www.nitrohsu.com Open in urlscan Pro
82.156.12.180 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://nitrohsu.com/
Effective URL:
https://www.nitrohsu.com/
Submission Tags: phishingrod
Submission: On February 26 via api (February 26th 2024, 2:10:01 pm UTC) from DE — Scanned from DE

Summary HTTP 36 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 14 IPs in 4 countries across 9 domains to perform 36 HTTP transactions. The main IP is 82.156.12.180, located in China and belongs to TENCENT-NET-AP Shenzhen Tencent Computer Systems Company Limited, CN. The main domain is www.nitrohsu.com.
TLS certificate: Issued by R3 on February 26th 2024. Valid for: 3 months.

This is the only time www.nitrohsu.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 6	82.156.12.180 82.156.12.180	45090 (TENCENT-N...) (TENCENT-NET-AP Shenzhen Tencent Computer Systems Company Limited)
1	2a00:1450:400... 2a00:1450:4001:812::2008	15169 (GOOGLE) (GOOGLE)
16	2a00:1450:400... 2a00:1450:4001:81c::2002	15169 (GOOGLE) (GOOGLE)
1	2a04:4e42:400... 2a04:4e42:400::649	54113 (FASTLY) (FASTLY)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c00::9a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:806::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80b::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80b::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:830::2003	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:811::2001	15169 (GOOGLE) (GOOGLE)
36	14

6 82.156.12.180 (China) 1 redirects

ASN45090 (TENCENT-NET-AP Shenzhen Tencent Computer Systems Company Limited, CN)

nitrohsu.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.nitrohsu.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2a00:1450:4001:81c::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:400::649 (United States)

ASN54113 (FASTLY, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

mts0.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:811::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
19	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 106 tpc.googlesyndication.com — Cisco Umbrella Rank: 161	446 KB
6	nitrohsu.com 1 redirects nitrohsu.com www.nitrohsu.com	88 KB
3	gstatic.com www.gstatic.com fonts.gstatic.com	47 KB
3	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 85 googleads.g.doubleclick.net — Cisco Umbrella Rank: 35	9 KB
2	google.com region1.analytics.google.com — Cisco Umbrella Rank: 2663 mts0.google.com — Cisco Umbrella Rank: 4198	255 B
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 32	1 KB
1	google.de www.google.de — Cisco Umbrella Rank: 6553	408 B
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 729	30 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 40	89 KB
36	9

	Domain	Requested by
16	pagead2.googlesyndication.com	www.nitrohsu.com pagead2.googlesyndication.com tpc.googlesyndication.com
5	www.nitrohsu.com	www.nitrohsu.com
3	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com
2	fonts.gstatic.com	fonts.googleapis.com
2	googleads.g.doubleclick.net	pagead2.googlesyndication.com
1	mts0.google.com	pagead2.googlesyndication.com
1	www.gstatic.com	pagead2.googlesyndication.com
1	fonts.googleapis.com	pagead2.googlesyndication.com
1	www.google.de	www.nitrohsu.com
1	stats.g.doubleclick.net	www.googletagmanager.com
1	region1.analytics.google.com	www.googletagmanager.com
1	code.jquery.com	www.nitrohsu.com
1	www.googletagmanager.com	www.nitrohsu.com
1	nitrohsu.com	1 redirects
36	14

This site contains links to these domains. Also see Links.

Domain
github.com
beian.miit.gov.cn

Subject Issuer	Validity	Valid
i.nitrohsu.com R3	`2024-02-26` - `2024-05-26`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2023-07-11` - `2024-07-14`	a year	crt.sh
www.google.de GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh
*.google.com GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh

This page contains 7 frames:

Primary Page: https://www.nitrohsu.com/
Frame ID: A5093BA8846F5BA5DE294748B68F6464
Requests: 16 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240221/r20190131/zrt_lookup_fy2021.html
Frame ID: AFF69A4B1AB1D2743D3A6C7BF8F9A862
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-4462632621303108&output=html&adk=1812271804&adf=3025194257&lmt=1708956597&plat=3%3A16%2C4%3A16%2C8%3A4194304%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fwww.nitrohsu.com%2F&pra=5&wgl=1&easpi=1&asro=0&aseiel=1~2~4~6~8~9~10~11~12~13~14~15~16~17&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1708956596842&bpp=9&bdt=645&idt=228&shv=r20240221&mjsv=m202402200101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5080669901691&frm=20&pv=2&ga_vid=13430897.1708956597&ga_sid=1708956597&ga_hid=357096919&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31081082%2C31081153%2C44795922%2C95325067%2C95326316%2C95322195%2C31081085%2C95321868%2C95324155%2C95324160&oid=2&pvsid=3988262354802598&tmod=1625804329&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&ifi=1&uci=a!1&fsb=1&dtd=243
Frame ID: E5FF8147F1824E69503083BE6FC103EB
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-4462632621303108&output=html&h=280&adk=1213588912&adf=2689116385&pi=t.aa~a.1596147121~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1708956597&rafmt=1&to=qs&pwprc=4711514695&format=1200x280&url=https%3A%2F%2Fwww.nitrohsu.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1708956596851&bpp=1&bdt=654&idt=241&shv=r20240221&mjsv=m202402200101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=5080669901691&frm=20&pv=1&ga_vid=13430897.1708956597&ga_sid=1708956597&ga_hid=357096919&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=570&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31081082%2C31081153%2C44795922%2C95325067%2C95326316%2C95322195%2C31081085%2C95321868%2C95324155%2C95324160&oid=2&pvsid=3988262354802598&tmod=1625804329&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&ifi=2&uci=a!2&fsb=1&dtd=243
Frame ID: 612DF2237425E69F4FB500CD1E862CEA
Requests: 16 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240221/r20110914/zrt_lookup_fy2021.html
Frame ID: A49DCDEDF1000BD43A382E3E59A456B4
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/8Tsy5hKGOkd2pZxHZ-DVXCM53v6mWtt85lweNHdJ0fc.js
Frame ID: 382483535C1401F69974552E5F83CE1A
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: E870B5D08183050D0649730D0F931E3F
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Nitro’s

