de.camterest.com Open in urlscan Pro
45.131.145.131 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://appurl.io/fG4_eGdA89
Effective URL:
https://de.camterest.com/girls/german?action=sbSignupWithModel&affiliateId=050923xk5e7ghfyp6zahkhnadov9b3d4ahfsh1wxbz7x6i...
Submission: On September 05 via manual (September 5th 2023, 7:32:51 pm UTC) from US — Scanned from DE

Summary HTTP 39 Redirects Behaviour Indicators

Summary

This website contacted 16 IPs in 4 countries across 18 domains to perform 39 HTTP transactions. The main IP is 45.131.145.131, located in Bucharest, Romania and belongs to ADVANCEDHOSTERS-AS, NL. The main domain is de.camterest.com.
TLS certificate: Issued by R3 on August 28th 2023. Valid for: 3 months.

This is the only time de.camterest.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 7	2606:4700:20:... 2606:4700:20::ac43:4856	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700::68... 2606:4700::6812:acf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
1	2001:4de0:ac1... 2001:4de0:ac18::1:a:3b	20446 (STACKPATH...) (STACKPATH-CDN)
2	2a00:1450:400... 2a00:1450:4001:831::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::2008	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:800::2002	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:806::2002	15169 (GOOGLE) (GOOGLE)
1 1	2606:4700:10:... 2606:4700:10::ac43:8ee	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	173.233.137.52 173.233.137.52	7979 (SERVERS-COM) (SERVERS-COM)
1 2	173.233.137.60 173.233.137.60	7979 (SERVERS-COM) (SERVERS-COM)
3	2a00:1450:400... 2a00:1450:4001:82f::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:806::200a	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:80b::2001	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:4001:803::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:812::2003	15169 (GOOGLE) (GOOGLE)
2 3	45.131.145.131 45.131.145.131	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
1 1	45.131.145.132 45.131.145.132	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
39	16

7 2606:4700:20::ac43:4856 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

appurl.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:acf (United States)

ASN13335 (CLOUDFLARENET, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac18::1:a:3b (Netherlands)

ASN20446 (STACKPATH-CDN, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::ac43:8ee (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

cutt.ly	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 173.233.137.52 (United States) 1 redirects

ASN7979 (SERVERS-COM, US)

www.highcpmrevenuegate.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 173.233.137.60 (United States) 1 redirects

ASN7979 (SERVERS-COM, US)

exemptrequest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:803::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 45.131.145.131 (Bucharest, Romania) 2 redirects

ASN39572 (ADVANCEDHOSTERS-AS, NL)

go.camterest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
de.camterest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 45.131.145.132 (Bucharest, Romania) 1 redirects

ASN39572 (ADVANCEDHOSTERS-AS, NL)

camterest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
7	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 107 tpc.googlesyndication.com — Cisco Umbrella Rank: 150	253 KB
7	appurl.io 1 redirects appurl.io	38 KB
6	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 40	77 KB
4	camterest.com 3 redirects go.camterest.com — Cisco Umbrella Rank: 243274 camterest.com — Cisco Umbrella Rank: 228689 de.camterest.com	1 KB
4	gstatic.com www.gstatic.com fonts.gstatic.com	58 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 35 region1.google-analytics.com — Cisco Umbrella Rank: 2547	21 KB
2	exemptrequest.com 1 redirects exemptrequest.com	4 KB
2	bootstrapcdn.com maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 1033	26 KB
1	google.com 1 redirects www.google.com — Cisco Umbrella Rank: 2	256 B
1	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 214	57 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 41	2 KB
1	highcpmrevenuegate.com 1 redirects www.highcpmrevenuegate.com — Cisco Umbrella Rank: 237708	800 B
1	cutt.ly 1 redirects cutt.ly — Cisco Umbrella Rank: 78688	445 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 1104	602 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 47	82 KB
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 733	23 KB
0	strpst.com Failed assets.strpst.com Failed
0	professionalswebcheck.com Failed professionalswebcheck.com Failed
39	18

	Domain	Requested by
7	appurl.io	1 redirects appurl.io
6	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
4	tpc.googlesyndication.com	googleads.g.doubleclick.net
3	www.gstatic.com	googleads.g.doubleclick.net
3	pagead2.googlesyndication.com	appurl.io pagead2.googlesyndication.com www.googletagservices.com
2	go.camterest.com	2 redirects
2	exemptrequest.com	1 redirects appurl.io
2	www.google-analytics.com	appurl.io www.google-analytics.com
2	maxcdn.bootstrapcdn.com	appurl.io
1	de.camterest.com
1	camterest.com	1 redirects
1	fonts.gstatic.com	fonts.googleapis.com
1	www.google.com	1 redirects
1	www.googletagservices.com	googleads.g.doubleclick.net
1	fonts.googleapis.com	googleads.g.doubleclick.net
1	www.highcpmrevenuegate.com	1 redirects
1	cutt.ly	1 redirects
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	region1.google-analytics.com	www.googletagmanager.com
1	www.googletagmanager.com	www.google-analytics.com
1	code.jquery.com	appurl.io
0	assets.strpst.com Failed	de.camterest.com
0	professionalswebcheck.com Failed	exemptrequest.com
39	23

This site contains no links.

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-04-24` - `2024-04-23`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-08-14` - `2023-11-06`	3 months	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2023-07-11` - `2024-07-14`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-08-14` - `2023-11-06`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-08-14` - `2023-11-06`	3 months	crt.sh
exemptrequest.com R3	`2023-08-25` - `2023-11-23`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-08-14` - `2023-11-06`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-08-14` - `2023-11-06`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-08-14` - `2023-11-06`	3 months	crt.sh
de.camterest.com R3	`2023-08-28` - `2023-11-26`	3 months	crt.sh

This page contains 7 frames:

Primary Page: https://de.camterest.com/girls/german?action=sbSignupWithModel&affiliateId=050923xk5e7ghfyp6zahkhnadov9b3d4ahfsh1wxbz7x6i1s9w7gagmx8q7pxzv1&campaignId=5cad3c1caba869d88fad5ee079b8d701edd64c2f2d10934839acb742df41a4f8&p1=ctp&realDomain=go.camterest.com&referrer=https%3A%2F%2Fexemptrequest.com%2F&stripbotVariation=NullWidget&userId=b29d5de8081854ddfa64062b762e5cdd52ba5a9ca8232adaa0bb5b33afa805c0
Frame ID: 706CFDBA5A15ED9EC615CF6BF11B8D99
Requests: 19 HTTP requests in this frame

