t3aonline.net Open in urlscan Pro
185.17.144.132 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://online.the3rdage.net/
Effective URL:
https://t3aonline.net/
Submission: On April 28 via manual (April 28th 2021, 11:52:55 pm UTC) from AU

Summary HTTP 156 Redirects Links 11 Behaviour Indicators

Summary

This website contacted 14 IPs in 5 countries across 19 domains to perform 156 HTTP transactions. The main IP is 185.17.144.132, located in Germany and belongs to LEASEWEB-DE-FRA-10, DE. The main domain is t3aonline.net.
TLS certificate: Issued by R3 on March 12th 2021. Valid for: 3 months.

This is the only time t3aonline.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 59	185.17.144.132 185.17.144.132	28753 (LEASEWEB-...) (LEASEWEB-DE-FRA-10)
26	2a00:c98:2050... 2a00:c98:2050:a054:4::	28753 (LEASEWEB-...) (LEASEWEB-DE-FRA-10)
4	2a00:1450:400... 2a00:1450:4001:811::200e	15169 (GOOGLE) (GOOGLE)
17	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
2	142.250.185.98 142.250.185.98	15169 (GOOGLE) (GOOGLE)
16	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
15	2a00:1450:400... 2a00:1450:4001:829::2001	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:4001:810::2004	15169 (GOOGLE) (GOOGLE)
2	104.111.228.123 104.111.228.123	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2a00:1450:400... 2a00:1450:4001:811::2004	15169 (GOOGLE) (GOOGLE)
1	2620:116:800d... 2620:116:800d:21:51e4:db4b:4436:b305	16509 (AMAZON-02) (AMAZON-02)
1 1	34.246.227.69 34.246.227.69	16509 (AMAZON-02) (AMAZON-02)
7	172.217.23.98 172.217.23.98	15169 (GOOGLE) (GOOGLE)
2 2	35.186.253.211 35.186.253.211	15169 (GOOGLE) (GOOGLE)
2 2	185.64.190.78 185.64.190.78	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 1	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
2 2	2.18.234.21 2.18.234.21	16625 (AKAMAI-AS) (AKAMAI-AS)
1 1	79.137.68.187 79.137.68.187	16276 (OVH) (OVH)
156	14

59 185.17.144.132 (Germany) 1 redirects

ASN28753 (LEASEWEB-DE-FRA-10, DE)
PTR: ripper.icetex-hosting.net

online.the3rdage.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
t3aonline.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
info.server.cnc-online.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

26 2a00:c98:2050:a054:4:: (Germany)

ASN28753 (LEASEWEB-DE-FRA-10, DE)

ads.revora.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
bar.revora.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:811::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a00:1450:4001:829::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.111.228.123 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-228-123.deploy.static.akamaitechnologies.com

www.paypalobjects.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800d:21:51e4:db4b:4436:b305 (United States)

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.246.227.69 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-246-227-69.eu-west-1.compute.amazonaws.com

pixel.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 172.217.23.98 (United States)

ASN15169 (GOOGLE, US)
PTR: mil04s23-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.186.253.211 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.64.190.78 (United Kingdom) 2 redirects

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.139 (Frankfurt am Main, Germany) 1 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.18.234.21 (Frankfurt am Main, Germany) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com

ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 79.137.68.187 (France) 1 redirects

ASN16276 (OVH, FR)
PTR: gcm9.host.hit.gemius.pl

googlecm.hit.gemius.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
36	t3aonline.net 1 redirects t3aonline.net	1 MB
32	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	483 KB
26	revora.net ads.revora.net bar.revora.net	59 KB
22	the3rdage.net online.the3rdage.net	588 KB
17	doubleclick.net googleads.g.doubleclick.net cm.g.doubleclick.net	55 KB
6	google.com 1 redirects adservice.google.com www.google.com	1015 B
4	googletagservices.com www.googletagservices.com	126 KB
4	google.de adservice.google.de	1 KB
4	google-analytics.com www.google-analytics.com	36 KB
2	casalemedia.com 2 redirects ssum-sec.casalemedia.com	2 KB
2	pubmatic.com 2 redirects image6.pubmatic.com	2 KB
2	openx.net 2 redirects rtb.openx.net	762 B
2	paypalobjects.com www.paypalobjects.com	1 KB
2	googleadservices.com partner.googleadservices.com	854 B
1	gemius.pl 1 redirects googlecm.hit.gemius.pl	304 B
1	rubiconproject.com 1 redirects pixel.rubiconproject.com	457 B
1	everesttech.net 1 redirects pixel.everesttech.net	376 B
1	quantserve.com cms.quantserve.com	465 B
1	cnc-online.net info.server.cnc-online.net	1 KB
156	19

	Domain	Requested by
36	t3aonline.net	1 redirects t3aonline.net
24	bar.revora.net	online.the3rdage.net bar.revora.net t3aonline.net
22	online.the3rdage.net	online.the3rdage.net
17	pagead2.googlesyndication.com	ads.revora.net pagead2.googlesyndication.com tpc.googlesyndication.com www.googletagservices.com googleads.g.doubleclick.net
15	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
10	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
7	cm.g.doubleclick.net	googleads.g.doubleclick.net
4	www.googletagservices.com	pagead2.googlesyndication.com googleads.g.doubleclick.net
4	adservice.google.com	pagead2.googlesyndication.com
4	adservice.google.de	pagead2.googlesyndication.com
4	www.google-analytics.com	online.the3rdage.net t3aonline.net www.google-analytics.com
2	ssum-sec.casalemedia.com	2 redirects
2	image6.pubmatic.com	2 redirects
2	rtb.openx.net	2 redirects
2	www.paypalobjects.com	t3aonline.net
2	www.google.com	1 redirects googleads.g.doubleclick.net
2	partner.googleadservices.com	pagead2.googlesyndication.com
2	ads.revora.net	online.the3rdage.net t3aonline.net
1	googlecm.hit.gemius.pl	1 redirects
1	pixel.rubiconproject.com	1 redirects
1	pixel.everesttech.net	1 redirects
1	cms.quantserve.com	googleads.g.doubleclick.net
1	info.server.cnc-online.net	t3aonline.net
156	23

This site contains links to these domains. Also see Links.

Domain
www.revora.net
www.facebook.com
discord.gg
revora.net
www.the3rdage.net
www.gamereplays.org
server.cnc-online.net
forums.revora.net

Subject Issuer	Validity	Valid
*.google.com GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh
*.google-analytics.com GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
*.google.de GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh
t3aonline.net R3	`2021-03-12` - `2021-06-10`	3 months	crt.sh
ads.revora.net cPanel, Inc. Certification Authority	`2020-12-31` - `2021-03-31`	3 months	crt.sh
www.paypal.com DigiCert SHA2 Extended Validation Server CA	`2021-04-19` - `2022-01-11`	9 months	crt.sh
bar.revora.net R3	`2021-04-20` - `2021-07-19`	3 months	crt.sh
server.cnc-online.net R3	`2021-03-12` - `2021-06-10`	3 months	crt.sh
*.quantserve.com DigiCert SHA2 High Assurance Server CA	`2020-10-02` - `2021-10-07`	a year	crt.sh

This page contains 13 frames:

Primary Page: https://t3aonline.net/
Frame ID: 74892BD54E8EDE188DEB4A3452E02CCB
Requests: 114 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210426/r20190131/zrt_lookup.html
Frame ID: 5B03D8D4A5F94FDFF19B391E8A5E899A
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3867839607390295&output=html&h=600&slotname=2245490425&adk=2513646384&adf=955934993&pi=t.ma~as.2245490425&w=120&lmt=1509914650&url=http%3A%2F%2Fonline.the3rdage.net%2F&flash=0&wgl=1&dt=1619653958059&bpp=24&bdt=133&idt=88&shv=r20210426&cbv=r20190131&ptt=5&saldr=sa&abxe=1&correlator=8265793670272&frm=20&pv=2&ga_vid=167988659.1619653958&ga_sid=1619653958&ga_hid=1443133843&ga_fc=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1458&ady=306&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066433&oid=3&pvsid=1397964089763358&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&xpc=njY0IfOUrt&p=http%3A//online.the3rdage.net&dtd=108
Frame ID: CF44EF64468A78756830F8985FEA239C
Requests: 12 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: 69DA4BFCE5BC9C8824D26E5D8F11E8B3
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/kDRksX2Ww4e_xNClAyIBt4DTtML4DGkgzzkDas1N7gE.js
Frame ID: 539F00622608B2B9F95CF2EF8C21677D
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3867839607390295&output=html&adk=1812271804&adf=3025194257&lmt=1509914650&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=http%3A%2F%2Fonline.the3rdage.net%2F&ea=0&flash=0&pra=7&wgl=1&dt=1619653958713&bpp=4&bdt=787&idt=4&shv=r20210426&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3fd29073e922ec90-225005a4f6c70011%3AT%3D1619653958%3ART%3D1619653958%3AS%3DALNI_Mah4cbyLDoOHPALxbaprirTFsBotg&prev_slotnames=2245490425&nras=1&correlator=8265793670272&frm=20&pv=1&ga_vid=167988659.1619653958&ga_sid=1619653958&ga_hid=1443133843&ga_fc=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066433&oid=3&psts=AGkb-H8keoNMnxbEHloJbt6X4UD9AVximlKef0nag6VOglCkMIjSjqr-FoOA4MdOMWy2QJoO1V7WXHIyOOQ&pvsid=1397964089763358&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&dtd=10
Frame ID: EBF7641B836629F6B01774613C7DE1E9
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Frame ID: 395C2998D3BC350C3B8D69E3FBE1891B
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210426/r20190131/zrt_lookup.html
Frame ID: EFC5E5021A3EA178CDE1C0104C81AEED
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3867839607390295&output=html&h=600&slotname=8497838249&adk=4264655683&adf=3240750105&pi=t.ma~as.8497838249&w=120&lmt=1619653964&url=https%3A%2F%2Ft3aonline.net%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619653964215&bpp=48&bdt=151&idt=109&shv=r20210426&cbv=r20190131&ptt=5&saldr=sa&abxe=1&correlator=79865575646&frm=20&pv=2&ga_vid=1519302360.1619653964&ga_sid=1619653964&ga_hid=506349865&ga_fc=0&u_tz=120&u_his=3&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1468&ady=316&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671&oid=3&pvsid=2782390440334303&ref=http%3A%2F%2Fonline.the3rdage.net%2F&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=gUMYd5zf7Q&p=https%3A//t3aonline.net&dtd=129
Frame ID: 3A3D20FB715AA934A7F499FA66EE136E
Requests: 11 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 1B4A4BCD8B22393E5610F877DE5D0C29
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/kDRksX2Ww4e_xNClAyIBt4DTtML4DGkgzzkDas1N7gE.js
Frame ID: CE42A6B056569F98C9B24239D915A75F
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3867839607390295&output=html&adk=1812271804&adf=3025194257&lmt=1619653964&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Ft3aonline.net%2F&ea=0&flash=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619653964989&bpp=1&bdt=925&idt=2&shv=r20210426&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Ddc354a5da123cda9-2206a617f4c70040%3AT%3D1619653964%3ART%3D1619653964%3AS%3DALNI_Mbt7yyZp2a_CSnxzb2wNdnAET-Xuw&prev_slotnames=8497838249&nras=1&correlator=79865575646&frm=20&pv=1&ga_vid=1519302360.1619653964&ga_sid=1619653964&ga_hid=506349865&ga_fc=0&u_tz=120&u_his=3&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671&oid=3&psts=AGkb-H9SEqOKbJZjzDFzr3kVXeVAx0i9mB51l1KkzSqP7VOSn40X26cXs6wIdtVjRMqq_tyfTbrsu7OTfLU&pvsid=2782390440334303&ref=http%3A%2F%2Fonline.the3rdage.net%2F&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&dtd=11
Frame ID: B0E93220AF4AE53ECF7A524D4C28B50D
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Frame ID: E2688BEBDB583FA9F5270769BA986CEF
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://online.the3rdage.net/ Page URL
http://t3aonline.net/ HTTP 301
https://t3aonline.net/ Page URL

Detected technologies

Ubuntu (Operating Systems) Expand

Overall confidence: 100%
Detected patterns

headers server /Ubuntu/i

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

156
Requests

76 %
HTTPS

50 %
IPv6

19
Domains

23
Subdomains

14
IPs

5
Countries

2447 kB
Transfer

3642 kB
Size

6
Cookies

11 Outgoing links

These are links going to different origins than the main page.

URL: https://www.revora.net/donate
Title: Donate

Search URL Search Domain Scan URL

URL: https://www.facebook.com/BFMEOnline/
Title: Find us on

Search URL Search Domain Scan URL

URL: https://discord.gg/QezNqAs
Title: Join

Search URL Search Domain Scan URL

URL: https://discord.gg/y2aWKvG
Title: Discord server

Search URL Search Domain Scan URL

URL: http://revora.net/

Search URL Search Domain Scan URL

URL: http://www.the3rdage.net/

Search URL Search Domain Scan URL

URL: http://www.gamereplays.org/

Search URL Search Domain Scan URL

URL: http://server.cnc-online.net/downloads/t3aonline/T3AOnline_2.1.3.msi
Title: T3A:Online launcher

Search URL Search Domain Scan URL

URL: http://forums.revora.net/forum/2671-t3aonline-support-talk/
Title: T3A:Online support forums

Search URL Search Domain Scan URL

URL: http://forums.revora.net/topic/87750-t3aonline-installation-support/
Title: read this installation topic

Search URL Search Domain Scan URL

URL: http://forums.revora.net/topic/87772-fixing-connection-issues-port-forwarding-guide/
Title: read this connection topic

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://online.the3rdage.net/ Page URL
http://t3aonline.net/ HTTP 301
https://t3aonline.net/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 11

http://www.google-analytics.com/ga.js HTTP 307
https://www.google-analytics.com/ga.js

Request Chain 12

http://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=297832695&utmhn=online.the3rdage.net&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=T3A%3AOnline%20-%20The%20Return%20of%20BFME%20Multiplayer&utmhid=1443133843&utmr=-&utmp=%2F&utmht=1619653957995&utmac=UA-6027426-1&utmcc=__utma%3D80656457.167988659.1619653958.1619653958.1619653958.1%3B%2B__utmz%3D80656457.1619653958.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1011959749&utmredir=1&utmu=DAAAAAAAAAAAAAAAAAAAAAAE~ HTTP 307
https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=297832695&utmhn=online.the3rdage.net&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=T3A%3AOnline%20-%20The%20Return%20of%20BFME%20Multiplayer&utmhid=1443133843&utmr=-&utmp=%2F&utmht=1619653957995&utmac=UA-6027426-1&utmcc=__utma%3D80656457.167988659.1619653958.1619653958.1619653958.1%3B%2B__utmz%3D80656457.1619653958.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1011959749&utmredir=1&utmu=DAAAAAAAAAAAAAAAAAAAAAAE~

Request Chain 57

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 139

https://pixel.everesttech.net/1/m?url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Deverest%26google_hm%3D__EFGSURFER_USB64__%26google_push%3DAQvitULoEWy9BGMzGwXh7k7vBj99HKBExneikDzB7x1Fe50aLrWCW6d9m5zw-sqFckza5f26ZbND9h5FAfHwx04ognSOvpmgV7iY&google_gid=CAESEHx-z6Z7uC9LHwfu2esmXAk&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WUluMVRBQUFBS0JZdFJOQA&google_push=AQvitULoEWy9BGMzGwXh7k7vBj99HKBExneikDzB7x1Fe50aLrWCW6d9m5zw-sqFckza5f26ZbND9h5FAfHwx04ognSOvpmgV7iY