Page URL History Show full URLs

https://nitrohsu.com/ HTTP 301
https://www.nitrohsu.com/ Page URL

Detected technologies

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

36
Requests

100 %
HTTPS

92 %
IPv6

9
Domains

14
Subdomains

14
IPs

4
Countries

711 kB
Transfer

1900 kB
Size

3
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://github.com/nitrohsu
Title: Github

Search URL Search Domain Scan URL

URL: https://beian.miit.gov.cn/
Title: 京ICP备16014945号-1

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://nitrohsu.com/ HTTP 301
https://www.nitrohsu.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

36 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.nitrohsu.com/
Redirect Chain

https://nitrohsu.com/
https://www.nitrohsu.com/

53 KB
18 KB

675ms
606ms

Document
text/html

82.156.12.180
TENCENT-NET-AP Sh...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.nitrohsu.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 82.156.12.180 , China, ASN45090 (TENCENT-NET-AP Shenzhen Tencent Computer Systems Company Limited, CN),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) / Express
Resource Hash: f85086236ab32bf911794300d039d83e016ae41cf61d772a04ac4b492cf710e1

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: public, max-age=0
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Mon, 26 Feb 2024 14:09:55 GMT
etag: W/"d2b4-HY0DdktcYJ/kc9M69mebwzMWFYk"
server: nginx/1.18.0 (Ubuntu)
x-powered-by: Express

Redirect headers

content-length: 178
content-type: text/html
date: Mon, 26 Feb 2024 14:09:55 GMT
location: https://www.nitrohsu.com/
server: nginx/1.18.0 (Ubuntu)

GET
H2 200 screen.css
www.nitrohsu.com/assets/built/ 33 KB
33 KB 533ms
533ms Stylesheet
text/css 82.156.12.180
TENCENT-NET-AP Sh...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.nitrohsu.com/assets/built/screen.css?v=32e4a3871a
Requested by: Host: www.nitrohsu.com
URL: https://www.nitrohsu.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 82.156.12.180 , China, ASN45090 (TENCENT-NET-AP Shenzhen Tencent Computer Systems Company Limited, CN),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) / Express
Resource Hash: 81e86c776615fa4acc3ee545fd29aa977eb9488b808c11aef0cd2702681b3ae5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nitrohsu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Mon, 26 Feb 2024 14:09:56 GMT
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
server: nginx/1.18.0 (Ubuntu)
x-powered-by: Express
etag: W/"837c-7438674ba0"
content-type: text/css; charset=UTF-8
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 33660

GET
H2 200 cards.min.js Show response
www.nitrohsu.com/public/ 7 KB
7 KB 532ms
532ms Script
application/javascript 82.156.12.180
TENCENT-NET-AP Sh...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.nitrohsu.com/public/cards.min.js?v=32e4a3871a
Requested by: Host: www.nitrohsu.com
URL: https://www.nitrohsu.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 82.156.12.180 , China, ASN45090 (TENCENT-NET-AP Shenzhen Tencent Computer Systems Company Limited, CN),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) / Express
Resource Hash: 7b1adc0636586712a85c1e426ec943c01638115eb6bcd58f593fd0984c0c4ac0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nitrohsu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Mon, 26 Feb 2024 14:09:56 GMT
cache-control: public, max-age=31536000
server: nginx/1.18.0 (Ubuntu)
x-powered-by: Express
content-length: 7400
etag: "9e5964261251e02cc1d6dfb44e28481f"
content-type: application/javascript

GET
H2 200 cards.min.css
www.nitrohsu.com/public/ 25 KB
26 KB 272ms
271ms Stylesheet
text/css 82.156.12.180
TENCENT-NET-AP Sh...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.nitrohsu.com/public/cards.min.css?v=32e4a3871a
Requested by: Host: www.nitrohsu.com
URL: https://www.nitrohsu.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 82.156.12.180 , China, ASN45090 (TENCENT-NET-AP Shenzhen Tencent Computer Systems Company Limited, CN),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) / Express
Resource Hash: c999512e6410949c727b70e0afca6edc42b2d34936cd9afbb1b600fb3f5c54cb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nitrohsu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Mon, 26 Feb 2024 14:09:56 GMT
cache-control: public, max-age=31536000
server: nginx/1.18.0 (Ubuntu)
x-powered-by: Express
content-length: 26089
etag: "b9318467f6388557fe2bae29d33a119e"
content-type: text/css

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 259 KB
89 KB 50ms
27ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-134Y62YWDJ

