webtreasurehunter.com Open in urlscan Pro
35.208.67.40 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://ur.wetnhorny.com/4thofjulytreadmillsale442244
Effective URL:
https://webtreasurehunter.com/how-to-lose-weight-on-a-treadmill-in-a-month/
Submission: On September 19 via manual (September 19th 2022, 2:58:09 pm UTC) from US — Scanned from DE

Summary HTTP 70 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 23 IPs in 5 countries across 21 domains to perform 70 HTTP transactions. The main IP is 35.208.67.40, located in Council Bluffs, United States and belongs to GOOGLE, US. The main domain is webtreasurehunter.com.
TLS certificate: Issued by R3 on August 11th 2022. Valid for: 3 months.

This is the only time webtreasurehunter.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	2a01:4f8:d0a:... 2a01:4f8:d0a:281b::2	24940 (HETZNER-AS) (HETZNER-AS)
3	84.80.32.175 84.80.32.175	1136 (KPN KPN N...) (KPN KPN National)
8	35.208.67.40 35.208.67.40	15169 (GOOGLE) (GOOGLE)
10	2a00:1450:400... 2a00:1450:4001:806::2002	15169 (GOOGLE) (GOOGLE)
12	2a00:1450:400... 2a00:1450:4001:813::2003	15169 (GOOGLE) (GOOGLE)
4	2606:4700:e0:... 2606:4700:e0::ac40:6720	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:80b::2008	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:812::200e	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82f::200a	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:806::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:800::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
1	2620:116:800d... 2620:116:800d:21:e365:4988:e8a7:3270	16509 (AMAZON-02) (AMAZON-02)
1 1	3.123.239.111 3.123.239.111	16509 (AMAZON-02) (AMAZON-02)
4	142.250.181.226 142.250.181.226	15169 (GOOGLE) (GOOGLE)
1	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
1	35.186.253.211 35.186.253.211	15169 (GOOGLE) (GOOGLE)
1	185.64.190.78 185.64.190.78	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 1	69.173.144.138 69.173.144.138	26667 (RUBICONPR...) (RUBICONPROJECT)
2 2	104.18.19.126 104.18.19.126	13335 (CLOUDFLAR...) (CLOUDFLARENET)
70	23

1 2a01:4f8:d0a:281b::2 (Germany)

ASN24940 (HETZNER-AS, DE)

ur.wetnhorny.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 84.80.32.175 (Sint Nicolaasga, Netherlands)

ASN1136 (KPN KPN National, NL)
PTR: 84-80-32-175.fixed.kpn.net

evertkok.nl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 35.208.67.40 (Council Bluffs, United States)

ASN15169 (GOOGLE, US)
PTR: 40.67.208.35.bc.googleusercontent.com

webtreasurehunter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:e0::ac40:6720 (United States)

ASN13335 (CLOUDFLARENET, US)

use.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:806::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:800::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800d:21:e365:4988:e8a7:3270 (United States)

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.123.239.111 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-123-239-111.eu-central-1.compute.amazonaws.com

d.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.181.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

id.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.253.211 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.190.78 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.138 (Frankfurt am Main, Germany) 1 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.19.126 (None, ) 2 redirects

ASN13335 (CLOUDFLARENET, US)

ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
18	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 105 tpc.googlesyndication.com — Cisco Umbrella Rank: 142	328 KB
12	gstatic.com fonts.gstatic.com www.gstatic.com	223 KB
8	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 41 cm.g.doubleclick.net — Cisco Umbrella Rank: 210	45 KB
8	webtreasurehunter.com webtreasurehunter.com	174 KB
4	fontawesome.com use.fontawesome.com — Cisco Umbrella Rank: 884	142 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 27 region1.google-analytics.com — Cisco Umbrella Rank: 2989	20 KB
3	google.com adservice.google.com — Cisco Umbrella Rank: 75 www.google.com — Cisco Umbrella Rank: 2	1 KB
3	evertkok.nl evertkok.nl	55 KB
2	casalemedia.com 2 redirects ssum-sec.casalemedia.com — Cisco Umbrella Rank: 438	2 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 62	120 KB
1	rubiconproject.com 1 redirects pixel.rubiconproject.com — Cisco Umbrella Rank: 335	512 B
1	pubmatic.com image6.pubmatic.com — Cisco Umbrella Rank: 648	166 B
1	openx.net rtb.openx.net — Cisco Umbrella Rank: 1505	351 B
1	rlcdn.com id.rlcdn.com — Cisco Umbrella Rank: 561	98 B
1	agkn.com 1 redirects d.agkn.com — Cisco Umbrella Rank: 638	814 B
1	quantserve.com cms.quantserve.com — Cisco Umbrella Rank: 1020	463 B
1	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 190	44 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 40	1 KB
1	google.de adservice.google.de — Cisco Umbrella Rank: 9081	792 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 857	657 B
1	wetnhorny.com ur.wetnhorny.com	890 B
70	21

	Domain	Requested by
11	fonts.gstatic.com	webtreasurehunter.com fonts.googleapis.com
10	pagead2.googlesyndication.com	webtreasurehunter.com pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com
8	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
8	webtreasurehunter.com	webtreasurehunter.com
4	cm.g.doubleclick.net	googleads.g.doubleclick.net
4	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
4	use.fontawesome.com	webtreasurehunter.com use.fontawesome.com
3	evertkok.nl	ur.wetnhorny.com evertkok.nl
2	ssum-sec.casalemedia.com	2 redirects
2	www.google.com	googleads.g.doubleclick.net tpc.googlesyndication.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	www.googletagmanager.com	webtreasurehunter.com www.googletagmanager.com
1	pixel.rubiconproject.com	1 redirects
1	image6.pubmatic.com	googleads.g.doubleclick.net
1	rtb.openx.net	googleads.g.doubleclick.net
1	id.rlcdn.com	googleads.g.doubleclick.net
1	d.agkn.com	1 redirects
1	cms.quantserve.com	googleads.g.doubleclick.net
1	www.gstatic.com	googleads.g.doubleclick.net
1	www.googletagservices.com	googleads.g.doubleclick.net
1	fonts.googleapis.com	googleads.g.doubleclick.net
1	region1.google-analytics.com	www.googletagmanager.com
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.de	pagead2.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	ur.wetnhorny.com
70	26

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
twitter.com

Subject Issuer	Validity	Valid
ur.wetnhorny.com R3	`2022-08-11` - `2022-11-09`	3 months	crt.sh
*.webtreasurehunter.com R3	`2022-08-11` - `2022-11-09`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-08-29` - `2022-11-21`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-08-29` - `2022-11-21`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-06` - `2023-06-05`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-08-29` - `2022-11-21`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-08-29` - `2022-11-21`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-08-29` - `2022-11-21`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-08-29` - `2022-11-21`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-08-29` - `2022-11-21`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-08-29` - `2022-11-21`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-08-29` - `2022-11-21`	3 months	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2022-08-09` - `2023-09-09`	a year	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2022-02-03` - `2023-02-25`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2022-07-21` - `2023-08-21`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2022-06-13` - `2023-07-14`	a year	crt.sh

This page contains 8 frames:

Primary Page: https://webtreasurehunter.com/how-to-lose-weight-on-a-treadmill-in-a-month/
Frame ID: 07237A9A4DB1CE78F0DFCD21253B563D
Requests: 43 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220914/r20190131/zrt_lookup.html
Frame ID: 11005B25CCA9E570538204EE1C82A2D8
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8024859639799489&output=html&adk=1812271804&adf=3025194257&lmt=1663599486&plat=1%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwebtreasurehunter.com%2Fhow-to-lose-weight-on-a-treadmill-in-a-month%2F&ea=0&pra=5&wgl=1&easpi=0&asntp=0&asntpv=0&asntpl=0&asntpm=0&asntpc=0&asna=5&asnd=5&asnp=5&asns=5&asmat=1&asptt=-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663599486012&bpp=48&bdt=277&idt=270&shv=r20220914&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7607244488661&frm=20&pv=2&ga_vid=2016064015.1663599486&ga_sid=1663599486&ga_hid=898501471&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44760912&oid=2&pvsid=280329590622837&tmod=1056889605&uas=0&nvt=1&ref=http%3A%2F%2Fevertkok.nl%2F&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=292
Frame ID: 40239F056C84198A5544A3D3604E97E6
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8024859639799489&output=html&h=280&adk=3809598800&adf=1839787983&pi=t.aa~a.161032848~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1663599486&rafmt=1&to=qs&pwprc=8091458131&psa=0&format=1200x280&url=https%3A%2F%2Fwebtreasurehunter.com%2Fhow-to-lose-weight-on-a-treadmill-in-a-month%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663599486641&bpp=3&bdt=906&idt=3&shv=r20220914&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd6af4dc5541c8f8e-2272658225ce002a%3AT%3D1663599478%3ART%3D1663599478%3AS%3DALNI_MbNKfmGkCMaqPHyMR9CVTWY2JkUHw&prev_fmts=0x0&nras=2&correlator=7607244488661&frm=20&pv=1&ga_vid=2016064015.1663599486&ga_sid=1663599486&ga_hid=898501471&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3008&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44760912&oid=2&pvsid=280329590622837&tmod=1056889605&uas=0&nvt=1&ref=http%3A%2F%2Fevertkok.nl%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=1DdLrTWoFQ&p=https%3A//webtreasurehunter.com&dtd=16
Frame ID: B006F2B6BE74528300B9C8A864FAFA4E
Requests: 15 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: F94A474EADF234B565A9D054F4B44954
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/6BYXhZMCT46-9MEs0mF7PtO-2LtaEInKrtcRBPC9dKM.js
Frame ID: 308FB6C404F93A055027669B1214B469
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 553C8018D797DFDFB9B2979EFB40C995
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: D6B97FB45BDBF27147B61B6A719DE117
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

How to Lose Weight on a Treadmill in a Month

Page URL History Show full URLs

https://ur.wetnhorny.com/4thofjulytreadmillsale442244 Page URL
http://evertkok.nl/informatica/php/test2.php?a[]=%3Ca+href=https://webtreasurehunter.com/how-to... Page URL
https://webtreasurehunter.com/how-to-lose-weight-on-a-treadmill-in-a-month/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Yoast SEO (SEO) Expand

Overall confidence: 100%
Detected patterns

<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

70
Requests

91 %
HTTPS

64 %
IPv6

21
Domains

26
Subdomains

23
IPs

5
Countries

1156 kB
Transfer

2644 kB
Size

16
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/sharer/sharer.php?u=https://webtreasurehunter.com/how-to-lose-weight-on-a-treadmill-in-a-month/