Request Chain 140

https://rtb.openx.net/sync/dds?google_gid=CAESEDG0mFlo3fT2arN4Kuvkug4&google_cver=1&google_push=AQvitUJEgTVlmqfKVyI-l3rBlL0IyKSRnX-Bu4Rrea3TcPX9-tYm4kIqq-VBViTmU3Wvo68mkLHHFekFsmfkEazxPEHTofRX9h8a HTTP 302
https://rtb.openx.net/sync/dds?google_gid=CAESEDG0mFlo3fT2arN4Kuvkug4&google_cver=1&google_push=AQvitUJEgTVlmqfKVyI-l3rBlL0IyKSRnX-Bu4Rrea3TcPX9-tYm4kIqq-VBViTmU3Wvo68mkLHHFekFsmfkEazxPEHTofRX9h8a&ox_sc=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AQvitUJEgTVlmqfKVyI-l3rBlL0IyKSRnX-Bu4Rrea3TcPX9-tYm4kIqq-VBViTmU3Wvo68mkLHHFekFsmfkEazxPEHTofRX9h8a&google_hm=7R0Uxkv6yfI8HMRoQBhNiQ==

Request Chain 141

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEF8Zb1w3rKpOF9niwWg3l6M&google_cver=1&google_push=AQvitULOqghkJjrAqctbF4GToAJNe4dRG8mjcXwHOIPFW1Hs_DmVuX5PmB_4vmoyw92dexzIkfhAkgjCtKSlsEfy6den1hl8vzjH HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEF8Zb1w3rKpOF9niwWg3l6M&google_cver=1&google_push=AQvitULOqghkJjrAqctbF4GToAJNe4dRG8mjcXwHOIPFW1Hs_DmVuX5PmB_4vmoyw92dexzIkfhAkgjCtKSlsEfy6den1hl8vzjH&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=ZY_H5jnISsKF09KsCi6L7Q%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AQvitULOqghkJjrAqctbF4GToAJNe4dRG8mjcXwHOIPFW1Hs_DmVuX5PmB_4vmoyw92dexzIkfhAkgjCtKSlsEfy6den1hl8vzjH

Request Chain 142

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEEr93zzyyZkqi8jSAXQiwsc&google_cver=1&google_push=AQvitUJSkIFR_Nb-LMUxmECMqd6_NOqRNt4wJqPkFE_9fIgTEQqHZutZxGs8Xnm4xt-q7KevnYznQ0LYFJbx2lr2p-bK88Mh5foo HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S08yNDVITzMtNC03STdD&google_push=AQvitUJSkIFR_Nb-LMUxmECMqd6_NOqRNt4wJqPkFE_9fIgTEQqHZutZxGs8Xnm4xt-q7KevnYznQ0LYFJbx2lr2p-bK88Mh5foo

Request Chain 143

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEI3bqy7ulLgA1LU1ymCdfa4&google_cver=1&google_push=AQvitULTjzPRwRKYrjzaTezaJ7ZWuEou3WkkbSQMzTcBwqO_N63LKvAIFYdS4bkMvWYx9ZKKm3Awu7ZGXGJuM4zi0qAKAUrLpAw HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEI3bqy7ulLgA1LU1ymCdfa4&google_cver=1&google_push=AQvitULTjzPRwRKYrjzaTezaJ7ZWuEou3WkkbSQMzTcBwqO_N63LKvAIFYdS4bkMvWYx9ZKKm3Awu7ZGXGJuM4zi0qAKAUrLpAw&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YIn1TKE6r44iu1KRdGAUQAAABGkAAAAB&google_push=AQvitULTjzPRwRKYrjzaTezaJ7ZWuEou3WkkbSQMzTcBwqO_N63LKvAIFYdS4bkMvWYx9ZKKm3Awu7ZGXGJuM4zi0qAKAUrLpAw&google_cver=1&google_gid=CAESEI3bqy7ulLgA1LU1ymCdfa4

Request Chain 144

https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEOPIoqUeRUkDj_jrOBVS18A&google_cver=1&google_push=AQvitUJNMETm3GGpAUpxy5Fnl8SJARF_j1FsUzBiboBmjrpOxA6ql0W__TihgGpuy9ki4_RAhy__S1bFVi_jE6XUH4SPqAw8kcxc HTTP 301
https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AQvitUJNMETm3GGpAUpxy5Fnl8SJARF_j1FsUzBiboBmjrpOxA6ql0W__TihgGpuy9ki4_RAhy__S1bFVi_jE6XUH4SPqAw8kcxc&google_hm=

156 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK / Show response
online.the3rdage.net/ 4 KB
2 KB 349ms
42ms Document
text/html 185.17.144.132
LEASEWEB-DE-FRA-10

General

Check archive.org

Show headers Download Go to

Full URL: http://online.the3rdage.net/
Protocol: HTTP/1.1
Server: 185.17.144.132 , Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS: ripper.icetex-hosting.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 2854680526ddb8f83d2fc8ad6e6373ccef0c27d191d0848ed800e2a44f66564a

Request headers

Host: online.the3rdage.net
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Server: nginx/1.14.0 (Ubuntu)
Date: Wed, 28 Apr 2021 23:52:37 GMT
Content-Type: text/html
Last-Modified: Sun, 05 Nov 2017 20:44:10 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"59ff781a-fd2"
Content-Encoding: gzip

GET
H/1.1 200
OK style.css
online.the3rdage.net/style/ 15 KB
15 KB 28ms
27ms Stylesheet
text/css 185.17.144.132
LEASEWEB-DE-FRA-10

General

Check archive.org

Show headers Download Go to

Full URL: http://online.the3rdage.net/style/style.css
Requested by: Host: online.the3rdage.net
URL: http://online.the3rdage.net/
Protocol: HTTP/1.1
Server: 185.17.144.132 , Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS: ripper.icetex-hosting.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: d40be97635358c67c894ac7ae28aca38629260c97c097823c4105b6a5742f540

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: online.the3rdage.net
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://online.the3rdage.net/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://online.the3rdage.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 28 Apr 2021 23:52:37 GMT
Last-Modified: Sun, 05 Nov 2017 20:43:54 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "59ff780a-3ba1"
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 15265

GET
H/1.1 200
OK adscript.js Show response
ads.revora.net/static/ 7 KB
3 KB 29ms
7ms Script
application/javascript 2a00:c98:2050:a054:4::
LEASEWEB-DE-FRA-10

General

Check archive.org

Show headers Download Go to

Full URL: http://ads.revora.net/static/adscript.js
Requested by: Host: online.the3rdage.net
URL: http://online.the3rdage.net/
Protocol: HTTP/1.1
Server: 2a00:c98:2050:a054:4:: , Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS
Software: Apache/2 /
Resource Hash: 72741acd66724a989274233e8d64bb667389ec0bff47750ecf9099ae5d0c784e

Request headers

Referer: http://online.the3rdage.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 28 Apr 2021 23:52:37 GMT
Content-Encoding: gzip
Last-Modified: Fri, 13 May 2016 17:54:41 GMT
Server: Apache/2
ETag: "1a45-532bcf8163a40-gzip"
Vary: Accept-Encoding,User-Agent
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Accept-Ranges: bytes
Content-Type: application/javascript
Keep-Alive: timeout=2, max=100
Content-Length: 2424

GET
H/1.1 200
OK bootstrap-carousel.css
online.the3rdage.net/style/ 4 KB
4 KB 44ms
31ms Stylesheet
text/css 185.17.144.132
LEASEWEB-DE-FRA-10

General

Check archive.org

Show headers Download Go to

Full URL: http://online.the3rdage.net/style/bootstrap-carousel.css
Requested by: Host: online.the3rdage.net
URL: http://online.the3rdage.net/
Protocol: HTTP/1.1
Server: 185.17.144.132 , Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS: ripper.icetex-hosting.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: f36c969375f6fe75aa1dacfbb4824eae8bbf87023d9b01d28f7e24f396db446b