Requested by

Host: www.nitrohsu.com
URL: https://www.nitrohsu.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a09f8bdd2709cff4842cf73afcaadb9945edb16276e1589cbf8626839770ba7b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nitrohsu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Mon, 26 Feb 2024 14:09:56 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 90528
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 26 Feb 2024 14:09:56 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 151 KB
51 KB 80ms
57ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4462632621303108

Requested by

Host: www.nitrohsu.com
URL: https://www.nitrohsu.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

407812cde501f583bdaaf77445c27e8e767d22cc14bdcc2b83edf488afebfbbe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.nitrohsu.com/
Origin: https://www.nitrohsu.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Mon, 26 Feb 2024 14:09:56 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51438
x-xss-protection: 0
server: cafe
etag: 4344385760243408894
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires: Mon, 26 Feb 2024 14:09:56 GMT

GET
H2 200 jquery-3.5.1.min.js Show response
code.jquery.com/ 87 KB
30 KB 44ms
12ms Script
application/javascript 2a04:4e42:400::649
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.5.1.min.js
Requested by: Host: www.nitrohsu.com
URL: https://www.nitrohsu.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:400::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Request headers

Referer: https://www.nitrohsu.com/
Origin: https://www.nitrohsu.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Mon, 26 Feb 2024 14:09:56 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
age: 10501908
x-cache: HIT, HIT
content-length: 30879
x-served-by: cache-lga13628-LGA, cache-fra-eddf8230109-FRA
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
server: nginx
x-timer: S1708956596.232593,VS0,VE0
etag: W/"28feccc0-15d84"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=604800
accept-ranges: bytes
x-cache-hits: 31, 1283532

GET
H2 200 casper.js Show response
www.nitrohsu.com/assets/built/ 3 KB
3 KB 534ms
533ms Script
application/javascript 82.156.12.180
TENCENT-NET-AP Sh...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.nitrohsu.com/assets/built/casper.js?v=32e4a3871a
Requested by: Host: www.nitrohsu.com
URL: https://www.nitrohsu.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 82.156.12.180 , China, ASN45090 (TENCENT-NET-AP Shenzhen Tencent Computer Systems Company Limited, CN),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) / Express
Resource Hash: 7d84a602ad6c5d43d9ee47fbd3da0b8046b9f0d90ceb4badf953502699dbd748

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nitrohsu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Mon, 26 Feb 2024 14:09:56 GMT
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
server: nginx/1.18.0 (Ubuntu)
x-powered-by: Express
etag: W/"b32-7438674ba0"
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 2866

POST
H2 204 collect
region1.analytics.google.com/g/ 0
255 B 72ms
14ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-134Y62YWDJ&gtm=45je42l0v885211663za220&_p=1708956596735&_gaz=1&gcd=13l3l3l3l1&npa=0&dma_cps=sypham&dma=1&cid=13430897.1708956597&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_s=1&sid=1708956596&sct=1&seg=0&dl=https%3A%2F%2Fwww.nitrohsu.com%2F&dt=Nitro%E2%80%99s&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=2756
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-134Y62YWDJ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nitrohsu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Feb 2024 14:09:56 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.nitrohsu.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
255 B 82ms
20ms Ping
text/plain 2a00:1450:400c:c00::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-134Y62YWDJ&cid=13430897.1708956597&gtm=45je42l0v885211663za220&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l3l1&npa=0
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-134Y62YWDJ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c00::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nitrohsu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Feb 2024 14:09:56 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.nitrohsu.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 100ms
43ms Image
image/gif 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-134Y62YWDJ&cid=13430897.1708956597&gtm=45je42l0v885211663za220&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l3l1&npa=0&z=2069265904

Requested by

Host: www.nitrohsu.com
URL: https://www.nitrohsu.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nitrohsu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Feb 2024 14:09:56 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402200101/ 408 KB
138 KB 129ms
82ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402200101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4462632621303108&plah=www.nitrohsu.com&aplac=true

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4462632621303108

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c3a0f71d2998da7a682f608618012c0f213d61ae0f8a6211ddc005ffaec2baa7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nitrohsu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Mon, 26 Feb 2024 14:09:56 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 141575
x-xss-protection: 0
server: cafe
etag: 328020331777741282
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 26 Feb 2024 14:09:56 GMT

GET
H2 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240221/r20190131/ Frame AFF6 9 KB
5 KB 47ms
8ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240221/r20190131/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4462632621303108

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ba2c2b2479cc7044e4af1a0123ec24531e8ad57aa91d4d5655405a148271589

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.nitrohsu.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 66470
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4209
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 25 Feb 2024 19:42:06 GMT
etag: 3890843268177463596
expires: Sun, 10 Mar 2024 19:42:06 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
pagead2.googlesyndication.com/pagead/ Frame E5FF 74 KB
17 KB 422ms
422ms Document
text/html 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-4462632621303108&output=html&adk=1812271804&adf=3025194257&lmt=1708956597&plat=3%3A16%2C4%3A16%2C8%3A4194304%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fwww.nitrohsu.com%2F&pra=5&wgl=1&easpi=1&asro=0&aseiel=1~2~4~6~8~9~10~11~12~13~14~15~16~17&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1708956596842&bpp=9&bdt=645&idt=228&shv=r20240221&mjsv=m202402200101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5080669901691&frm=20&pv=2&ga_vid=13430897.1708956597&ga_sid=1708956597&ga_hid=357096919&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31081082%2C31081153%2C44795922%2C95325067%2C95326316%2C95322195%2C31081085%2C95321868%2C95324155%2C95324160&oid=2&pvsid=3988262354802598&tmod=1625804329&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&ifi=1&uci=a!1&fsb=1&dtd=243

