjqrzArBcR%2BJddgMZqfGjTzDcB8zYCFpjX46O8wZeTlK1h2zrRML7X5%2B53gXY"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7e827f5d7b633665-FRA
expires: Tue, 18 Jul 2023 12:30:40 GMT

GET
H2 200 1408E404D125984EC307986C30204BFB93CEF5A079A8B664A2AB24EB8E10E04B06FC2810F2A3432611FA8E4EB56D40C4CE476E3578F76162AC45AD15ADEE2CC0
assets.ad4m.at/product_image/ Frame B391 637 KB
638 KB 96ms
93ms Image
image/png 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/1408E404D125984EC307986C30204BFB93CEF5A079A8B664A2AB24EB8E10E04B06FC2810F2A3432611FA8E4EB56D40C4CE476E3578F76162AC45AD15ADEE2CC0
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=183975%2C175059%2C499334&b=rWbTQf9f3XBdaAH7HjtqtBXVaYS8TgJka1JYM%2CQMGH4fjfP2BJaxH5HYtGtbMzjF6S4TG6dTRB7b%2CXJ5UzfrfqKQWS6H4HetqtYx6SQSkT5VeSXZDe&f=P6AhBfbfbJMRC9HjHbtgCP6ASJS9TDpQcjqdY%2C24zt6fqfj2RWSVHWHktwC2JgGHxS7TgQXaEK68%2CeYdU3fVfxr47ajHZHet2CZeJhwSQTKrACYXpb&c=300&d=250&e=&g=ac4c379941008ad21a95a81ea8bf70a7%2F6485158474764828640&i=20597%2C65915%2C28103&j=21%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1689597040059&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1g8p0wsns7rwn6vdzyj4jwzqe0g1esxv36hwdghs1z2k5t4r5pdepda1v55f4hj1k0v5jhzj3f3qpp5nskn0gx1q8ryywm93y1vjgyvhjrqfgqbjje5x7ptnnznfxjk9zj3et269ktrj1qnjr4z47p670e0g4pgt5t0gpjbpxdqyd8hzvb8sg1bmjdk1mh9c4d1bzw6wv6qw02wzvfh3h9n37kt3hcs1aa1r22w83d7y6vc3xgvgnckqasq6008sfv86g2n60w3qtjxp51ech99k0c%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCtC2mbzS1ZJ7EAoKQ5LcPk7uukA-Q4YGEXLaoworwAsCNtwEQASAAYJWCgICUB4IBF2NhLXB1Yi02NDA0MDAyMzI2NTc4MDc0yAEJqQKyeu4-Vd2yPqgDAcgDAqoE6wFP0BcA8N62bD4AQwm161b12CPyFrF89kWujkq-EejcL9MQ_HJHc3b64P6CN4yUaTnUlpoJ2y-KAVd7FJunT03MzT5Ci5k45O7OFDRnGDQiY7jokGvT82jNY9KNzbeZPOmi1cJ7jBkDsfiEW_JizSbmlb6VC0FjRjPbxoJeOoGgDkjXonImYWkdnJe7p1os8GLtNZ_dgF4nhWlyUzLe8BQ83-rat6Y4fBnsPYwJHyXYiU-DCK_IWOTrbGbK4V7YUPRDRxLVYyLW24riCSlGSOariG2dBxmGL2NZlO60MOtkmcB88kkBxsdAxZoIgAbch66vkMWU2nKgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3oYIUeLgvqwWs34VVQ3HmsgFA1fg%2526client%253Dca-pub-6404002326578074%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 48544d39ceaebb01d8e31886a19c82330f02125740397558bb0baa16b81b8c6f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 17 Jul 2023 12:30:40 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 955764
cf-polished: origSize=731561, status=vary_header_present
alt-svc: h3=":443"; ma=86400
content-length: 651990
cf-bgj: imgq:85,h2pri
last-modified: Tue, 29 Mar 2022 07:03:31 GMT
server: cloudflare
etag: "1b69278243c107df5b11186b1f6ca585"
vary: X-Goog-Allowed-Resources, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UMRyjMbjFiTQ7nl%2BDeB8uOzuW4hEO78zPREpCSZnxCT7eKYIzgVfln3E03CBmAvXBTWZHDPQ%2FxYTO3kOQki%2BPyvrIKPa5hnoBvV8UrfPJAS4Uh3j%2BXq9kGAZRX2l500Bu9EP0Vlnw5GtGyis"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7e827f5d7b5a3665-FRA
expires: Tue, 18 Jul 2023 12:30:40 GMT

GET
H2 200 807FC0314300FD3D7EA2A3865EB887A86EFDAC77BDFCACB7C49E7904A10BC6EE8F804F370DD32A67945E13F906FCB6989AB80F264BEC5568EF9AABD964B68990
assets.ad4m.at/logo/ Frame B391 6 KB
6 KB 125ms
122ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/807FC0314300FD3D7EA2A3865EB887A86EFDAC77BDFCACB7C49E7904A10BC6EE8F804F370DD32A67945E13F906FCB6989AB80F264BEC5568EF9AABD964B68990
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=183975%2C175059%2C499334&b=rWbTQf9f3XBdaAH7HjtqtBXVaYS8TgJka1JYM%2CQMGH4fjfP2BJaxH5HYtGtbMzjF6S4TG6dTRB7b%2CXJ5UzfrfqKQWS6H4HetqtYx6SQSkT5VeSXZDe&f=P6AhBfbfbJMRC9HjHbtgCP6ASJS9TDpQcjqdY%2C24zt6fqfj2RWSVHWHktwC2JgGHxS7TgQXaEK68%2CeYdU3fVfxr47ajHZHet2CZeJhwSQTKrACYXpb&c=300&d=250&e=&g=ac4c379941008ad21a95a81ea8bf70a7%2F6485158474764828640&i=20597%2C65915%2C28103&j=21%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1689597040059&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1g8p0wsns7rwn6vdzyj4jwzqe0g1esxv36hwdghs1z2k5t4r5pdepda1v55f4hj1k0v5jhzj3f3qpp5nskn0gx1q8ryywm93y1vjgyvhjrqfgqbjje5x7ptnnznfxjk9zj3et269ktrj1qnjr4z47p670e0g4pgt5t0gpjbpxdqyd8hzvb8sg1bmjdk1mh9c4d1bzw6wv6qw02wzvfh3h9n37kt3hcs1aa1r22w83d7y6vc3xgvgnckqasq6008sfv86g2n60w3qtjxp51ech99k0c%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCtC2mbzS1ZJ7EAoKQ5LcPk7uukA-Q4YGEXLaoworwAsCNtwEQASAAYJWCgICUB4IBF2NhLXB1Yi02NDA0MDAyMzI2NTc4MDc0yAEJqQKyeu4-Vd2yPqgDAcgDAqoE6wFP0BcA8N62bD4AQwm161b12CPyFrF89kWujkq-EejcL9MQ_HJHc3b64P6CN4yUaTnUlpoJ2y-KAVd7FJunT03MzT5Ci5k45O7OFDRnGDQiY7jokGvT82jNY9KNzbeZPOmi1cJ7jBkDsfiEW_JizSbmlb6VC0FjRjPbxoJeOoGgDkjXonImYWkdnJe7p1os8GLtNZ_dgF4nhWlyUzLe8BQ83-rat6Y4fBnsPYwJHyXYiU-DCK_IWOTrbGbK4V7YUPRDRxLVYyLW24riCSlGSOariG2dBxmGL2NZlO60MOtkmcB88kkBxsdAxZoIgAbch66vkMWU2nKgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3oYIUeLgvqwWs34VVQ3HmsgFA1fg%2526client%253Dca-pub-6404002326578074%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a8aedce5ce280bf3c1e99fa9b36cb226e62cd39cf77c1f0c5660a6cab7bdece3

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 17 Jul 2023 12:30:40 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2074641
cf-polished: origFmt=png, origSize=11357
alt-svc: h3=":443"; ma=86400
content-length: 5848
cf-bgj: imgq:85,h2pri
last-modified: Fri, 09 Jun 2023 08:41:46 GMT
server: cloudflare
etag: "ccfbd2e3feb27487a1f6d1f6b03866aa"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kKb%2FGDAIAjXSzl9sFyfpjSm8tavzWXmRLvb2W36eW%2BgOS%2B56a4s%2FMrC%2B2fNHRbnSjrmG9uJr5MymwTcZyMqQoVw9KznUbwgqEmCl%2F26UiMaTxWGnMVi0wfhijQPrPZFKgFAb88kC7%2B%2FnoXBs"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7e827f5d7b553665-FRA
expires: Tue, 18 Jul 2023 12:30:40 GMT

GET
H2 200 2D65771C4E99642761C25D51AEBBCFD65B43B5413EF19697CC1FB2CD4144CA8006EDEBD7BBE3473EC0E77D5B95CFC345D27520E24E58F21FCA62F0BF53BC962B
assets.ad4m.at/ Frame B391 183 KB
184 KB 93ms
91ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/2D65771C4E99642761C25D51AEBBCFD65B43B5413EF19697CC1FB2CD4144CA8006EDEBD7BBE3473EC0E77D5B95CFC345D27520E24E58F21FCA62F0BF53BC962B
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=183975%2C175059%2C499334&b=rWbTQf9f3XBdaAH7HjtqtBXVaYS8TgJka1JYM%2CQMGH4fjfP2BJaxH5HYtGtbMzjF6S4TG6dTRB7b%2CXJ5UzfrfqKQWS6H4HetqtYx6SQSkT5VeSXZDe&f=P6AhBfbfbJMRC9HjHbtgCP6ASJS9TDpQcjqdY%2C24zt6fqfj2RWSVHWHktwC2JgGHxS7TgQXaEK68%2CeYdU3fVfxr47ajHZHet2CZeJhwSQTKrACYXpb&c=300&d=250&e=&g=ac4c379941008ad21a95a81ea8bf70a7%2F6485158474764828640&i=20597%2C65915%2C28103&j=21%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1689597040059&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1g8p0wsns7rwn6vdzyj4jwzqe0g1esxv36hwdghs1z2k5t4r5pdepda1v55f4hj1k0v5jhzj3f3qpp5nskn0gx1q8ryywm93y1vjgyvhjrqfgqbjje5x7ptnnznfxjk9zj3et269ktrj1qnjr4z47p670e0g4pgt5t0gpjbpxdqyd8hzvb8sg1bmjdk1mh9c4d1bzw6wv6qw02wzvfh3h9n37kt3hcs1aa1r22w83d7y6vc3xgvgnckqasq6008sfv86g2n60w3qtjxp51ech99k0c%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCtC2mbzS1ZJ7EAoKQ5LcPk7uukA-Q4YGEXLaoworwAsCNtwEQASAAYJWCgICUB4IBF2NhLXB1Yi02NDA0MDAyMzI2NTc4MDc0yAEJqQKyeu4-Vd2yPqgDAcgDAqoE6wFP0BcA8N62bD4AQwm161b12CPyFrF89kWujkq-EejcL9MQ_HJHc3b64P6CN4yUaTnUlpoJ2y-KAVd7FJunT03MzT5Ci5k45O7OFDRnGDQiY7jokGvT82jNY9KNzbeZPOmi1cJ7jBkDsfiEW_JizSbmlb6VC0FjRjPbxoJeOoGgDkjXonImYWkdnJe7p1os8GLtNZ_dgF4nhWlyUzLe8BQ83-rat6Y4fBnsPYwJHyXYiU-DCK_IWOTrbGbK4V7YUPRDRxLVYyLW24riCSlGSOariG2dBxmGL2NZlO60MOtkmcB88kkBxsdAxZoIgAbch66vkMWU2nKgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3oYIUeLgvqwWs34VVQ3HmsgFA1fg%2526client%253Dca-pub-6404002326578074%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 64f88a75df6eeef2e778f967a36f861c2005c64fb8b567a17a8f98878e351255

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 17 Jul 2023 12:30:40 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2074641
cf-polished: origFmt=png, origSize=289744
alt-svc: h3=":443"; ma=86400
content-length: 187558
cf-bgj: imgq:85,h2pri
last-modified: Fri, 23 Jun 2023 11:11:49 GMT
server: cloudflare
etag: "17decb4f4cab809ec8159433a7f13627"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zfqUjOYBSVuLKh314l24ZM52qpKz5jbPfcpmxBXcIk%2Fq2T1x99epr%2BEqTxW4T6oP%2FZ9ztV9fiKXnX5%2F0dSdGXadidUFDkrRvX%2F2Njj9Nj1QRchZOo8fk2pG4FWyDDlHWU2qo%2B%2F8iZFrk8sHw"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7e827f5d7b543665-FRA
expires: Tue, 18 Jul 2023 12:30:40 GMT