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: online.the3rdage.net
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://online.the3rdage.net/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://online.the3rdage.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 28 Apr 2021 23:52:37 GMT
Last-Modified: Sun, 05 Nov 2017 20:43:54 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "59ff780a-1077"
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4215

GET
H/1.1 200
OK bar.js Show response
bar.revora.net/ 2 KB
1 KB 28ms
7ms Script
application/javascript 2a00:c98:2050:a054:4::
LEASEWEB-DE-FRA-10

General

Check archive.org

Show headers Download Go to

Full URL: http://bar.revora.net/bar.js
Requested by: Host: online.the3rdage.net
URL: http://online.the3rdage.net/
Protocol: HTTP/1.1
Server: 2a00:c98:2050:a054:4:: , Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS
Software: Apache/2 /
Resource Hash: fc23d6412c7b248fab040a2b6639ff2e8b7fc8fe04ae8dc2595c48bdd0c29910

Request headers

Referer: http://online.the3rdage.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 28 Apr 2021 23:52:37 GMT
Content-Encoding: gzip
Last-Modified: Thu, 12 May 2016 23:45:12 GMT
Server: Apache/2
ETag: "674-532adbfca7200-gzip"
Vary: Accept-Encoding,User-Agent
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Accept-Ranges: bytes
Content-Type: application/javascript
Keep-Alive: timeout=2, max=100
Content-Length: 675

GET
H/1.1 200
OK logo_t3aonline.png
online.the3rdage.net/images/ 33 KB
33 KB 25ms
24ms Image
image/png 185.17.144.132
LEASEWEB-DE-FRA-10

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://online.the3rdage.net/images/logo_t3aonline.png
Requested by: Host: online.the3rdage.net
URL: http://online.the3rdage.net/
Protocol: HTTP/1.1
Server: 185.17.144.132 , Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS: ripper.icetex-hosting.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: ed19bf4f63123be89ef2e9d7469f158359da2c3d89ccdfea44ce0b2f3175757e

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: online.the3rdage.net
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://online.the3rdage.net/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://online.the3rdage.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 28 Apr 2021 23:52:37 GMT
Last-Modified: Sun, 05 Nov 2017 20:43:31 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "59ff77f3-8311"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 33553

GET
H/1.1 200
OK logo_t3a.png
online.the3rdage.net/images/ 68 KB
69 KB 25ms
24ms Image
image/png 185.17.144.132
LEASEWEB-DE-FRA-10

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://online.the3rdage.net/images/logo_t3a.png
Requested by: Host: online.the3rdage.net
URL: http://online.the3rdage.net/
Protocol: HTTP/1.1
Server: 185.17.144.132 , Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS: ripper.icetex-hosting.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 4127736fe523600d9c8cd4c1266c5c51798f15a373e97755c2c834fd6088e36a

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: online.the3rdage.net
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://online.the3rdage.net/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://online.the3rdage.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 28 Apr 2021 23:52:37 GMT
Last-Modified: Sun, 05 Nov 2017 20:43:31 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "59ff77f3-11137"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 69943

GET
H/1.1 200
OK frame_tc.png
online.the3rdage.net/images/ 4 KB
5 KB 33ms
25ms Image
image/png 185.17.144.132
LEASEWEB-DE-FRA-10

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://online.the3rdage.net/images/frame_tc.png
Requested by: Host: online.the3rdage.net
URL: http://online.the3rdage.net/
Protocol: HTTP/1.1
Server: 185.17.144.132 , Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS: ripper.icetex-hosting.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 2471cf34ff0fcf1018f427e15b20f624dc61c37a98cfebb429f5918f3d0970c5

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: online.the3rdage.net
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://online.the3rdage.net/
Cookie: __utma=80656457.167988659.1619653958.1619653958.1619653958.1; __utmc=80656457; __utmz=80656457.1619653958.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt=1; __utmb=80656457.1.10.1619653958
Connection: keep-alive
Cache-Control: no-cache
Referer: http://online.the3rdage.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 28 Apr 2021 23:52:38 GMT
Last-Modified: Sun, 05 Nov 2017 20:43:28 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "59ff77f0-1193"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4499

GET
H/1.1 200
OK frame_lc.png
online.the3rdage.net/images/ 5 KB
5 KB 62ms
24ms Image
image/png 185.17.144.132
LEASEWEB-DE-FRA-10

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://online.the3rdage.net/images/frame_lc.png
Requested by: Host: online.the3rdage.net
URL: http://online.the3rdage.net/
Protocol: HTTP/1.1
Server: 185.17.144.132 , Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS: ripper.icetex-hosting.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: ef64649cc13231b80be0fc92ce6d7dd8c9a474cb8c941796549800cd79520a97

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: online.the3rdage.net
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://online.the3rdage.net/
Cookie: __utma=80656457.167988659.1619653958.1619653958.1619653958.1; __utmc=80656457; __utmz=80656457.1619653958.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt=1; __utmb=80656457.1.10.1619653958
Connection: keep-alive
Cache-Control: no-cache
Referer: http://online.the3rdage.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 28 Apr 2021 23:52:38 GMT
Last-Modified: Sun, 05 Nov 2017 20:43:29 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "59ff77f1-12e1"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4833

GET
H/1.1 200
OK frame_rc.png
online.the3rdage.net/images/ 5 KB
5 KB 73ms
24ms Image
image/png 185.17.144.132
LEASEWEB-DE-FRA-10

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://online.the3rdage.net/images/frame_rc.png
Requested by: Host: online.the3rdage.net
URL: http://online.the3rdage.net/
Protocol: HTTP/1.1
Server: 185.17.144.132 , Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS: ripper.icetex-hosting.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: ec1c81d004f3a59fb1360e1a3d31ee5ec8343149f953a4a9ef29a0f754128522

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: online.the3rdage.net
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://online.the3rdage.net/
Cookie: __utma=80656457.167988659.1619653958.1619653958.1619653958.1; __utmc=80656457; __utmz=80656457.1619653958.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt=1; __utmb=80656457.1.10.1619653958
Connection: keep-alive
Cache-Control: no-cache
Referer: http://online.the3rdage.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 28 Apr 2021 23:52:38 GMT
Last-Modified: Sun, 05 Nov 2017 20:43:28 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "59ff77f0-1255"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4693

GET
H/1.1 200
OK frame_bc.png
online.the3rdage.net/images/ 4 KB
5 KB 74ms
25ms Image
image/png 185.17.144.132
LEASEWEB-DE-FRA-10

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://online.the3rdage.net/images/frame_bc.png
Requested by: Host: online.the3rdage.net
URL: http://online.the3rdage.net/
Protocol: HTTP/1.1
Server: 185.17.144.132 , Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS: ripper.icetex-hosting.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 732f27153a5a21e285b6a5a5037fa7a72e5a4758b37d681965bdf66420a38a14

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: online.the3rdage.net
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://online.the3rdage.net/
Cookie: __utma=80656457.167988659.1619653958.1619653958.1619653958.1; __utmc=80656457; __utmz=80656457.1619653958.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt=1; __utmb=80656457.1.10.1619653958
Connection: keep-alive
Cache-Control: no-cache
Referer: http://online.the3rdage.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 28 Apr 2021 23:52:38 GMT
Last-Modified: Sun, 05 Nov 2017 20:43:30 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "59ff77f2-1118"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4376

GET
H2

200

ga.js Show response
www.google-analytics.com/
Redirect Chain

http://www.google-analytics.com/ga.js
https://www.google-analytics.com/ga.js

45 KB
17 KB

6ms
6ms

Script
text/javascript

2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/ga.js

Requested by

Host: online.the3rdage.net
URL: http://online.the3rdage.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://online.the3rdage.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 09 Apr 2021 23:59:54 GMT
server: Golfe2
age: 3504
date: Wed, 28 Apr 2021 22:54:13 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17168
expires: Thu, 29 Apr 2021 00:54:13 GMT

Redirect headers

Location: https://www.google-analytics.com/ga.js
Non-Authoritative-Reason: HSTS

GET
H3-29

200

__utm.gif
www.google-analytics.com/r/
Redirect Chain

http://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=297832695&utmhn=online.the3rdage.net&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=T...
https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=297832695&utmhn=online.the3rdage.net&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=...