Frame: https://appurl.io/cdn-cgi/challenge-platform/h/g/scripts/jsd/3e377faf/main.js
Frame ID: BBA7753E79D73117F79B5C81B4FE6E4C
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230831/r20190131/zrt_lookup.html
Frame ID: E019967114AD6CB1F53E12C5D1B6221E
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6503947100737582&output=html&h=280&slotname=1787055170&adk=646328967&adf=4134371643&pi=t.ma~as.1787055170&w=660&fwrn=4&fwrnh=100&lmt=1693732547&rafmt=1&format=660x280&url=https%3A%2F%2Fappurl.io%2FfG4_eGdA89&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693942366747&bpp=3&bdt=407&idt=235&shv=r20230831&mjsv=m202308290101&ptt=9&saldr=aa&abxe=1&correlator=659771562749&frm=20&pv=2&ga_vid=153740058.1693942367&ga_sid=1693942367&ga_hid=2053051544&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=470&ady=603&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C31077327%2C31077560&oid=2&pvsid=2229122365326580&tmod=1211324368&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=ml7gTmKde3&p=https%3A//appurl.io&dtd=248
Frame ID: 609523295B59AC931187EDC62EA2ACD6
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6503947100737582&output=html&adk=1812271804&adf=3025194257&lmt=1693732547&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=404x1080_l%7C404x1080_r&format=0x0&url=https%3A%2F%2Fappurl.io%2FfG4_eGdA89&ea=0&pra=7&wgl=1&easpi=0&asro=0&asrtr=1&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693942366762&bpp=2&bdt=422&idt=237&shv=r20230831&mjsv=m202308290101&ptt=9&saldr=aa&abxe=1&prev_fmts=660x280&nras=1&correlator=659771562749&frm=20&pv=1&ga_vid=153740058.1693942367&ga_sid=1693942367&ga_hid=2053051544&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C31077327%2C31077560&oid=2&pvsid=2229122365326580&tmod=1211324368&uas=0&nvt=1&fsapi=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=2&uci=a!2&fsb=1&dtd=245
Frame ID: 4AA3663227C31B6D03A54DC80AE7B832
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 63EF18AC1ADD64395B9BF062D9F4866E
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230831/r20110914/zrt_lookup.html?fsb=1
Frame ID: 5780F1BA15506E28799DC4CA4BDEFA7E
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://appurl.io/fG4_eGdA89 Page URL
https://cutt.ly/qwlynUSR HTTP 301
https://www.highcpmrevenuegate.com/gfdd8gsdz?key=05d179513af5f2b642c3680603f7b3ad HTTP 307
https://exemptrequest.com/t9hfrpjhb?key=4bf5fd9e37e7715f00ff7359b1c6816a Page URL
https://exemptrequest.com/api/users?token=L3Q5aGZycGpoYj9rZXk9NGJmNWZkOWUzN2U3NzE1ZjAwZmY3MzU5YjFjNjgx... HTTP 302
https://go.camterest.com/smartpop/5cad3c1caba869d88fad5ee079b8d701edd64c2f2d10934839acb742df41a4f8?us... HTTP 302
https://go.camterest.com/api/goToTheTag?action=sbSignupWithModel&campaignId=5cad3c1caba869d88fad5ee07... HTTP 302
https://camterest.com/girls/german?action=sbSignupWithModel&affiliateId=050923xk5e7ghfyp6zahkhnado... HTTP 302
https://de.camterest.com/girls/german?action=sbSignupWithModel&affiliateId=050923xk5e7ghfyp6zahkhnado... Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

39
Requests

87 %
HTTPS

79 %
IPv6

18
Domains

23
Subdomains

16
IPs

4
Countries

641 kB
Transfer

1840 kB
Size

21
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://appurl.io/fG4_eGdA89 Page URL
https://cutt.ly/qwlynUSR HTTP 301
https://www.highcpmrevenuegate.com/gfdd8gsdz?key=05d179513af5f2b642c3680603f7b3ad HTTP 307
https://exemptrequest.com/t9hfrpjhb?key=4bf5fd9e37e7715f00ff7359b1c6816a Page URL
https://exemptrequest.com/api/users?token=L3Q5aGZycGpoYj9rZXk9NGJmNWZkOWUzN2U3NzE1ZjAwZmY3MzU5YjFjNjgxNmEmcHN0PTE2OTM5NDI0Mjgmcm10Yz10JnNodT0zMDFkNGYxZGQwNzBiYzdlODQwZWRmM2YxNTMwZTA1ZWIzMDM0NDAyZGY5ODE2ODMwNDdhOWYxZWUxNWI2ODg2NDVkODg5Y2MyYjU0NTEwZjE4NWU0Mjg0NTNlNjU5MDFiNDEwNWQ3NWZjOGUwNDM0ZWNmZTI0YTQ1ODgxZTgwZjJjNWQ4NjA0MDQ1MTI3YWVjNzVkOTBjYWVkYTZhNWUzZjE5YWI5ZWE5NzgwODNmNzc5N2Y0YWQ4NzI3OGY5NjM2MA%3D%3D&uuid=&pii=&in=false HTTP 302
https://go.camterest.com/smartpop/5cad3c1caba869d88fad5ee079b8d701edd64c2f2d10934839acb742df41a4f8?userId=b29d5de8081854ddfa64062b762e5cdd52ba5a9ca8232adaa0bb5b33afa805c0&memberId=2a7ac697a796413b04582ea721894997&p1=ctp HTTP 302
https://go.camterest.com/api/goToTheTag?action=sbSignupWithModel&campaignId=5cad3c1caba869d88fad5ee079b8d701edd64c2f2d10934839acb742df41a4f8&campaignType=smartpop&creativeId=679e84a8d864af9857dae07e93caa500b39387b0cb91ac101b57b560c5cce4eb&domain=stripchat&iterationId=723102&masterSmartpopId=1603&memberId=2a7ac697a796413b04582ea721894997&p1=ctp&ruleId=1&smartpopId=10251&userId=b29d5de8081854ddfa64062b762e5cdd52ba5a9ca8232adaa0bb5b33afa805c0&variationId=31780 HTTP 302
https://camterest.com/girls/german?action=sbSignupWithModel&affiliateId=050923xk5e7ghfyp6zahkhnadov9b3d4ahfsh1wxbz7x6i1s9w7gagmx8q7pxzv1&campaignId=5cad3c1caba869d88fad5ee079b8d701edd64c2f2d10934839acb742df41a4f8&p1=ctp&realDomain=go.camterest.com&referrer=https%3A%2F%2Fexemptrequest.com%2F&stripbotVariation=NullWidget&userId=b29d5de8081854ddfa64062b762e5cdd52ba5a9ca8232adaa0bb5b33afa805c0 HTTP 302
https://de.camterest.com/girls/german?action=sbSignupWithModel&affiliateId=050923xk5e7ghfyp6zahkhnadov9b3d4ahfsh1wxbz7x6i1s9w7gagmx8q7pxzv1&campaignId=5cad3c1caba869d88fad5ee079b8d701edd64c2f2d10934839acb742df41a4f8&p1=ctp&realDomain=go.camterest.com&referrer=https%3A%2F%2Fexemptrequest.com%2F&stripbotVariation=NullWidget&userId=b29d5de8081854ddfa64062b762e5cdd52ba5a9ca8232adaa0bb5b33afa805c0 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 9

https://appurl.io/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
https://appurl.io/cdn-cgi/challenge-platform/h/g/scripts/jsd/3e377faf/main.js