GET
H2 200 06356C7D9851541441B4CACEDAAE5D8201172D75EDA1190E301E14D234A9EDB6BE01C840A682296D6F2F24758896B4CF103C766D0BE419ED05E66374B57624D3
assets.ad4m.at/logo/ Frame B391 4 KB
5 KB 125ms
123ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/06356C7D9851541441B4CACEDAAE5D8201172D75EDA1190E301E14D234A9EDB6BE01C840A682296D6F2F24758896B4CF103C766D0BE419ED05E66374B57624D3
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=183975%2C175059%2C499334&b=rWbTQf9f3XBdaAH7HjtqtBXVaYS8TgJka1JYM%2CQMGH4fjfP2BJaxH5HYtGtbMzjF6S4TG6dTRB7b%2CXJ5UzfrfqKQWS6H4HetqtYx6SQSkT5VeSXZDe&f=P6AhBfbfbJMRC9HjHbtgCP6ASJS9TDpQcjqdY%2C24zt6fqfj2RWSVHWHktwC2JgGHxS7TgQXaEK68%2CeYdU3fVfxr47ajHZHet2CZeJhwSQTKrACYXpb&c=300&d=250&e=&g=ac4c379941008ad21a95a81ea8bf70a7%2F6485158474764828640&i=20597%2C65915%2C28103&j=21%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1689597040059&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1g8p0wsns7rwn6vdzyj4jwzqe0g1esxv36hwdghs1z2k5t4r5pdepda1v55f4hj1k0v5jhzj3f3qpp5nskn0gx1q8ryywm93y1vjgyvhjrqfgqbjje5x7ptnnznfxjk9zj3et269ktrj1qnjr4z47p670e0g4pgt5t0gpjbpxdqyd8hzvb8sg1bmjdk1mh9c4d1bzw6wv6qw02wzvfh3h9n37kt3hcs1aa1r22w83d7y6vc3xgvgnckqasq6008sfv86g2n60w3qtjxp51ech99k0c%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCtC2mbzS1ZJ7EAoKQ5LcPk7uukA-Q4YGEXLaoworwAsCNtwEQASAAYJWCgICUB4IBF2NhLXB1Yi02NDA0MDAyMzI2NTc4MDc0yAEJqQKyeu4-Vd2yPqgDAcgDAqoE6wFP0BcA8N62bD4AQwm161b12CPyFrF89kWujkq-EejcL9MQ_HJHc3b64P6CN4yUaTnUlpoJ2y-KAVd7FJunT03MzT5Ci5k45O7OFDRnGDQiY7jokGvT82jNY9KNzbeZPOmi1cJ7jBkDsfiEW_JizSbmlb6VC0FjRjPbxoJeOoGgDkjXonImYWkdnJe7p1os8GLtNZ_dgF4nhWlyUzLe8BQ83-rat6Y4fBnsPYwJHyXYiU-DCK_IWOTrbGbK4V7YUPRDRxLVYyLW24riCSlGSOariG2dBxmGL2NZlO60MOtkmcB88kkBxsdAxZoIgAbch66vkMWU2nKgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3oYIUeLgvqwWs34VVQ3HmsgFA1fg%2526client%253Dca-pub-6404002326578074%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bf576e9c26b9695deab4cf5e9e3c98a11827c53a1c84c8f2c429fcbd9eb7f477

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 17 Jul 2023 12:30:40 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 834157
cf-polished: origFmt=png, origSize=11814
alt-svc: h3=":443"; ma=86400
content-length: 4368
cf-bgj: imgq:85,h2pri
last-modified: Tue, 13 Oct 2020 07:20:51 GMT
server: cloudflare
etag: "e70b1de194c0fd17dd1cfe17a09f62fa"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f0HBz7sEAWitTWWzwyanJcMadjB9uABrAuO%2FyTtMeHpShcVG11hPCjUTSquWOyrbYsiVbUu0Dq27MXrw3Kn5%2BlFeihWGMKTYQ9Mz2YIhzdyryr8sbKRcrnNYck12R3FU5cdfZVsPDUkoM2Pp"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7e827f5dbbec3665-FRA
expires: Tue, 18 Jul 2023 12:30:40 GMT

GET
H2 200 A4B60577BB24842487FC99DBF0A74BFA0825A28540DB9B2E293FDAB065B3FCE73D104B26F269D1C9E3BE1D51BA4B1875C6844D0E0250A975662BD7286DB71971
assets.ad4m.at/ Frame B391 159 KB
159 KB 70ms
68ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/A4B60577BB24842487FC99DBF0A74BFA0825A28540DB9B2E293FDAB065B3FCE73D104B26F269D1C9E3BE1D51BA4B1875C6844D0E0250A975662BD7286DB71971
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=183975%2C175059%2C499334&b=rWbTQf9f3XBdaAH7HjtqtBXVaYS8TgJka1JYM%2CQMGH4fjfP2BJaxH5HYtGtbMzjF6S4TG6dTRB7b%2CXJ5UzfrfqKQWS6H4HetqtYx6SQSkT5VeSXZDe&f=P6AhBfbfbJMRC9HjHbtgCP6ASJS9TDpQcjqdY%2C24zt6fqfj2RWSVHWHktwC2JgGHxS7TgQXaEK68%2CeYdU3fVfxr47ajHZHet2CZeJhwSQTKrACYXpb&c=300&d=250&e=&g=ac4c379941008ad21a95a81ea8bf70a7%2F6485158474764828640&i=20597%2C65915%2C28103&j=21%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1689597040059&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1g8p0wsns7rwn6vdzyj4jwzqe0g1esxv36hwdghs1z2k5t4r5pdepda1v55f4hj1k0v5jhzj3f3qpp5nskn0gx1q8ryywm93y1vjgyvhjrqfgqbjje5x7ptnnznfxjk9zj3et269ktrj1qnjr4z47p670e0g4pgt5t0gpjbpxdqyd8hzvb8sg1bmjdk1mh9c4d1bzw6wv6qw02wzvfh3h9n37kt3hcs1aa1r22w83d7y6vc3xgvgnckqasq6008sfv86g2n60w3qtjxp51ech99k0c%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCtC2mbzS1ZJ7EAoKQ5LcPk7uukA-Q4YGEXLaoworwAsCNtwEQASAAYJWCgICUB4IBF2NhLXB1Yi02NDA0MDAyMzI2NTc4MDc0yAEJqQKyeu4-Vd2yPqgDAcgDAqoE6wFP0BcA8N62bD4AQwm161b12CPyFrF89kWujkq-EejcL9MQ_HJHc3b64P6CN4yUaTnUlpoJ2y-KAVd7FJunT03MzT5Ci5k45O7OFDRnGDQiY7jokGvT82jNY9KNzbeZPOmi1cJ7jBkDsfiEW_JizSbmlb6VC0FjRjPbxoJeOoGgDkjXonImYWkdnJe7p1os8GLtNZ_dgF4nhWlyUzLe8BQ83-rat6Y4fBnsPYwJHyXYiU-DCK_IWOTrbGbK4V7YUPRDRxLVYyLW24riCSlGSOariG2dBxmGL2NZlO60MOtkmcB88kkBxsdAxZoIgAbch66vkMWU2nKgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3oYIUeLgvqwWs34VVQ3HmsgFA1fg%2526client%253Dca-pub-6404002326578074%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 58536e2a4e234dd59ec9c003197beb1ed8d26bd6af6144345c2c811d59faf0d0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 17 Jul 2023 12:30:40 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 855209
cf-polished: origFmt=png, origSize=227767
alt-svc: h3=":443"; ma=86400
content-length: 162628
cf-bgj: imgq:85,h2pri
last-modified: Mon, 26 Jun 2023 08:17:52 GMT
server: cloudflare
etag: "ab4cc43e8a568b65e5bcfd01016d31bf"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=spsug0pK%2FgUgXSfOIwWQlK1KeLJG3a5OPjOcKorGF9RpUHEfKxtQzYqxeiBhNnrio%2BYE3mAUCvW0EasSdNQrjaK%2FUsJaOwe8HxCo%2B00lUkX33I7YMTC6D0MlouMKU6a4v1xi%2F8Pk31ieVLc2"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7e827f5d7b4b3665-FRA
expires: Tue, 18 Jul 2023 12:30:40 GMT

GET
H2 200 link.html Show response
track.webgains.com/ Frame AD76 2 KB
2 KB 244ms
105ms Script
text/html 18.169.161.72
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://track.webgains.com/link.html?wglinkid=3641431&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1jx4e97f1vtzxqenzn2zvdg4g6yskx30ness170xd42t87r7xztaf8rms99xxd8hm4zjy4a6ykm9bte5pjp6qmz0jjqrnxphm0f7sbdjyw8zasach2sy10vwd9941d861nfqc4wp53m9sjb6xvy72y6qn0ftqqprj4yf6r2wq3jx5f6nmka3931eh43vm7e96nzvra3bwby7bfp8bxrt19yc2m203q6cj7zdspvmaq75r0ahn4pztj8w40akbt8tax8cg%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1g9yb09d90egfdz2h7hp8hcs9w6kfa612g6hepz8vn9m7yhmv0sqqevrg7f95sv6wx01qr8zype0wpcx189ga7131zv8j55rdmxx4tffg4dw69kfqhzfzxnbs54x48kre0rjcbd9a4vm720kbyak7949m1rjp29yjc9nb186nkvyw6akbhn15nbpmjxt3phec8k2wx175hsamqp4bpsp93a2hck88a3p59xk444sny6fjt5z508jt84tbed92hc1dszjrdmjsbmc68vx15vntwajfg%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCAl4FbzS1ZMPAAtSn7wLdgLbAA5DhgYRctqjCivACwI23ARABIABglYKAgJQHggEXY2EtcHViLTY0MDQwMDIzMjY1NzgwNzTIAQmpAk7MbFfT1rI-qAMByAMCqgTrAU_QaOo08QRpFpw3UNF_9jQ4AQer-DF-7fZoONYgf-Sods8SIutpWQUd_Nk3PV95FqSGys9o8hlRA0k_Ed9jHEV8U0nFhnjEKRhXcod6hI10vJCdJEIl_KrxOphQX_P6sNvMnUg01aI2SOQlp94uqu_Co9QOLZ58AZPtA0P-X8GEIDu7nf-jnqHY3YKfgoP7X0QfHo_tySqzazf_WrKJHCSv_6XDwfY45KLf1WLc7f1AogbK3cLxSUcRYRNU1lrTUxKp_nJqRmtHftx_az4gLdZpakw7OX45n93yExYnGQngAYMlboLP7xdx6TSABtyHrq-QxZTacqAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_0WwHRBdFsAOIqyrAhA0WQzS7U8AA%252526client%25253Dca-pub-6404002326578074%252526adurl%25253D&clickref=oneidDXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjWoneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&viewref=oneideYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpboneid__suite_Netmix_Reach128_WEBGAINSMOSTLY
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C117569%2C19769&b=eYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=DXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=300&d=250&e=&g=29831e40dbd34a8d446a8a77ce91d077%2F13709206012508334614&i=71725%2C29981%2C21630&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1689597040042&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1g9yb09d90egfdz2h7hp8hcs9w6kfa612g6hepz8vn9m7yhmv0sqqevrg7f95sv6wx01qr8zype0wpcx189ga7131zv8j55rdmxx4tffg4dw69kfqhzfzxnbs54x48kre0rjcbd9a4vm720kbyak7949m1rjp29yjc9nb186nkvyw6akbhn15nbpmjxt3phec8k2wx175hsamqp4bpsp93a2hck88a3p59xk444sny6fjt5z508jt84tbed92hc1dszjrdmjsbmc68vx15vntwajfg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCAl4FbzS1ZMPAAtSn7wLdgLbAA5DhgYRctqjCivACwI23ARABIABglYKAgJQHggEXY2EtcHViLTY0MDQwMDIzMjY1NzgwNzTIAQmpAk7MbFfT1rI-qAMByAMCqgTrAU_QaOo08QRpFpw3UNF_9jQ4AQer-DF-7fZoONYgf-Sods8SIutpWQUd_Nk3PV95FqSGys9o8hlRA0k_Ed9jHEV8U0nFhnjEKRhXcod6hI10vJCdJEIl_KrxOphQX_P6sNvMnUg01aI2SOQlp94uqu_Co9QOLZ58AZPtA0P-X8GEIDu7nf-jnqHY3YKfgoP7X0QfHo_tySqzazf_WrKJHCSv_6XDwfY45KLf1WLc7f1AogbK3cLxSUcRYRNU1lrTUxKp_nJqRmtHftx_az4gLdZpakw7OX45n93yExYnGQngAYMlboLP7xdx6TSABtyHrq-QxZTacqAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_0WwHRBdFsAOIqyrAhA0WQzS7U8AA%2526client%253Dca-pub-6404002326578074%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.169.161.72 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-169-161-72.eu-west-2.compute.amazonaws.com
Software: nginx / PHP/7.4.26
Resource Hash: a04173e5b26f8bf3091453a6595922820c45b7db9d0891b54a6eef7f50f2cfab

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 17 Jul 2023 12:30:40 GMT
last-modified: Mon, 17 Jul 2023 12:30:40 GMT
server: nginx
x-powered-by: PHP/7.4.26
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=60
access-control-allow-headers: Authorization
expires: Mon, 17 Jul 2023 12:31:40 GMT