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?text=How%20to%20Lose%20Weight%20on%20a%20Treadmill%20in%20a%20Month%20--%20https://webtreasurehunter.com/how-to-lose-weight-on-a-treadmill-in-a-month/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://ur.wetnhorny.com/4thofjulytreadmillsale442244 Page URL
http://evertkok.nl/informatica/php/test2.php?a[]=%3Ca+href=https://webtreasurehunter.com/how-to-lose-weight-on-a-treadmill-in-a-month/%3Etreadmill+with+weights%3C/a%3E%3Cmeta+http-equiv=refresh+content=0;url=https://webtreasurehunter.com/how-to-lose-weight-on-a-treadmill-in-a-month/+/%3E Page URL
https://webtreasurehunter.com/how-to-lose-weight-on-a-treadmill-in-a-month/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 57

https://d.agkn.com/pixel/2175/?google_gid=CAESEEfdbTQdBu1Y63FuwGBrwQ8&google_cver=1&google_push=AZmPxg8RfHO6-YtoTyL3zDVgQZUhv4i-pfmYRy1QgA3OJMA95EI2RTjgM8jV5i-T5LMrHWCqFJ-DpS5pWPoQViXPySqSk5czU1aXNhk0FUZ8Sh4mAlSweVb6DMsPXofcOiZ73w0eTFvTbf0Cked0pxYo8HM HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AZmPxg8RfHO6-YtoTyL3zDVgQZUhv4i-pfmYRy1QgA3OJMA95EI2RTjgM8jV5i-T5LMrHWCqFJ-DpS5pWPoQViXPySqSk5czU1aXNhk0FUZ8Sh4mAlSweVb6DMsPXofcOiZ73w0eTFvTbf0Cked0pxYo8HM&google_hm=Q0FFU0VFZmRiVFFkQnUxWTYzRnV3R0Jyd1E4

Request Chain 61

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEFqk1X8FiAwMLOyF_cjPhYI&google_cver=1&google_push=AZmPxg-RCwlpDaNMeSSzLY3h__A8xSSsqdNBRbZ5yNAEqlWQy4lZE6SsHfaJo0kno6A4P85xDE6Umt4bKZ2ogcVuirj3hC46sN8NkLFTyIT3-GEXNKPmkRfqE54rRkuP9BI5TJAtdJ_hU7JLBclLgiEPLMk HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDg4VzZFNTctRi01QU5T&google_push=AZmPxg-RCwlpDaNMeSSzLY3h__A8xSSsqdNBRbZ5yNAEqlWQy4lZE6SsHfaJo0kno6A4P85xDE6Umt4bKZ2ogcVuirj3hC46sN8NkLFTyIT3-GEXNKPmkRfqE54rRkuP9BI5TJAtdJ_hU7JLBclLgiEPLMk

Request Chain 62

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESED3uNAZfakPzWrm8Co9fClA&google_cver=1&google_push=AZmPxg83r4RXAOLHJMinGXsWtgwR0lfWggqmC0eDQHp-7Sl65EW_onGkk6EYgnYWkVsAOsFIQOj6oc6KU0gOHjTE-MT2NiiqDQ0KuwgsddSdHWdiub9O-nuqy3V8ykkNhydB0s4rCW-VKREr3XS7GL5BcCs HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESED3uNAZfakPzWrm8Co9fClA&google_push=AZmPxg83r4RXAOLHJMinGXsWtgwR0lfWggqmC0eDQHp-7Sl65EW_onGkk6EYgnYWkVsAOsFIQOj6oc6KU0gOHjTE-MT2NiiqDQ0KuwgsddSdHWdiub9O-nuqy3V8ykkNhydB0s4rCW-VKREr3XS7GL5BcCs&s=184023&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESED3uNAZfakPzWrm8Co9fClA&google_hm=YyiDeO75yC5LFZcWYvahRgAABIsAAAAB&google_nid=index&google_push=AZmPxg83r4RXAOLHJMinGXsWtgwR0lfWggqmC0eDQHp-7Sl65EW_onGkk6EYgnYWkVsAOsFIQOj6oc6KU0gOHjTE-MT2NiiqDQ0KuwgsddSdHWdiub9O-nuqy3V8ykkNhydB0s4rCW-VKREr3XS7GL5BcCs

70 HTTP transactions
5 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 4thofjulytreadmillsale442244
ur.wetnhorny.com/ 800 B
890 B 135ms
48ms Document
text/html 2a01:4f8:d0a:281b::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ur.wetnhorny.com/4thofjulytreadmillsale442244
Protocol: H2
Security: TLS 1.3, , CHACHA20_POLY1305
Server: 2a01:4f8:d0a:281b::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: Apache /
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-type: text/html; charset=utf-8
date: Mon, 19 Sep 2022 14:57:56 GMT
server: Apache
x-robots-tag: noindex

GET
H/1.1 200
OK test2.php
evertkok.nl/informatica/php/ 47 KB
48 KB 460ms
54ms Document
text/html 84.80.32.175
KPN KPN National

General

Check archive.org

Show headers Download Go to

Full URL: http://evertkok.nl/informatica/php/test2.php?a[]=%3Ca+href=https://webtreasurehunter.com/how-to-lose-weight-on-a-treadmill-in-a-month/%3Etreadmill+with+weights%3C/a%3E%3Cmeta+http-equiv=refresh+content=0;url=https://webtreasurehunter.com/how-to-lose-weight-on-a-treadmill-in-a-month/+/%3E
Requested by: Host: ur.wetnhorny.com
URL: https://ur.wetnhorny.com/4thofjulytreadmillsale442244
Protocol: HTTP/1.1
Server: 84.80.32.175 Sint Nicolaasga, Netherlands, ASN1136 (KPN KPN National, NL),
Reverse DNS: 84-80-32-175.fixed.kpn.net
Software: Apache/2.0.52 (Win32) mod_ssl/2.0.52 OpenSSL/0.9.7d PHP/5.0.2 / PHP/5.0.2
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Connection: Keep-Alive
Content-Type: text/html; charset=ISO-8859-1
Date: Mon, 19 Sep 2022 14:57:49 GMT
Keep-Alive: timeout=15, max=100
Server: Apache/2.0.52 (Win32) mod_ssl/2.0.52 OpenSSL/0.9.7d PHP/5.0.2
Transfer-Encoding: chunked
X-Powered-By: PHP/5.0.2

GET
H/1.1 200
OK test2.php
evertkok.nl/informatica/php/ 5 KB
5 KB 185ms
51ms Image
image/gif 84.80.32.175
KPN KPN National

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://evertkok.nl/informatica/php/test2.php?=PHPE9568F34-D428-11d2-A769-00AA001ACF42
Requested by: Host: evertkok.nl
URL: http://evertkok.nl/informatica/php/test2.php?a[]=%3Ca+href=https://webtreasurehunter.com/how-to-lose-weight-on-a-treadmill-in-a-month/%3Etreadmill+with+weights%3C/a%3E%3Cmeta+http-equiv=refresh+content=0;url=https://webtreasurehunter.com/how-to-lose-weight-on-a-treadmill-in-a-month/+/%3E
Protocol: HTTP/1.1
Server: 84.80.32.175 Sint Nicolaasga, Netherlands, ASN1136 (KPN KPN National, NL),
Reverse DNS: 84-80-32-175.fixed.kpn.net
Software: Apache/2.0.52 (Win32) mod_ssl/2.0.52 OpenSSL/0.9.7d PHP/5.0.2 / PHP/5.0.2
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://evertkok.nl/informatica/php/test2.php?a[]=%3Ca+href=https://webtreasurehunter.com/how-to-lose-weight-on-a-treadmill-in-a-month/%3Etreadmill+with+weights%3C/a%3E%3Cmeta+http-equiv=refresh+content=0;url=https://webtreasurehunter.com/how-to-lose-weight-on-a-treadmill-in-a-month/+/%3E
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Mon, 19 Sep 2022 14:57:49 GMT
Server: Apache/2.0.52 (Win32) mod_ssl/2.0.52 OpenSSL/0.9.7d PHP/5.0.2
Connection: Keep-Alive
X-Powered-By: PHP/5.0.2
Content-Length: 4644
Keep-Alive: timeout=15, max=100
Content-Type: image/gif

GET
H/1.1 200
OK test2.php
evertkok.nl/informatica/php/ 2 KB
2 KB 182ms
51ms Image
image/gif 84.80.32.175
KPN KPN National

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://evertkok.nl/informatica/php/test2.php?=PHPE9568F35-D428-11d2-A769-00AA001ACF42
Requested by: Host: evertkok.nl
URL: http://evertkok.nl/informatica/php/test2.php?a[]=%3Ca+href=https://webtreasurehunter.com/how-to-lose-weight-on-a-treadmill-in-a-month/%3Etreadmill+with+weights%3C/a%3E%3Cmeta+http-equiv=refresh+content=0;url=https://webtreasurehunter.com/how-to-lose-weight-on-a-treadmill-in-a-month/+/%3E
Protocol: HTTP/1.1
Server: 84.80.32.175 Sint Nicolaasga, Netherlands, ASN1136 (KPN KPN National, NL),
Reverse DNS: 84-80-32-175.fixed.kpn.net
Software: Apache/2.0.52 (Win32) mod_ssl/2.0.52 OpenSSL/0.9.7d PHP/5.0.2 / PHP/5.0.2
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://evertkok.nl/informatica/php/test2.php?a[]=%3Ca+href=https://webtreasurehunter.com/how-to-lose-weight-on-a-treadmill-in-a-month/%3Etreadmill+with+weights%3C/a%3E%3Cmeta+http-equiv=refresh+content=0;url=https://webtreasurehunter.com/how-to-lose-weight-on-a-treadmill-in-a-month/+/%3E
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Mon, 19 Sep 2022 14:57:49 GMT
Server: Apache/2.0.52 (Win32) mod_ssl/2.0.52 OpenSSL/0.9.7d PHP/5.0.2
Connection: Keep-Alive
X-Powered-By: PHP/5.0.2
Content-Length: 2146
Keep-Alive: timeout=15, max=99
Content-Type: image/gif

GET
H2 200 Primary Request / Show response
webtreasurehunter.com/how-to-lose-weight-on-a-treadmill-in-a-month/ 47 KB
11 KB 926ms
286ms Document
text/html 35.208.67.40
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://webtreasurehunter.com/how-to-lose-weight-on-a-treadmill-in-a-month/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

35.208.67.40 Council Bluffs, United States, ASN15169 (GOOGLE, US),

Reverse DNS

40.67.208.35.bc.googleusercontent.com

Software

nginx /

Resource Hash

8e6025381e4f3c011378c6a2a31b0e4bdb2d32c105699de148d1957d2ea2c218

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://evertkok.nl/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: br
content-type: text/html; charset=UTF-8
date: Mon, 19 Sep 2022 14:57:57 GMT
host-header: 8441280b0c35cbc1147f8ba998a563a7
link: <https://webtreasurehunter.com/wp-json/>; rel="https://api.w.org/" <https://webtreasurehunter.com/wp-json/wp/v2/posts/1777>; rel="alternate"; type="application/json" <https://webtreasurehunter.com/?p=1777>; rel=shortlink
server: nginx
vary: Accept-Encoding
x-cache-enabled: True
x-content-type-options: nosniff
x-httpd-modphp: 1
x-proxy-cache: HIT
x-xss-protection: 1; mode=block