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402200101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4462632621303108&plah=www.nitrohsu.com&aplac=true

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1844ca49b4325010205dc12f7fa55c11d02f025bec6a7ca4ca1474364390bde1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.nitrohsu.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 17580
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 26 Feb 2024 14:09:57 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
pagead2.googlesyndication.com/pagead/ Frame 612D 157 KB
45 KB 476ms
475ms Document
text/html 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-4462632621303108&output=html&h=280&adk=1213588912&adf=2689116385&pi=t.aa~a.1596147121~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1708956597&rafmt=1&to=qs&pwprc=4711514695&format=1200x280&url=https%3A%2F%2Fwww.nitrohsu.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1708956596851&bpp=1&bdt=654&idt=241&shv=r20240221&mjsv=m202402200101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=5080669901691&frm=20&pv=1&ga_vid=13430897.1708956597&ga_sid=1708956597&ga_hid=357096919&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=570&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31081082%2C31081153%2C44795922%2C95325067%2C95326316%2C95322195%2C31081085%2C95321868%2C95324155%2C95324160&oid=2&pvsid=3988262354802598&tmod=1625804329&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&ifi=2&uci=a!2&fsb=1&dtd=243

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2d94f29f1542bc9634bd6dfff533762439475beb061a7ec6bb2a16e20da43a8c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.nitrohsu.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 46495
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 26 Feb 2024 14:09:57 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402200101/ 166 KB
56 KB 62ms
62ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402200101/reactive_library_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1997dda7753c23ff8af42d56d44d0bd643457d94b9fe23a3935a677e0f3be409

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nitrohsu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Mon, 26 Feb 2024 14:09:57 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57364
x-xss-protection: 0
server: cafe
etag: 5686982821713906629
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Mon, 26 Feb 2024 14:09:57 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 612D 4 KB
1 KB 49ms
23ms Stylesheet
text/css 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A400%2C500%2C600

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-4462632621303108&output=html&h=280&adk=1213588912&adf=2689116385&pi=t.aa~a.1596147121~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1708956597&rafmt=1&to=qs&pwprc=4711514695&format=1200x280&url=https%3A%2F%2Fwww.nitrohsu.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1708956596851&bpp=1&bdt=654&idt=241&shv=r20240221&mjsv=m202402200101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=5080669901691&frm=20&pv=1&ga_vid=13430897.1708956597&ga_sid=1708956597&ga_hid=357096919&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=570&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31081082%2C31081153%2C44795922%2C95325067%2C95326316%2C95322195%2C31081085%2C95321868%2C95324155%2C95324160&oid=2&pvsid=3988262354802598&tmod=1625804329&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&ifi=2&uci=a!2&fsb=1&dtd=243

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8753541a3a44842cd815d81c4f8c589e0a0d763112d622f3088cd6f064e825fd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 26 Feb 2024 14:09:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 26 Feb 2024 13:08:52 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 26 Feb 2024 14:09:57 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20240221/r20110914/client/ Frame 612D 2 KB
822 B 11ms
11ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240221/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-4462632621303108&output=html&h=280&adk=1213588912&adf=2689116385&pi=t.aa~a.1596147121~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1708956597&rafmt=1&to=qs&pwprc=4711514695&format=1200x280&url=https%3A%2F%2Fwww.nitrohsu.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1708956596851&bpp=1&bdt=654&idt=241&shv=r20240221&mjsv=m202402200101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=5080669901691&frm=20&pv=1&ga_vid=13430897.1708956597&ga_sid=1708956597&ga_hid=357096919&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=570&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31081082%2C31081153%2C44795922%2C95325067%2C95326316%2C95322195%2C31081085%2C95321868%2C95324155%2C95324160&oid=2&pvsid=3988262354802598&tmod=1625804329&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&ifi=2&uci=a!2&fsb=1&dtd=243
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Sun, 25 Feb 2024 23:21:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 53335
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 10 Mar 2024 23:21:02 GMT

GET
H3 200 abg_lite_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20240221/r20110914/ Frame 612D 23 KB
9 KB 24ms
23ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240221/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ec1d799ea15ca9389d9dcd1f5d5c9698d612204464a24020099137878484a168

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-4462632621303108&output=html&h=280&adk=1213588912&adf=2689116385&pi=t.aa~a.1596147121~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1708956597&rafmt=1&to=qs&pwprc=4711514695&format=1200x280&url=https%3A%2F%2Fwww.nitrohsu.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1708956596851&bpp=1&bdt=654&idt=241&shv=r20240221&mjsv=m202402200101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=5080669901691&frm=20&pv=1&ga_vid=13430897.1708956597&ga_sid=1708956597&ga_hid=357096919&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=570&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31081082%2C31081153%2C44795922%2C95325067%2C95326316%2C95322195%2C31081085%2C95321868%2C95324155%2C95324160&oid=2&pvsid=3988262354802598&tmod=1625804329&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&ifi=2&uci=a!2&fsb=1&dtd=243
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Mon, 26 Feb 2024 10:39:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 12602
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8988
x-xss-protection: 0
server: cafe
etag: 12564770436581814922
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 11 Mar 2024 10:39:55 GMT