GET
H2 200 link.html Show response
track.webgains.com/ Frame B391 1 KB
2 KB 200ms
107ms Script
text/html 18.169.161.72
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://track.webgains.com/link.html?wglinkid=2194035&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1ktmdhnsecj36qtv3p7hgp6yc9xf4b81e1347v089j9stcv5thqp8vq5sn3jt82h4yegh3ap3q2jz9fjf7wyshmpv2ayfycrqczyy06679n3yq5fr5mzsyar0545wf88a09ef79yx09je7r5vqhxxaejps7tq6kbn83ngcmradcjqpd7afz04h47byg8hep2wcz5js6nnkx7h6j1861gvq2r9rpqv481jsrg235x98mg0vw23ppjsnhag8hdnyw4zmvg%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1g8p0wsns7rwn6vdzyj4jwzqe0g1esxv36hwdghs1z2k5t4r5pdepda1v55f4hj1k0v5jhzj3f3qpp5nskn0gx1q8ryywm93y1vjgyvhjrqfgqbjje5x7ptnnznfxjk9zj3et269ktrj1qnjr4z47p670e0g4pgt5t0gpjbpxdqyd8hzvb8sg1bmjdk1mh9c4d1bzw6wv6qw02wzvfh3h9n37kt3hcs1aa1r22w83d7y6vc3xgvgnckqasq6008sfv86g2n60w3qtjxp51ech99k0c%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCtC2mbzS1ZJ7EAoKQ5LcPk7uukA-Q4YGEXLaoworwAsCNtwEQASAAYJWCgICUB4IBF2NhLXB1Yi02NDA0MDAyMzI2NTc4MDc0yAEJqQKyeu4-Vd2yPqgDAcgDAqoE6wFP0BcA8N62bD4AQwm161b12CPyFrF89kWujkq-EejcL9MQ_HJHc3b64P6CN4yUaTnUlpoJ2y-KAVd7FJunT03MzT5Ci5k45O7OFDRnGDQiY7jokGvT82jNY9KNzbeZPOmi1cJ7jBkDsfiEW_JizSbmlb6VC0FjRjPbxoJeOoGgDkjXonImYWkdnJe7p1os8GLtNZ_dgF4nhWlyUzLe8BQ83-rat6Y4fBnsPYwJHyXYiU-DCK_IWOTrbGbK4V7YUPRDRxLVYyLW24riCSlGSOariG2dBxmGL2NZlO60MOtkmcB88kkBxsdAxZoIgAbch66vkMWU2nKgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_3oYIUeLgvqwWs34VVQ3HmsgFA1fg%252526client%25253Dca-pub-6404002326578074%252526adurl%25253D&clickref=oneidP6AhBfbfbJMRC9HjHbtgCP6ASJS9TDpQcjqdYoneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&viewref=oneidrWbTQf9f3XBdaAH7HjtqtBXVaYS8TgJka1JYMoneid__suite_Netmix_Reach128_WEBGAINSMOSTLY
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=183975%2C175059%2C499334&b=rWbTQf9f3XBdaAH7HjtqtBXVaYS8TgJka1JYM%2CQMGH4fjfP2BJaxH5HYtGtbMzjF6S4TG6dTRB7b%2CXJ5UzfrfqKQWS6H4HetqtYx6SQSkT5VeSXZDe&f=P6AhBfbfbJMRC9HjHbtgCP6ASJS9TDpQcjqdY%2C24zt6fqfj2RWSVHWHktwC2JgGHxS7TgQXaEK68%2CeYdU3fVfxr47ajHZHet2CZeJhwSQTKrACYXpb&c=300&d=250&e=&g=ac4c379941008ad21a95a81ea8bf70a7%2F6485158474764828640&i=20597%2C65915%2C28103&j=21%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1689597040059&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1g8p0wsns7rwn6vdzyj4jwzqe0g1esxv36hwdghs1z2k5t4r5pdepda1v55f4hj1k0v5jhzj3f3qpp5nskn0gx1q8ryywm93y1vjgyvhjrqfgqbjje5x7ptnnznfxjk9zj3et269ktrj1qnjr4z47p670e0g4pgt5t0gpjbpxdqyd8hzvb8sg1bmjdk1mh9c4d1bzw6wv6qw02wzvfh3h9n37kt3hcs1aa1r22w83d7y6vc3xgvgnckqasq6008sfv86g2n60w3qtjxp51ech99k0c%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCtC2mbzS1ZJ7EAoKQ5LcPk7uukA-Q4YGEXLaoworwAsCNtwEQASAAYJWCgICUB4IBF2NhLXB1Yi02NDA0MDAyMzI2NTc4MDc0yAEJqQKyeu4-Vd2yPqgDAcgDAqoE6wFP0BcA8N62bD4AQwm161b12CPyFrF89kWujkq-EejcL9MQ_HJHc3b64P6CN4yUaTnUlpoJ2y-KAVd7FJunT03MzT5Ci5k45O7OFDRnGDQiY7jokGvT82jNY9KNzbeZPOmi1cJ7jBkDsfiEW_JizSbmlb6VC0FjRjPbxoJeOoGgDkjXonImYWkdnJe7p1os8GLtNZ_dgF4nhWlyUzLe8BQ83-rat6Y4fBnsPYwJHyXYiU-DCK_IWOTrbGbK4V7YUPRDRxLVYyLW24riCSlGSOariG2dBxmGL2NZlO60MOtkmcB88kkBxsdAxZoIgAbch66vkMWU2nKgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3oYIUeLgvqwWs34VVQ3HmsgFA1fg%2526client%253Dca-pub-6404002326578074%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.169.161.72 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-169-161-72.eu-west-2.compute.amazonaws.com
Software: nginx / PHP/7.4.26
Resource Hash: 31a2f7a3198bd340466079fc3e22a36d2b1447a7fd72177cc6a5bb78a08b8b18

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 17 Jul 2023 12:30:40 GMT
last-modified: Mon, 17 Jul 2023 12:30:40 GMT
server: nginx
x-powered-by: PHP/7.4.26
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=60
access-control-allow-headers: Authorization
expires: Mon, 17 Jul 2023 12:31:40 GMT

GET
H2 200 link.html Show response
track.webgains.com/ Frame B391 1 KB
2 KB 178ms
87ms Script
text/html 18.169.161.72
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://track.webgains.com/link.html?wglinkid=3756941&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1h5c87n0neb11ttfgv07c2wz3j6dnrzb1h0wgb6nghbsekxvnjw88jebpsszddjcb7jttah90zr2knhq0xpdejz5f2gnkdn2arphy8kqq33wyjh2p64785435zgaffqe3td24thvbhqe5a4srpk15g7m4fhmr69wrhrefrtyb2m7dg78szsh0y7wyydnndnxgf1cp1te773pq620h7haka7zjrjq4q8trfghr8rwzfvmp3hjvwjdtg4svb2jy9b5k090%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1g8p0wsns7rwn6vdzyj4jwzqe0g1esxv36hwdghs1z2k5t4r5pdepda1v55f4hj1k0v5jhzj3f3qpp5nskn0gx1q8ryywm93y1vjgyvhjrqfgqbjje5x7ptnnznfxjk9zj3et269ktrj1qnjr4z47p670e0g4pgt5t0gpjbpxdqyd8hzvb8sg1bmjdk1mh9c4d1bzw6wv6qw02wzvfh3h9n37kt3hcs1aa1r22w83d7y6vc3xgvgnckqasq6008sfv86g2n60w3qtjxp51ech99k0c%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCtC2mbzS1ZJ7EAoKQ5LcPk7uukA-Q4YGEXLaoworwAsCNtwEQASAAYJWCgICUB4IBF2NhLXB1Yi02NDA0MDAyMzI2NTc4MDc0yAEJqQKyeu4-Vd2yPqgDAcgDAqoE6wFP0BcA8N62bD4AQwm161b12CPyFrF89kWujkq-EejcL9MQ_HJHc3b64P6CN4yUaTnUlpoJ2y-KAVd7FJunT03MzT5Ci5k45O7OFDRnGDQiY7jokGvT82jNY9KNzbeZPOmi1cJ7jBkDsfiEW_JizSbmlb6VC0FjRjPbxoJeOoGgDkjXonImYWkdnJe7p1os8GLtNZ_dgF4nhWlyUzLe8BQ83-rat6Y4fBnsPYwJHyXYiU-DCK_IWOTrbGbK4V7YUPRDRxLVYyLW24riCSlGSOariG2dBxmGL2NZlO60MOtkmcB88kkBxsdAxZoIgAbch66vkMWU2nKgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_3oYIUeLgvqwWs34VVQ3HmsgFA1fg%252526client%25253Dca-pub-6404002326578074%252526adurl%25253D&clickref=oneid24zt6fqfj2RWSVHWHktwC2JgGHxS7TgQXaEK68oneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&viewref=oneidQMGH4fjfP2BJaxH5HYtGtbMzjF6S4TG6dTRB7boneid__suite_Netmix_Reach128_WEBGAINSMOSTLY
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=183975%2C175059%2C499334&b=rWbTQf9f3XBdaAH7HjtqtBXVaYS8TgJka1JYM%2CQMGH4fjfP2BJaxH5HYtGtbMzjF6S4TG6dTRB7b%2CXJ5UzfrfqKQWS6H4HetqtYx6SQSkT5VeSXZDe&f=P6AhBfbfbJMRC9HjHbtgCP6ASJS9TDpQcjqdY%2C24zt6fqfj2RWSVHWHktwC2JgGHxS7TgQXaEK68%2CeYdU3fVfxr47ajHZHet2CZeJhwSQTKrACYXpb&c=300&d=250&e=&g=ac4c379941008ad21a95a81ea8bf70a7%2F6485158474764828640&i=20597%2C65915%2C28103&j=21%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1689597040059&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1g8p0wsns7rwn6vdzyj4jwzqe0g1esxv36hwdghs1z2k5t4r5pdepda1v55f4hj1k0v5jhzj3f3qpp5nskn0gx1q8ryywm93y1vjgyvhjrqfgqbjje5x7ptnnznfxjk9zj3et269ktrj1qnjr4z47p670e0g4pgt5t0gpjbpxdqyd8hzvb8sg1bmjdk1mh9c4d1bzw6wv6qw02wzvfh3h9n37kt3hcs1aa1r22w83d7y6vc3xgvgnckqasq6008sfv86g2n60w3qtjxp51ech99k0c%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCtC2mbzS1ZJ7EAoKQ5LcPk7uukA-Q4YGEXLaoworwAsCNtwEQASAAYJWCgICUB4IBF2NhLXB1Yi02NDA0MDAyMzI2NTc4MDc0yAEJqQKyeu4-Vd2yPqgDAcgDAqoE6wFP0BcA8N62bD4AQwm161b12CPyFrF89kWujkq-EejcL9MQ_HJHc3b64P6CN4yUaTnUlpoJ2y-KAVd7FJunT03MzT5Ci5k45O7OFDRnGDQiY7jokGvT82jNY9KNzbeZPOmi1cJ7jBkDsfiEW_JizSbmlb6VC0FjRjPbxoJeOoGgDkjXonImYWkdnJe7p1os8GLtNZ_dgF4nhWlyUzLe8BQ83-rat6Y4fBnsPYwJHyXYiU-DCK_IWOTrbGbK4V7YUPRDRxLVYyLW24riCSlGSOariG2dBxmGL2NZlO60MOtkmcB88kkBxsdAxZoIgAbch66vkMWU2nKgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3oYIUeLgvqwWs34VVQ3HmsgFA1fg%2526client%253Dca-pub-6404002326578074%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.169.161.72 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-169-161-72.eu-west-2.compute.amazonaws.com
Software: nginx / PHP/7.4.26
Resource Hash: fd226b7c8b3e1ee6bcc7df8418312300cfe62dca99c238040cc514a0098d79a5

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 17 Jul 2023 12:30:40 GMT
last-modified: Mon, 17 Jul 2023 12:30:40 GMT
server: nginx
x-powered-by: PHP/7.4.26
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=60
access-control-allow-headers: Authorization
expires: Mon, 17 Jul 2023 12:31:40 GMT