Request Chain 19

https://cutt.ly/qwlynUSR HTTP 301
https://www.highcpmrevenuegate.com/gfdd8gsdz?key=05d179513af5f2b642c3680603f7b3ad HTTP 307
https://exemptrequest.com/t9hfrpjhb?key=4bf5fd9e37e7715f00ff7359b1c6816a

Request Chain 31

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

39 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 fG4_eGdA89 Show response
appurl.io/ 6 KB
3 KB 468ms
276ms Document
text/html 2606:4700:20::ac43:4856
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://appurl.io/fG4_eGdA89
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4856 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9b90fe8ca17354fcf561124cace86047f91d88f5445561ae0bbd302e585322a1

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: max-age=60
cf-cache-status: DYNAMIC
cf-ray: 8020e66bfd9a92b4-FRA
content-encoding: br
content-type: text/html
date: Tue, 05 Sep 2023 19:32:46 GMT
last-modified: Sun, 03 Sep 2023 11:15:47 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jQbV6s%2BrlYbIkN%2BIuukbGjYmNHh66HGQSwhdfCcBLN7RGSK32XaGt%2F0l1DuJ0WeuHfMJT0r5oeNddfQt4tmJZ%2BZLe98yX5jFY53z6lDn1fMc%2BUOucg3BX4QyDf3QVkPumwLLBipa5A%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
via: 1.1 10ddc9a187df686a95382358dc4e78d4.cloudfront.net (CloudFront)
x-amz-cf-id: MPerrAhnTC4LK1cqCGdbiZ8UTLZp9eVBnDjgZXFFdJJwH-NL4bt4rw==
x-amz-cf-pop: MXP63-P4
x-amz-replication-status: COMPLETED
x-amz-server-side-encryption: AES256
x-amz-version-id: sZKXyO1EqHIPEicRWMLbRwTdcLR0zwFz
x-cache: RefreshHit from cloudfront

GET
H2 200 bootstrap.min.css
maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/ 118 KB
20 KB 86ms
38ms Stylesheet
text/css 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap.min.css

Requested by

Host: appurl.io
URL: https://appurl.io/fG4_eGdA89

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://appurl.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Tue, 05 Sep 2023 19:32:46 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 617, 617, 617
age: 19309061
cdn-cachedat: 2021-06-08 14:35:16
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:03:59 GMT
server: cloudflare
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: a25b3b26237dd55b5f417f26a9965dbb
timing-allow-origin: *
cdn-requestcountrycode: US
cf-ray: 8020e66e0aeb9ba1-FRA
cdn-requestpullsuccess: True

GET
H2 200 font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.4.0/css/ 26 KB
6 KB 82ms
33ms Stylesheet
text/css 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.4.0/css/font-awesome.min.css

Requested by

Host: appurl.io
URL: https://appurl.io/fG4_eGdA89

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

936ffccdc35bc55221e669d0e76034af76ba8c080c1b1149144dbbd3b5311829

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://appurl.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Tue, 05 Sep 2023 19:32:46 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 632
age: 15267851
cdn-cachedat: 12/13/2021 21:25:06
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:54 GMT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
server: cloudflare
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 8ac87b10825a6871d9cd076fc3a23e4f
timing-allow-origin: *
cdn-requestcountrycode: DE
cdn-status: 200
cf-ray: 8020e66e0aed9ba1-FRA
cdn-requestpullsuccess: True

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 146 KB
51 KB 159ms
107ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: appurl.io
URL: https://appurl.io/fG4_eGdA89

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

80bc44f020c8b658e0f835ac3c7cec784eac1595e9318f133fa3b73eed2be3b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://appurl.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Tue, 05 Sep 2023 19:32:46 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51292
x-xss-protection: 0
server: cafe
etag: 15911887183312502370
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 05 Sep 2023 19:32:46 GMT

GET
H2 200 appurl-logo.png
appurl.io/images/ 23 KB
24 KB 41ms
39ms Image
image/webp 2606:4700:20::ac43:4856
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://appurl.io/images/appurl-logo.png
Requested by: Host: appurl.io
URL: https://appurl.io/fG4_eGdA89
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4856 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e0cca353da10587986b5da53a4ed0391880809af5c1101f3047b5fc5e3383742

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://appurl.io/fG4_eGdA89
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Tue, 05 Sep 2023 19:32:46 GMT
via: 1.1 8b15d366b8a05fea04eb2afabb997d46.cloudfront.net (CloudFront)
x-amz-version-id: 7yXkJHZznTRQiEpUtdjqKx4EVy7qQMwS
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6968
x-amz-cf-pop: MXP63-P4
cf-polished: origFmt=png, origSize=25721
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-disposition: inline; filename="appurl-logo.webp"
content-length: 23746
cf-bgj: imgq:85,h2pri
last-modified: Wed, 08 Dec 2021 22:04:29 GMT
server: cloudflare
etag: "85b2e8868db81fa9a39b35a70edc31e0"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5q%2FcScMlS7HNJJJKppUVpYx8OceBbUK5wANLCilGngnQMEoM508Oe2e403c2d3Y%2FJ8TM%2FuxjoltPwdZyxq%2FE4KPMUcL4r3QwX%2BMU%2FZeFEO7rKFurU0%2BXe7FxvmD7KTNxA%2FJpr%2BmnFw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8020e66e69b692b4-FRA
x-amz-cf-id: tnniF577M5QDe2a16aKolsHmdGJpi0-Ik3EFLy0JkF8GMEP7mjsTkA==

GET
H2 200 jquery-3.1.1.slim.min.js Show response
code.jquery.com/ 68 KB
23 KB 71ms
24ms Script
application/javascript 2001:4de0:ac18::1:a:3b
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.1.1.slim.min.js
Requested by: Host: appurl.io
URL: https://appurl.io/fG4_eGdA89
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:3b , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx /
Resource Hash: fd222b36abfc87a406283b8da0b180e22adeb7e9327ac0a41c6cd5514574b217