GET
H3 200 window_focus_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20240221/r20110914/client/ Frame 612D 3 KB
1 KB 23ms
21ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240221/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-4462632621303108&output=html&h=280&adk=1213588912&adf=2689116385&pi=t.aa~a.1596147121~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1708956597&rafmt=1&to=qs&pwprc=4711514695&format=1200x280&url=https%3A%2F%2Fwww.nitrohsu.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1708956596851&bpp=1&bdt=654&idt=241&shv=r20240221&mjsv=m202402200101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=5080669901691&frm=20&pv=1&ga_vid=13430897.1708956597&ga_sid=1708956597&ga_hid=357096919&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=570&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31081082%2C31081153%2C44795922%2C95325067%2C95326316%2C95322195%2C31081085%2C95321868%2C95324155%2C95324160&oid=2&pvsid=3988262354802598&tmod=1625804329&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&ifi=2&uci=a!2&fsb=1&dtd=243
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Mon, 26 Feb 2024 10:39:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 12602
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 11 Mar 2024 10:39:55 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20240221/r20110914/client/ Frame 612D 20 KB
8 KB 17ms
16ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240221/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e7afde571c53d192943a40b3b7f109e698bb47e6d6424bc7d1f53a7cb9466360

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-4462632621303108&output=html&h=280&adk=1213588912&adf=2689116385&pi=t.aa~a.1596147121~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1708956597&rafmt=1&to=qs&pwprc=4711514695&format=1200x280&url=https%3A%2F%2Fwww.nitrohsu.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1708956596851&bpp=1&bdt=654&idt=241&shv=r20240221&mjsv=m202402200101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=5080669901691&frm=20&pv=1&ga_vid=13430897.1708956597&ga_sid=1708956597&ga_hid=357096919&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=570&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31081082%2C31081153%2C44795922%2C95325067%2C95326316%2C95322195%2C31081085%2C95321868%2C95324155%2C95324160&oid=2&pvsid=3988262354802598&tmod=1625804329&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&ifi=2&uci=a!2&fsb=1&dtd=243
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Sun, 25 Feb 2024 23:21:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 53336
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8211
x-xss-protection: 0
server: cafe
etag: 3968847549730513390
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 10 Mar 2024 23:21:01 GMT

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 612D 204 KB
61 KB 18ms
16ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1be58ac66106f8f26b344b506dbca6968b96606a5bb9f89dac5678dfaf9522ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-4462632621303108&output=html&h=280&adk=1213588912&adf=2689116385&pi=t.aa~a.1596147121~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1708956597&rafmt=1&to=qs&pwprc=4711514695&format=1200x280&url=https%3A%2F%2Fwww.nitrohsu.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1708956596851&bpp=1&bdt=654&idt=241&shv=r20240221&mjsv=m202402200101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=5080669901691&frm=20&pv=1&ga_vid=13430897.1708956597&ga_sid=1708956597&ga_hid=357096919&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=570&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31081082%2C31081153%2C44795922%2C95325067%2C95326316%2C95322195%2C31081085%2C95321868%2C95324155%2C95324160&oid=2&pvsid=3988262354802598&tmod=1625804329&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&ifi=2&uci=a!2&fsb=1&dtd=243
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Mon, 26 Feb 2024 13:39:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1802
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 62895
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=ISO-8859-1
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 26 Feb 2024 14:39:55 GMT

GET
H2 200 c0f9635aabdd33ab086e3930fa461563.js Show response
www.gstatic.com/mysidia/ Frame 612D 36 KB
15 KB 39ms
11ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/c0f9635aabdd33ab086e3930fa461563.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bd3e64a75f43409aa3141f35c5d1bd599773aec49d61aaa02522dbe6101c247

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 07:44:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 455153
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15250
x-xss-protection: 0
last-modified: Fri, 16 Feb 2024 00:22:50 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 21 May 2024 07:44:04 GMT

GET
H2 400 data=bjHVoUJJ76jVE5kFEGncGrv7t5zgvwq74ZIIfu-mGq_x1Ira7UqOL-3r9RtR9-30iDTSgcSppl02c2TNui8ScQ
mts0.google.com/vt/ Frame 612D 0
0 100ms
40ms Image
text/html 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mts0.google.com/vt/data=bjHVoUJJ76jVE5kFEGncGrv7t5zgvwq74ZIIfu-mGq_x1Ira7UqOL-3r9RtR9-30iDTSgcSppl02c2TNui8ScQ
Requested by: Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-4462632621303108&output=html&h=280&adk=1213588912&adf=2689116385&pi=t.aa~a.1596147121~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1708956597&rafmt=1&to=qs&pwprc=4711514695&format=1200x280&url=https%3A%2F%2Fwww.nitrohsu.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1708956596851&bpp=1&bdt=654&idt=241&shv=r20240221&mjsv=m202402200101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=5080669901691&frm=20&pv=1&ga_vid=13430897.1708956597&ga_sid=1708956597&ga_hid=357096919&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=570&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31081082%2C31081153%2C44795922%2C95325067%2C95326316%2C95322195%2C31081085%2C95321868%2C95324155%2C95324160&oid=2&pvsid=3988262354802598&tmod=1625804329&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&ifi=2&uci=a!2&fsb=1&dtd=243
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