GET
H2 200 link.html Show response
track.webgains.com/ Frame B391 2 KB
2 KB 196ms
105ms Script
text/html 18.169.161.72
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://track.webgains.com/link.html?wglinkid=4970500&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1jeqfrf7tr7ey66yb27axygaynr22e82cvcew00442gmr9sf26xc1crcx52f2bf84e2m0m12e6k0xrm2depypdkcbx34gqkd2krt583nmj17478k9t518nmmq7hnfk7hqzx0ttjd7wmwk14asndbh86cp16n9kd8rjdbbf6s91zgk9s7fs1r0nvnsz25xfbgnxphpvmqkmh8dqary4nk2zkgg7x1bcwb5s8rcakdbn19szetdjebjh643k06hcbg9mj0%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1g8p0wsns7rwn6vdzyj4jwzqe0g1esxv36hwdghs1z2k5t4r5pdepda1v55f4hj1k0v5jhzj3f3qpp5nskn0gx1q8ryywm93y1vjgyvhjrqfgqbjje5x7ptnnznfxjk9zj3et269ktrj1qnjr4z47p670e0g4pgt5t0gpjbpxdqyd8hzvb8sg1bmjdk1mh9c4d1bzw6wv6qw02wzvfh3h9n37kt3hcs1aa1r22w83d7y6vc3xgvgnckqasq6008sfv86g2n60w3qtjxp51ech99k0c%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCtC2mbzS1ZJ7EAoKQ5LcPk7uukA-Q4YGEXLaoworwAsCNtwEQASAAYJWCgICUB4IBF2NhLXB1Yi02NDA0MDAyMzI2NTc4MDc0yAEJqQKyeu4-Vd2yPqgDAcgDAqoE6wFP0BcA8N62bD4AQwm161b12CPyFrF89kWujkq-EejcL9MQ_HJHc3b64P6CN4yUaTnUlpoJ2y-KAVd7FJunT03MzT5Ci5k45O7OFDRnGDQiY7jokGvT82jNY9KNzbeZPOmi1cJ7jBkDsfiEW_JizSbmlb6VC0FjRjPbxoJeOoGgDkjXonImYWkdnJe7p1os8GLtNZ_dgF4nhWlyUzLe8BQ83-rat6Y4fBnsPYwJHyXYiU-DCK_IWOTrbGbK4V7YUPRDRxLVYyLW24riCSlGSOariG2dBxmGL2NZlO60MOtkmcB88kkBxsdAxZoIgAbch66vkMWU2nKgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_3oYIUeLgvqwWs34VVQ3HmsgFA1fg%252526client%25253Dca-pub-6404002326578074%252526adurl%25253D&clickref=oneideYdU3fVfxr47ajHZHet2CZeJhwSQTKrACYXpboneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&viewref=oneidXJ5UzfrfqKQWS6H4HetqtYx6SQSkT5VeSXZDeoneid__suite_Netmix_Reach128_WEBGAINSMOSTLY
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=183975%2C175059%2C499334&b=rWbTQf9f3XBdaAH7HjtqtBXVaYS8TgJka1JYM%2CQMGH4fjfP2BJaxH5HYtGtbMzjF6S4TG6dTRB7b%2CXJ5UzfrfqKQWS6H4HetqtYx6SQSkT5VeSXZDe&f=P6AhBfbfbJMRC9HjHbtgCP6ASJS9TDpQcjqdY%2C24zt6fqfj2RWSVHWHktwC2JgGHxS7TgQXaEK68%2CeYdU3fVfxr47ajHZHet2CZeJhwSQTKrACYXpb&c=300&d=250&e=&g=ac4c379941008ad21a95a81ea8bf70a7%2F6485158474764828640&i=20597%2C65915%2C28103&j=21%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1689597040059&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1g8p0wsns7rwn6vdzyj4jwzqe0g1esxv36hwdghs1z2k5t4r5pdepda1v55f4hj1k0v5jhzj3f3qpp5nskn0gx1q8ryywm93y1vjgyvhjrqfgqbjje5x7ptnnznfxjk9zj3et269ktrj1qnjr4z47p670e0g4pgt5t0gpjbpxdqyd8hzvb8sg1bmjdk1mh9c4d1bzw6wv6qw02wzvfh3h9n37kt3hcs1aa1r22w83d7y6vc3xgvgnckqasq6008sfv86g2n60w3qtjxp51ech99k0c%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCtC2mbzS1ZJ7EAoKQ5LcPk7uukA-Q4YGEXLaoworwAsCNtwEQASAAYJWCgICUB4IBF2NhLXB1Yi02NDA0MDAyMzI2NTc4MDc0yAEJqQKyeu4-Vd2yPqgDAcgDAqoE6wFP0BcA8N62bD4AQwm161b12CPyFrF89kWujkq-EejcL9MQ_HJHc3b64P6CN4yUaTnUlpoJ2y-KAVd7FJunT03MzT5Ci5k45O7OFDRnGDQiY7jokGvT82jNY9KNzbeZPOmi1cJ7jBkDsfiEW_JizSbmlb6VC0FjRjPbxoJeOoGgDkjXonImYWkdnJe7p1os8GLtNZ_dgF4nhWlyUzLe8BQ83-rat6Y4fBnsPYwJHyXYiU-DCK_IWOTrbGbK4V7YUPRDRxLVYyLW24riCSlGSOariG2dBxmGL2NZlO60MOtkmcB88kkBxsdAxZoIgAbch66vkMWU2nKgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3oYIUeLgvqwWs34VVQ3HmsgFA1fg%2526client%253Dca-pub-6404002326578074%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.169.161.72 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-169-161-72.eu-west-2.compute.amazonaws.com
Software: nginx / PHP/7.4.26
Resource Hash: 97fadd1dad99cc3a0826e954ee02a7c035aa4902b83b9306beaf6100acaf7d2e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 17 Jul 2023 12:30:40 GMT
last-modified: Mon, 17 Jul 2023 12:30:40 GMT
server: nginx
x-powered-by: PHP/7.4.26
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=60
access-control-allow-headers: Authorization
expires: Mon, 17 Jul 2023 12:31:40 GMT

GET
H2 200 pvClk.min.js Show response
analytics.webgains.io/ Frame B391 85 KB
31 KB 166ms
51ms Script
text/javascript 18.66.147.52
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.webgains.io/pvClk.min.js
Requested by: Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=3756941&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1h5c87n0neb11ttfgv07c2wz3j6dnrzb1h0wgb6nghbsekxvnjw88jebpsszddjcb7jttah90zr2knhq0xpdejz5f2gnkdn2arphy8kqq33wyjh2p64785435zgaffqe3td24thvbhqe5a4srpk15g7m4fhmr69wrhrefrtyb2m7dg78szsh0y7wyydnndnxgf1cp1te773pq620h7haka7zjrjq4q8trfghr8rwzfvmp3hjvwjdtg4svb2jy9b5k090%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1g8p0wsns7rwn6vdzyj4jwzqe0g1esxv36hwdghs1z2k5t4r5pdepda1v55f4hj1k0v5jhzj3f3qpp5nskn0gx1q8ryywm93y1vjgyvhjrqfgqbjje5x7ptnnznfxjk9zj3et269ktrj1qnjr4z47p670e0g4pgt5t0gpjbpxdqyd8hzvb8sg1bmjdk1mh9c4d1bzw6wv6qw02wzvfh3h9n37kt3hcs1aa1r22w83d7y6vc3xgvgnckqasq6008sfv86g2n60w3qtjxp51ech99k0c%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCtC2mbzS1ZJ7EAoKQ5LcPk7uukA-Q4YGEXLaoworwAsCNtwEQASAAYJWCgICUB4IBF2NhLXB1Yi02NDA0MDAyMzI2NTc4MDc0yAEJqQKyeu4-Vd2yPqgDAcgDAqoE6wFP0BcA8N62bD4AQwm161b12CPyFrF89kWujkq-EejcL9MQ_HJHc3b64P6CN4yUaTnUlpoJ2y-KAVd7FJunT03MzT5Ci5k45O7OFDRnGDQiY7jokGvT82jNY9KNzbeZPOmi1cJ7jBkDsfiEW_JizSbmlb6VC0FjRjPbxoJeOoGgDkjXonImYWkdnJe7p1os8GLtNZ_dgF4nhWlyUzLe8BQ83-rat6Y4fBnsPYwJHyXYiU-DCK_IWOTrbGbK4V7YUPRDRxLVYyLW24riCSlGSOariG2dBxmGL2NZlO60MOtkmcB88kkBxsdAxZoIgAbch66vkMWU2nKgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_3oYIUeLgvqwWs34VVQ3HmsgFA1fg%252526client%25253Dca-pub-6404002326578074%252526adurl%25253D&clickref=oneid24zt6fqfj2RWSVHWHktwC2JgGHxS7TgQXaEK68oneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&viewref=oneidQMGH4fjfP2BJaxH5HYtGtbMzjF6S4TG6dTRB7boneid__suite_Netmix_Reach128_WEBGAINSMOSTLY
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.52 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-52.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 00c5621a3f56c052959f8f0591b65e893f132b49b1447fde20767966cacbfbfe

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 17 Jul 2023 11:11:27 GMT
content-encoding: gzip
via: 1.1 544049d1dc4d534822b40b9f9c7529da.cloudfront.net (CloudFront)
last-modified: Wed, 15 Mar 2023 17:26:29 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P4
age: 4754
etag: W/"876c293e6c37046ecb0c11ce2e276942"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
x-amz-cf-id: VlupeOkJfvS1JWbcjGeDVC-BUdLhu9ihA5FhZxpak5y9FrPEvMFDZA==

GET
H2 200 link.html
track.webgains.com/ Frame B391 90 KB
90 KB 88ms
88ms Image
image/gif 18.169.161.72
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track.webgains.com/link.html?wgdedup=1&wgcampaignid=1384975&viewref=oneidQMGH4fjfP2BJaxH5HYtGtbMzjF6S4TG6dTRB7boneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&wglinkid=3756941
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=183975%2C175059%2C499334&b=rWbTQf9f3XBdaAH7HjtqtBXVaYS8TgJka1JYM%2CQMGH4fjfP2BJaxH5HYtGtbMzjF6S4TG6dTRB7b%2CXJ5UzfrfqKQWS6H4HetqtYx6SQSkT5VeSXZDe&f=P6AhBfbfbJMRC9HjHbtgCP6ASJS9TDpQcjqdY%2C24zt6fqfj2RWSVHWHktwC2JgGHxS7TgQXaEK68%2CeYdU3fVfxr47ajHZHet2CZeJhwSQTKrACYXpb&c=300&d=250&e=&g=ac4c379941008ad21a95a81ea8bf70a7%2F6485158474764828640&i=20597%2C65915%2C28103&j=21%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1689597040059&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1g8p0wsns7rwn6vdzyj4jwzqe0g1esxv36hwdghs1z2k5t4r5pdepda1v55f4hj1k0v5jhzj3f3qpp5nskn0gx1q8ryywm93y1vjgyvhjrqfgqbjje5x7ptnnznfxjk9zj3et269ktrj1qnjr4z47p670e0g4pgt5t0gpjbpxdqyd8hzvb8sg1bmjdk1mh9c4d1bzw6wv6qw02wzvfh3h9n37kt3hcs1aa1r22w83d7y6vc3xgvgnckqasq6008sfv86g2n60w3qtjxp51ech99k0c%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCtC2mbzS1ZJ7EAoKQ5LcPk7uukA-Q4YGEXLaoworwAsCNtwEQASAAYJWCgICUB4IBF2NhLXB1Yi02NDA0MDAyMzI2NTc4MDc0yAEJqQKyeu4-Vd2yPqgDAcgDAqoE6wFP0BcA8N62bD4AQwm161b12CPyFrF89kWujkq-EejcL9MQ_HJHc3b64P6CN4yUaTnUlpoJ2y-KAVd7FJunT03MzT5Ci5k45O7OFDRnGDQiY7jokGvT82jNY9KNzbeZPOmi1cJ7jBkDsfiEW_JizSbmlb6VC0FjRjPbxoJeOoGgDkjXonImYWkdnJe7p1os8GLtNZ_dgF4nhWlyUzLe8BQ83-rat6Y4fBnsPYwJHyXYiU-DCK_IWOTrbGbK4V7YUPRDRxLVYyLW24riCSlGSOariG2dBxmGL2NZlO60MOtkmcB88kkBxsdAxZoIgAbch66vkMWU2nKgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3oYIUeLgvqwWs34VVQ3HmsgFA1fg%2526client%253Dca-pub-6404002326578074%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.169.161.72 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-169-161-72.eu-west-2.compute.amazonaws.com
Software: nginx / PHP/7.4.26
Resource Hash: 4678201b0274f75c6f34a6810d09fe2e90eb9cd736c0cfd7487f1d7974569c4b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 17 Jul 2023 12:30:40 GMT
last-modified: Mon, 17 Jul 2023 12:30:40 GMT
server: nginx
x-powered-by: PHP/7.4.26
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: private, max-age=60
access-control-allow-headers: Authorization
expires: Mon, 17 Jul 2023 12:31:40 GMT