Request headers

Referer: https://appurl.io/
Origin: https://appurl.io
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Tue, 05 Sep 2023 19:32:46 GMT
content-encoding: gzip
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
server: nginx
etag: W/"28feccc0-10ebd"
vary: Accept-Encoding
x-hw: 1693942366.dop254.fr8.t,1693942366.cds228.fr8.hn,1693942366.cds201.fr8.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 23709

GET
H2 200 ua-parser-min.js Show response
appurl.io/javascripts/vendor/min/ 10 KB
5 KB 35ms
35ms Script
text/javascript 2606:4700:20::ac43:4856
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://appurl.io/javascripts/vendor/min/ua-parser-min.js
Requested by: Host: appurl.io
URL: https://appurl.io/fG4_eGdA89
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4856 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e4a1e8dfe89632088e1ec8147765e5a1faf08f7414ede4c9f3cce701f8b85b2f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://appurl.io/fG4_eGdA89
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Tue, 05 Sep 2023 19:32:46 GMT
x-amz-version-id: null
via: 1.1 163be08bc1bc44818353c4fd88655bee.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: FRA6-C1
age: 4252
content-encoding: br
x-cache: Hit from cloudfront
last-modified: Mon, 07 Nov 2016 12:40:40 GMT
server: cloudflare
etag: W/"bb04355ce387383532230a11c09091aa"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FGg8m0Vx9jYj6UUUZA4jN3VP%2Bj9x3cKSTsTeFFM1vUtCB7CPIBVNQz4msFiRyho6kIVixonEvp1BGuv66%2F0aysoa6KhW8TOoa6X7pzecTkw7gbhUCQMmjNxfs3RCI0pGX70TcathBw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: max-age=14400
cf-ray: 8020e66e396b92b4-FRA
x-amz-cf-id: Wfu40wJv-fSxU-zyjB3aWFdGvLOupF2YUfOruUOCjLLqImnOBSDo0g==

GET
H2 200 redirect-min.js Show response
appurl.io/javascripts/min/ 3 KB
2 KB 69ms
67ms Script
application/javascript 2606:4700:20::ac43:4856
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://appurl.io/javascripts/min/redirect-min.js?version=1.0.0.1693739746747
Requested by: Host: appurl.io
URL: https://appurl.io/fG4_eGdA89
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4856 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5e41a7428c89d172ea125c6b0bd7a3e04250d8a949f82a4dd7d8f84586192aa8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://appurl.io/fG4_eGdA89
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Tue, 05 Sep 2023 19:32:46 GMT
x-amz-version-id: 9M7B3iVhOibLRAgQIfsmO4Iy653N6J.p
via: 1.1 bafea69ec4368ee11760779ffcfbd4fc.cloudfront.net (CloudFront)
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: FRA56-P3
content-encoding: br
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Mon, 01 Feb 2021 01:26:50 GMT
server: cloudflare
etag: W/"10bb0164a9f84b027874e3f0efbe4b45"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RPOnT7cdexKY79RlPRohQ%2BlLVUDVZO6qoYOZMXWjsuxJULhbn7YRTh10ddbbX70DINEJcTRPMTFZ9JHPWXCc%2BrZLGT0pv7Haxx1vnGkddyQiOBjmfrnCcIKMNBJfORM7GZWHmd7yaA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 8020e66e69b292b4-FRA
x-amz-cf-id: DvoFgb7mTKXs24FAYG65MBDDPZEyGYt4bcR-TPpbJW7Ww7pmN_tPAA==

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 72ms
21ms Script
text/javascript 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: appurl.io
URL: https://appurl.io/fG4_eGdA89

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://appurl.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 05 Sep 2023 17:49:43 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 6183
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Tue, 05 Sep 2023 19:49:43 GMT

GET
H2

200

main.js Show response
appurl.io/cdn-cgi/challenge-platform/h/g/scripts/jsd/3e377faf/ Frame BBA7
Redirect Chain

https://appurl.io/cdn-cgi/challenge-platform/scripts/jsd/main.js
https://appurl.io/cdn-cgi/challenge-platform/h/g/scripts/jsd/3e377faf/main.js

7 KB
4 KB

33ms
33ms

Script
application/javascript

2606:4700:20::ac43:4856
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://appurl.io/cdn-cgi/challenge-platform/h/g/scripts/jsd/3e377faf/main.js

Requested by

Host: appurl.io
URL: https://appurl.io/fG4_eGdA89

Protocol

Server

2606:4700:20::ac43:4856 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7ba6138eaa3b449074e3929b5d5e31622ba0f78e88b183ebcb8309337ecee15b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Tue, 05 Sep 2023 19:32:46 GMT
content-encoding: br
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0diHdA4%2Bz4DmpTJkjrED10cznka7ltV3BzbyIsnWUeQbkFwNkWA68qITg1ykjyIwGmp8SO3ckJIoiA8BZOXw340qvD8oztydDVo%2FznUG0V1O2jz2CkkOOmeDcQxJ8RatKSw%2FbriinQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
cf-ray: 8020e66f2b1492b4-FRA

Redirect headers

date: Tue, 05 Sep 2023 19:32:46 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LaK8sZSKoQMmrZiZuFac3%2B60kKhfzyCQiv2PC2E12ZaT4e65c94j4Q3m%2Fjv5dtHxDR501sFdnVMc6vM8r7pc%2BCwrrlpiS9MCpnHqPS%2BD6GbxXItPqHSfR3WNO7KejJFnZpASen9JAg%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
location: /cdn-cgi/challenge-platform/h/g/scripts/jsd/3e377faf/main.js
cache-control: max-age=300, public
cf-ray: 8020e66efad292b4-FRA

POST
H2 200 collect Show response
www.google-analytics.com/j/ 15 B
217 B 27ms
27ms XHR
text/plain 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=2053051544&t=pageview&_s=1&dl=https%3A%2F%2Fappurl.io%2FfG4_eGdA89&ul=en-us&de=UTF-8&dt=Movie%2FTitle%20(IMDb)&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAAABAAAAACAAI~&jid=1660682075&gjid=2085265609&cid=153740058.1693942367&tid=UA-1416913-22&_gid=1073537867.1693942367&_r=1&_slc=1&z=1140864877

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

f8e703adf731c76be52f8ed94756940446a493cfb92f14a5432c33db5b2a7a36

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://appurl.io/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 05 Sep 2023 19:32:46 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://appurl.io
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 230 KB
82 KB 89ms
37ms Script
application/javascript 2a00:1450:4001:828::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-L4PYPET04L&cx=c&_slc=1

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

8a5f47a2936bd98791ef75f9caefa41cb73b06e1bc120bace4fd22f2bdb81c51

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://appurl.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Tue, 05 Sep 2023 19:32:46 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 83357
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 05 Sep 2023 19:32:46 GMT