35 B
54 B

23ms
21ms

Image
image/gif

2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=297832695&utmhn=online.the3rdage.net&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=T3A%3AOnline%20-%20The%20Return%20of%20BFME%20Multiplayer&utmhid=1443133843&utmr=-&utmp=%2F&utmht=1619653957995&utmac=UA-6027426-1&utmcc=__utma%3D80656457.167988659.1619653958.1619653958.1619653958.1%3B%2B__utmz%3D80656457.1619653958.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1011959749&utmredir=1&utmu=DAAAAAAAAAAAAAAAAAAAAAAE~

Requested by

Host: online.the3rdage.net
URL: http://online.the3rdage.net/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://online.the3rdage.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Apr 2021 23:52:38 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=297832695&utmhn=online.the3rdage.net&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=T3A%3AOnline%20-%20The%20Return%20of%20BFME%20Multiplayer&utmhid=1443133843&utmr=-&utmp=%2F&utmht=1619653957995&utmac=UA-6027426-1&utmcc=__utma%3D80656457.167988659.1619653958.1619653958.1619653958.1%3B%2B__utmz%3D80656457.1619653958.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1011959749&utmredir=1&utmu=DAAAAAAAAAAAAAAAAAAAAAAE~
Non-Authoritative-Reason: HSTS

GET
H/1.1 200
OK bar_system.js Show response
bar.revora.net/ 11 KB
3 KB 15ms
7ms Script
application/javascript 2a00:c98:2050:a054:4::
LEASEWEB-DE-FRA-10

General

Check archive.org

Show headers Download Go to

Full URL: http://bar.revora.net/bar_system.js
Requested by: Host: bar.revora.net
URL: http://bar.revora.net/bar.js
Protocol: HTTP/1.1
Server: 2a00:c98:2050:a054:4:: , Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS
Software: Apache/2 /
Resource Hash: c4ef859427cb7724627a9c82fcf5323dd28c36bd9b22b89e5c06ffb3dc8c06e0

Request headers

Referer: http://online.the3rdage.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 28 Apr 2021 23:52:38 GMT
Content-Encoding: gzip
Last-Modified: Wed, 02 Jul 2014 22:26:43 GMT
Server: Apache/2
ETag: "2cb1-4fd3d6305cec0-gzip"
Vary: Accept-Encoding,User-Agent
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Accept-Ranges: bytes
Content-Type: application/javascript
Keep-Alive: timeout=2, max=100
Content-Length: 2600

GET
H/1.1 200
OK rnb_default.css
bar.revora.net/ 5 KB
2 KB 9ms
7ms Stylesheet
text/css 2a00:c98:2050:a054:4::
LEASEWEB-DE-FRA-10

General

Check archive.org

Show headers Download Go to

Full URL: http://bar.revora.net/rnb_default.css
Requested by: Host: bar.revora.net
URL: http://bar.revora.net/bar.js
Protocol: HTTP/1.1
Server: 2a00:c98:2050:a054:4:: , Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS
Software: Apache/2 /
Resource Hash: a7156badf9e06c20cec6608b802cb82633c3bafaf62ba711c0d1c95245113a73

Request headers

Referer: http://online.the3rdage.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 28 Apr 2021 23:52:38 GMT
Content-Encoding: gzip
Last-Modified: Thu, 12 May 2016 23:56:31 GMT
Server: Apache/2
ETag: "14a1-532ade84329c0-gzip"
Vary: Accept-Encoding,User-Agent
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=99
Content-Length: 1737

GET
H/1.1 200
OK bar_content.js Show response
bar.revora.net/ 40 KB
7 KB 16ms
9ms Script
application/javascript 2a00:c98:2050:a054:4::
LEASEWEB-DE-FRA-10

General

Check archive.org

Show headers Download Go to

Full URL: http://bar.revora.net/bar_content.js
Requested by: Host: bar.revora.net
URL: http://bar.revora.net/bar.js
Protocol: HTTP/1.1
Server: 2a00:c98:2050:a054:4:: , Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS
Software: Apache/2 /
Resource Hash: 23d98d3f1c3a43aee9f4023a42127fedae05b2b67118efc3bc251854809bf8c5

Request headers

Referer: http://online.the3rdage.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 28 Apr 2021 23:52:38 GMT
Content-Encoding: gzip
Last-Modified: Wed, 18 May 2016 13:56:06 GMT
Server: Apache/2
ETag: "9fac-5331e380d8980-gzip"
Vary: Accept-Encoding,User-Agent
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Accept-Ranges: bytes
Content-Type: application/javascript
Keep-Alive: timeout=2, max=100
Content-Length: 6893

GET
H/1.1 200
OK head_bg.png
online.the3rdage.net/images/ 399 KB
399 KB 88ms
45ms Image
image/png 185.17.144.132
LEASEWEB-DE-FRA-10

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://online.the3rdage.net/images/head_bg.png
Requested by: Host: online.the3rdage.net
URL: http://online.the3rdage.net/style/style.css
Protocol: HTTP/1.1
Server: 185.17.144.132 , Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS: ripper.icetex-hosting.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 0bc6c04193084c292185fbc6e8482e797e9e378f61bc228a8ca52e19a9d9a9ba

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: online.the3rdage.net
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://online.the3rdage.net/style/style.css
Cookie: __utma=80656457.167988659.1619653958.1619653958.1619653958.1; __utmc=80656457; __utmz=80656457.1619653958.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt=1; __utmb=80656457.1.10.1619653958
Connection: keep-alive
Cache-Control: no-cache
Referer: http://online.the3rdage.net/style/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 28 Apr 2021 23:52:38 GMT
Last-Modified: Sun, 05 Nov 2017 20:43:28 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "59ff77f0-63a98"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 408216

GET
H/1.1 200
OK userbar_bg.png
online.the3rdage.net/images/ 6 KB
6 KB 36ms
34ms Image
image/png 185.17.144.132
LEASEWEB-DE-FRA-10

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://online.the3rdage.net/images/userbar_bg.png
Requested by: Host: online.the3rdage.net
URL: http://online.the3rdage.net/style/style.css
Protocol: HTTP/1.1
Server: 185.17.144.132 , Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS: ripper.icetex-hosting.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 884bf116007f250562b57f28d782d80b6130ed7343942aced03a08dd049b15bd

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: online.the3rdage.net
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://online.the3rdage.net/style/style.css
Cookie: __utma=80656457.167988659.1619653958.1619653958.1619653958.1; __utmc=80656457; __utmz=80656457.1619653958.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt=1; __utmb=80656457.1.10.1619653958
Connection: keep-alive
Cache-Control: no-cache
Referer: http://online.the3rdage.net/style/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 28 Apr 2021 23:52:38 GMT
Last-Modified: Sun, 05 Nov 2017 20:43:31 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "59ff77f3-1866"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 6246

GET
H/1.1 200
OK bg.png
online.the3rdage.net/images/ 8 KB
8 KB 34ms
33ms Image
image/png 185.17.144.132
LEASEWEB-DE-FRA-10

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://online.the3rdage.net/images/bg.png
Requested by: Host: online.the3rdage.net
URL: http://online.the3rdage.net/style/style.css
Protocol: HTTP/1.1
Server: 185.17.144.132 , Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS: ripper.icetex-hosting.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: fa9bf85920aefa3e221aef0d61a71a95b213faf0874ede1f393152f42e7ac7cd