GET
H2 200 88x31%20Weedo%20Logo.png
cdn.track.production.webgains.team/281455/ Frame B391 1 KB
2 KB 177ms
54ms Image
image/png 18.155.129.96
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.track.production.webgains.team/281455/88x31%20Weedo%20Logo.png?Expires=1689597340&Signature=T5et2fjZznKkz6Tnmd3D2dYJW18XsYWLaHq-6NNUya0gcPjH3-4yhoGpMdYY7cpRSxIiNLqEUG7ChEne9eh9gDPhU8kE~H2~p-0vFlNBCsUcJr-QX92Vgxy7uxyCrjJ380Qi-dDoNkguDLLG4~jsZ3kU2HSF~KpWFPV5tAbExgCK~sjmLFuLfsKeIA9wd599IFMtWhn1JxWA-M9aiqk61fQBebfr7GrVsKRX6IvujlCW9Ij3wjiL6KhmbO8YNBSXKVLjongso-1KOg1vQgpu7uHDTU1bq4AFuXT5~mPqDz5dM7YABQwgkIfjLvlk3TsFGph~I4P55Z0FS12SDaKOYQ__&Key-Pair-Id=K28VXAGA7VWE0O
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=183975%2C175059%2C499334&b=rWbTQf9f3XBdaAH7HjtqtBXVaYS8TgJka1JYM%2CQMGH4fjfP2BJaxH5HYtGtbMzjF6S4TG6dTRB7b%2CXJ5UzfrfqKQWS6H4HetqtYx6SQSkT5VeSXZDe&f=P6AhBfbfbJMRC9HjHbtgCP6ASJS9TDpQcjqdY%2C24zt6fqfj2RWSVHWHktwC2JgGHxS7TgQXaEK68%2CeYdU3fVfxr47ajHZHet2CZeJhwSQTKrACYXpb&c=300&d=250&e=&g=ac4c379941008ad21a95a81ea8bf70a7%2F6485158474764828640&i=20597%2C65915%2C28103&j=21%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1689597040059&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1g8p0wsns7rwn6vdzyj4jwzqe0g1esxv36hwdghs1z2k5t4r5pdepda1v55f4hj1k0v5jhzj3f3qpp5nskn0gx1q8ryywm93y1vjgyvhjrqfgqbjje5x7ptnnznfxjk9zj3et269ktrj1qnjr4z47p670e0g4pgt5t0gpjbpxdqyd8hzvb8sg1bmjdk1mh9c4d1bzw6wv6qw02wzvfh3h9n37kt3hcs1aa1r22w83d7y6vc3xgvgnckqasq6008sfv86g2n60w3qtjxp51ech99k0c%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCtC2mbzS1ZJ7EAoKQ5LcPk7uukA-Q4YGEXLaoworwAsCNtwEQASAAYJWCgICUB4IBF2NhLXB1Yi02NDA0MDAyMzI2NTc4MDc0yAEJqQKyeu4-Vd2yPqgDAcgDAqoE6wFP0BcA8N62bD4AQwm161b12CPyFrF89kWujkq-EejcL9MQ_HJHc3b64P6CN4yUaTnUlpoJ2y-KAVd7FJunT03MzT5Ci5k45O7OFDRnGDQiY7jokGvT82jNY9KNzbeZPOmi1cJ7jBkDsfiEW_JizSbmlb6VC0FjRjPbxoJeOoGgDkjXonImYWkdnJe7p1os8GLtNZ_dgF4nhWlyUzLe8BQ83-rat6Y4fBnsPYwJHyXYiU-DCK_IWOTrbGbK4V7YUPRDRxLVYyLW24riCSlGSOariG2dBxmGL2NZlO60MOtkmcB88kkBxsdAxZoIgAbch66vkMWU2nKgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3oYIUeLgvqwWs34VVQ3HmsgFA1fg%2526client%253Dca-pub-6404002326578074%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.155.129.96 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-155-129-96.cdg52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 51593d54890a2170db65d631a8fd30bf336121f9ad824d1dcf409c43fc406be3

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-amz-version-id: null
date: Mon, 17 Jul 2023 04:42:21 GMT
via: 1.1 c812f87630e842766e842cb048d8c94e.cloudfront.net (CloudFront)
x-amz-cf-pop: CDG52-P4
age: 28101
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-storage-class: REDUCED_REDUNDANCY
content-length: 1354
last-modified: Fri, 16 Jun 2023 11:00:28 GMT
server: AmazonS3
etag: "097ef07b3a89c80f3a54d148ff1def3c"
vary: Accept-Encoding
content-type: image/png
accept-ranges: bytes
x-amz-cf-id: N0r5n_bxyPMLgR52N0D1d8obyl1djxOi0hHFh1aQ66xp-cSu2HBvWg==

GET
H2 200 pvClk.min.js Show response
analytics.webgains.io/ Frame AD76 85 KB
31 KB 198ms
93ms Script
text/javascript 18.66.147.52
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.webgains.io/pvClk.min.js
Requested by: Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=3641431&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1jx4e97f1vtzxqenzn2zvdg4g6yskx30ness170xd42t87r7xztaf8rms99xxd8hm4zjy4a6ykm9bte5pjp6qmz0jjqrnxphm0f7sbdjyw8zasach2sy10vwd9941d861nfqc4wp53m9sjb6xvy72y6qn0ftqqprj4yf6r2wq3jx5f6nmka3931eh43vm7e96nzvra3bwby7bfp8bxrt19yc2m203q6cj7zdspvmaq75r0ahn4pztj8w40akbt8tax8cg%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1g9yb09d90egfdz2h7hp8hcs9w6kfa612g6hepz8vn9m7yhmv0sqqevrg7f95sv6wx01qr8zype0wpcx189ga7131zv8j55rdmxx4tffg4dw69kfqhzfzxnbs54x48kre0rjcbd9a4vm720kbyak7949m1rjp29yjc9nb186nkvyw6akbhn15nbpmjxt3phec8k2wx175hsamqp4bpsp93a2hck88a3p59xk444sny6fjt5z508jt84tbed92hc1dszjrdmjsbmc68vx15vntwajfg%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCAl4FbzS1ZMPAAtSn7wLdgLbAA5DhgYRctqjCivACwI23ARABIABglYKAgJQHggEXY2EtcHViLTY0MDQwMDIzMjY1NzgwNzTIAQmpAk7MbFfT1rI-qAMByAMCqgTrAU_QaOo08QRpFpw3UNF_9jQ4AQer-DF-7fZoONYgf-Sods8SIutpWQUd_Nk3PV95FqSGys9o8hlRA0k_Ed9jHEV8U0nFhnjEKRhXcod6hI10vJCdJEIl_KrxOphQX_P6sNvMnUg01aI2SOQlp94uqu_Co9QOLZ58AZPtA0P-X8GEIDu7nf-jnqHY3YKfgoP7X0QfHo_tySqzazf_WrKJHCSv_6XDwfY45KLf1WLc7f1AogbK3cLxSUcRYRNU1lrTUxKp_nJqRmtHftx_az4gLdZpakw7OX45n93yExYnGQngAYMlboLP7xdx6TSABtyHrq-QxZTacqAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_0WwHRBdFsAOIqyrAhA0WQzS7U8AA%252526client%25253Dca-pub-6404002326578074%252526adurl%25253D&clickref=oneidDXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjWoneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&viewref=oneideYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpboneid__suite_Netmix_Reach128_WEBGAINSMOSTLY
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.52 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-52.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 00c5621a3f56c052959f8f0591b65e893f132b49b1447fde20767966cacbfbfe

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 17 Jul 2023 11:11:27 GMT
content-encoding: gzip
via: 1.1 544049d1dc4d534822b40b9f9c7529da.cloudfront.net (CloudFront)
last-modified: Wed, 15 Mar 2023 17:26:29 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P4
age: 4754
etag: W/"876c293e6c37046ecb0c11ce2e276942"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
x-amz-cf-id: wd-uvnl9EEnhNvOHUqM5S15hd55eoK6NkU3WQgWd9sjgQwhqfJ6bSg==

GET
H2 200 1619604937_fPkEZHu3MNy3GC7XuV3lA1s9E5XlSAcF.png
cdn.track.production.webgains.team/286305/ Frame AD76 15 KB
15 KB 184ms
62ms Image
image/png 18.155.129.96
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.track.production.webgains.team/286305/1619604937_fPkEZHu3MNy3GC7XuV3lA1s9E5XlSAcF.png?Expires=1689597340&Signature=oeWRXDlREm-AKEUmsX6avlJnlTedOsWdCf7SU5ca3qmtqKKLZUjumB4bcryO8CW865mM~WLmbIZz4VeUuDX4NnVbCD5ZYRmba1DZIW4iNC4~BkGZfLPf6vkLBIGYlkwJbvnMfGfrtrOxMRfnzMpF1x0yWKw6SA5ZSk~r5kEbLKZMwqhw-be~wRHa6GYRndsfOst8AFUEBHCobmYc~OiEWswHp30WS7Z69aMIgZHJSQ8gy9zJeI55iicYwZnvnWWMltcUgXk6KfhnqAAcEziPjuf4YjXH8ApDNTlntVL~qRdZfsXx7ygvI4qLvV526Pb-EZ3Ee1VtsUcNu1QuZbApYA__&Key-Pair-Id=K28VXAGA7VWE0O
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C117569%2C19769&b=eYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=DXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=300&d=250&e=&g=29831e40dbd34a8d446a8a77ce91d077%2F13709206012508334614&i=71725%2C29981%2C21630&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1689597040042&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1g9yb09d90egfdz2h7hp8hcs9w6kfa612g6hepz8vn9m7yhmv0sqqevrg7f95sv6wx01qr8zype0wpcx189ga7131zv8j55rdmxx4tffg4dw69kfqhzfzxnbs54x48kre0rjcbd9a4vm720kbyak7949m1rjp29yjc9nb186nkvyw6akbhn15nbpmjxt3phec8k2wx175hsamqp4bpsp93a2hck88a3p59xk444sny6fjt5z508jt84tbed92hc1dszjrdmjsbmc68vx15vntwajfg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCAl4FbzS1ZMPAAtSn7wLdgLbAA5DhgYRctqjCivACwI23ARABIABglYKAgJQHggEXY2EtcHViLTY0MDQwMDIzMjY1NzgwNzTIAQmpAk7MbFfT1rI-qAMByAMCqgTrAU_QaOo08QRpFpw3UNF_9jQ4AQer-DF-7fZoONYgf-Sods8SIutpWQUd_Nk3PV95FqSGys9o8hlRA0k_Ed9jHEV8U0nFhnjEKRhXcod6hI10vJCdJEIl_KrxOphQX_P6sNvMnUg01aI2SOQlp94uqu_Co9QOLZ58AZPtA0P-X8GEIDu7nf-jnqHY3YKfgoP7X0QfHo_tySqzazf_WrKJHCSv_6XDwfY45KLf1WLc7f1AogbK3cLxSUcRYRNU1lrTUxKp_nJqRmtHftx_az4gLdZpakw7OX45n93yExYnGQngAYMlboLP7xdx6TSABtyHrq-QxZTacqAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_0WwHRBdFsAOIqyrAhA0WQzS7U8AA%2526client%253Dca-pub-6404002326578074%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.155.129.96 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-155-129-96.cdg52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 60bf02832688d14251ec1c7b8acfda233a91f927f26c7202bdaba781a1f0fcdf

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-amz-version-id: null
date: Mon, 17 Jul 2023 02:28:39 GMT
via: 1.1 c812f87630e842766e842cb048d8c94e.cloudfront.net (CloudFront)
last-modified: Fri, 06 May 2022 10:41:35 GMT
server: AmazonS3
x-amz-cf-pop: CDG52-P4
age: 36136
etag: "d4e8f970f24f6d19b53aa92b1907c1ef"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 15054
x-amz-cf-id: 1d4JDSQItNBHSAmNM0HtH8wf29mgzUttcdUNaKKyedc4DY9wclBzNw==

GET
H2 200 link.html
track.webgains.com/ Frame B391 48 KB
49 KB 129ms
129ms Image
image/gif 18.169.161.72
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track.webgains.com/link.html?wgdedup=1&wgcampaignid=1384975&viewref=oneidrWbTQf9f3XBdaAH7HjtqtBXVaYS8TgJka1JYMoneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&wglinkid=2194035
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=183975%2C175059%2C499334&b=rWbTQf9f3XBdaAH7HjtqtBXVaYS8TgJka1JYM%2CQMGH4fjfP2BJaxH5HYtGtbMzjF6S4TG6dTRB7b%2CXJ5UzfrfqKQWS6H4HetqtYx6SQSkT5VeSXZDe&f=P6AhBfbfbJMRC9HjHbtgCP6ASJS9TDpQcjqdY%2C24zt6fqfj2RWSVHWHktwC2JgGHxS7TgQXaEK68%2CeYdU3fVfxr47ajHZHet2CZeJhwSQTKrACYXpb&c=300&d=250&e=&g=ac4c379941008ad21a95a81ea8bf70a7%2F6485158474764828640&i=20597%2C65915%2C28103&j=21%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1689597040059&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1g8p0wsns7rwn6vdzyj4jwzqe0g1esxv36hwdghs1z2k5t4r5pdepda1v55f4hj1k0v5jhzj3f3qpp5nskn0gx1q8ryywm93y1vjgyvhjrqfgqbjje5x7ptnnznfxjk9zj3et269ktrj1qnjr4z47p670e0g4pgt5t0gpjbpxdqyd8hzvb8sg1bmjdk1mh9c4d1bzw6wv6qw02wzvfh3h9n37kt3hcs1aa1r22w83d7y6vc3xgvgnckqasq6008sfv86g2n60w3qtjxp51ech99k0c%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCtC2mbzS1ZJ7EAoKQ5LcPk7uukA-Q4YGEXLaoworwAsCNtwEQASAAYJWCgICUB4IBF2NhLXB1Yi02NDA0MDAyMzI2NTc4MDc0yAEJqQKyeu4-Vd2yPqgDAcgDAqoE6wFP0BcA8N62bD4AQwm161b12CPyFrF89kWujkq-EejcL9MQ_HJHc3b64P6CN4yUaTnUlpoJ2y-KAVd7FJunT03MzT5Ci5k45O7OFDRnGDQiY7jokGvT82jNY9KNzbeZPOmi1cJ7jBkDsfiEW_JizSbmlb6VC0FjRjPbxoJeOoGgDkjXonImYWkdnJe7p1os8GLtNZ_dgF4nhWlyUzLe8BQ83-rat6Y4fBnsPYwJHyXYiU-DCK_IWOTrbGbK4V7YUPRDRxLVYyLW24riCSlGSOariG2dBxmGL2NZlO60MOtkmcB88kkBxsdAxZoIgAbch66vkMWU2nKgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3oYIUeLgvqwWs34VVQ3HmsgFA1fg%2526client%253Dca-pub-6404002326578074%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.169.161.72 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-169-161-72.eu-west-2.compute.amazonaws.com
Software: nginx / PHP/7.4.26
Resource Hash: e634cdea6fc8a42921753f7da1799c4719b763400d8891a778bdcc519e43c919