POST
H2 200 8020e66bfd9a92b4 Show response
appurl.io/cdn-cgi/challenge-platform/h/g/jsd/r/ Frame BBA7 0
451 B 68ms
68ms XHR
text/plain 2606:4700:20::ac43:4856
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://appurl.io/cdn-cgi/challenge-platform/h/g/jsd/r/8020e66bfd9a92b4
Requested by: Host: appurl.io
URL: https://appurl.io/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4856 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 05 Sep 2023 19:32:46 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8020e6701cb692b4-FRA
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6KbBl5gmGyxSV58PD%2F6tUfa837QQGdazVJQVZ6AbHzFbmVN3CPmzDqD6LNCvBUjITFAQs2SA8tOliQnsSxrH1KoFTinz18%2FCJfptb46pZVXUjNojlVImIBAv62vhx0bd%2BpmKPqS2mg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=UTF-8

GET
H2 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308290101/ 384 KB
130 KB 105ms
104ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308290101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6503947100737582&plah=appurl.io

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4720b14dd1b341e84412f3485466803f2a6afcc736b7ce65dc45230febcacb50

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://appurl.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Tue, 05 Sep 2023 19:32:46 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 133328
x-xss-protection: 0
server: cafe
etag: 7698404052273756838
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 05 Sep 2023 19:32:46 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230831/r20190131/ Frame E019 10 KB
5 KB 76ms
22ms Document
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230831/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0907e75ab7f4aa03bcbc01778262abd0671f8742abaca30e9816cc90a6b28935

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://appurl.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 65251
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4437
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 05 Sep 2023 01:25:15 GMT
etag: 9878862242593084568
expires: Tue, 19 Sep 2023 01:25:15 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 204 collect
region1.google-analytics.com/g/ 0
241 B 84ms
31ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-L4PYPET04L&gtm=45je38u0&_p=2053051544&ul=en-us&sr=1600x1200&cid=153740058.1693942367&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EBAI&_s=1&dl=https%3A%2F%2Fappurl.io%2FfG4_eGdA89&dt=Movie%2FTitle%20(IMDb)&sid=1693942366&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-L4PYPET04L&cx=c&_slc=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://appurl.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Sep 2023 19:32:46 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://appurl.io
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cookie.js
partner.googleadservices.com/gampad/ 385 B
602 B 188ms
29ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=appurl.io&callback=_gfp_s_&client=ca-pub-6503947100737582

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308290101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6503947100737582&plah=appurl.io

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://appurl.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Tue, 05 Sep 2023 19:32:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 251
x-xss-protection: 0

GET
H2 200 ads
googleads.g.doubleclick.net/pagead/ Frame 6095 111 KB
39 KB 854ms
850ms Document
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6503947100737582&output=html&h=280&slotname=1787055170&adk=646328967&adf=4134371643&pi=t.ma~as.1787055170&w=660&fwrn=4&fwrnh=100&lmt=1693732547&rafmt=1&format=660x280&url=https%3A%2F%2Fappurl.io%2FfG4_eGdA89&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693942366747&bpp=3&bdt=407&idt=235&shv=r20230831&mjsv=m202308290101&ptt=9&saldr=aa&abxe=1&correlator=659771562749&frm=20&pv=2&ga_vid=153740058.1693942367&ga_sid=1693942367&ga_hid=2053051544&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=470&ady=603&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C31077327%2C31077560&oid=2&pvsid=2229122365326580&tmod=1211324368&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=ml7gTmKde3&p=https%3A//appurl.io&dtd=248

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://appurl.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 39396
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 05 Sep 2023 19:32:47 GMT
expires: Tue, 05 Sep 2023 19:32:47 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads
googleads.g.doubleclick.net/pagead/ Frame 4AA3 136 KB
34 KB 1003ms
1000ms Document
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6503947100737582&output=html&adk=1812271804&adf=3025194257&lmt=1693732547&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=404x1080_l%7C404x1080_r&format=0x0&url=https%3A%2F%2Fappurl.io%2FfG4_eGdA89&ea=0&pra=7&wgl=1&easpi=0&asro=0&asrtr=1&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693942366762&bpp=2&bdt=422&idt=237&shv=r20230831&mjsv=m202308290101&ptt=9&saldr=aa&abxe=1&prev_fmts=660x280&nras=1&correlator=659771562749&frm=20&pv=1&ga_vid=153740058.1693942367&ga_sid=1693942367&ga_hid=2053051544&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C31077327%2C31077560&oid=2&pvsid=2229122365326580&tmod=1211324368&uas=0&nvt=1&fsapi=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=2&uci=a!2&fsb=1&dtd=245

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://appurl.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 34308
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 05 Sep 2023 19:32:48 GMT
expires: Tue, 05 Sep 2023 19:32:48 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1

200
OK

t9hfrpjhb Show response
exemptrequest.com/
Redirect Chain

https://cutt.ly/qwlynUSR
https://www.highcpmrevenuegate.com/gfdd8gsdz?key=05d179513af5f2b642c3680603f7b3ad
https://exemptrequest.com/t9hfrpjhb?key=4bf5fd9e37e7715f00ff7359b1c6816a

3 KB
3 KB

361ms
117ms

Document
text/html

173.233.137.60
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL

https://exemptrequest.com/t9hfrpjhb?key=4bf5fd9e37e7715f00ff7359b1c6816a

Requested by

Host: appurl.io
URL: https://appurl.io/javascripts/min/redirect-min.js?version=1.0.0.1693739746747

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

173.233.137.60 , United States, ASN7979 (SERVERS-COM, US),

Reverse DNS

Software

nginx/1.21.6 /

Resource Hash

a2eb242d58126c81ea04cd00404bce37f2f4b55a308d65502b55364c8da39562

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubdomains

Request headers

Referer: https://appurl.io/fG4_eGdA89
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Cache-Control: no-cache
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html
Date: Tue, 05 Sep 2023 19:32:48 GMT
Expires: Thu, 01 Jan 1970 00:00:01 GMT
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Server: nginx/1.21.6
Strict-Transport-Security: max-age=0; includeSubdomains
Transfer-Encoding: chunked
X-Request-ID: 53ba84eb7acde11388fd6ab819833ecc

Redirect headers

Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 0
Content-Type: text/html
Date: Tue, 05 Sep 2023 19:32:47 GMT
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Location: https://exemptrequest.com/t9hfrpjhb?key=4bf5fd9e37e7715f00ff7359b1c6816a
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Server: nginx/1.21.6
Strict-Transport-Security: max-age=0; includeSubdomains
X-Request-ID: 31dd2dbe0e7293beaf98e5936a85ea13