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 169 KB
57 KB 211ms
123ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: webtreasurehunter.com
URL: https://webtreasurehunter.com/how-to-lose-weight-on-a-treadmill-in-a-month/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4f59336c070680ef838810aa8f84b4fab27054ef3e73c6f0d80a8481b1bb90ac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://webtreasurehunter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 14:57:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 58266
x-xss-protection: 0
server: cafe
etag: 1670244733349952504
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 19 Sep 2022 14:57:58 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 169 KB
57 KB 194ms
108ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8024859639799489

Requested by

Host: webtreasurehunter.com
URL: https://webtreasurehunter.com/how-to-lose-weight-on-a-treadmill-in-a-month/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

98dde6abbca06484dee00e454a91ac43a57ca8bf15744afdff8c0a9e47678c72

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://webtreasurehunter.com/
Origin: https://webtreasurehunter.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 14:57:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 58246
x-xss-protection: 0
server: cafe
etag: 13352196197549950588
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 19 Sep 2022 14:57:58 GMT

GET
H2 200 u-440qyriQwlOrhSvowK_l5-fCZMdeX3rg.woff2
fonts.gstatic.com/s/merriweather/v25/ 13 KB
13 KB 126ms
39ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/merriweather/v25/u-440qyriQwlOrhSvowK_l5-fCZMdeX3rg.woff2

Requested by

Host: webtreasurehunter.com
URL: https://webtreasurehunter.com/how-to-lose-weight-on-a-treadmill-in-a-month/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

30a939a2ce3367797eabc0b360139c5a3f3a2fd0787768370e25f6fc457820b6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://webtreasurehunter.com/
Origin: https://webtreasurehunter.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 13 Sep 2022 13:07:50 GMT
x-content-type-options: nosniff
age: 525008
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12828
x-xss-protection: 0
last-modified: Tue, 10 Aug 2021 00:21:56 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 13 Sep 2023 13:07:50 GMT

GET
H2 200 fa-solid-900.woff2
use.fontawesome.com/releases/v5.1.0/webfonts/ 58 KB
59 KB 516ms
430ms Font
font/woff2 2606:4700:e0::ac40:6720
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.1.0/webfonts/fa-solid-900.woff2
Requested by: Host: webtreasurehunter.com
URL: https://webtreasurehunter.com/how-to-lose-weight-on-a-treadmill-in-a-month/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e0::ac40:6720 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a83079124373d924ad1402fbc08d2e24d0043234d4c26565f1c368745f55f5d9

Request headers

Referer: https://webtreasurehunter.com/
Origin: https://webtreasurehunter.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 14:57:58 GMT
access-control-allow-methods: GET
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: GEHX05J9NKY1NRA7
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 59572
x-amz-id-2: 29P/JDsGWOCm7fQlH1Qs7L1uoDk3NjYU89MU0rr9azqS4X0ozbAbVW0gutN1Gllo+wQ/iugGrJ+5oyV9m/MIfQ==
last-modified: Wed, 30 Jun 2021 15:30:49 GMT
server: cloudflare
etag: "18d2347ab2a9f40ca2247cdb03303d84"
access-control-max-age: 3000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NXWIohQ49DYYDwN8PUGRPH0YEAg0cjPOr05EGxuLVCV82alKL9wWEGFEHvmet1ctX%2BE%2F6dAj%2B0HpHF011T6tv2%2BSAKEoIgO%2B2PzxO3vr837vKd7d0pbo6yECqn7lUz7xOmPJKcPXX39nmFaTYh4hQPNu"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 74d32d432aafbbeb-FRA

GET
H2 200 JTURjIg1_i6t8kCHKm45_dJE3gnD_vx3rCs.woff2
fonts.gstatic.com/s/montserrat/v18/ 14 KB
14 KB 163ms
77ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v18/JTURjIg1_i6t8kCHKm45_dJE3gnD_vx3rCs.woff2

Requested by

Host: webtreasurehunter.com
URL: https://webtreasurehunter.com/how-to-lose-weight-on-a-treadmill-in-a-month/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

430f110b314a582b55dd6853c36759df601baa2c608a029fcb3f427c4719f73b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://webtreasurehunter.com/
Origin: https://webtreasurehunter.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 17:55:22 GMT
x-content-type-options: nosniff
age: 594156
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14116
x-xss-protection: 0
last-modified: Tue, 10 Aug 2021 00:21:14 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 12 Sep 2023 17:55:22 GMT

GET
H2 200 u-4n0qyriQwlOrhSvowK_l52xwNZWMf6hPvhPQ.woff2
fonts.gstatic.com/s/merriweather/v25/ 12 KB
13 KB 174ms
88ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/merriweather/v25/u-4n0qyriQwlOrhSvowK_l52xwNZWMf6hPvhPQ.woff2

Requested by

Host: webtreasurehunter.com
URL: https://webtreasurehunter.com/how-to-lose-weight-on-a-treadmill-in-a-month/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

281905b270a376d79a0f1e85e153e021058f24a49803f57ec3fc5017bddbcb82

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://webtreasurehunter.com/
Origin: https://webtreasurehunter.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 13 Sep 2022 19:41:27 GMT
x-content-type-options: nosniff
age: 501391
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12772
x-xss-protection: 0
last-modified: Tue, 10 Aug 2021 00:22:36 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 13 Sep 2023 19:41:27 GMT

GET
H2 200 u-4n0qyriQwlOrhSvowK_l521wRZWMf6hPvhPQ.woff2
fonts.gstatic.com/s/merriweather/v25/ 12 KB
12 KB 133ms
47ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/merriweather/v25/u-4n0qyriQwlOrhSvowK_l521wRZWMf6hPvhPQ.woff2

Requested by

Host: webtreasurehunter.com
URL: https://webtreasurehunter.com/how-to-lose-weight-on-a-treadmill-in-a-month/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b225aad13de22050b2faef4623b904dde1a961803bf662b2f9b6f03135b7041

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://webtreasurehunter.com/
Origin: https://webtreasurehunter.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 13 Sep 2022 05:28:58 GMT
x-content-type-options: nosniff
age: 552540
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12440
x-xss-protection: 0
last-modified: Tue, 10 Aug 2021 00:21:47 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 13 Sep 2023 05:28:58 GMT

GET
H2 200 all.css
use.fontawesome.com/releases/v5.1.0/css/ 45 KB
10 KB 559ms
474ms Font
text/css 2606:4700:e0::ac40:6720
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.1.0/css/all.css
Requested by: Host: webtreasurehunter.com
URL: https://webtreasurehunter.com/how-to-lose-weight-on-a-treadmill-in-a-month/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e0::ac40:6720 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ce91e2144ea27f82292ef2c87c5d9e1d0b9994df63836130293865aca18fc550

Request headers

Referer: https://webtreasurehunter.com/
Origin: https://webtreasurehunter.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 14:57:58 GMT
content-encoding: br
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: GEHQ76YXRGG7H3J3
access-control-allow-methods: GET
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: /iivyb54BuknoKo0WVJ9ARWSQu7uSqhzpjogHqh3L23gs8Mzq76gK0zIBCy+fVySIbOUD4Ro6sgMF1H3ac/9Og==
last-modified: Wed, 30 Jun 2021 15:30:31 GMT
server: cloudflare
etag: W/"826c57385f3d35cfed5478ba7b1f5c03"
access-control-max-age: 3000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LhLJKR%2FIDvYV7Q2Sp6wtofZMjyfHtMqfgcf0eF6JYn3oA74bbv3AUsVSCCiVQAh1JvCl%2F37nnIFnAJ%2BMfsS2p498OaAblEEzRhtI%2FF%2B12yK9HX9oUfDIs5vh4bmuI2mYbNl6RYeOwqSKq%2FmslGqLXQcR"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31556926
cf-ray: 74d32d432ab0bbeb-FRA

GET
H2 200 siteground-optimizer-combined-css-f5c42ad9eb8c93df299e5b782715b229.css
webtreasurehunter.com/wp-content/uploads/siteground-optimizer-assets/ 148 KB
21 KB 159ms
158ms Stylesheet
text/css 35.208.67.40
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://webtreasurehunter.com/wp-content/uploads/siteground-optimizer-assets/siteground-optimizer-combined-css-f5c42ad9eb8c93df299e5b782715b229.css
Requested by: Host: webtreasurehunter.com
URL: https://webtreasurehunter.com/how-to-lose-weight-on-a-treadmill-in-a-month/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.208.67.40 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 40.67.208.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 4b673e0b8b64b0ef91da50c8f60447bcee3e2fe93e39092261cb6f9e20c7147a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://webtreasurehunter.com/how-to-lose-weight-on-a-treadmill-in-a-month/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 14:57:58 GMT
content-encoding: br
last-modified: Sun, 24 Jul 2022 07:40:29 GMT
server: nginx
etag: W/"62dcf76d-24f73"
vary: Accept-Encoding
x-proxy-cache-info: DT:1
content-type: text/css
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
expires: Tue, 19 Sep 2023 14:57:58 GMT

GET
H2 200 all.css
use.fontawesome.com/releases/v5.1.0/css/ 45 KB
10 KB 131ms
46ms Stylesheet
text/css 2606:4700:e0::ac40:6720
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.1.0/css/all.css?ver=6.0.2
Requested by: Host: webtreasurehunter.com
URL: https://webtreasurehunter.com/how-to-lose-weight-on-a-treadmill-in-a-month/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e0::ac40:6720 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ce91e2144ea27f82292ef2c87c5d9e1d0b9994df63836130293865aca18fc550

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://webtreasurehunter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 14:57:58 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1711513
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: 68Z1PYFMRDH4VF24
x-amz-id-2: WSDUnFU/aPbkw4CxX0PSZbED3eypqtxy3WJ7Ba/UDfPcopa0mfcdVt70z3kPyzycGjftQ3/rNoc=
last-modified: Wed, 30 Jun 2021 15:30:31 GMT
server: cloudflare
etag: W/"826c57385f3d35cfed5478ba7b1f5c03"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uaws2%2B7o1xL7%2BEUgGXIQ0i1z1ntksjbu3TsHft3I6j4tzkmVi2dpucE%2FInPmX0sdwCIFiojHXKbqUODWI5H14QXq6JXUfX1Xzje2WPo9cvFC9TE%2BSUGpN7Z%2BJTfiq6XOeBOQHXZzg%2BfXprBgxRqv%2BBjx"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=31556926
cf-ray: 74d32d431fd8bb9d-FRA