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 17 Jul 2023 12:30:40 GMT
last-modified: Mon, 17 Jul 2023 12:30:40 GMT
server: nginx
x-powered-by: PHP/7.4.26
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: private, max-age=60
access-control-allow-headers: Authorization
expires: Mon, 17 Jul 2023 12:31:40 GMT

POST
H2 200 tracking-event Show response
api.webgains.io/ Frame B391 16 B
209 B 100ms
99ms Fetch
application/json 3.10.237.144
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.webgains.io/tracking-event

Requested by

Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.10.237.144 London, United Kingdom, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-10-237-144.eu-west-2.compute.amazonaws.com

Software

nginx / PHP/8.1.14

Resource Hash

c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 17 Jul 2023 12:30:42 GMT
x-content-type-options: nosniff
server: nginx
x-powered-by: PHP/8.1.14
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, private
x-xss-protection: 1; mode=block

OPTIONS
H2 204 tracking-event
api.webgains.io/ Frame 0
0 187ms
51ms Preflight 3.10.237.144
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.webgains.io/tracking-event
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.10.237.144 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-10-237-144.eu-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://as.ad4m.at
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-headers: Authorization, Content-Type
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: *
date: Mon, 17 Jul 2023 12:30:42 GMT
server: nginx

POST
H2 200 tracking-event Show response
api.webgains.io/ Frame B391 16 B
209 B 95ms
94ms Fetch
application/json 3.10.237.144
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.webgains.io/tracking-event

Requested by

Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.10.237.144 London, United Kingdom, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-10-237-144.eu-west-2.compute.amazonaws.com

Software

nginx / PHP/8.1.14

Resource Hash

c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 17 Jul 2023 12:30:42 GMT
x-content-type-options: nosniff
server: nginx
x-powered-by: PHP/8.1.14
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, private
x-xss-protection: 1; mode=block

OPTIONS
H2 204 tracking-event
api.webgains.io/ Frame 0
0 165ms
52ms Preflight 3.10.237.144
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.webgains.io/tracking-event
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.10.237.144 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-10-237-144.eu-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://as.ad4m.at
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-headers: Authorization, Content-Type
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: *
date: Mon, 17 Jul 2023 12:30:42 GMT
server: nginx

POST
H2 200 tracking-event Show response
api.webgains.io/ Frame AD76 16 B
209 B 90ms
88ms Fetch
application/json 3.10.237.144
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.webgains.io/tracking-event

Requested by

Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.10.237.144 London, United Kingdom, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-10-237-144.eu-west-2.compute.amazonaws.com

Software

nginx / PHP/8.1.14

Resource Hash

c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 17 Jul 2023 12:30:42 GMT
x-content-type-options: nosniff
server: nginx
x-powered-by: PHP/8.1.14
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, private
x-xss-protection: 1; mode=block

OPTIONS
H2 204 tracking-event
api.webgains.io/ Frame 0
0 136ms
51ms Preflight 3.10.237.144
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.webgains.io/tracking-event
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.10.237.144 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-10-237-144.eu-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://as.ad4m.at
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-headers: Authorization, Content-Type
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: *
date: Mon, 17 Jul 2023 12:30:42 GMT
server: nginx

POST
H2 200 tracking-event Show response
api.webgains.io/ Frame B391 16 B
209 B 93ms
91ms Fetch
application/json 3.10.237.144
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.webgains.io/tracking-event

Requested by

Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.10.237.144 London, United Kingdom, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-10-237-144.eu-west-2.compute.amazonaws.com

Software

nginx / PHP/8.1.14

Resource Hash

c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 17 Jul 2023 12:30:42 GMT
x-content-type-options: nosniff
server: nginx
x-powered-by: PHP/8.1.14
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, private
x-xss-protection: 1; mode=block

OPTIONS
H2 204 tracking-event
api.webgains.io/ Frame 0
0 132ms
50ms Preflight 3.10.237.144
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.webgains.io/tracking-event
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.10.237.144 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-10-237-144.eu-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://as.ad4m.at
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-headers: Authorization, Content-Type
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: *
date: Mon, 17 Jul 2023 12:30:42 GMT
server: nginx

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.allosponsor.com
URL: https://www.allosponsor.com/cgi-bin/iframe_sponsor.eur?num_site_aff=88661&type=1&popinto=1&s=1

Domain: www.rapidoweb.free.fr
URL: https://www.rapidoweb.free.fr/images/topliens.gif

Verdicts & Comments Add Verdict or Comment

64 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

20 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.grandturf.net/	1970-01-20 22:55:57	Name: _ga Value: GA1.2.529683509.1689597039
.grandturf.net/	1970-01-20 13:21:23	Name: _gid Value: GA1.2.1956226854.1689597039
.grandturf.net/	1970-01-20 13:19:57	Name: _gat Value: 1
.grandturf.net/	1970-01-20 22:41:33	Name: __gads Value: ID=d1b54429c92bf3cb-22a34575bfe2003b:T=1689597038:RT=1689597038:S=ALNI_MZlOip74wUMgXe4FQjyC6Fvq79R8g
.grandturf.net/	1970-01-20 22:41:33	Name: __gpi Value: UID=00000c3ea038b574:T=1689597038:RT=1689597038:S=ALNI_MYAnMNf1027TZajQClj_Api4V3djg
.grandturf.net/	1970-01-20 22:55:57	Name: _ga_PMEZ0XHEC4 Value: GS1.2.1689597039.1.0.1689597039.0.0.0
.doubleclick.net/	1970-01-20 22:41:33	Name: IDE Value: AHWqTUk3ATIbpEBnv_2-NvAGes5-5kfMie3-Jpp4F4s2PPW7C1hNRCZD3kB7pQgmNnc
.adform.net/	1970-01-20 14:04:35	Name: C Value: 1
.ctnsnet.com/	1970-01-20 22:05:33	Name: cid_a0a55b0ed43d4e7fa9f3c6bfebc09248 Value: 1
.ctnsnet.com/	1970-01-20 22:05:33	Name: gid_CAESEB3tBtmWAnXD05gUFYy9Skw Value: 1
.adform.net/	1970-01-20 14:46:21	Name: uid Value: 6331627725174061349
.quantserve.com/	1970-01-20 15:29:33	Name: d Value: EA8BCQG-KYEA
.quantserve.com/	1970-01-20 22:50:11	Name: mc Value: 64b5346f-dc0fd-c8342-d9812
.everesttech.net/	1970-01-20 22:05:33	Name: everest_g_v2 Value: g_surferid~ZLU0bwABgsIskwAN
.simpli.fi/	1970-01-20 22:06:59	Name: suid Value: 63FEE52A70EC4403AD3B637573EF4AD2
.mathtag.com/	1970-01-20 14:03:09	Name: mt_mop Value: 4:1689597041
.turn.com/	1970-01-20 17:39:09	Name: uid Value: 8001717178556479078
.awin1.com/	1970-01-20 13:22:49	Name: awpv14702 Value: 412871\|1689597040\|bd8cc9d0-249d-11ee-9f97-223306a13768
.awin1.com/	1970-01-20 13:22:49	Name: awpv20044 Value: 412871\|1689597040\|bd8f61e1-249d-11ee-87f6-2265f034cf4c
.awin1.com/	1969-12-31 23:59:59	Name: AWSESS Value: 415363:2904924