GET
DATA 200
OK truncated
/ Frame 612D 717 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: acaf2138632b2993283199d983b995103ff02b5ab84871e367e5be21fa639345

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 612D 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 35c78871894bdf56d26d6b421d8768e9db82802c9cf68d2cc6007b4e7301a5e5

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 612D 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a52db3d7b66610660823ee5a8945bd702b7f9b99c26b26c9a6f77e8d3c3356c2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240221/r20110914/ Frame A49D 9 KB
4 KB 12ms
12ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240221/r20110914/zrt_lookup_fy2021.html

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ba2c2b2479cc7044e4af1a0123ec24531e8ad57aa91d4d5655405a148271589

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.nitrohsu.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 68238
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4209
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 25 Feb 2024 19:12:39 GMT
etag: 3890843268177463596
expires: Sun, 10 Mar 2024 19:12:39 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 612D 16 KB
16 KB 30ms
8ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500%2C600

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://pagead2.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 07:46:32 GMT
x-content-type-options: nosniff
age: 455005
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 20 Feb 2025 07:46:32 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 612D 15 KB
15 KB 33ms
11ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500%2C600

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://pagead2.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 07:34:45 GMT
x-content-type-options: nosniff
age: 455712
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 20 Feb 2025 07:34:45 GMT

GET
H3 200 adview
pagead2.googlesyndication.com/pagead/ Frame 612D 0
0 51ms
51ms Fetch
text/html 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/adview?ai=CTY1jtZvcZeOPCu31xtYP7KSj-ATnzq_8dcamtoGtEoiI9drWARABIPns8x1glYKggrAHoAH40PaaA8gBCakCcyB-4bonsj6oAwHIA8sEqgTvAU_QnoLqIcY5X-NvUfKdzI7G9Xdj2TRRTy4uB3PtJ2_dy0WC99JPOHUaacnz-lH0FxRqERP-ke7PsTKHQocul5vvkfgrPVtGCSk80O0u2GTkNEcmjGD_UTOyuPIY5ava8GitPfKzzvoichTLG205fFnGemgQSEmisyQXkxIysLavtqWVxZ0icqmMcSQ1-9PyWqvXB7lroTJT8OqH_OxPQ_Nkoavy1I_JE3YbkigzFW2o9Is74l1csbgi2X9yBHw1cOco234PYzlo2LA_rZG1EsC04vTcPJmhPTa-xxS_esrmxbrgQLXa889Lsi0AMXl5wATw4f3u0QSIBcTk06xOkgUECAQYAZIFBAgFGASgBi6AB_CuiWWoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAevvrECqAfVyRuoB6a-G9gHAPIHBBDkhwfSCCgIkeGAcBABGB8yBeuLgIAgOggAgICAgICUCEi9_cE6WPGOobeXyYQDmgkcaHR0cDovL3d3dy5zY2hyb3R0LWtvZWxuLmRlL4AKAcgLAbgTiATYEwrQFQGAFwGyFxwKGggAEhRwdWItNDQ2MjYzMjYyMTMwMzEwOBgA&sigh=bxbqJyKbAeQ&uach_m=%5BUACH%5D&ase=2&template_id=520&cbvp=2&vis=1&nis=5

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-4462632621303108&output=html&h=280&adk=1213588912&adf=2689116385&pi=t.aa~a.1596147121~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1708956597&rafmt=1&to=qs&pwprc=4711514695&format=1200x280&url=https%3A%2F%2Fwww.nitrohsu.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1708956596851&bpp=1&bdt=654&idt=241&shv=r20240221&mjsv=m202402200101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=5080669901691&frm=20&pv=1&ga_vid=13430897.1708956597&ga_sid=1708956597&ga_hid=357096919&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=570&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31081082%2C31081153%2C44795922%2C95325067%2C95326316%2C95322195%2C31081085%2C95321868%2C95324155%2C95324160&oid=2&pvsid=3988262354802598&tmod=1625804329&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&ifi=2&uci=a!2&fsb=1&dtd=243
Attribution-Reporting-Eligible: event-source
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 26 Feb 2024 14:09:57 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 53ms
52ms XHR
application/json 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20240221&st=env

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3443f4dadfe8711f8d726ed901d2e677f37f993ff2b68f942f1f61155ea9556c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nitrohsu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Mon, 26 Feb 2024 14:09:57 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12324
x-xss-protection: 0