GET
H2 200 jquery.min.js Show response
webtreasurehunter.com/wp-includes/js/jquery/ 87 KB
30 KB 302ms
301ms Script
application/javascript 35.208.67.40
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://webtreasurehunter.com/wp-includes/js/jquery/jquery.min.js
Requested by: Host: webtreasurehunter.com
URL: https://webtreasurehunter.com/how-to-lose-weight-on-a-treadmill-in-a-month/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.208.67.40 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 40.67.208.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://webtreasurehunter.com/how-to-lose-weight-on-a-treadmill-in-a-month/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 14:57:58 GMT
content-encoding: br
last-modified: Wed, 01 Sep 2021 14:36:11 GMT
server: nginx
etag: W/"612f8fdb-15db1"
vary: Accept-Encoding
x-proxy-cache-info: DT:1
content-type: application/javascript
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
expires: Tue, 19 Sep 2023 14:57:58 GMT

GET
H2 200 wp-polyfill.min.js Show response
webtreasurehunter.com/wp-includes/js/dist/vendor/ 19 KB
7 KB 303ms
302ms Script
application/javascript 35.208.67.40
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://webtreasurehunter.com/wp-includes/js/dist/vendor/wp-polyfill.min.js
Requested by: Host: webtreasurehunter.com
URL: https://webtreasurehunter.com/how-to-lose-weight-on-a-treadmill-in-a-month/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.208.67.40 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 40.67.208.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 6fecb89a29ee2bd397bb1bf58ecaa530a76f0654db71fadefd3cc70b0bc302bf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://webtreasurehunter.com/how-to-lose-weight-on-a-treadmill-in-a-month/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 14:57:58 GMT
content-encoding: br
last-modified: Sat, 28 May 2022 09:22:22 GMT
server: nginx
etag: W/"6291e9ce-4ac6"
vary: Accept-Encoding
x-proxy-cache-info: DT:1
content-type: application/javascript
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
expires: Tue, 19 Sep 2023 14:57:58 GMT

GET
H2 200 siteground-optimizer-combined-js-ebd3eafecf03a862224dd74a5d5bdee9.js Show response
webtreasurehunter.com/wp-content/uploads/siteground-optimizer-assets/ 169 KB
53 KB 159ms
158ms Script
application/javascript 35.208.67.40
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://webtreasurehunter.com/wp-content/uploads/siteground-optimizer-assets/siteground-optimizer-combined-js-ebd3eafecf03a862224dd74a5d5bdee9.js
Requested by: Host: webtreasurehunter.com
URL: https://webtreasurehunter.com/how-to-lose-weight-on-a-treadmill-in-a-month/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.208.67.40 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 40.67.208.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 2e4b6f7a3962283520390560afbfc2e1c19875a12d3ec559b9cfc69bf65d844e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://webtreasurehunter.com/how-to-lose-weight-on-a-treadmill-in-a-month/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 14:57:58 GMT
content-encoding: br
last-modified: Wed, 31 Aug 2022 09:29:28 GMT
server: nginx
etag: W/"630f29f8-2a3df"
vary: Accept-Encoding
x-proxy-cache-info: DT:1
content-type: application/javascript
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
expires: Tue, 19 Sep 2023 14:57:58 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 119 KB
46 KB 138ms
52ms Script
application/javascript 2a00:1450:4001:80b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5RPHH9C

Requested by

Host: webtreasurehunter.com
URL: https://webtreasurehunter.com/how-to-lose-weight-on-a-treadmill-in-a-month/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

aeeb99313bb36bf11369ffc51413bee5be02cd16e56436aa833b8b1beb423d85

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://webtreasurehunter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 14:57:58 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47024
x-xss-protection: 0
last-modified: Mon, 19 Sep 2022 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 19 Sep 2022 14:57:58 GMT

GET
H2 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209080101/ 346 KB
122 KB 101ms
100ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8024859639799489&plah=webtreasurehunter.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8024859639799489

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

09ad5608bc9cac00f0e3ab4d3a890315bfffbfb4a6e9186dd3ea8eadd14a1985

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://webtreasurehunter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 14:57:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 124739
x-xss-protection: 0
server: cafe
etag: 3295160821262730233
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 19 Sep 2022 14:57:58 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220914/r20190131/ Frame 1100 10 KB
5 KB 126ms
37ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220914/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8024859639799489

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f7408c25067cd0a9d9fe835cb4c05e394a50751d3fcde0c461db19a309abb02a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://webtreasurehunter.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 73180
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4420
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 18 Sep 2022 18:38:18 GMT
etag: 9671129459699598864
expires: Sun, 02 Oct 2022 18:38:18 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 u-440qyriQwlOrhSvowK_l5-fCZJ.ttf
fonts.gstatic.com/s/merriweather/v30/ 41 KB
25 KB 40ms
38ms Font
font/ttf 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/merriweather/v30/u-440qyriQwlOrhSvowK_l5-fCZJ.ttf

Requested by

Host: webtreasurehunter.com
URL: https://webtreasurehunter.com/how-to-lose-weight-on-a-treadmill-in-a-month/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dec1097fab20801430f93e77b1559e7258041ee57150faf8a827c6df3358c918

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://webtreasurehunter.com/
Origin: https://webtreasurehunter.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 08:36:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 22915
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25033
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 16:41:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
vary: Accept-Encoding
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 19 Sep 2023 08:36:03 GMT

GET
H2 200 u-4m0qyriQwlOrhSvowK_l5-eRZOf-c.ttf
fonts.gstatic.com/s/merriweather/v30/ 39 KB
24 KB 79ms
77ms Font
font/ttf 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/merriweather/v30/u-4m0qyriQwlOrhSvowK_l5-eRZOf-c.ttf

Requested by

Host: webtreasurehunter.com
URL: https://webtreasurehunter.com/how-to-lose-weight-on-a-treadmill-in-a-month/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bb17354be957eeed5e232d7fb86241ef412a7c13fa987e6617da35e638fa722e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://webtreasurehunter.com/
Origin: https://webtreasurehunter.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 18 Sep 2022 15:49:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 83329
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24667
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 15:48:58 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
vary: Accept-Encoding
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 18 Sep 2023 15:49:09 GMT

GET
H2 200 JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCuM73w5aX8.ttf
fonts.gstatic.com/s/montserrat/v24/ 31 KB
16 KB 71ms
69ms Font
font/ttf 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v24/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCuM73w5aX8.ttf

Requested by

Host: webtreasurehunter.com
URL: https://webtreasurehunter.com/how-to-lose-weight-on-a-treadmill-in-a-month/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bdedb2cd8beede449479c06fc0a11e5f9c7f43ca5057d0e1b231897708808710

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://webtreasurehunter.com/
Origin: https://webtreasurehunter.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 08:47:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 454222
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16546
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 14:39:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
vary: Accept-Encoding
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 14 Sep 2023 08:47:36 GMT

GET
H2 200 u-4n0qyriQwlOrhSvowK_l52xwNZWMf_.ttf
fonts.gstatic.com/s/merriweather/v30/ 40 KB
24 KB 51ms
50ms Font
font/ttf 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/merriweather/v30/u-4n0qyriQwlOrhSvowK_l52xwNZWMf_.ttf

Requested by

Host: webtreasurehunter.com
URL: https://webtreasurehunter.com/how-to-lose-weight-on-a-treadmill-in-a-month/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7d7741f04f6aadf9277c61244f0b8b72fff88b0268441e44b9ac7d0785f8efe9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://webtreasurehunter.com/
Origin: https://webtreasurehunter.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 08:36:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 22917
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24690
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 15:48:38 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
vary: Accept-Encoding
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 19 Sep 2023 08:36:01 GMT

GET
H2 200 fa-brands-400.woff2
use.fontawesome.com/releases/v5.1.0/webfonts/ 62 KB
62 KB 648ms
647ms Font
font/woff2 2606:4700:e0::ac40:6720
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.1.0/webfonts/fa-brands-400.woff2
Requested by: Host: use.fontawesome.com
URL: https://use.fontawesome.com/releases/v5.1.0/css/all.css?ver=6.0.2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e0::ac40:6720 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 62b5e7ae9e2ed60dcd7cb2e0823dd0884575f2176aff629f2df1e912dfae20e1

Request headers

Referer: https://use.fontawesome.com/releases/v5.1.0/css/all.css?ver=6.0.2
Origin: https://webtreasurehunter.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 14:57:59 GMT
access-control-allow-methods: GET
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: GEHZTWPP5AQ0TV4C
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 63376
x-amz-id-2: Vkk5QEto7bs6UH8y/Ws7EddnVkvQ75hxbTcSQghQbbx9q+RFjjvVu6AiAYNb5STo9PwfPuGs1lZYkyksCqceHg==
last-modified: Wed, 30 Jun 2021 15:30:49 GMT
server: cloudflare
etag: "f319eac1c755f9929fd856720ce1695e"
access-control-max-age: 3000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j7Zdus50izz5v%2B72DntR5o5ijCZkoovaNFpnCvipxS11XnmMVPDj1wjgZuaDVge1y8xb9NCz7Wob%2Bkk0dcuzaVwwQL5xRiDGiDdF%2B4yeP5pnYT1SGtKOkd7jzbV7UyAqISFUTC3pnr1EkKBuuCk6rKUp"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 74d32d449dd3bbeb-FRA

GET
H2 200 JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCu173w5aX8.ttf
fonts.gstatic.com/s/montserrat/v24/ 31 KB
16 KB 62ms
61ms Font
font/ttf 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v24/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCu173w5aX8.ttf

Requested by

Host: webtreasurehunter.com
URL: https://webtreasurehunter.com/how-to-lose-weight-on-a-treadmill-in-a-month/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c2646bb8d9ad6aed4cb158476b3c56806fa9cee629aa953b5d69548118cad5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://webtreasurehunter.com/
Origin: https://webtreasurehunter.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 15 Sep 2022 02:50:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 389252
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16275
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 14:37:39 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
vary: Accept-Encoding
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 15 Sep 2023 02:50:26 GMT

GET
DATA 200
OK truncated
/ 64 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b6dcc1490a0cc33cdeed8970677b89bbec6fa095675af198b8e923b64563c70a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c3f1e4144c0fc9a0638f42d5d6c9875ae6768680a7f2ffa5ef449ccdf25fe436

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 u-4n0qyriQwlOrhSvowK_l521wRZWMf_.ttf
fonts.gstatic.com/s/merriweather/v30/ 41 KB
24 KB 38ms
38ms Font
font/ttf 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/merriweather/v30/u-4n0qyriQwlOrhSvowK_l521wRZWMf_.ttf

Requested by

Host: webtreasurehunter.com
URL: https://webtreasurehunter.com/how-to-lose-weight-on-a-treadmill-in-a-month/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b4c8270929350d1e844e3df763be1aec16317259ccb46fcf67644f6e6e679932

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://webtreasurehunter.com/
Origin: https://webtreasurehunter.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 18 Sep 2022 01:52:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 133505
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24753
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 15:46:47 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
vary: Accept-Encoding
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 18 Sep 2023 01:52:53 GMT