39 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	URL: https://www.grandturf.net/ Message: Mixed Content: The page at 'https://www.grandturf.net/' was loaded over HTTPS, but requested an insecure element 'http://www.rapidoweb.free.fr/images/topliens.gif'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://www.grandturf.net/ Message: Mixed Content: The page at 'https://www.grandturf.net/' was loaded over HTTPS, but requested an insecure element 'http://www.turfsur.com/img/logo.gif'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://www.grandturf.net/ Message: Mixed Content: The page at 'https://www.grandturf.net/' was loaded over HTTPS, but requested an insecure element 'http://gagnant-au-pmu.com/web_images/gagnant-au-pmu_90_60.gif'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://www.grandturf.net/ Message: Mixed Content: The page at 'https://www.grandturf.net/' was loaded over HTTPS, but requested an insecure element 'http://cplemaire.net/lien/logo1.gif'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://www.grandturf.net/ Message: Mixed Content: The page at 'https://www.grandturf.net/' was loaded over HTTPS, but requested an insecure element 'http://www.choixdunet.fr/media/image/logo_cdn_200.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://www.grandturf.net/ Message: Mixed Content: The page at 'https://www.grandturf.net/' was loaded over HTTPS, but requested an insecure element 'http://www.cheval2000.com/cheval2000.gif'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
network	error	URL: https://www.allosponsor.com/cgi-bin/iframe_sponsor.eur?num_site_aff=88661&type=1&popinto=1&s=1 Message: Failed to load resource: net::ERR_CONNECTION_REFUSED
network	error	URL: https://www.grandturf.net/css/color-option2.css Message: Failed to load resource: the server responded with a status of 404 ()
security	warning	URL: https://www.grandturf.net/(Line 630) Message: Mixed Content: The page at 'https://www.grandturf.net/' was loaded over HTTPS, but requested an insecure element 'http://www.rapidoweb.free.fr/images/topliens.gif'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://www.grandturf.net/(Line 630) Message: Mixed Content: The page at 'https://www.grandturf.net/' was loaded over HTTPS, but requested an insecure element 'http://www.turfsur.com/img/logo.gif'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://www.grandturf.net/(Line 630) Message: Mixed Content: The page at 'https://www.grandturf.net/' was loaded over HTTPS, but requested an insecure element 'http://gagnant-au-pmu.com/web_images/gagnant-au-pmu_90_60.gif'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://www.grandturf.net/(Line 630) Message: Mixed Content: The page at 'https://www.grandturf.net/' was loaded over HTTPS, but requested an insecure element 'http://cplemaire.net/lien/logo1.gif'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://www.grandturf.net/(Line 630) Message: Mixed Content: The page at 'https://www.grandturf.net/' was loaded over HTTPS, but requested an insecure element 'http://www.choixdunet.fr/media/image/logo_cdn_200.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://www.grandturf.net/(Line 630) Message: Mixed Content: The page at 'https://www.grandturf.net/' was loaded over HTTPS, but requested an insecure element 'http://www.cheval2000.com/cheval2000.gif'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
network	error	URL: https://www.choixdunet.fr/media/image/logo_cdn_200.jpg Message: Failed to load resource: the server responded with a status of 404 (Not Found)
security	error	URL: https://as.ad4m.at/ad/dr?ed=1jpz36y62n8twzxrsqbd5x96wbnysx9kp039q4p8eyghq6fks1qq0ty2edc8d536zere64dmn85mdzh38fbhea05knec19xyhbd3adbcjdt195f4tjskd5t3kqakm10fc1zj27df34atns6hq56vbhwf6es4y5p6y8y40df1eswzkygbmbey3np3zhc9yyac3zx4s01k28ba21tpaj8d8dwqdhgc5stanpfv1tgwnb3jqptb1r45ghny7d9ryx39xj18p5f7dev5x7ffmxp8xchtk0v8jkye70tkbv5nkg6gzb4586cftfvryb2f440ynw0dv2xrqrxj01sana6y89rtj1nbbvp4126avgyd2ek7bkhkwm2yrjyzbg76zvrdprtzgexv0h2w4xefqrc0h51gq58g2svdqkdr9a3q0rc4y40jvsqxqbfyqa2yrqmyha0w2zvnsatg&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCAl4FbzS1ZMPAAtSn7wLdgLbAA5DhgYRctqjCivACwI23ARABIABglYKAgJQHggEXY2EtcHViLTY0MDQwMDIzMjY1NzgwNzTIAQmpAk7MbFfT1rI-qAMByAMCqgTrAU_QaOo08QRpFpw3UNF_9jQ4AQer-DF-7fZoONYgf-Sods8SIutpWQUd_Nk3PV95FqSGys9o8hlRA0k_Ed9jHEV8U0nFhnjEKRhXcod6hI10vJCdJEIl_KrxOphQX_P6sNvMnUg01aI2SOQlp94uqu_Co9QOLZ58AZPtA0P-X8GEIDu7nf-jnqHY3YKfgoP7X0QfHo_tySqzazf_WrKJHCSv_6XDwfY45KLf1WLc7f1AogbK3cLxSUcRYRNU1lrTUxKp_nJqRmtHftx_az4gLdZpakw7OX45n93yExYnGQngAYMlboLP7xdx6TSABtyHrq-QxZTacqAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0WwHRBdFsAOIqyrAhA0WQzS7U8AA%26client%3Dca-pub-6404002326578074%26adurl%3D Message: Ignoring duplicate Content-Security-Policy directive 'worker-src'.
security	error	URL: https://ad4m.at/r62eglto.js Message: Ignoring duplicate Content-Security-Policy directive 'worker-src'.
security	error	URL: https://as.ad4m.at/ad/dr?ed=1hxwmrzqhr4t58x1tm5qvnf7vt2an4a49b2b059xrnrekxp26hw87eh4kskk0y6zdf9tfkrmypsxdh8c0jcrj9hf22gbdfswhv2akd0kyd4hss8w6xpesc31n58sgddv4hfpsjzd2pjaf0f973t96j0cqyk3t8y8n2hvm8yt719x7txh49m55r7wknxxz4jm8q1yr2b2snqmn3cbe3d1pzsahnwzdh84f1s1tqz3y03nz2mjsph6qcq8kxgz5sb56z4b7r5fpyrpx2ewg26xg0xe0xcq6b5cx35r4g7r1e62ktjjkf3ns5fqmg9nq9jjade7jbhd6awqckqh9gw2rpv7fdrv45haseg28gnzfz4ppwjsnhh2fgvmjsh8fspasdx692yyq7hna08hmk0mtzg50agzrgyzd4yr0rrpb3sbxmn0753vchnvpn3vgqawa7y88gjfjvm0&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCtC2mbzS1ZJ7EAoKQ5LcPk7uukA-Q4YGEXLaoworwAsCNtwEQASAAYJWCgICUB4IBF2NhLXB1Yi02NDA0MDAyMzI2NTc4MDc0yAEJqQKyeu4-Vd2yPqgDAcgDAqoE6wFP0BcA8N62bD4AQwm161b12CPyFrF89kWujkq-EejcL9MQ_HJHc3b64P6CN4yUaTnUlpoJ2y-KAVd7FJunT03MzT5Ci5k45O7OFDRnGDQiY7jokGvT82jNY9KNzbeZPOmi1cJ7jBkDsfiEW_JizSbmlb6VC0FjRjPbxoJeOoGgDkjXonImYWkdnJe7p1os8GLtNZ_dgF4nhWlyUzLe8BQ83-rat6Y4fBnsPYwJHyXYiU-DCK_IWOTrbGbK4V7YUPRDRxLVYyLW24riCSlGSOariG2dBxmGL2NZlO60MOtkmcB88kkBxsdAxZoIgAbch66vkMWU2nKgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3oYIUeLgvqwWs34VVQ3HmsgFA1fg%26client%3Dca-pub-6404002326578074%26adurl%3D Message: Ignoring duplicate Content-Security-Policy directive 'worker-src'.
security	error	URL: https://ad4m.at/r62eglto.js Message: Ignoring duplicate Content-Security-Policy directive 'worker-src'.
security	error	URL: https://ad4m.at/r62eglto.js Message: Ignoring duplicate Content-Security-Policy directive 'worker-src'.
security	error	URL: https://ad4m.at/r62eglto.js Message: Ignoring duplicate Content-Security-Policy directive 'worker-src'.
security	error	URL: https://as.ad4m.at/ad/rar?a=197862%2C117569%2C19769&b=eYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=DXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=300&d=250&e=&g=29831e40dbd34a8d446a8a77ce91d077%2F13709206012508334614&i=71725%2C29981%2C21630&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1689597040042&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1g9yb09d90egfdz2h7hp8hcs9w6kfa612g6hepz8vn9m7yhmv0sqqevrg7f95sv6wx01qr8zype0wpcx189ga7131zv8j55rdmxx4tffg4dw69kfqhzfzxnbs54x48kre0rjcbd9a4vm720kbyak7949m1rjp29yjc9nb186nkvyw6akbhn15nbpmjxt3phec8k2wx175hsamqp4bpsp93a2hck88a3p59xk444sny6fjt5z508jt84tbed92hc1dszjrdmjsbmc68vx15vntwajfg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCAl4FbzS1ZMPAAtSn7wLdgLbAA5DhgYRctqjCivACwI23ARABIABglYKAgJQHggEXY2EtcHViLTY0MDQwMDIzMjY1NzgwNzTIAQmpAk7MbFfT1rI-qAMByAMCqgTrAU_QaOo08QRpFpw3UNF_9jQ4AQer-DF-7fZoONYgf-Sods8SIutpWQUd_Nk3PV95FqSGys9o8hlRA0k_Ed9jHEV8U0nFhnjEKRhXcod6hI10vJCdJEIl_KrxOphQX_P6sNvMnUg01aI2SOQlp94uqu_Co9QOLZ58AZPtA0P-X8GEIDu7nf-jnqHY3YKfgoP7X0QfHo_tySqzazf_WrKJHCSv_6XDwfY45KLf1WLc7f1AogbK3cLxSUcRYRNU1lrTUxKp_nJqRmtHftx_az4gLdZpakw7OX45n93yExYnGQngAYMlboLP7xdx6TSABtyHrq-QxZTacqAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_0WwHRBdFsAOIqyrAhA0WQzS7U8AA%2526client%253Dca-pub-6404002326578074%2526adurl%253D&y=1&s=&z=0 Message: Ignoring duplicate Content-Security-Policy directive 'worker-src'.
security	error	URL: https://as.ad4m.at/ad/rar?a=183975%2C175059%2C499334&b=rWbTQf9f3XBdaAH7HjtqtBXVaYS8TgJka1JYM%2CQMGH4fjfP2BJaxH5HYtGtbMzjF6S4TG6dTRB7b%2CXJ5UzfrfqKQWS6H4HetqtYx6SQSkT5VeSXZDe&f=P6AhBfbfbJMRC9HjHbtgCP6ASJS9TDpQcjqdY%2C24zt6fqfj2RWSVHWHktwC2JgGHxS7TgQXaEK68%2CeYdU3fVfxr47ajHZHet2CZeJhwSQTKrACYXpb&c=300&d=250&e=&g=ac4c379941008ad21a95a81ea8bf70a7%2F6485158474764828640&i=20597%2C65915%2C28103&j=21%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1689597040059&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1g8p0wsns7rwn6vdzyj4jwzqe0g1esxv36hwdghs1z2k5t4r5pdepda1v55f4hj1k0v5jhzj3f3qpp5nskn0gx1q8ryywm93y1vjgyvhjrqfgqbjje5x7ptnnznfxjk9zj3et269ktrj1qnjr4z47p670e0g4pgt5t0gpjbpxdqyd8hzvb8sg1bmjdk1mh9c4d1bzw6wv6qw02wzvfh3h9n37kt3hcs1aa1r22w83d7y6vc3xgvgnckqasq6008sfv86g2n60w3qtjxp51ech99k0c%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCtC2mbzS1ZJ7EAoKQ5LcPk7uukA-Q4YGEXLaoworwAsCNtwEQASAAYJWCgICUB4IBF2NhLXB1Yi02NDA0MDAyMzI2NTc4MDc0yAEJqQKyeu4-Vd2yPqgDAcgDAqoE6wFP0BcA8N62bD4AQwm161b12CPyFrF89kWujkq-EejcL9MQ_HJHc3b64P6CN4yUaTnUlpoJ2y-KAVd7FJunT03MzT5Ci5k45O7OFDRnGDQiY7jokGvT82jNY9KNzbeZPOmi1cJ7jBkDsfiEW_JizSbmlb6VC0FjRjPbxoJeOoGgDkjXonImYWkdnJe7p1os8GLtNZ_dgF4nhWlyUzLe8BQ83-rat6Y4fBnsPYwJHyXYiU-DCK_IWOTrbGbK4V7YUPRDRxLVYyLW24riCSlGSOariG2dBxmGL2NZlO60MOtkmcB88kkBxsdAxZoIgAbch66vkMWU2nKgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3oYIUeLgvqwWs34VVQ3HmsgFA1fg%2526client%253Dca-pub-6404002326578074%2526adurl%253D&y=1&s=&z=0 Message: Ignoring duplicate Content-Security-Policy directive 'worker-src'.
security	error	URL: https://analytics.webgains.io/pvClk.min.js Message: Ignoring duplicate Content-Security-Policy directive 'worker-src'.
security	error	URL: https://analytics.webgains.io/pvClk.min.js Message: Ignoring duplicate Content-Security-Policy directive 'worker-src'.
security	error	URL: https://analytics.webgains.io/pvClk.min.js Message: Ignoring duplicate Content-Security-Policy directive 'worker-src'.
security	error	URL: https://analytics.webgains.io/pvClk.min.js Message: Ignoring duplicate Content-Security-Policy directive 'worker-src'.
security	error	URL: https://analytics.webgains.io/pvClk.min.js Message: Ignoring duplicate Content-Security-Policy directive 'worker-src'.
security	error	URL: https://analytics.webgains.io/pvClk.min.js Message: Ignoring duplicate Content-Security-Policy directive 'worker-src'.
security	error	URL: https://analytics.webgains.io/pvClk.min.js Message: Ignoring duplicate Content-Security-Policy directive 'worker-src'.
security	error	URL: https://analytics.webgains.io/pvClk.min.js Message: Ignoring duplicate Content-Security-Policy directive 'worker-src'.
security	error	URL: https://analytics.webgains.io/pvClk.min.js Message: Ignoring duplicate Content-Security-Policy directive 'worker-src'.
security	error	URL: https://analytics.webgains.io/pvClk.min.js Message: Ignoring duplicate Content-Security-Policy directive 'worker-src'.
security	error	URL: https://analytics.webgains.io/pvClk.min.js Message: Ignoring duplicate Content-Security-Policy directive 'worker-src'.
security	error	URL: https://analytics.webgains.io/pvClk.min.js Message: Ignoring duplicate Content-Security-Policy directive 'worker-src'.
security	error	URL: https://analytics.webgains.io/pvClk.min.js Message: Ignoring duplicate Content-Security-Policy directive 'worker-src'.
security	error	URL: https://analytics.webgains.io/pvClk.min.js Message: Ignoring duplicate Content-Security-Policy directive 'worker-src'.
security	error	URL: https://analytics.webgains.io/pvClk.min.js Message: Ignoring duplicate Content-Security-Policy directive 'worker-src'.
security	error	URL: https://analytics.webgains.io/pvClk.min.js Message: Ignoring duplicate Content-Security-Policy directive 'worker-src'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.turn.com