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: online.the3rdage.net
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://online.the3rdage.net/style/style.css
Cookie: __utma=80656457.167988659.1619653958.1619653958.1619653958.1; __utmc=80656457; __utmz=80656457.1619653958.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt=1; __utmb=80656457.1.10.1619653958
Connection: keep-alive
Cache-Control: no-cache
Referer: http://online.the3rdage.net/style/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 28 Apr 2021 23:52:38 GMT
Last-Modified: Sun, 05 Nov 2017 20:43:28 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "59ff77f0-202e"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 8238

GET
H/1.1 200
OK frame_tl.png
online.the3rdage.net/images/ 308 B
555 B 34ms
32ms Image
image/png 185.17.144.132
LEASEWEB-DE-FRA-10

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://online.the3rdage.net/images/frame_tl.png
Requested by: Host: online.the3rdage.net
URL: http://online.the3rdage.net/style/style.css
Protocol: HTTP/1.1
Server: 185.17.144.132 , Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS: ripper.icetex-hosting.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 66a0577fea988532c0eb95fc61c41ac6eac979e6c9771493fab516f71ab13c11

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: online.the3rdage.net
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://online.the3rdage.net/style/style.css
Cookie: __utma=80656457.167988659.1619653958.1619653958.1619653958.1; __utmc=80656457; __utmz=80656457.1619653958.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt=1; __utmb=80656457.1.10.1619653958
Connection: keep-alive
Cache-Control: no-cache
Referer: http://online.the3rdage.net/style/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 28 Apr 2021 23:52:38 GMT
Last-Modified: Sun, 05 Nov 2017 20:43:30 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "59ff77f2-134"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 308

GET
H/1.1 200
OK frame_t.png
online.the3rdage.net/images/ 299 B
546 B 46ms
25ms Image
image/png 185.17.144.132
LEASEWEB-DE-FRA-10

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://online.the3rdage.net/images/frame_t.png
Requested by: Host: online.the3rdage.net
URL: http://online.the3rdage.net/style/style.css
Protocol: HTTP/1.1
Server: 185.17.144.132 , Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS: ripper.icetex-hosting.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 1b8c66888665edcd9465ce192cf5ba528880a75047fa57950b7843666d0c0e03

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: online.the3rdage.net
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://online.the3rdage.net/style/style.css
Cookie: __utma=80656457.167988659.1619653958.1619653958.1619653958.1; __utmc=80656457; __utmz=80656457.1619653958.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt=1; __utmb=80656457.1.10.1619653958
Connection: keep-alive
Cache-Control: no-cache
Referer: http://online.the3rdage.net/style/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 28 Apr 2021 23:52:38 GMT
Last-Modified: Sun, 05 Nov 2017 20:43:31 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "59ff77f3-12b"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 299

GET
H/1.1 200
OK frame_tr.png
online.the3rdage.net/images/ 320 B
567 B 37ms
35ms Image
image/png 185.17.144.132
LEASEWEB-DE-FRA-10

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://online.the3rdage.net/images/frame_tr.png
Requested by: Host: online.the3rdage.net
URL: http://online.the3rdage.net/style/style.css
Protocol: HTTP/1.1
Server: 185.17.144.132 , Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS: ripper.icetex-hosting.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 2b42b3088b5dcdfef483335a041a4f4a0913443e6fc7dac1716db9655e88d98b

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: online.the3rdage.net
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://online.the3rdage.net/style/style.css
Cookie: __utma=80656457.167988659.1619653958.1619653958.1619653958.1; __utmc=80656457; __utmz=80656457.1619653958.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt=1; __utmb=80656457.1.10.1619653958
Connection: keep-alive
Cache-Control: no-cache
Referer: http://online.the3rdage.net/style/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 28 Apr 2021 23:52:38 GMT
Last-Modified: Sun, 05 Nov 2017 20:43:28 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "59ff77f0-140"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 320

GET
H/1.1 200
OK show_ads.js Show response
pagead2.googlesyndication.com/pagead/ 91 KB
33 KB 26ms
20ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://pagead2.googlesyndication.com/pagead/show_ads.js

Requested by

Host: ads.revora.net
URL: http://ads.revora.net/static/adscript.js

Protocol

HTTP/1.1

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7c14f29c7a023955bb4e94c3742339ce4b4aa3d639d7fc98c4045f3e46076bed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://online.the3rdage.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Timing-Allow-Origin: *
Date: Wed, 28 Apr 2021 23:52:38 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: cafe
ETag: 5162291175011496970
Vary: Accept-Encoding
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control: private, max-age=3600
Cross-Origin-Resource-Policy: cross-origin
Content-Disposition: attachment; filename="f.txt"
Content-Type: text/javascript; charset=UTF-8
Content-Length: 33087
X-XSS-Protection: 0
Expires: Wed, 28 Apr 2021 23:52:38 GMT

GET
H/1.1 200
OK section-revora.png
bar.revora.net/images/sections/ 658 B
928 B 8ms
6ms Image
image/png 2a00:c98:2050:a054:4::
LEASEWEB-DE-FRA-10

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://bar.revora.net/images/sections/section-revora.png
Requested by: Host: online.the3rdage.net
URL: http://online.the3rdage.net/
Protocol: HTTP/1.1
Server: 2a00:c98:2050:a054:4:: , Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS
Software: Apache/2 /
Resource Hash: 95b0a3950851bcf7b5d45eb07e2d18a0666077ddda9e1bc1d0766a919cc24fc1

Request headers

Referer: http://online.the3rdage.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 28 Apr 2021 23:52:38 GMT
Last-Modified: Wed, 02 Jul 2014 22:26:43 GMT
Server: Apache/2
ETag: "292-4fd3d6305cec0"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=99
Content-Length: 658

GET
H/1.1 200
OK section-cnc.png
bar.revora.net/images/sections/ 1 KB
1 KB 8ms
6ms Image
image/png 2a00:c98:2050:a054:4::
LEASEWEB-DE-FRA-10

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://bar.revora.net/images/sections/section-cnc.png
Requested by: Host: online.the3rdage.net
URL: http://online.the3rdage.net/
Protocol: HTTP/1.1
Server: 2a00:c98:2050:a054:4:: , Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS
Software: Apache/2 /
Resource Hash: 81f153eeb5f4623e923029983e8c8f0ac0f485d52e5ad9569bdcb53b9a375f54

Request headers

Referer: http://online.the3rdage.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 28 Apr 2021 23:52:38 GMT
Last-Modified: Wed, 02 Jul 2014 22:26:43 GMT
Server: Apache/2
ETag: "492-4fd3d6305cec0"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=99
Content-Length: 1170

GET
H/1.1 200
OK section-bfme.png
bar.revora.net/images/sections/ 1 KB
1 KB 8ms
6ms Image
image/png 2a00:c98:2050:a054:4::
LEASEWEB-DE-FRA-10

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://bar.revora.net/images/sections/section-bfme.png
Requested by: Host: online.the3rdage.net
URL: http://online.the3rdage.net/
Protocol: HTTP/1.1
Server: 2a00:c98:2050:a054:4:: , Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS
Software: Apache/2 /
Resource Hash: c506e90b46af2b80e36cc23516ac15fb03f00df24cda5357d434734cfa2bbfa0

Request headers

Referer: http://online.the3rdage.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 28 Apr 2021 23:52:38 GMT
Last-Modified: Wed, 02 Jul 2014 22:26:43 GMT
Server: Apache/2
ETag: "4c7-4fd3d6305cec0"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=98
Content-Length: 1223

GET
H/1.1 200
OK section-petro.png
bar.revora.net/images/sections/ 2 KB
2 KB 13ms
6ms Image
image/png 2a00:c98:2050:a054:4::
LEASEWEB-DE-FRA-10

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://bar.revora.net/images/sections/section-petro.png
Requested by: Host: online.the3rdage.net
URL: http://online.the3rdage.net/
Protocol: HTTP/1.1
Server: 2a00:c98:2050:a054:4:: , Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS
Software: Apache/2 /
Resource Hash: 94cd1b15da1857ed1637f3d9ef293650256a57d261d6e642723e6d673dd46886