GET
H2 200 web-treasure-hunter-logo.png
webtreasurehunter.com/wp-content/uploads/2019/01/ 9 KB
9 KB 150ms
149ms Image
image/webp 35.208.67.40
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://webtreasurehunter.com/wp-content/uploads/2019/01/web-treasure-hunter-logo.png
Requested by: Host: webtreasurehunter.com
URL: https://webtreasurehunter.com/how-to-lose-weight-on-a-treadmill-in-a-month/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.208.67.40 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 40.67.208.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 754405d25e8ea0c4538937f86e5a6ec5c55670d186a3b0d1df93d35ffabfa139

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://webtreasurehunter.com/how-to-lose-weight-on-a-treadmill-in-a-month/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 14:57:58 GMT
last-modified: Wed, 01 Sep 2021 23:21:54 GMT
server: nginx
etag: "61300b12-2380"
x-proxy-cache-info: DT:1
content-type: image/webp
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
accept-ranges: bytes
content-length: 9088
expires: Tue, 19 Sep 2023 14:57:58 GMT

GET
H2 200 woman-tape-measure-waist-2000x1335-1-1920x500.jpg
webtreasurehunter.com/wp-content/uploads/2022/01/ 28 KB
28 KB 160ms
159ms Image
image/webp 35.208.67.40
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://webtreasurehunter.com/wp-content/uploads/2022/01/woman-tape-measure-waist-2000x1335-1-1920x500.jpg
Requested by: Host: webtreasurehunter.com
URL: https://webtreasurehunter.com/how-to-lose-weight-on-a-treadmill-in-a-month/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.208.67.40 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 40.67.208.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 4b492ea6b8176ad45e6e1f8f103474dd765cc4a47ae7c7767f2a344786ac4a18

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://webtreasurehunter.com/how-to-lose-weight-on-a-treadmill-in-a-month/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 14:57:58 GMT
last-modified: Wed, 05 Jan 2022 22:40:53 GMT
server: nginx
etag: "61d61e75-6e32"
x-proxy-cache-info: DT:1
content-type: image/webp
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
accept-ranges: bytes
content-length: 28210
expires: Tue, 19 Sep 2023 14:57:58 GMT

GET
H2 200 woman-wiping-sweat-2000x1335-1-400x400.jpg
webtreasurehunter.com/wp-content/uploads/2021/12/ 15 KB
16 KB 170ms
170ms Image
image/webp 35.208.67.40
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://webtreasurehunter.com/wp-content/uploads/2021/12/woman-wiping-sweat-2000x1335-1-400x400.jpg
Requested by: Host: webtreasurehunter.com
URL: https://webtreasurehunter.com/how-to-lose-weight-on-a-treadmill-in-a-month/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.208.67.40 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 40.67.208.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 8fff82c42dd640cbf410f6c5cee3182a6e83ee8bb3b778c4da761b0975532815

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://webtreasurehunter.com/how-to-lose-weight-on-a-treadmill-in-a-month/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 14:57:58 GMT
last-modified: Fri, 10 Dec 2021 16:03:54 GMT
server: nginx
etag: "61b37a6a-3d4c"
x-proxy-cache-info: DT:1
content-type: image/webp
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
accept-ranges: bytes
content-length: 15692
expires: Tue, 19 Sep 2023 14:57:58 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 225 B
657 B 130ms
46ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=webtreasurehunter.com&callback=_gfp_s_&client=ca-pub-8024859639799489

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8024859639799489&plah=webtreasurehunter.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d6ec909a10655b7256933eb29246a91ac8d00e2b555ec3ce17afa56b8e1a0705

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://webtreasurehunter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 14:57:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 213
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 848ms
764ms Script
application/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=webtreasurehunter.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://webtreasurehunter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 19 Sep 2022 14:57:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 131ms
46ms Script
application/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=webtreasurehunter.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://webtreasurehunter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 19 Sep 2022 14:57:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 72ms
71ms Image
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Fwebtreasurehunter.com%2Fhow-to-lose-weight-on-a-treadmill-in-a-month%2F&tn=DIV&id=cookie-law-info-bar&ign=false&pw=1600&ph=1200&x=1575&y=1175

Requested by

Host: webtreasurehunter.com
URL: https://webtreasurehunter.com/how-to-lose-weight-on-a-treadmill-in-a-month/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://webtreasurehunter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Sep 2022 14:57:58 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 4023 26 KB
5 KB 298ms
221ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8024859639799489&output=html&adk=1812271804&adf=3025194257&lmt=1663599486&plat=1%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwebtreasurehunter.com%2Fhow-to-lose-weight-on-a-treadmill-in-a-month%2F&ea=0&pra=5&wgl=1&easpi=0&asntp=0&asntpv=0&asntpl=0&asntpm=0&asntpc=0&asna=5&asnd=5&asnp=5&asns=5&asmat=1&asptt=-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663599486012&bpp=48&bdt=277&idt=270&shv=r20220914&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7607244488661&frm=20&pv=2&ga_vid=2016064015.1663599486&ga_sid=1663599486&ga_hid=898501471&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44760912&oid=2&pvsid=280329590622837&tmod=1056889605&uas=0&nvt=1&ref=http%3A%2F%2Fevertkok.nl%2F&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=292

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4b9ee6cecc170b5e45360d9006b3c454a423737a5113d8171015f398d3b13d80

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://webtreasurehunter.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 5344
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 19 Sep 2022 14:57:58 GMT
expires: Mon, 19 Sep 2022 14:57:58 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 121ms
38ms Script
text/javascript 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5RPHH9C

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://webtreasurehunter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 6958
date: Mon, 19 Sep 2022 13:02:00 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Mon, 19 Sep 2022 15:02:00 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 209 KB
73 KB 129ms
53ms Script
application/javascript 2a00:1450:4001:80b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-QZ67QT3S88&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5RPHH9C

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

22550a28617f29d8a7bfddfc31357dde3d086963a602a6f0e842ae09f0bba86d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://webtreasurehunter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 14:57:58 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 74977
x-xss-protection: 0
expires: Mon, 19 Sep 2022 14:57:58 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 120ms
44ms XHR
text/plain 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=898501471&t=pageview&_s=1&dl=https%3A%2F%2Fwebtreasurehunter.com%2Fhow-to-lose-weight-on-a-treadmill-in-a-month%2F&dr=http%3A%2F%2Fevertkok.nl%2F&ul=en-us&de=UTF-8&dt=How%20to%20Lose%20Weight%20on%20a%20Treadmill%20in%20a%20Month&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YAhAAEABAAAAAC~&jid=1759509644&gjid=1230963330&cid=2016064015.1663599486&tid=UA-135956322-1&_gid=1761150686.1663599486&_r=1&gtm=2wg9e05RPHH9C&z=460826868

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://webtreasurehunter.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 19 Sep 2022 14:57:58 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://webtreasurehunter.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
351 B 135ms
44ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-QZ67QT3S88&gtm=2oe9e0&_p=898501471&cid=2016064015.1663599486&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_z=ccd.v9B&_s=1&sid=1663599486&sct=1&seg=0&dl=https%3A%2F%2Fwebtreasurehunter.com%2Fhow-to-lose-weight-on-a-treadmill-in-a-month%2F&dr=http%3A%2F%2Fevertkok.nl%2F&dt=How%20to%20Lose%20Weight%20on%20a%20Treadmill%20in%20a%20Month&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-QZ67QT3S88&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://webtreasurehunter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Sep 2022 14:57:59 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://webtreasurehunter.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame B006 97 KB
34 KB 631ms
630ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8024859639799489&output=html&h=280&adk=3809598800&adf=1839787983&pi=t.aa~a.161032848~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1663599486&rafmt=1&to=qs&pwprc=8091458131&psa=0&format=1200x280&url=https%3A%2F%2Fwebtreasurehunter.com%2Fhow-to-lose-weight-on-a-treadmill-in-a-month%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663599486641&bpp=3&bdt=906&idt=3&shv=r20220914&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd6af4dc5541c8f8e-2272658225ce002a%3AT%3D1663599478%3ART%3D1663599478%3AS%3DALNI_MbNKfmGkCMaqPHyMR9CVTWY2JkUHw&prev_fmts=0x0&nras=2&correlator=7607244488661&frm=20&pv=1&ga_vid=2016064015.1663599486&ga_sid=1663599486&ga_hid=898501471&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3008&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44760912&oid=2&pvsid=280329590622837&tmod=1056889605&uas=0&nvt=1&ref=http%3A%2F%2Fevertkok.nl%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=1DdLrTWoFQ&p=https%3A//webtreasurehunter.com&dtd=16

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ff441526cf89562f47020a3a6034328927533ec0a0a160492791f7916a634b5f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://webtreasurehunter.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 35047
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 19 Sep 2022 14:57:59 GMT
expires: Mon, 19 Sep 2022 14:57:59 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 css
fonts.googleapis.com/ Frame B006 8 KB
1 KB 129ms
46ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8024859639799489&output=html&h=280&adk=3809598800&adf=1839787983&pi=t.aa~a.161032848~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1663599486&rafmt=1&to=qs&pwprc=8091458131&psa=0&format=1200x280&url=https%3A%2F%2Fwebtreasurehunter.com%2Fhow-to-lose-weight-on-a-treadmill-in-a-month%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663599486641&bpp=3&bdt=906&idt=3&shv=r20220914&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd6af4dc5541c8f8e-2272658225ce002a%3AT%3D1663599478%3ART%3D1663599478%3AS%3DALNI_MbNKfmGkCMaqPHyMR9CVTWY2JkUHw&prev_fmts=0x0&nras=2&correlator=7607244488661&frm=20&pv=1&ga_vid=2016064015.1663599486&ga_sid=1663599486&ga_hid=898501471&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3008&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44760912&oid=2&pvsid=280329590622837&tmod=1056889605&uas=0&nvt=1&ref=http%3A%2F%2Fevertkok.nl%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=1DdLrTWoFQ&p=https%3A//webtreasurehunter.com&dtd=16

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4cf6f3dffbc65f9231255bf31f40ddc84a45bc57428b41d6786afc7153b90b7a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 19 Sep 2022 14:10:00 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 19 Sep 2022 14:57:59 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 19 Sep 2022 14:57:59 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220914/r20110914/client/ Frame B006 2 KB
983 B 144ms
46ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220914/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 14:49:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 536
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 875
x-xss-protection: 0
server: cafe
etag: 16974406330603315520
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 03 Oct 2022 14:49:03 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame B006 0
0 86ms
85ms Fetch
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C72Dmd4MoY8S0CtymzLUPzbe2gALzndO5a8n96OXdCrfLor3AARABILjF14cBYJW6iYKYB6AB__2MtgPIAQmpAunKdJ-du7A-qAMByAPLBKoElQJP0NZ-c-PkZkq2HNLjYQSexXUEuKJg0ZUjD000gfDikbbCIEWhRshnUB4odtD6GDumqg6OnX1OSlfvarSdbt_2z_2iQLnCZVMHmwk03C-Jfw7rZcUNPMo46a5BS9EKMph5wfJIiEtzVnfpW1PLA0uRclEXHLDHE0S5jSaAMrwbR67dJl1YZyODCx8qHaAl6XxPNXyYaBnEf2u0mufbgWS1k0P8OXIFPp--Wl0_HeG0q2yAZGYQPWmUXAEn4WubQaVfE6UqeDi9nj56d5Bv2l45oCcOKIYdMNnXSUJYSVlBLgb0MuaB_QrZQwbHLwymsqRHaYAIvpxtA1HkxfB6Qgk8goslyW_7r46FLbkpP_p6V7VYc29mwATn64CxxQKSBQQIBBgBkgUECAUYBKAGLoAH6YHzSagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEENj1U9IIEQiA4YAQEAEYHzICqgI6AoBAgAoByAsB2BMLiBQZ0BUBmBYBgBcBshccChoIABIUcHViLTgwMjQ4NTk2Mzk3OTk0ODkYAA&sigh=RUS_x6oK5uc&uach_m=[UACH]&template_id=5000