GET
H2 200 63e0a2a793d720ddab32c7ad1c79b976.js
www.gstatic.com/mysidia/ Frame 6095 9 KB
4 KB 76ms
22ms Script
text/javascript 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/63e0a2a793d720ddab32c7ad1c79b976.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6503947100737582&output=html&h=280&slotname=1787055170&adk=646328967&adf=4134371643&pi=t.ma~as.1787055170&w=660&fwrn=4&fwrnh=100&lmt=1693732547&rafmt=1&format=660x280&url=https%3A%2F%2Fappurl.io%2FfG4_eGdA89&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693942366747&bpp=3&bdt=407&idt=235&shv=r20230831&mjsv=m202308290101&ptt=9&saldr=aa&abxe=1&correlator=659771562749&frm=20&pv=2&ga_vid=153740058.1693942367&ga_sid=1693942367&ga_hid=2053051544&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=470&ady=603&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C31077327%2C31077560&oid=2&pvsid=2229122365326580&tmod=1211324368&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=ml7gTmKde3&p=https%3A//appurl.io&dtd=248

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Sun, 03 Sep 2023 14:39:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 190382
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3931
x-xss-protection: 0
last-modified: Thu, 31 Aug 2023 22:08:52 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sat, 02 Dec 2023 14:39:46 GMT

GET
H2 200 b293f88652ab0f749d3615e759df59dc.js
www.gstatic.com/mysidia/ Frame 6095 11 KB
5 KB 77ms
23ms Script
text/javascript 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/b293f88652ab0f749d3615e759df59dc.js?tag=text/vanilla_highlight_ms

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Fri, 01 Sep 2023 14:52:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 362408
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4722
x-xss-protection: 0
last-modified: Thu, 31 Aug 2023 22:08:52 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 30 Nov 2023 14:52:40 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 6095 14 KB
2 KB 87ms
31ms Stylesheet
text/css 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 05 Sep 2023 19:32:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 05 Sep 2023 18:05:47 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 05 Sep 2023 19:32:48 GMT

GET
H2 200 load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230831/r20110914/client/ Frame 6095 2 KB
972 B 25ms
23ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230831/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Tue, 05 Sep 2023 17:30:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7357
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 19 Sep 2023 17:30:11 GMT

GET
H2 200 abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230831/r20110914/ Frame 6095 23 KB
9 KB 26ms
24ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230831/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Tue, 05 Sep 2023 17:30:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7357
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9067
x-xss-protection: 0
server: cafe
etag: 16184311534176170479
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 19 Sep 2023 17:30:11 GMT

GET
H2 200 window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230831/r20110914/client/ Frame 6095 3 KB
1 KB 35ms
34ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230831/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Tue, 05 Sep 2023 17:25:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7626
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 19 Sep 2023 17:25:42 GMT

GET
H2 200 qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230831/r20110914/client/ Frame 6095 20 KB
8 KB 80ms
22ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230831/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Tue, 05 Sep 2023 17:25:41 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7627
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8273
x-xss-protection: 0
server: cafe
etag: 16365778639179992903
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 19 Sep 2023 17:25:41 GMT

GET
H2 200 rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 6095 181 KB
57 KB 89ms
34ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Tue, 05 Sep 2023 19:32:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57780
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1693394992224923"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 05 Sep 2023 19:32:48 GMT

GET
H2 200 3c1ec1505caf618a1f8c049839112e9c.js
www.gstatic.com/mysidia/ Frame 6095 36 KB
15 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/3c1ec1505caf618a1f8c049839112e9c.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Fri, 01 Sep 2023 01:09:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 411813
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15058
x-xss-protection: 0
last-modified: Thu, 31 Aug 2023 22:08:52 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 30 Nov 2023 01:09:15 GMT

GET
H3 200 s
googleads.g.doubleclick.net/pagead/drt/ Frame 63EF 143 B
166 B 24ms
24ms Document
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6503947100737582&output=html&h=280&slotname=1787055170&adk=646328967&adf=4134371643&pi=t.ma~as.1787055170&w=660&fwrn=4&fwrnh=100&lmt=1693732547&rafmt=1&format=660x280&url=https%3A%2F%2Fappurl.io%2FfG4_eGdA89&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693942366747&bpp=3&bdt=407&idt=235&shv=r20230831&mjsv=m202308290101&ptt=9&saldr=aa&abxe=1&correlator=659771562749&frm=20&pv=2&ga_vid=153740058.1693942367&ga_sid=1693942367&ga_hid=2053051544&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=470&ady=603&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C31077327%2C31077560&oid=2&pvsid=2229122365326580&tmod=1211324368&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=ml7gTmKde3&p=https%3A//appurl.io&dtd=248
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 545
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 05 Sep 2023 19:23:43 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 6095 219 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame 63EF
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

38ms
36ms

Document
text/html

2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 05 Sep 2023 19:32:48 GMT
expires: Tue, 05 Sep 2023 19:32:48 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 05 Sep 2023 19:32:48 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 reactive_library_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308290101/ 154 KB
52 KB 80ms
79ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308290101/reactive_library_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://appurl.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Tue, 05 Sep 2023 19:32:48 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53649
x-xss-protection: 0
server: cafe
etag: 17074441368910669732
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Tue, 05 Sep 2023 19:32:48 GMT

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame 6095 33 KB
34 KB 83ms
23ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Sat, 02 Sep 2023 05:04:01 GMT
x-content-type-options: nosniff
age: 311327
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34108
x-xss-protection: 0
last-modified: Tue, 23 May 2023 16:35:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 01 Sep 2024 05:04:01 GMT

GET
H3 200 zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20230831/r20110914/ Frame 5780 0
0 23ms
23ms Document
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230831/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://appurl.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 76807
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4437
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 04 Sep 2023 22:12:41 GMT
etag: 9878862242593084568
expires: Mon, 18 Sep 2023 22:12:41 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET adview
googleads.g.doubleclick.net/pagead/ Frame 6095 0
0

GET activeview
pagead2.googlesyndication.com/pcs/ Frame 6095 0
0

GET stats
professionalswebcheck.com/ 0
0

GET
H2

200

Primary Request german
de.camterest.com/girls/
Redirect Chain

https://exemptrequest.com/api/users?token=L3Q5aGZycGpoYj9rZXk9NGJmNWZkOWUzN2U3NzE1ZjAwZmY3MzU5YjFjNjgxNmEmcHN0PTE2OTM5NDI0Mjgmcm10Yz10JnNodT0zMDFkNGYxZGQwNzBiYzdlODQwZWRmM2YxNTMwZTA1ZWIzMDM0NDAyZGY...
https://go.camterest.com/smartpop/5cad3c1caba869d88fad5ee079b8d701edd64c2f2d10934839acb742df41a4f8?userId=b29d5de8081854ddfa64062b762e5cdd52ba5a9ca8232adaa0bb5b33afa805c0&memberId=2a7ac697a796413b0...
https://go.camterest.com/api/goToTheTag?action=sbSignupWithModel&campaignId=5cad3c1caba869d88fad5ee079b8d701edd64c2f2d10934839acb742df41a4f8&campaignType=smartpop&creativeId=679e84a8d864af9857dae07...
https://camterest.com/girls/german?action=sbSignupWithModel&affiliateId=050923xk5e7ghfyp6zahkhnadov9b3d4ahfsh1wxbz7x6i1s9w7gagmx8q7pxzv1&campaignId=5cad3c1caba869d88fad5ee079b8d701edd64c2f2d1093483...
https://de.camterest.com/girls/german?action=sbSignupWithModel&affiliateId=050923xk5e7ghfyp6zahkhnadov9b3d4ahfsh1wxbz7x6i1s9w7gagmx8q7pxzv1&campaignId=5cad3c1caba869d88fad5ee079b8d701edd64c2f2d1093...