ad4m.at
adservice.google.com
analytics.webgains.io
api.webgains.io
as.ad4m.at
assets.ad4m.at
c1.adform.net
cdn.track.production.webgains.team
cm.g.doubleclick.net
cms.quantserve.com
cplemaire.net
dclk-match.dotomi.com
dis.criteo.com
fonts.googleapis.com
fonts.gstatic.com
gagnant-au-pmu.com
googleads.g.doubleclick.net
img.root-top.com
ius.ctnsnet.com
logo.gralon.net
meilleurduweb.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel-sync.sitescout.com
prod-rtb.ad4mat.net
r.turn.com
region1.google-analytics.com
static-de.ad4mat.net
static.gambling-affiliation.com
sync-tm.everesttech.net
sync.mathtag.com
sync.teads.tv
tpc.googlesyndication.com
track.webgains.com
um.simpli.fi
widgets.getsitecontrol.com
www.ajoutezvotresite.com
www.allosponsor.com
www.awin1.com
www.best-fr.com
www.canalturf.com
www.cheval2000.com
www.choixdunet.fr
www.classement.pro
www.gambling-affiliation.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.grandturf.net
www.meilleurduweb.com
www.rapidoweb.free.fr
www.turf-fr.com
www.turfsur.com
www.zone-turf.fr
x.bidswitch.net
www.allosponsor.com
www.rapidoweb.free.fr
104.102.35.84
104.102.45.165
142.250.186.130
151.101.66.49
173.225.100.28
178.250.7.11
18.155.129.96
18.169.161.72
18.66.147.52
18.66.97.18
185.103.141.178
185.176.40.222
185.29.132.241
193.37.145.64
194.146.226.159
2001:41d0:1008:1b95::1
2001:4860:4802:34::36
213.186.33.2
2400:52e0:1e00::1076:1
2600:1901:0:76b9::
2606:4700:20::681a:61b
2606:4700:20::681a:ad1
2606:4700:20::ac43:4a81
2606:4700:3038::6815:ea1b
2620:116:800d:21:b314:a0ef:ab7c:d546
2a00:1450:4001:811::200e
2a00:1450:4001:812::2002
2a00:1450:4001:813::2002
2a00:1450:4001:813::200a
2a00:1450:4001:81c::2003
2a00:1450:4001:82a::2001
2a00:1450:4001:82a::2004
2a00:1450:4001:82f::2002
2a00:1450:4001:830::2002
2a00:1450:4001:831::2008
2a00:7ee0:1:0:3:102:0:275
2a02:fa8:8806:13::1400
3.10.237.144
35.186.193.173
35.204.74.118
37.157.6.233
46.105.249.221
46.105.249.222
46.228.164.11
51.91.236.193
52.58.212.116
54.37.56.116
91.121.110.88
91.198.105.122
98.98.134.243
00c5621a3f56c052959f8f0591b65e893f132b49b1447fde20767966cacbfbfe
01975ad0a8a211800f8c0263e7f28f592fb4cbf904c204035d8331cc1dfd53ea
032aee61923ef53fb2b9efbb5d55f771f780e9c2fce9c076638b809a9607eee3
03b6dc57b5409764d2aa5520ff946a90da2a6b6c32b170f1f350b503cc4005ca
0730d4657116a89ac0f27b8878c74d1a074410933d6742e240d2ec1031841faa
09e1039e6ad71d4dd12ebec52bb739d192462249da709a1b27766d376f83b92c
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0ec632e6ab02d4fdd514da7f5edc74aa28c9d4c71af76f1c8b93a1fba85bcc69
0f1eb94c66f8d3f865ffb420e463dbe23de46daa480e2313ca284e42a5cf7054
16a59550e64102cf0759a1a8fad173710a7fd9116a87bba42c4baae7b2a365df
17da04daf8905189935883c68c67739ee11dd7eafcfcceb1e66ed0dd29bd6dfe
18ac7fa3a1d70cf4d007655bb62dba10ba11a91394550443499608ae8710524d
18e7a53e3b3abd7ac0242719f7f62cb56b8efe7065091585b8ad22cbc2b8c41c
1c9d28cd75f854886afe8de101404b9b8d0b5d52803910b57b6f24c8c03264e3
1fd4c882b277b1733f27be78e59f2318df771113cfc3981f4c4ad1b287238880
2020b560cf20d80970e31a53aa8869200bd0d172a6df95d15fa77af33510f011
209ab0f60c166bf286b93e888503c2c2c399d4936888a27a2b6f12e150661e9c
20b588b86dac6a605b4baefd6a9d46f2c1ac84dd78a230dfb4b962c3155096f4
225162601e3c34983338a7a8a51618c7f4b34478563be87dae04a12e636c353c
24262baafef17092927c3dafe764aaa52a2a371b83ed2249cca7e414df99fac1
25242296b18a150c54cc6be8b9400ffe472da53d8d5a975f11f2c54a585b43d8
25a7c2ff50210eab3974f5d56e1b46be0fb70c6b7db92229e9bf35137641e166
270e89af63a8fce509f53cb845165c2d2be251024d1cce7fa05f709081b12664
2754d47be946d2394bce4008332826d0491b510a2a624ae6609d042b143732d1
29fbac2ca97b945e65273877fa183aca2344ea2d0d00557cb8d896ad59fbf6ee
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2b5c6fefbc9cf825ebc533e5debfff5fb482c831e783d79198f1c1b6946fcce2
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e
30600877b16ce9344201b810c93dbafce6805b015e0db197df7bef6cbac030e0
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
31a2f7a3198bd340466079fc3e22a36d2b1447a7fd72177cc6a5bb78a08b8b18
31b4235e4b23d8f123fdfaaab04eeb50c383b2accefca3dcc37d94accbdc4851
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
3537ba09f3a62d0b6646b6455a3995112a0573d66e7767bffd4435890d26c7e7
3642c7e774562f7483d7b0de93dd1759fc6928e85eebd7e62ddae72e9d46c9cb
368daab67b1a5b2b2802edbbac79a2aa4ba992a2ebf9c67b98ad784d8004018c
404fe0a28ada73f929d978604c6538721cf12331bedfc4a484875b5dd3d322e0
40f230de2ab6aaeb1c0af22b30a4c6036ccd8dae7363ac58908993fb9b74d39f
421f1dd0dccf088fdba166a7d41b1d11b71074389b7a5ffc329c6f438a7321d1
42cfbd9f467e46a5e814dc36a10476d6c3ed4f1d6461882c4889de8d160da3cf
44e4a28b71fa99bc5d4220ec68ee2044c8c5824254b1c9d2a11add736f7ca6cd
45814f1905a66c9258f1bc70eb92be897e8835b46dee558691a54cb40064db94
4678201b0274f75c6f34a6810d09fe2e90eb9cd736c0cfd7487f1d7974569c4b
48544d39ceaebb01d8e31886a19c82330f02125740397558bb0baa16b81b8c6f
4879622d871597f08abd7431c087f31eadf30ed7a1c5f10ed6b7dfc1faea4fa4
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
48f4ae01fcfe3a8b73fc1f4d4525d607b0c4372b514b921d620abe6306d56404
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4fe2a56a3392746e72d66169a9d5c2dc2a43814f015b53f2dbd3e05c0bb85a3e
51593d54890a2170db65d631a8fd30bf336121f9ad824d1dcf409c43fc406be3
51c59f06c12f218cb47767488c058197ddf375dadc2f1f3c6dd9db977b3b8a2e
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef
54456556640a2a051e8222dc7e15f43dad3c80560b704b291bb2596d7c0be418
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
56384af3fa259fc7fe398476fed8661e25a8ab8e06ac7c96ce565e381d0b90fd
58536e2a4e234dd59ec9c003197beb1ed8d26bd6af6144345c2c811d59faf0d0
597b8d67ab1ae1248dc69b6ef66b49d95eedc1ab74ae74234d86e3668d72e58e
5a3218e68d2157c0812d1bbe9b0323bd8c08c567441e58098aad4685baefb7b5
5b429ade88142a72a78e179b524632b1b5a72e6a2f0a497f134c176167e8e3e0
5bd427917573ec01a8402c07117fa32cad36b4db84321e5859ba7225f6f94012
5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab
5dff1c5185bfe98d10fd4b80ad1e2a04d57365a09e631840dce7fd3c79d19971
60bf02832688d14251ec1c7b8acfda233a91f927f26c7202bdaba781a1f0fcdf
64f88a75df6eeef2e778f967a36f861c2005c64fb8b567a17a8f98878e351255
65ab95b0a57d4fa12ccb83a19088bfc1a593c982dc9fe6f1e7ecc1eb8ab313d0
6ba68603fc009fe9595202627c232d60bb24f8842d08013b0a1806447172ced3
6c3eb1288b2e86b9eb3b6e4e8c55e7e5db5ce79f54e20749d96a07022492b9f7
6dc80ef72dbaa654bff29bff176d8fa881b6d87b508a432a6f467cae80b9a77f
6dd89d351610fc9576fc7347a3748e4af9733c1b980512391a71909aec075c32
6ded07b6588335f989145a20162274b99144a03b569863fc257198fc4fde6314
7159839ee5a3f86251db5cc4180f9c03b5f53bdf089adf64847abdae9a9f46d3
73a60fac0d7c3733fe6d3ac9ef1d0f9d04eeb5237996cfa78624d67dd0abb408
751c09432383403a96eed0559d397ec896546a9ea75d8503fc1864af3379ff0c
770f981d80f084f2d2271a8c751756449a11b5ccae8525459f6cb1d37ab89453
7854853821360fe40e77cfa2f4ad1b210ef81b81914f4a9e8a75bfe407d7ba5b
7c7818c25a18e8a38553fcbcbc2ad0b5e964103a7d2e494f82815e3f70bf3fc5
833d1cdd964ca2261a748ca48168f394eff2cc4af48dca884f7c6fb4a277f65d
8344e743b5471cd31791eb2afe2f6481bf9f7a6a7f91daf7ae1fa30c43aa5f6d
85346c55407f0447836033dd6cb44d90accba7533ed1ab646e7c750c1b1bcc33
8b7c556ac47cd35887108e0b5ab0b353c316b33830c345d45aa96d1291b6f05f
8bb0c3082fb502c022715b1fcce44f8099b69da24b6182b1ca94a81322e2cd94
8bbc480457940a3fdd6e4e71021056f947b3eea2b84a6686aba008c3a431e9cd
8bf737e01036d9d3bc2e752dd60074375fd11368ba1f94cda57a258ae6a323b2
8c86d8e19630fce6d91734cec5dc887a52909d9bfa3e5e90171536238e5852a2
8eb3393fdefbb4858cfd08a16826e254db919dd0b4778e72f5bb05b329212319
93f4f2e78870a1e1da1d5891afe1215857b0ba31124e06da83de52ac24f5eaa1
97a28ae68cc81fb5c061a3e15e3311aaa39ddbbc7e3289fbf35a2c8bcd29870b
97fa4e008f0ef6cca41f8e68d3d6942a43e96a2b3769a47fb28bd5d2a1b22b80
97fadd1dad99cc3a0826e954ee02a7c035aa4902b83b9306beaf6100acaf7d2e
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9bd0ba76a6a64e852bd112aed04e200cb292cf92167b4ce097ae3bfe0e4d9a0e
9bd0c1e96f9d3b63b53ba8c355ada916479d8815034cab0aad1540c3c602d896
9c63890b7f3f2e513fa085cd7b198f9ab91721a9e8aa7180806ff4aa7b4089a4
9d0b84bc44aa63972cab1da29110bec5b7f9f11b81e66a7a8023a5b3d5efcfb1
9d7eab005f4e31417ef805f0cd01dc89230f75177e88c427c20b6cbb39204cd0
9fecbc2782fbfcd8dde271c8351a18cbbb38d216ce41293bcbcba317ac4ce5a8
a04173e5b26f8bf3091453a6595922820c45b7db9d0891b54a6eef7f50f2cfab
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a1c21ce15fa88bb9908e133f0698132c766caeec2c4dda4ca7c0adf09f933e9a
a2b9eefee68fa18c6be3c3bbe11d769b5affc01b84ea94c7ec68ae4ffacd858a
a36be1d1a71228a22884834595ab431e10c1384b4cdbbf600c45c76c0289e151
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a8aedce5ce280bf3c1e99fa9b36cb226e62cd39cf77c1f0c5660a6cab7bdece3
ab7a06cdce34d5913c5b3db7a1570e87f6b59ec8fd29780e06ec8f6bc45a3055
af7a66542220ecfb2b8fa0286b60ffa95c1c8047df094654a90e1ff75f848ef5
b18b6fdefec474ff891e9244d50d189eeb40fcaad7720ec6953f51b407ed5a7f
b193abbbbf9d9deb34b76472a6009d6a615321e6f1a9a8f750584c2663612231
b72dda235b143194413283de53498a1e9c2cc2142558b6fe8b80f6ac551520c2
b892c6d9e157522789e1d17b0f6906f0caad804432f16290b094c4a2de43b8a4
b96a472a5b9f0564ae6910712794a463bb6d4b88b37270f084d0f3b80fd0dd81
ba4a0c91bdda0c6f615970c6c39dbe9e47f84613f5460c2b21bf5d1eec6277a3
bc155d5be919d0f7e5f20d8eb80dec6949a9aecf325971848c7375a6df179805
bcfc5ff664aefd9655eeed25e79426054df2ec19afe1fdb3936f560a74e21efa
bf47bc03c1c1ff93c041eb5a34e4c9471e4e64e0e0c672599f996fc7a972b119
bf576e9c26b9695deab4cf5e9e3c98a11827c53a1c84c8f2c429fcbd9eb7f477
bf9687b17cd209ce5915274a723855aa6d99a0f8a4e2f80786418f024ad74bca
c17e8678de2985b844159f5e42ffe4ad92e0b84e5aaa23bb12a558fb6e83a8aa
c1d0750b8b8eb37d85e4426f4c03be533467406d3f1deaf9b2fe0e2f38c2f770
c2a18a74f4d3abcc47f7f7bd6b3c5914be3ded2a29e50ef428f4f619d4b48d14
c2ae6a18b973d0fbd53cd575408e3720cec1b94418b180ab6b83a82611eb1906
c3222903b284496abdef15963fa04202511e222f17463bcd9d756e26e1effa08
c64bb7423772cf882de13effd5a01bfe77864ac60c217fb020d9da4486ed5a75
c6dbf07f81c3ff950a255dd738d854df5b43f72eb0b07ad5e95c3ed8ebc2325c
c7b51b192c60e9a6a8b9187ef89ac37f6ab24ab65719f552f93e133421eab391
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
cbfbb0f0416e4a3c39f84f96a6423fe59d94baf83530dc6ab202d535de5c9564
cf624f7aafb862c1b27b7ee25eabf4b30bc1a1988c46c5c08116bd7f6033cb1c
cf79ca07357134736bcd7e7d5182eaa509577ff4fea70d1b6fe0c418384f54bd
d618d4869738e0dc22360f0ec0cbb6433257843f24723fac240dda0906685238
d764a47f3253e810636677ffbb7657b000b5cb3e13358b3f18b51712d706c444
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
df582ea9cfb2d41ecb074551a3d8787cb66f63a076b41b16cecb30c81411b5e5
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e569c5845cd53e6362ca2400126373379989ea0bd9431fdc51dde95686295c65
e584e05707bfaeefdcaab16c32e9ad2e810e979e84eda8081f150c32e4e14a81
e634cdea6fc8a42921753f7da1799c4719b763400d8891a778bdcc519e43c919
e944aa2add7d89134400d6d51b9b0954ad0e988edd934eccff8907ab90e1c853
ec159e0fe7edb7af30169b929c9c9302707beb70463ac14d7d806bdc58585066
f0d9db5390161cf9f92b3e3477facd030c03d3c2e9bb04114256e19e65d4fbb6
fd11626f81716f4102bc68392b7e1c2d065bb58012e2d19931d00e7ac3f0cf73
fd226b7c8b3e1ee6bcc7df8418312300cfe62dca99c238040cc514a0098d79a5
fe9181adaf44a80f1b82c9f92d2fe6d172fbafb643041411fdc23a8372142c7a

www.grandturf.net Open in urlscan Pro 185.176.40.222 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

246 Requests

93 %HTTPS

42 %IPv6

46 Domains

57 Subdomains

46 IPs

8 Countries

8484 kBTransfer

9895 kBSize

20 Cookies

50 Outgoing links

Redirected requests

246 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.grandturf.net Open in urlscan Pro
185.176.40.222 Public Scan

Screenshot
Live screenshot

Full Image

246
Requests

93 %
HTTPS

42 %
IPv6

46
Domains

57
Subdomains

46
IPs

8
Countries

8484 kB
Transfer

9895 kB
Size

20
Cookies

246 HTTP transactions
2 data transactions