GET
H3 200 8Tsy5hKGOkd2pZxHZ-DVXCM53v6mWtt85lweNHdJ0fc.js Show response
pagead2.googlesyndication.com/bg/ Frame 3824 50 KB
19 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/8Tsy5hKGOkd2pZxHZ-DVXCM53v6mWtt85lweNHdJ0fc.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f13b32e612863a4776a59c4767e0d55c2339defea65adb7ce65c1e347749d1f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-4462632621303108&output=html&h=280&adk=1213588912&adf=2689116385&pi=t.aa~a.1596147121~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1708956597&rafmt=1&to=qs&pwprc=4711514695&format=1200x280&url=https%3A%2F%2Fwww.nitrohsu.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1708956596851&bpp=1&bdt=654&idt=241&shv=r20240221&mjsv=m202402200101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=5080669901691&frm=20&pv=1&ga_vid=13430897.1708956597&ga_sid=1708956597&ga_hid=357096919&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=570&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31081082%2C31081153%2C44795922%2C95325067%2C95326316%2C95322195%2C31081085%2C95321868%2C95324155%2C95324160&oid=2&pvsid=3988262354802598&tmod=1625804329&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&ifi=2&uci=a!2&fsb=1&dtd=243
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Tue, 20 Feb 2024 14:42:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 516429
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19817
x-xss-protection: 0
last-modified: Mon, 19 Feb 2024 17:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 19 Feb 2025 14:42:48 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 59ms
32ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nitrohsu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Mon, 26 Feb 2024 14:09:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 26 Feb 2024 14:09:57 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame E870 13 KB
5 KB 17ms
17ms Document
text/html 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.nitrohsu.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 25457
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 26 Feb 2024 07:05:40 GMT
expires: Tue, 25 Feb 2025 07:05:40 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 BoEj1MRYnOy5BSN5ElbJySd6MGFyYBWT_ZtkFEIAVvM.js Show response
pagead2.googlesyndication.com/bg/ Frame E870 39 KB
15 KB 11ms
10ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/BoEj1MRYnOy5BSN5ElbJySd6MGFyYBWT_ZtkFEIAVvM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

068123d4c4589cecb90523791256c9c9277a306172601593fd9b6414420056f3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Mon, 26 Feb 2024 05:31:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 31121
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15302
x-xss-protection: 0
last-modified: Mon, 19 Feb 2024 17:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 25 Feb 2025 05:31:16 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame E870 0
10 B 14ms
14ms Image
text/plain 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?4qH7fA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Mon, 26 Feb 2024 14:09:57 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 49ms
49ms Image
text/html 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20240221&jk=3988262354802598&bg=!wsGlwY7NAAZ3BdUuVwU7ADQBe5WfOGfRto3B4NMfx_B972nB-HTmcDJvt05Q0vBhcxiaB9imzXFlqTCzfTakDaZiHnI7AgAAADhSAAAAAWgBB5kC-YOFlBxUh7PLOAGK6ysSfQpN2KJ7y5zZJRuMv38oGhl-gsLWusXbwEnsuxr4KngYA6NndmyXHKMWZ4VPf5MT0VPLJjYTLPQVsbr9LNxCWOA7Eu6saZDlLzcOa3gz7YcDqrWcgjZrLb-yRYWXUlq52nWXrC5OTLGyNw5PKLyQM5uTqxww3qeAEhNLJGWS1n_Kkq_QsKldUlKEvSZ5HPiuPLmdw4wcxoGYN12iYfJKwRfe747h5xND1RdceQw2os1D-dnnzK0lfQl3t2_xgAX8FwrMh1c5mIy_ZnpxrytuyIT6eTlkmV3OiEB74d_SWz55yx6jNca1MUV3ZUKkI7bjL9dwVJ6WtK4vvJxbCzh97ZjraO-eJP-gESRdG53ZgU8Y-VQvwQ6Sv8I-kEQDT-30jKE7nl9I3lYPmwzEatMuOva4Jcx7YHQZxQodaKJjoXnImwoHHEZdZueDxYipz1_xLyhZQcSvRV9MdrEH_-hYIFT-XKEyhghxNzcEv0ta_wcRNDN9w-THKxblVAO43mJVkyvcn7y7VdoHdIYeakz348dvyPoWr4dv2kjRAYatTvfoTpU5qgjzs7O4HnWf-et7Q8UC0Nc37X7mL49PChLRj-S2y-p_Cc4j9ipvWh0FEfYz5avHjEAh3L9kzBXMP4s96nsVfhUzqCE-N5egCYQZdfsTP_ghFvTWHVZysWZmJXxpFL-tT7SB9vpy7TW3_0tTriT7Vn7vJ2zPP0Pa6pZQpCff4hAWR7we5gh5VdzFBf6ukDHr_rH0VSQkOIHm5DG1EjgQp4SBv2vh48MzV49OPWJ_b3YvN_bW97N5LOsTRs69YNOHblarjdMWN_FxLndRX5Vdu38Ld2xUf8fN9PCIktlhvSr7EMH73ftZX76WpOKqx8wj_zDDgbdVlxwQ8ygzSNmKSmzneVY2ZKJGyTd3vexKgZqn2ci6J8VL3MbVvMMUJBQDVSRzgwilnTnYRRyxtsgrfmYOhrSQOYIVXT0KlvYnrAh0wwG3Y-dm
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nitrohsu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 612D 42 B
66 B 57ms
57ms Fetch
image/gif 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvBD-zP2sNeN3J0rr0QazPMfcpi_oVcljYWab37vKH4YizktBAQcnQwMUnxm-YtJ1zKXWC4AuuDjO9PlT9mSMwzYCtNDxRktu13DpEmHF0W3CX87UUwvNDaA5vzZ_pIoBBO6Ky1BV6hf5ZjCC9EXlM1ryfUTk2KPGtCejFM&sig=Cg0ArKJSzAIqxm96B211EAE&id=lidar2&mcvt=1000&p=0,0,280,1200&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20240222&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1213588912&rs=2&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=488939700&rst=1708956597094&rpt=596&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=8&io2=0