20 KB
0

2075ms
2008ms

Document
text/html

45.131.145.131
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://de.camterest.com/girls/german?action=sbSignupWithModel&affiliateId=050923xk5e7ghfyp6zahkhnadov9b3d4ahfsh1wxbz7x6i1s9w7gagmx8q7pxzv1&campaignId=5cad3c1caba869d88fad5ee079b8d701edd64c2f2d10934839acb742df41a4f8&p1=ctp&realDomain=go.camterest.com&referrer=https%3A%2F%2Fexemptrequest.com%2F&stripbotVariation=NullWidget&userId=b29d5de8081854ddfa64062b762e5cdd52ba5a9ca8232adaa0bb5b33afa805c0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.131.145.131 Bucharest, Romania, ASN39572 (ADVANCEDHOSTERS-AS, NL),

Reverse DNS

Software

Caddy nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Frame-Options	deny

Request headers

Referer: https://exemptrequest.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-type: text/html; charset=utf-8
date: Tue, 05 Sep 2023 19:32:51 GMT
server: Caddy nginx
strict-transport-security: max-age=15768000
x-backend: india-wl-ssr-application-b7c9f4655-pbwnr
x-branch: master
x-cache-status: EXPIRED
x-frame-options: deny
x-geoip: DE

Redirect headers

content-length: 138
content-type: text/html
date: Tue, 05 Sep 2023 19:32:49 GMT
location: https://de.camterest.com/girls/german?action=sbSignupWithModel&affiliateId=050923xk5e7ghfyp6zahkhnadov9b3d4ahfsh1wxbz7x6i1s9w7gagmx8q7pxzv1&campaignId=5cad3c1caba869d88fad5ee079b8d701edd64c2f2d10934839acb742df41a4f8&p1=ctp&realDomain=go.camterest.com&referrer=https%3A%2F%2Fexemptrequest.com%2F&stripbotVariation=NullWidget&userId=b29d5de8081854ddfa64062b762e5cdd52ba5a9ca8232adaa0bb5b33afa805c0
server: Caddy nginx
strict-transport-security: max-age=15768000
x-frame-options: deny

GET bootstrap_light.20230904130613.css
assets.strpst.com/assets/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/adview?ai=CNhGVX4L3ZIK3C52r78EP39qCgAyYz_3mcuKc9v_cEaOPzP2RDhABIKifqQhglYKAgLAHoAGN7InRKcgBAagDAcgDywSqBL8BT9B5dFPsM5WvBmuTNTWZLuVK4SUfUcoQvce9qwWHnnvBgx0HF3LAAURW9ThSIH5ACUQy1QZvIUK8C6L09LZvnWoXqy-6ZG3sALp2sOAQbBvLglxxvxaqBwzAWlX7_K5m33H7DWogxPqGznDn-XZrqE0fuS-c0cXmMoGqi-DbSTosGhmAwqLSouPp3Ej-RYvG2TEQCbbdcCOUmRFs0Y5N_dE94se6J8IVuSoc7_JDeN98fmd1WnTTcX2UAzM828fABOr38P65BIgFkaSX80uSBQQIBBgBkgUECAUYBIAHjaTasASoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBDS3QvSCBYIgOGAcBABGB8yAusCOgKAQEi9_cE6mglyaHR0cHM6Ly93d3cuZ2xvYmFsc291cmNlcy5jb20vP3V0bV9tZWRpdW09c2VtUiZzb3VyY2U9MTM5MTcyOCZ1dG1fc291cmNlPTEzOTE3Mjgmc291cmNlPTEzOTE3MjgmdXRtX3NvdXJjZT0xMzkxNzI4gAoByAsB2BMC0BUBmBYBgBcBshccChoIABIUcHViLTY1MDM5NDcxMDA3Mzc1ODIYAA&sigh=5dfxb8UayrE&uach_m=[UACH]&ase=2&cid=CAQSGwBpAlJWHyg3jU6zeNHmaZveofCWZcZqwnNOABgB&cbvp=2&vis=1

Domain: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssm1UOX5jViH3AfL_HTv1pLmzSh5ukDMRiK5x95dWxOCd67GGL476fOU23kKl1nvkKKhwD8MRSJf4Lr0S_O99qtWWTV_CKiMH409OQg5-nWTRIj9scs2gVaLeXw0KWcRdX6LL2MkCGAs7rC&sai=AMfl-YQNV1j9QmKiVRxAjdKpCFbRsj8rLy3gJnc1lCeqGXnT3oRoGpr_mUcmIRj7CD8trx2WKZ8qjTJrV6se&sig=Cg0ArKJSzOsLwIISPwKeEAE&cid=CAQSGwBpAlJWHyg3jU6zeNHmaZveofCWZcZqwnNOABgB&id=lidartos&mcvt=0&p=0,0,0,0&mtos=0,0,0,0,0&tos=0,0,0,0,0&v=20230830&bin=7&avms=nio&bs=0,0&mc=0&if=1&vu=1&app=0&itpl=22&adk=646328967&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=3&r=b&rst=1693942366997&rpt=1359&ec=1&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Domain: professionalswebcheck.com
URL: https://professionalswebcheck.com/stats

Domain: assets.strpst.com
URL: https://assets.strpst.com/assets/bootstrap_light.20230904130613.css