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8024859639799489&output=html&h=280&adk=3809598800&adf=1839787983&pi=t.aa~a.161032848~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1663599486&rafmt=1&to=qs&pwprc=8091458131&psa=0&format=1200x280&url=https%3A%2F%2Fwebtreasurehunter.com%2Fhow-to-lose-weight-on-a-treadmill-in-a-month%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663599486641&bpp=3&bdt=906&idt=3&shv=r20220914&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd6af4dc5541c8f8e-2272658225ce002a%3AT%3D1663599478%3ART%3D1663599478%3AS%3DALNI_MbNKfmGkCMaqPHyMR9CVTWY2JkUHw&prev_fmts=0x0&nras=2&correlator=7607244488661&frm=20&pv=1&ga_vid=2016064015.1663599486&ga_sid=1663599486&ga_hid=898501471&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3008&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44760912&oid=2&pvsid=280329590622837&tmod=1056889605&uas=0&nvt=1&ref=http%3A%2F%2Fevertkok.nl%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=1DdLrTWoFQ&p=https%3A//webtreasurehunter.com&dtd=16
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Mon, 19 Sep 2022 14:57:59 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220914/r20110914/ Frame B006 23 KB
10 KB 125ms
37ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220914/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

42fa7740568dc6425cd4a5562e89e67632280349e368fe348914d808064c9ffc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 14:50:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 451
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9550
x-xss-protection: 0
server: cafe
etag: 715955199520789971
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 03 Oct 2022 14:50:28 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220914/r20110914/client/ Frame B006 3 KB
1 KB 136ms
48ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220914/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 14:51:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 377
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 03 Oct 2022 14:51:42 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220914/r20110914/client/ Frame B006 17 KB
7 KB 128ms
40ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220914/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b47bd1e586888ea8d223fbc2d5e8592e7e8c2b61e3937f9248fb4b7faf34fb41

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 14:54:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 199
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7552
x-xss-protection: 0
server: cafe
etag: 1588701280721430806
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 03 Oct 2022 14:54:40 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame B006 0
0 134ms
47ms Image
text/html 2a00:1450:4001:800::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTsvcn1Jp-OYl14nZZpbXu-Hn5y1YhupomPeH-TsYF7XwcwSuLVEMNcz2QPJ83u2s4lpDEfZQhlkEFT9PyC1fJT2BWqcg
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8024859639799489&output=html&h=280&adk=3809598800&adf=1839787983&pi=t.aa~a.161032848~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1663599486&rafmt=1&to=qs&pwprc=8091458131&psa=0&format=1200x280&url=https%3A%2F%2Fwebtreasurehunter.com%2Fhow-to-lose-weight-on-a-treadmill-in-a-month%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663599486641&bpp=3&bdt=906&idt=3&shv=r20220914&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd6af4dc5541c8f8e-2272658225ce002a%3AT%3D1663599478%3ART%3D1663599478%3AS%3DALNI_MbNKfmGkCMaqPHyMR9CVTWY2JkUHw&prev_fmts=0x0&nras=2&correlator=7607244488661&frm=20&pv=1&ga_vid=2016064015.1663599486&ga_sid=1663599486&ga_hid=898501471&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3008&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44760912&oid=2&pvsid=280329590622837&tmod=1056889605&uas=0&nvt=1&ref=http%3A%2F%2Fevertkok.nl%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=1DdLrTWoFQ&p=https%3A//webtreasurehunter.com&dtd=16
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:800::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame B006 141 KB
44 KB 150ms
53ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9c9b6560a37526d33547098a4ed2ecf360eb9275c2db77a98c30fb7f8016f478

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 14:57:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44609
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1663155654979086"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 19 Sep 2022 14:57:59 GMT

GET
H2 200 026517f4e3185bf0f4d8fd76517024ed.js Show response
www.gstatic.com/mysidia/ Frame B006 33 KB
14 KB 123ms
37ms Script
text/javascript 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/026517f4e3185bf0f4d8fd76517024ed.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

87699878773345d6e7207ceab7074468991c353d70ceb8586fde33a5d40d6929

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 13 Sep 2022 14:45:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 519154
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13694
x-xss-protection: 0
last-modified: Thu, 08 Sep 2022 23:53:38 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 12 Dec 2022 14:45:25 GMT

GET
H2 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/6664599843576451548/ Frame B006 17 KB
17 KB 134ms
49ms Image
image/jpeg 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/6664599843576451548/downsize_200k_v1?w=600&h=314

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc2aba20d70c8630c0669b8ea9b57aba37c6a760df9c4af5420992b4f7f7e7b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 18 Sep 2022 18:45:03 GMT
x-content-type-options: nosniff
age: 72776
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17065
x-xss-protection: 0
last-modified: Tue, 28 Dec 2021 14:52:37 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Mon, 18 Sep 2023 18:45:03 GMT

GET
DATA 200
OK truncated
/ Frame B006 206 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame B006 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame F94A 1 KB
749 B 38ms
38ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 8834
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: gzip
content-length: 724
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 19 Sep 2022 12:30:45 GMT
etag: 48472445140208031
expires: Tue, 20 Sep 2022 12:30:45 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame B006 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e814f7f9c72385a27c271723a8140ee9988a628bd8a4d12d06bdf63a66b1454b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 dpixel
cms.quantserve.com/ Frame F94A 35 B
463 B 159ms
40ms Image
image/gif 2620:116:800d:21:e365:4988:e8a7:3270
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESECqCsHw2oma-oPPFh-cM_XM&google_cver=1&google_push=AZmPxg_VhLmSin6BGq1fTuQO9UKFTxt1sh-LMbgXpUMYVmmOOSGEQ8OpXgwIHoyo06g_N1ODs-ibN2xk-IJd5LHL6ky5edQjCASQHPmtc1wWqJwp26hq9VQu422rEMZXGMdFU99Z92FiRIWjJ86bIqkgQj4

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:e365:4988:e8a7:3270 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Sep 2022 14:58:00 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame F94A
Redirect Chain

https://d.agkn.com/pixel/2175/?google_gid=CAESEEfdbTQdBu1Y63FuwGBrwQ8&google_cver=1&google_push=AZmPxg8RfHO6-YtoTyL3zDVgQZUhv4i-pfmYRy1QgA3OJMA95EI2RTjgM8jV5i-T5LMrHWCqFJ-DpS5pWPoQViXPySqSk5czU1aXN...
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AZmPxg8RfHO6-YtoTyL3zDVgQZUhv4i-pfmYRy1QgA3OJMA95EI2RTjgM8jV5i-T5LMrHWCqFJ-DpS5pWPoQViXPySqSk5czU1aXNhk0FUZ8Sh4mAlSweVb6DMsPXofcOiZ7...

170 B
188 B

113ms
48ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AZmPxg8RfHO6-YtoTyL3zDVgQZUhv4i-pfmYRy1QgA3OJMA95EI2RTjgM8jV5i-T5LMrHWCqFJ-DpS5pWPoQViXPySqSk5czU1aXNhk0FUZ8Sh4mAlSweVb6DMsPXofcOiZ73w0eTFvTbf0Cked0pxYo8HM&google_hm=Q0FFU0VFZmRiVFFkQnUxWTYzRnV3R0Jyd1E4

Protocol

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Sep 2022 14:58:00 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 19 Sep 2022 14:58:00 GMT
Server: Apache-Coyote/1.1
P3P: CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AZmPxg8RfHO6-YtoTyL3zDVgQZUhv4i-pfmYRy1QgA3OJMA95EI2RTjgM8jV5i-T5LMrHWCqFJ-DpS5pWPoQViXPySqSk5czU1aXNhk0FUZ8Sh4mAlSweVb6DMsPXofcOiZ73w0eTFvTbf0Cked0pxYo8HM&google_hm=Q0FFU0VFZmRiVFFkQnUxWTYzRnV3R0Jyd1E4
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 451 466606.gif
id.rlcdn.com/ Frame F94A 0
98 B 166ms
46ms Image
text/plain 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://id.rlcdn.com/466606.gif?cparams=google_push%3DAZmPxg9bHokA7KqlBvk7zmqx5hUjax9UQaAnzT51bOWXTTFZEloPUcw2Dhxa5a8mKjsUcbuNI_VscoTjIfUxlfbbZEmC0Y2nDwTzBQjvJwqwVcdNzBW0MsWyJSpC52e-qUU4nlTwedg1nrm0r3-VPFsEgw&google_gid=CAESENzN8cVB42VGrHqc3iRJoS4&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8024859639799489&output=html&h=280&adk=3809598800&adf=1839787983&pi=t.aa~a.161032848~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1663599486&rafmt=1&to=qs&pwprc=8091458131&psa=0&format=1200x280&url=https%3A%2F%2Fwebtreasurehunter.com%2Fhow-to-lose-weight-on-a-treadmill-in-a-month%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663599486641&bpp=3&bdt=906&idt=3&shv=r20220914&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd6af4dc5541c8f8e-2272658225ce002a%3AT%3D1663599478%3ART%3D1663599478%3AS%3DALNI_MbNKfmGkCMaqPHyMR9CVTWY2JkUHw&prev_fmts=0x0&nras=2&correlator=7607244488661&frm=20&pv=1&ga_vid=2016064015.1663599486&ga_sid=1663599486&ga_hid=898501471&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3008&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44760912&oid=2&pvsid=280329590622837&tmod=1056889605&uas=0&nvt=1&ref=http%3A%2F%2Fevertkok.nl%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=1DdLrTWoFQ&p=https%3A//webtreasurehunter.com&dtd=16
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 14:58:00 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 dds
rtb.openx.net/sync/ Frame F94A 43 B
351 B 168ms
47ms Image
image/gif 35.186.253.211
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESEHJxL3CJyiv9Q-rsz8NC5zE&google_cver=1&google_push=AZmPxg9CzFgKaWIv_Y7w1b73qklsrQjRoV7n-PG1RkCEtW0zROLhORJ_9AxAudS_GlX0lE-ItsKejgGOvJfWJih9C9a97B-LMo1naPnZ2mu7yRORJoHp7vsCLIzQSmDEUyGuaqn_2AsxxHeFlpRDzMD43so
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8024859639799489&output=html&h=280&adk=3809598800&adf=1839787983&pi=t.aa~a.161032848~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1663599486&rafmt=1&to=qs&pwprc=8091458131&psa=0&format=1200x280&url=https%3A%2F%2Fwebtreasurehunter.com%2Fhow-to-lose-weight-on-a-treadmill-in-a-month%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663599486641&bpp=3&bdt=906&idt=3&shv=r20220914&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd6af4dc5541c8f8e-2272658225ce002a%3AT%3D1663599478%3ART%3D1663599478%3AS%3DALNI_MbNKfmGkCMaqPHyMR9CVTWY2JkUHw&prev_fmts=0x0&nras=2&correlator=7607244488661&frm=20&pv=1&ga_vid=2016064015.1663599486&ga_sid=1663599486&ga_hid=898501471&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3008&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44760912&oid=2&pvsid=280329590622837&tmod=1056889605&uas=0&nvt=1&ref=http%3A%2F%2Fevertkok.nl%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=1DdLrTWoFQ&p=https%3A//webtreasurehunter.com&dtd=16
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 211.253.186.35.bc.googleusercontent.com
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Sep 2022 14:57:59 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-request-id: t8v92fi0bq50mvt9lr81eoukkavjfupp