Request headers

Referer: http://online.the3rdage.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 28 Apr 2021 23:52:38 GMT
Last-Modified: Wed, 02 Jul 2014 22:26:43 GMT
Server: Apache/2
ETag: "791-4fd3d6305cec0"
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Accept-Ranges: bytes
Content-Type: image/png
Keep-Alive: timeout=2, max=100
Content-Length: 1937

GET
H/1.1 200
OK section-etc.png
bar.revora.net/images/sections/ 1 KB
1 KB 15ms
7ms Image
image/png 2a00:c98:2050:a054:4::
LEASEWEB-DE-FRA-10

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://bar.revora.net/images/sections/section-etc.png
Requested by: Host: online.the3rdage.net
URL: http://online.the3rdage.net/
Protocol: HTTP/1.1
Server: 2a00:c98:2050:a054:4:: , Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS
Software: Apache/2 /
Resource Hash: 1ca7e2aaa6d6eab6748b20605586049a241c0c020ae7e4086d8f41a523f23656

Request headers

Referer: http://online.the3rdage.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 28 Apr 2021 23:52:38 GMT
Last-Modified: Wed, 02 Jul 2014 22:26:43 GMT
Server: Apache/2
ETag: "4ce-4fd3d6305cec0"
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Accept-Ranges: bytes
Content-Type: image/png
Keep-Alive: timeout=2, max=100
Content-Length: 1230

GET
H/1.1 200
OK section-donate.png
bar.revora.net/images/sections/ 1 KB
2 KB 14ms
7ms Image
image/png 2a00:c98:2050:a054:4::
LEASEWEB-DE-FRA-10

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://bar.revora.net/images/sections/section-donate.png
Requested by: Host: online.the3rdage.net
URL: http://online.the3rdage.net/
Protocol: HTTP/1.1
Server: 2a00:c98:2050:a054:4:: , Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS
Software: Apache/2 /
Resource Hash: 2eb67b833a99fb00e94d2a831c5f05d594e2332287f31269a6c12c39f17d0336

Request headers

Referer: http://online.the3rdage.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 28 Apr 2021 23:52:38 GMT
Last-Modified: Wed, 02 Jul 2014 22:26:43 GMT
Server: Apache/2
ETag: "507-4fd3d6305cec0"
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Accept-Ranges: bytes
Content-Type: image/png
Keep-Alive: timeout=2, max=100
Content-Length: 1287

GET
H/1.1 200
OK barbg.png
bar.revora.net/images/ 3 KB
3 KB 7ms
6ms Image
image/png 2a00:c98:2050:a054:4::
LEASEWEB-DE-FRA-10

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://bar.revora.net/images/barbg.png
Requested by: Host: bar.revora.net
URL: http://bar.revora.net/rnb_default.css
Protocol: HTTP/1.1
Server: 2a00:c98:2050:a054:4:: , Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS
Software: Apache/2 /
Resource Hash: a7eebede294a23e848a816188a5551725984b01ed240617fb7408c3b8eac826d

Request headers

Referer: http://bar.revora.net/rnb_default.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 28 Apr 2021 23:52:38 GMT
Last-Modified: Wed, 02 Jul 2014 22:26:43 GMT
Server: Apache/2
ETag: "b24-4fd3d6305cec0"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=97
Content-Length: 2852

GET
H/1.1 200
OK bg-notch.png
bar.revora.net/images/ 3 KB
3 KB 7ms
6ms Image
image/png 2a00:c98:2050:a054:4::
LEASEWEB-DE-FRA-10

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://bar.revora.net/images/bg-notch.png
Requested by: Host: bar.revora.net
URL: http://bar.revora.net/rnb_default.css
Protocol: HTTP/1.1
Server: 2a00:c98:2050:a054:4:: , Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS
Software: Apache/2 /
Resource Hash: 79548dceb70e56b6b956cbb4669e6bfc8e8ae7797152635d48eda12fbf2f289a

Request headers

Referer: http://bar.revora.net/rnb_default.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 28 Apr 2021 23:52:38 GMT
Last-Modified: Wed, 02 Jul 2014 22:26:43 GMT
Server: Apache/2
ETag: "b58-4fd3d6305cec0"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=98
Content-Length: 2904

GET
H2 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20210426/r20190131/ 223 KB
83 KB 46ms
27ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210426/r20190131/show_ads_impl_with_ama_fy2019.js?client=pub-3867839607390295&plah=online.the3rdage.net&amaexp=1

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e5d13a315184e4cc69d5c495682f8e5539478b0f7331165dc63e9aa4f224add0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://online.the3rdage.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Apr 2021 23:52:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 84531
x-xss-protection: 0
server: cafe
etag: 5298758904806933499
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 28 Apr 2021 23:52:38 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20210426/r20190131/ Frame 5B03 10 KB
5 KB 6ms
5ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20210426/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a5cb642ef22434a24612329870579fbb272cb9fa7475360035596ea56fb0431a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20210426/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://online.the3rdage.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://online.the3rdage.net/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Wed, 28 Apr 2021 01:16:17 GMT
expires: Wed, 12 May 2021 01:16:17 GMT
content-type: text/html; charset=UTF-8
etag: 10446291943670460780
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4644
x-xss-protection: 0
age: 81381
cache-control: public, max-age=1209600
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK frame_l.png
online.the3rdage.net/images/ 192 B
438 B 24ms
23ms Image
image/png 185.17.144.132
LEASEWEB-DE-FRA-10

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://online.the3rdage.net/images/frame_l.png
Requested by: Host: online.the3rdage.net
URL: http://online.the3rdage.net/style/style.css
Protocol: HTTP/1.1
Server: 185.17.144.132 , Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS: ripper.icetex-hosting.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 09690aff18722b3ef68e3d67f9d610ff8329373bf467cbb84c08ac20faef3fb8

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: online.the3rdage.net
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://online.the3rdage.net/style/style.css
Cookie: __utma=80656457.167988659.1619653958.1619653958.1619653958.1; __utmc=80656457; __utmz=80656457.1619653958.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt=1; __utmb=80656457.1.10.1619653958
Connection: keep-alive
Cache-Control: no-cache
Referer: http://online.the3rdage.net/style/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 28 Apr 2021 23:52:38 GMT
Last-Modified: Sun, 05 Nov 2017 20:43:31 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "59ff77f3-c0"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 192

GET
H/1.1 200
OK frame_r.png
online.the3rdage.net/images/ 312 B
559 B 25ms
23ms Image
image/png 185.17.144.132
LEASEWEB-DE-FRA-10

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://online.the3rdage.net/images/frame_r.png
Requested by: Host: online.the3rdage.net
URL: http://online.the3rdage.net/style/style.css
Protocol: HTTP/1.1
Server: 185.17.144.132 , Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS: ripper.icetex-hosting.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: cb76b11fbb1f20e04f99fa5ae8555ffd00d9fec465b72b21edea43e1ccb606fd

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: online.the3rdage.net
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://online.the3rdage.net/style/style.css
Cookie: __utma=80656457.167988659.1619653958.1619653958.1619653958.1; __utmc=80656457; __utmz=80656457.1619653958.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt=1; __utmb=80656457.1.10.1619653958
Connection: keep-alive
Cache-Control: no-cache
Referer: http://online.the3rdage.net/style/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 28 Apr 2021 23:52:38 GMT
Last-Modified: Sun, 05 Nov 2017 20:43:31 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "59ff77f3-138"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 312

GET
H/1.1 200
OK frame_bl.png
online.the3rdage.net/images/ 317 B
564 B 23ms
22ms Image
image/png 185.17.144.132
LEASEWEB-DE-FRA-10

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://online.the3rdage.net/images/frame_bl.png
Requested by: Host: online.the3rdage.net
URL: http://online.the3rdage.net/style/style.css
Protocol: HTTP/1.1
Server: 185.17.144.132 , Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS: ripper.icetex-hosting.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 81dbf3790cf70a135b5d84161bebb8b2d6fb4083e587e91886a4b7b8eb31b76f