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-4462632621303108&output=html&h=280&adk=1213588912&adf=2689116385&pi=t.aa~a.1596147121~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1708956597&rafmt=1&to=qs&pwprc=4711514695&format=1200x280&url=https%3A%2F%2Fwww.nitrohsu.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1708956596851&bpp=1&bdt=654&idt=241&shv=r20240221&mjsv=m202402200101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=5080669901691&frm=20&pv=1&ga_vid=13430897.1708956597&ga_sid=1708956597&ga_hid=357096919&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=570&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31081082%2C31081153%2C44795922%2C95325067%2C95326316%2C95322195%2C31081085%2C95321868%2C95324155%2C95324160&oid=2&pvsid=3988262354802598&tmod=1625804329&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&ifi=2&uci=a!2&fsb=1&dtd=243
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Feb 2024 14:09:58 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

39 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.nitrohsu.com/	1970-01-21 04:18:36	Name: _ga_134Y62YWDJ Value: GS1.1.1708956596.1.0.1708956596.60.0.0
.nitrohsu.com/	1970-01-21 04:18:36	Name: _ga Value: GA1.1.13430897.1708956597
.nitrohsu.com/	1970-01-20 23:01:48	Name: __eoi Value: ID=5c783306456f2ea4:T=1708956597:RT=1708956597:S=AA-AfjYp25Z-p8JHtGW6Vj6UYKPE

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://mts0.google.com/vt/data=bjHVoUJJ76jVE5kFEGncGrv7t5zgvwq74ZIIfu-mGq_x1Ira7UqOL-3r9RtR9-30iDTSgcSppl02c2TNui8ScQ Message: Failed to load resource: the server responded with a status of 400 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

code.jquery.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
mts0.google.com
nitrohsu.com
pagead2.googlesyndication.com
region1.analytics.google.com
stats.g.doubleclick.net
tpc.googlesyndication.com
www.google.de
www.googletagmanager.com
www.gstatic.com
www.nitrohsu.com
2001:4860:4802:34::36
2a00:1450:4001:806::2003
2a00:1450:4001:80b::200a
2a00:1450:4001:80b::200e
2a00:1450:4001:811::2001
2a00:1450:4001:812::2008
2a00:1450:4001:81c::2002
2a00:1450:4001:82f::2002
2a00:1450:4001:830::2003
2a00:1450:4001:831::2003
2a00:1450:400c:c00::9a
2a04:4e42:400::649
82.156.12.180
068123d4c4589cecb90523791256c9c9277a306172601593fd9b6414420056f3
0bd3e64a75f43409aa3141f35c5d1bd599773aec49d61aaa02522dbe6101c247
1844ca49b4325010205dc12f7fa55c11d02f025bec6a7ca4ca1474364390bde1
1997dda7753c23ff8af42d56d44d0bd643457d94b9fe23a3935a677e0f3be409
1be58ac66106f8f26b344b506dbca6968b96606a5bb9f89dac5678dfaf9522ff
2d94f29f1542bc9634bd6dfff533762439475beb061a7ec6bb2a16e20da43a8c
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
3443f4dadfe8711f8d726ed901d2e677f37f993ff2b68f942f1f61155ea9556c
35c78871894bdf56d26d6b421d8768e9db82802c9cf68d2cc6007b4e7301a5e5
407812cde501f583bdaaf77445c27e8e767d22cc14bdcc2b83edf488afebfbbe
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
7b1adc0636586712a85c1e426ec943c01638115eb6bcd58f593fd0984c0c4ac0
7d84a602ad6c5d43d9ee47fbd3da0b8046b9f0d90ceb4badf953502699dbd748
81e86c776615fa4acc3ee545fd29aa977eb9488b808c11aef0cd2702681b3ae5
8753541a3a44842cd815d81c4f8c589e0a0d763112d622f3088cd6f064e825fd
9ba2c2b2479cc7044e4af1a0123ec24531e8ad57aa91d4d5655405a148271589
a09f8bdd2709cff4842cf73afcaadb9945edb16276e1589cbf8626839770ba7b
a52db3d7b66610660823ee5a8945bd702b7f9b99c26b26c9a6f77e8d3c3356c2
acaf2138632b2993283199d983b995103ff02b5ab84871e367e5be21fa639345
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
c3a0f71d2998da7a682f608618012c0f213d61ae0f8a6211ddc005ffaec2baa7
c999512e6410949c727b70e0afca6edc42b2d34936cd9afbb1b600fb3f5c54cb
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7afde571c53d192943a40b3b7f109e698bb47e6d6424bc7d1f53a7cb9466360
ec1d799ea15ca9389d9dcd1f5d5c9698d612204464a24020099137878484a168
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f13b32e612863a4776a59c4767e0d55c2339defea65adb7ce65c1e347749d1f7
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
f85086236ab32bf911794300d039d83e016ae41cf61d772a04ac4b492cf710e1

www.nitrohsu.com Open in urlscan Pro 82.156.12.180 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

36 Requests

100 %HTTPS

92 %IPv6

9 Domains

14 Subdomains

14 IPs

4 Countries

711 kBTransfer

1900 kBSize

3 Cookies

2 Outgoing links

Page URL History

Redirected requests

36 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.nitrohsu.com Open in urlscan Pro
82.156.12.180 Public Scan

Screenshot
Live screenshot

Full Image

36
Requests

100 %
HTTPS

92 %
IPv6

9
Domains

14
Subdomains

14
IPs

4
Countries

711 kB
Transfer

1900 kB
Size

3
Cookies

36 HTTP transactions
3 data transactions