GET
H2 200 UCookieSetPug
image6.pubmatic.com/AdServer/ Frame F94A 0
166 B 182ms
45ms Image
text/html 185.64.190.78
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEL_CEbH17FK0t8UBxZBUcXM&google_cver=1&google_push=AZmPxg9vLt2TxYaxbgBPmYb5lq7Yn6wPg91XIP_F9ckWv4yzFHNkDHRhI23zteWGNT1IeQuGkKeTtVmBcflRl7aP23fCKt80O4jbtc28HDvRkyq-Za8G7X465YKbtnbZcemW0-VZewLnsuWGF4pgLWmeVCU
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8024859639799489&output=html&h=280&adk=3809598800&adf=1839787983&pi=t.aa~a.161032848~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1663599486&rafmt=1&to=qs&pwprc=8091458131&psa=0&format=1200x280&url=https%3A%2F%2Fwebtreasurehunter.com%2Fhow-to-lose-weight-on-a-treadmill-in-a-month%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663599486641&bpp=3&bdt=906&idt=3&shv=r20220914&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd6af4dc5541c8f8e-2272658225ce002a%3AT%3D1663599478%3ART%3D1663599478%3AS%3DALNI_MbNKfmGkCMaqPHyMR9CVTWY2JkUHw&prev_fmts=0x0&nras=2&correlator=7607244488661&frm=20&pv=1&ga_vid=2016064015.1663599486&ga_sid=1663599486&ga_hid=898501471&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3008&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44760912&oid=2&pvsid=280329590622837&tmod=1056889605&uas=0&nvt=1&ref=http%3A%2F%2Fevertkok.nl%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=1DdLrTWoFQ&p=https%3A//webtreasurehunter.com&dtd=16
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 14:57:59 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame F94A
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEFqk1X8FiAwMLOyF_cjPhYI&google_cver=1&google_push=AZmPxg-RCwlpDaNMeSSzLY3h__A8xSSsqdNBRbZ5yNAEqlWQy4lZE6SsHfaJo0kno6A4P85xDE6...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDg4VzZFNTctRi01QU5T&google_push=AZmPxg-RCwlpDaNMeSSzLY3h__A8xSSsqdNBRbZ5yNAEqlWQy4lZE6SsHfaJo0kno6A4P85xDE6Umt4bKZ2ogcVuirj3hC46sN8NkLFTy...

170 B
188 B

125ms
50ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDg4VzZFNTctRi01QU5T&google_push=AZmPxg-RCwlpDaNMeSSzLY3h__A8xSSsqdNBRbZ5yNAEqlWQy4lZE6SsHfaJo0kno6A4P85xDE6Umt4bKZ2ogcVuirj3hC46sN8NkLFTyIT3-GEXNKPmkRfqE54rRkuP9BI5TJAtdJ_hU7JLBclLgiEPLMk

Protocol

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Sep 2022 14:58:00 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDg4VzZFNTctRi01QU5T&google_push=AZmPxg-RCwlpDaNMeSSzLY3h__A8xSSsqdNBRbZ5yNAEqlWQy4lZE6SsHfaJo0kno6A4P85xDE6Umt4bKZ2ogcVuirj3hC46sN8NkLFTyIT3-GEXNKPmkRfqE54rRkuP9BI5TJAtdJ_hU7JLBclLgiEPLMk
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
content-length: 0
X-RPHost: 704c1e4d3fcc922a3031d436b584678b
Expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame F94A
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESED3uNAZfakPzWrm8Co9fClA&google_cver=1&googl...
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESED3uNAZfakPzWrm8Co9fClA&google_push=AZ...
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESED3uNAZfakPzWrm8Co9fClA&google_hm=YyiDeO75yC5LFZcWYvahRgAABIsAAAAB&google_nid=index&google_push=AZmPxg83r4RXAOLHJMinGXsWtgwR0lfWggqmC...

170 B
188 B

48ms
48ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESED3uNAZfakPzWrm8Co9fClA&google_hm=YyiDeO75yC5LFZcWYvahRgAABIsAAAAB&google_nid=index&google_push=AZmPxg83r4RXAOLHJMinGXsWtgwR0lfWggqmC0eDQHp-7Sl65EW_onGkk6EYgnYWkVsAOsFIQOj6oc6KU0gOHjTE-MT2NiiqDQ0KuwgsddSdHWdiub9O-nuqy3V8ykkNhydB0s4rCW-VKREr3XS7GL5BcCs

Protocol

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Sep 2022 14:58:00 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 19 Sep 2022 14:58:00 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gi4aamPRvrQ%2BpMWcNBNDEDyeDJsZ%2Ba7ckxj12%2BXDagBTv%2Fb0hvECyLVls7hjK9Rbca9l6T1xktV7%2Bc9%2Fonk2kC1wCZLelexJL%2BWdEc80L1DwaYeH3W7M48FCxG%2Fv7nHMlf4KwPCsHkKzVA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESED3uNAZfakPzWrm8Co9fClA&google_hm=YyiDeO75yC5LFZcWYvahRgAABIsAAAAB&google_nid=index&google_push=AZmPxg83r4RXAOLHJMinGXsWtgwR0lfWggqmC0eDQHp-7Sl65EW_onGkk6EYgnYWkVsAOsFIQOj6oc6KU0gOHjTE-MT2NiiqDQ0KuwgsddSdHWdiub9O-nuqy3V8ykkNhydB0s4rCW-VKREr3XS7GL5BcCs
cache-control: no-cache
cf-ray: 74d32d4f2aac6927-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: 0

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame F94A 0
232 B 161ms
44ms Image
text/html 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IsZxawzqWx5m06uValbp1ez1u_8ENB5I-xbt1Irl56zD7GlcjMCGj1iGMbLasnlRIzm4T-

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 14:58:00 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v45/ Frame B006 28 KB
28 KB 39ms
39ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 08:44:44 GMT
x-content-type-options: nosniff
age: 454396
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28288
x-xss-protection: 0
last-modified: Wed, 01 Jun 2022 19:05:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 14 Sep 2023 08:44:44 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 168ms
85ms XHR
application/json 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220914&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

361a2ef639e111759c7ed450dbbe31881862eb3c741463bef06c949be11a95a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://webtreasurehunter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 19 Sep 2022 14:58:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11242
x-xss-protection: 0

GET
H3 200 6BYXhZMCT46-9MEs0mF7PtO-2LtaEInKrtcRBPC9dKM.js Show response
pagead2.googlesyndication.com/bg/ Frame 308F 36 KB
16 KB 41ms
41ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/6BYXhZMCT46-9MEs0mF7PtO-2LtaEInKrtcRBPC9dKM.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e816178593024f8ebef4c12cd2617b3ed3bed8bb5a1089caaed71104f0bd74a3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 12:44:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 8040
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15952
x-xss-protection: 0
last-modified: Tue, 13 Sep 2022 10:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 19 Sep 2023 12:44:00 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 138ms
60ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://webtreasurehunter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 14:58:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 19 Sep 2022 14:58:00 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 553C 13 KB
5 KB 39ms
37ms Document
text/html 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://webtreasurehunter.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 4182
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 19 Sep 2022 13:48:18 GMT
expires: Tue, 19 Sep 2023 13:48:18 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame D6B9 783 B
536 B 126ms
48ms Document
text/html 2a00:1450:4001:800::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

4a6cc09600bb658a3873007d6d2f1a9263ef0b01edc5c091abbcbc71188318c8

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-xgNj0DpAjEGLqz7Rl7Au1A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://webtreasurehunter.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 514
content-security-policy: script-src 'report-sample' 'nonce-xgNj0DpAjEGLqz7Rl7Au1A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 19 Sep 2022 14:58:00 GMT
expires: Mon, 19 Sep 2022 14:58:00 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 6BYXhZMCT46-9MEs0mF7PtO-2LtaEInKrtcRBPC9dKM.js Show response
pagead2.googlesyndication.com/bg/ Frame 553C 36 KB
16 KB 37ms
37ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/6BYXhZMCT46-9MEs0mF7PtO-2LtaEInKrtcRBPC9dKM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e816178593024f8ebef4c12cd2617b3ed3bed8bb5a1089caaed71104f0bd74a3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 12:44:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 8040
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15952
x-xss-protection: 0
last-modified: Tue, 13 Sep 2022 10:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 19 Sep 2023 12:44:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame D6B9 0
0 71ms
71ms Image
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220914&jk=280329590622837&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 553C 0
10 B 37ms
37ms Image
text/plain 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?rX3Niw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 14:58:00 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 75ms
74ms Image
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20220914&jk=280329590622837&bg=!FhWlFVHNAAZqQh0mSkI7ACkAdvg8WpASNGTwMSjb-GTpzPhy9EQGn-vK3FaduGy5G5dXBdGGoLetpQIAAAFRUgAAAAJoAQcKABv31qyVpOZnkp5VaK4SaBS4sE6uQca9Ziw9zkuZAq8CD5UlRmw65gy9tlo9IHrerLQ_w-IV1hqpxfrHhOxlFxkUmq0bpTpQ-jI707aQ32rtGOKdKuxJDpHH8mki3ek9OnIUe_i3EIkDzpyBDjYLO5O4cOM8bvMz64t4aVfwW2Nvokscc-D3mxwRx1SV6K_3JDQGkJHWxVC8eOcsAEqruBRoNow1oWgLlphtGjfL4PWNKWjc7UiUrKZ5vZypPCiZRDobjDQizpXUxpvwZ8-jhpzfkHuUdNTUQ9T6uY7Tgpe3EIcM0fG6Tb5w2zg-UPpitdrEirQNIQrZO7rjjQzYhuSR71McemlXbv6CaQFHLP1SinC5ij8XIr9TbFO4TqoA7baKiMZmGip9jY4MFGWqtPr9Bh8KShQGW8ww4gHKErKMjIc91wA2uY9NXowJM05jIeU8KiuiA7OqJAh6NCZm4v1NWUK7h9h7q0dRGIra4sCl-JvkW4lUDVrBZZd6XAD7msk5fs1uZ0_aRUvA6DtqR-7dGeJ8Tobsdh9787TxuX099Qxf6K9IB66mrJwMCNE_VQ9V6XwYJ9UmuLtXnbhZwHBHlJiAMyg2yIk9K7sFDvCD4N_z4aR_FLQMH6MoHbFGBLaGUiL_vtSRQUvUoNyV9ckD0er1MZ_hfG5kslAvEGVQAZDO2-38laE70ztLvdQ-TMz1eWFQqEfhJv_R4r48x585nj58xnFREOOBMlL_LYcE1FwDW8y8ponA3v8y7EH3JnHlywG71wYt5_vYsNowLR7lWXER4TXTViQEFxsjSoR_j-E1emmDSl3bAgY5NaD9IUUYaFnIhx3Tu2NE17QciBBkwXZuApcUVG21opGPyXrRTvzvbaiM0KW9AlGdyaOpO5nNXhwtFlVRuDdHDWDF2WgYHT01e6pLvxnUABy5EMDdEzSCGHwqKF-1xoGDXMk
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://webtreasurehunter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