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture

21 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
exemptrequest.com/api	1970-01-20 14:33:48	Name: pdhtkv Value: true
exemptrequest.com/api	1970-01-20 14:33:48	Name: uncs Value: 1
exemptrequest.com/api	1970-01-20 14:33:48	Name: pdhtkv28 Value: true
exemptrequest.com/api	1970-01-20 14:33:48	Name: uncs28 Value: 1
.appurl.io/	1970-01-21 00:08:22	Name: _ga Value: GA1.2.153740058.1693942367
.appurl.io/	1970-01-20 14:33:48	Name: _gid Value: GA1.2.1073537867.1693942367
.appurl.io/	1970-01-20 14:32:22	Name: _gat Value: 1
.appurl.io/	1970-01-20 23:17:58	Name: cf_clearance Value: HpebClZSywZluEmVxL4yZfe96InArU_MFd8YYMm1ir0-1693942366-0-1-a9525a8.aeea051a.5d947a48-0.2.1693942366
.appurl.io/	1970-01-21 00:08:22	Name: _ga_L4PYPET04L Value: GS1.2.1693942366.1.0.1693942366.0.0.0
.appurl.io/	1970-01-20 23:53:58	Name: __gads Value: ID=326552ccfcac816b-22dad99368de003d:T=1693942367:RT=1693942367:S=ALNI_MZkRbx_Nz7K6L1HQEoDPDvhJdmyUQ
.appurl.io/	1970-01-20 23:53:58	Name: __gpi Value: UID=00000d901ea2688e:T=1693942367:RT=1693942367:S=ALNI_MaFyiXGJdHz6KbSx6GO6y1B4vgQOA
cutt.ly/	1969-12-31 23:59:59	Name: PHPSESSID Value: led7g8j6dvi3r5nauu04i3io9q
www.highcpmrevenuegate.com/	1970-01-20 14:33:48	Name: u_pl Value: 20274342
.doubleclick.net/	1970-01-20 14:32:25	Name: DSID Value: NO_DATA
exemptrequest.com/	1970-01-20 14:33:48	Name: u_pl Value: 20196215
exemptrequest.com/	1970-01-20 14:32:22	Name: ain Value: eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoyMDE5NjIxNSwiayI6IjRiZjVmZDllMzdlNzcxNWYwMGZmNzM1OWIxYzY4MTZhIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoyODQ0MTMzLCJwaWQiOjI3NTcsImFuIjpmYWxzZSwibGFuIjpmYWxzZSwiY2lkIjoyNCwiYWlkIjoyOCwicHQiOjQsInBrIjoidDloZnJwamhiIiwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjE5NzQ4MDc3OSwiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjM4OTE0LCJvbiI6IldpbmRvd3MiLCJvdiI6IjEwLjAiLCJiaWQiOjEyODEyMywiYm4iOiJDaHJvbWUiLCJidiI6IjExNiIsInd2IjpmYWxzZSwiZSI6ZmFsc2UsImFiIjpmYWxzZX0sImMiOnsiaWQiOjU3LCJjIjoiREUiLCJuIjoiR2VybWFueSJ9LCJhIjp0cnVlLCJjciI6eyJuIjoiS2V5d2ViIEFHIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiIn19.q6n39In8rqYjWlPdSDqfP4ZvVhuoJAfwZFAOt-BwO7s
exemptrequest.com/	1970-01-20 14:32:22	Name: cjs Value: t
.doubleclick.net/	1970-01-20 23:53:58	Name: IDE Value: AHWqTUnzi8GzJjo-WqQCBMxNKUc7axTiYjcrOUY0FKTP-FSAxX-il0cBTd07Xfpzt64
.googleadservices.com/	1970-01-20 16:41:58	Name: ar_debug Value: 1
go.camterest.com/	1970-01-20 15:15:34	Name: _var Value: 68087848.31780_OTFkZTI3N2Q=
.go.camterest.com/	1970-01-20 15:15:34	Name: stripbotVariationName-StripcashTest16 Value: NullWidget

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

appurl.io
assets.strpst.com
camterest.com
code.jquery.com
cutt.ly
de.camterest.com
exemptrequest.com
fonts.googleapis.com
fonts.gstatic.com
go.camterest.com
googleads.g.doubleclick.net
maxcdn.bootstrapcdn.com
pagead2.googlesyndication.com
partner.googleadservices.com
professionalswebcheck.com
region1.google-analytics.com
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.highcpmrevenuegate.com
assets.strpst.com
googleads.g.doubleclick.net
pagead2.googlesyndication.com
professionalswebcheck.com
173.233.137.52
173.233.137.60
2001:4860:4802:34::36
2001:4de0:ac18::1:a:3b
2606:4700:10::ac43:8ee
2606:4700:20::ac43:4856
2606:4700::6812:acf
2a00:1450:4001:800::2002
2a00:1450:4001:803::2004
2a00:1450:4001:806::2002
2a00:1450:4001:806::200a
2a00:1450:4001:80b::2001
2a00:1450:4001:80f::2002
2a00:1450:4001:812::2003
2a00:1450:4001:828::2008
2a00:1450:4001:82f::2003
2a00:1450:4001:831::200e
45.131.145.131
45.131.145.132
0907e75ab7f4aa03bcbc01778262abd0671f8742abaca30e9816cc90a6b28935
4720b14dd1b341e84412f3485466803f2a6afcc736b7ce65dc45230febcacb50
5e41a7428c89d172ea125c6b0bd7a3e04250d8a949f82a4dd7d8f84586192aa8
7ba6138eaa3b449074e3929b5d5e31622ba0f78e88b183ebcb8309337ecee15b
80bc44f020c8b658e0f835ac3c7cec784eac1595e9318f133fa3b73eed2be3b9
8a5f47a2936bd98791ef75f9caefa41cb73b06e1bc120bace4fd22f2bdb81c51
936ffccdc35bc55221e669d0e76034af76ba8c080c1b1149144dbbd3b5311829
9b90fe8ca17354fcf561124cace86047f91d88f5445561ae0bbd302e585322a1
a2eb242d58126c81ea04cd00404bce37f2f4b55a308d65502b55364c8da39562
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e0cca353da10587986b5da53a4ed0391880809af5c1101f3047b5fc5e3383742
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4a1e8dfe89632088e1ec8147765e5a1faf08f7414ede4c9f3cce701f8b85b2f
f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c
f8e703adf731c76be52f8ed94756940446a493cfb92f14a5432c33db5b2a7a36
fd222b36abfc87a406283b8da0b180e22adeb7e9327ac0a41c6cd5514574b217

de.camterest.com Open in urlscan Pro 45.131.145.131 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

39 Requests

87 %HTTPS

79 %IPv6

18 Domains

23 Subdomains

16 IPs

4 Countries

641 kBTransfer

1840 kBSize

21 Cookies

0 Outgoing links

Page URL History

Redirected requests

39 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

de.camterest.com Open in urlscan Pro
45.131.145.131 Public Scan

Screenshot
Live screenshot

Full Image

39
Requests

87 %
HTTPS

79 %
IPv6

18
Domains

23
Subdomains

16
IPs

4
Countries

641 kB
Transfer

1840 kB
Size

21
Cookies

39 HTTP transactions
1 data transactions