88 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

16 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
webtreasurehunter.com/	1970-01-20 14:52:15	Name: cookielawinfo-checkbox-necessary Value: yes
webtreasurehunter.com/	1970-01-20 14:52:15	Name: cookielawinfo-checkbox-non-necessary Value: yes
.webtreasurehunter.com/	1970-01-20 15:28:15	Name: __gads Value: ID=d6af4dc5541c8f8e-2272658225ce002a:T=1663599478:RT=1663599478:S=ALNI_MbNKfmGkCMaqPHyMR9CVTWY2JkUHw
.webtreasurehunter.com/	1970-01-20 06:08:05	Name: _gid Value: GA1.2.1761150686.1663599486
.webtreasurehunter.com/	1970-01-20 06:06:39	Name: _gat_UA-135956322-1 Value: 1
.webtreasurehunter.com/	1970-01-20 15:42:39	Name: _ga_QZ67QT3S88 Value: GS1.1.1663599486.1.0.1663599486.0.0.0
.webtreasurehunter.com/	1970-01-20 15:42:39	Name: _ga Value: GA1.1.2016064015.1663599486
.doubleclick.net/	1970-01-20 15:28:15	Name: IDE Value: AHWqTUmL_JbrwvIPtv8HR7rcgcQv6I0tTUj_fBSVOo5EoOCaUmos_8iQimE7DrbdhiQ
.quantserve.com/	1970-01-20 08:16:15	Name: d Value: EC4BCQGRJ4EA
.quantserve.com/	1970-01-20 15:36:53	Name: mc Value: 63288378-0e9d1-947bb-64ea6
.casalemedia.com/	1970-01-20 14:52:15	Name: CMID Value: YyiDeO75yC5LFZcWYvahRgAA
.casalemedia.com/	1970-01-20 08:16:15	Name: CMPS Value: 1163
.casalemedia.com/	1970-01-20 08:16:15	Name: CMPRO Value: 1163
.agkn.com/	1970-01-20 14:52:15	Name: ab Value: 0001%3AbXtYXxFqK1yW4PME9Mxyqf3OyBQ2sHZO
.agkn.com/	1970-01-20 14:52:15	Name: u Value: C\|0CEAquz_4Krs_-AAAAAAAAQ13AQCAAQpAAAAAAA
.casalemedia.com/	1970-01-20 08:16:15	Name: CMTS Value: 5149

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://id.rlcdn.com/466606.gif?cparams=google_push%3DAZmPxg9bHokA7KqlBvk7zmqx5hUjax9UQaAnzT51bOWXTTFZEloPUcw2Dhxa5a8mKjsUcbuNI_VscoTjIfUxlfbbZEmC0Y2nDwTzBQjvJwqwVcdNzBW0MsWyJSpC52e-qUU4nlTwedg1nrm0r3-VPFsEgw&google_gid=CAESENzN8cVB42VGrHqc3iRJoS4&google_cver=1 Message: Failed to load resource: the server responded with a status of 451 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
cm.g.doubleclick.net
cms.quantserve.com
d.agkn.com
evertkok.nl
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
id.rlcdn.com
image6.pubmatic.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel.rubiconproject.com
region1.google-analytics.com
rtb.openx.net
ssum-sec.casalemedia.com
tpc.googlesyndication.com
ur.wetnhorny.com
use.fontawesome.com
webtreasurehunter.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
104.18.19.126
142.250.181.226
185.64.190.78
2001:4860:4802:32::36
2606:4700:e0::ac40:6720
2620:116:800d:21:e365:4988:e8a7:3270
2a00:1450:4001:800::2004
2a00:1450:4001:806::2001
2a00:1450:4001:806::2002
2a00:1450:4001:80b::2008
2a00:1450:4001:810::2002
2a00:1450:4001:812::200e
2a00:1450:4001:813::2002
2a00:1450:4001:813::2003
2a00:1450:4001:82a::2002
2a00:1450:4001:82f::2002
2a00:1450:4001:82f::200a
2a00:1450:4001:831::2002
2a01:4f8:d0a:281b::2
3.123.239.111
35.186.253.211
35.208.67.40
35.244.174.68
69.173.144.138
84.80.32.175
09ad5608bc9cac00f0e3ab4d3a890315bfffbfb4a6e9186dd3ea8eadd14a1985
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
1b225aad13de22050b2faef4623b904dde1a961803bf662b2f9b6f03135b7041
22550a28617f29d8a7bfddfc31357dde3d086963a602a6f0e842ae09f0bba86d
281905b270a376d79a0f1e85e153e021058f24a49803f57ec3fc5017bddbcb82
2e4b6f7a3962283520390560afbfc2e1c19875a12d3ec559b9cfc69bf65d844e
30a939a2ce3367797eabc0b360139c5a3f3a2fd0787768370e25f6fc457820b6
361a2ef639e111759c7ed450dbbe31881862eb3c741463bef06c949be11a95a2
42fa7740568dc6425cd4a5562e89e67632280349e368fe348914d808064c9ffc
430f110b314a582b55dd6853c36759df601baa2c608a029fcb3f427c4719f73b
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e
4a6cc09600bb658a3873007d6d2f1a9263ef0b01edc5c091abbcbc71188318c8
4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08
4b492ea6b8176ad45e6e1f8f103474dd765cc4a47ae7c7767f2a344786ac4a18
4b673e0b8b64b0ef91da50c8f60447bcee3e2fe93e39092261cb6f9e20c7147a
4b9ee6cecc170b5e45360d9006b3c454a423737a5113d8171015f398d3b13d80
4cf6f3dffbc65f9231255bf31f40ddc84a45bc57428b41d6786afc7153b90b7a
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f59336c070680ef838810aa8f84b4fab27054ef3e73c6f0d80a8481b1bb90ac
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
61c2646bb8d9ad6aed4cb158476b3c56806fa9cee629aa953b5d69548118cad5
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62b5e7ae9e2ed60dcd7cb2e0823dd0884575f2176aff629f2df1e912dfae20e1
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6fecb89a29ee2bd397bb1bf58ecaa530a76f0654db71fadefd3cc70b0bc302bf
754405d25e8ea0c4538937f86e5a6ec5c55670d186a3b0d1df93d35ffabfa139
7d7741f04f6aadf9277c61244f0b8b72fff88b0268441e44b9ac7d0785f8efe9
87699878773345d6e7207ceab7074468991c353d70ceb8586fde33a5d40d6929
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8e6025381e4f3c011378c6a2a31b0e4bdb2d32c105699de148d1957d2ea2c218
8fff82c42dd640cbf410f6c5cee3182a6e83ee8bb3b778c4da761b0975532815
981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0
98dde6abbca06484dee00e454a91ac43a57ca8bf15744afdff8c0a9e47678c72
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9c9b6560a37526d33547098a4ed2ecf360eb9275c2db77a98c30fb7f8016f478
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a83079124373d924ad1402fbc08d2e24d0043234d4c26565f1c368745f55f5d9
aeeb99313bb36bf11369ffc51413bee5be02cd16e56436aa833b8b1beb423d85
b47bd1e586888ea8d223fbc2d5e8592e7e8c2b61e3937f9248fb4b7faf34fb41
b4c8270929350d1e844e3df763be1aec16317259ccb46fcf67644f6e6e679932
b6dcc1490a0cc33cdeed8970677b89bbec6fa095675af198b8e923b64563c70a
bb17354be957eeed5e232d7fb86241ef412a7c13fa987e6617da35e638fa722e
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
bdedb2cd8beede449479c06fc0a11e5f9c7f43ca5057d0e1b231897708808710
c3f1e4144c0fc9a0638f42d5d6c9875ae6768680a7f2ffa5ef449ccdf25fe436
cc2aba20d70c8630c0669b8ea9b57aba37c6a760df9c4af5420992b4f7f7e7b2
ce91e2144ea27f82292ef2c87c5d9e1d0b9994df63836130293865aca18fc550
d6ec909a10655b7256933eb29246a91ac8d00e2b555ec3ce17afa56b8e1a0705
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6
dec1097fab20801430f93e77b1559e7258041ee57150faf8a827c6df3358c918
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e814f7f9c72385a27c271723a8140ee9988a628bd8a4d12d06bdf63a66b1454b
e816178593024f8ebef4c12cd2617b3ed3bed8bb5a1089caaed71104f0bd74a3
f7408c25067cd0a9d9fe835cb4c05e394a50751d3fcde0c461db19a309abb02a
ff441526cf89562f47020a3a6034328927533ec0a0a160492791f7916a634b5f

webtreasurehunter.com Open in urlscan Pro 35.208.67.40 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

70 Requests

91 %HTTPS

64 %IPv6

21 Domains

26 Subdomains

23 IPs

5 Countries

1156 kBTransfer

2644 kBSize

16 Cookies

2 Outgoing links

Page URL History

Redirected requests

70 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 5 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

webtreasurehunter.com Open in urlscan Pro
35.208.67.40 Public Scan

Screenshot
Live screenshot

Full Image

70
Requests

91 %
HTTPS

64 %
IPv6

21
Domains

26
Subdomains

23
IPs

5
Countries

1156 kB
Transfer

2644 kB
Size

16
Cookies

70 HTTP transactions
5 data transactions