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: online.the3rdage.net
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://online.the3rdage.net/style/style.css
Cookie: __utma=80656457.167988659.1619653958.1619653958.1619653958.1; __utmc=80656457; __utmz=80656457.1619653958.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt=1; __utmb=80656457.1.10.1619653958
Connection: keep-alive
Cache-Control: no-cache
Referer: http://online.the3rdage.net/style/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 28 Apr 2021 23:52:38 GMT
Last-Modified: Sun, 05 Nov 2017 20:43:30 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "59ff77f2-13d"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 317

GET
H/1.1 200
OK frame_b.png
online.the3rdage.net/images/ 3 KB
3 KB 25ms
23ms Image
image/png 185.17.144.132
LEASEWEB-DE-FRA-10

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://online.the3rdage.net/images/frame_b.png
Requested by: Host: online.the3rdage.net
URL: http://online.the3rdage.net/style/style.css
Protocol: HTTP/1.1
Server: 185.17.144.132 , Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS: ripper.icetex-hosting.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 2a589cc012760bf4a51613e143d3f3118f467f870f2e4014996c0c9b01419085

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: online.the3rdage.net
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://online.the3rdage.net/style/style.css
Cookie: __utma=80656457.167988659.1619653958.1619653958.1619653958.1; __utmc=80656457; __utmz=80656457.1619653958.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt=1; __utmb=80656457.1.10.1619653958
Connection: keep-alive
Cache-Control: no-cache
Referer: http://online.the3rdage.net/style/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 28 Apr 2021 23:52:38 GMT
Last-Modified: Sun, 05 Nov 2017 20:43:30 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "59ff77f2-b75"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2933

GET
H/1.1 200
OK frame_br.png
online.the3rdage.net/images/ 238 B
484 B 27ms
25ms Image
image/png 185.17.144.132
LEASEWEB-DE-FRA-10

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://online.the3rdage.net/images/frame_br.png
Requested by: Host: online.the3rdage.net
URL: http://online.the3rdage.net/style/style.css
Protocol: HTTP/1.1
Server: 185.17.144.132 , Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS: ripper.icetex-hosting.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: ef401723a5f987ab1255b0ed5b567de6c2ccb39ee9e3b6427e9034d1fc87f71c

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: online.the3rdage.net
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://online.the3rdage.net/style/style.css
Cookie: __utma=80656457.167988659.1619653958.1619653958.1619653958.1; __utmc=80656457; __utmz=80656457.1619653958.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt=1; __utmb=80656457.1.10.1619653958
Connection: keep-alive
Cache-Control: no-cache
Referer: http://online.the3rdage.net/style/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 28 Apr 2021 23:52:38 GMT
Last-Modified: Sun, 05 Nov 2017 20:43:31 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "59ff77f3-ee"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 238

GET
H/1.1 200
OK bottombar_bg.png
online.the3rdage.net/images/ 6 KB
6 KB 26ms
23ms Image
image/png 185.17.144.132
LEASEWEB-DE-FRA-10

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://online.the3rdage.net/images/bottombar_bg.png
Requested by: Host: online.the3rdage.net
URL: http://online.the3rdage.net/style/style.css
Protocol: HTTP/1.1
Server: 185.17.144.132 , Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS: ripper.icetex-hosting.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 0c11a09e52ccd3b839163bd07d94213588b23fb9aac7e09717f0dd160b8398b6

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: online.the3rdage.net
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://online.the3rdage.net/style/style.css
Cookie: __utma=80656457.167988659.1619653958.1619653958.1619653958.1; __utmc=80656457; __utmz=80656457.1619653958.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt=1; __utmb=80656457.1.10.1619653958
Connection: keep-alive
Cache-Control: no-cache
Referer: http://online.the3rdage.net/style/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 28 Apr 2021 23:52:38 GMT
Last-Modified: Sun, 05 Nov 2017 20:43:28 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "59ff77f0-1879"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 6265

GET
H/1.1 200
OK ringholder.png
online.the3rdage.net/images/ 19 KB
19 KB 28ms
24ms Image
image/png 185.17.144.132
LEASEWEB-DE-FRA-10

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://online.the3rdage.net/images/ringholder.png
Requested by: Host: online.the3rdage.net
URL: http://online.the3rdage.net/style/style.css
Protocol: HTTP/1.1
Server: 185.17.144.132 , Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS: ripper.icetex-hosting.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: a908535933dcc28f0828f9efab43b23991931bcc624ed85cf2bd3ea2a98086e7

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: online.the3rdage.net
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://online.the3rdage.net/style/style.css
Cookie: __utma=80656457.167988659.1619653958.1619653958.1619653958.1; __utmc=80656457; __utmz=80656457.1619653958.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt=1; __utmb=80656457.1.10.1619653958
Connection: keep-alive
Cache-Control: no-cache
Referer: http://online.the3rdage.net/style/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 28 Apr 2021 23:52:38 GMT
Last-Modified: Sun, 05 Nov 2017 20:43:30 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "59ff77f2-4ced"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 19693

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 203 B
639 B 83ms
29ms Script
text/javascript 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=online.the3rdage.net&callback=_gfp_s_&client=ca-pub-3867839607390295

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210426/r20190131/show_ads_impl_with_ama_fy2019.js?client=pub-3867839607390295&plah=online.the3rdage.net&amaexp=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

5c05a5e42180315f444931e81251f96ea09d36c4ec2408658e52444bf86f9079

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://online.the3rdage.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Apr 2021 23:52:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 191
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
799 B 37ms
15ms Script
application/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=online.the3rdage.net

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://online.the3rdage.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 28 Apr 2021 23:52:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
553 B 35ms
14ms Script
application/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=online.the3rdage.net

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://online.the3rdage.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 28 Apr 2021 23:52:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame CF44 55 KB
21 KB 319ms
304ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3867839607390295&output=html&h=600&slotname=2245490425&adk=2513646384&adf=955934993&pi=t.ma~as.2245490425&w=120&lmt=1509914650&url=http%3A%2F%2Fonline.the3rdage.net%2F&flash=0&wgl=1&dt=1619653958059&bpp=24&bdt=133&idt=88&shv=r20210426&cbv=r20190131&ptt=5&saldr=sa&abxe=1&correlator=8265793670272&frm=20&pv=2&ga_vid=167988659.1619653958&ga_sid=1619653958&ga_hid=1443133843&ga_fc=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1458&ady=306&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066433&oid=3&pvsid=1397964089763358&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&xpc=njY0IfOUrt&p=http%3A//online.the3rdage.net&dtd=108

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f38ffa971c63258acc757d2f96de3a613435032dc95723c7c038eedb18c808a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-3867839607390295&output=html&h=600&slotname=2245490425&adk=2513646384&adf=955934993&pi=t.ma~as.2245490425&w=120&lmt=1509914650&url=http%3A%2F%2Fonline.the3rdage.net%2F&flash=0&wgl=1&dt=1619653958059&bpp=24&bdt=133&idt=88&shv=r20210426&cbv=r20190131&ptt=5&saldr=sa&abxe=1&correlator=8265793670272&frm=20&pv=2&ga_vid=167988659.1619653958&ga_sid=1619653958&ga_hid=1443133843&ga_fc=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1458&ady=306&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066433&oid=3&pvsid=1397964089763358&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&xpc=njY0IfOUrt&p=http%3A//online.the3rdage.net&dtd=108
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://online.the3rdage.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://online.the3rdage.net/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Wed, 28 Apr 2021 23:52:38 GMT
server: cafe
content-length: 21343
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Thu, 29-Apr-2021 00:07:38 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 28 Apr 2021 23:52:38 GMT
cache-control: private

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 73 KB
28 KB 34ms
13ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5c96c91c4ab2c0572ec8371c0f49d9f722eb71ae47224f29eabadf59f5fabe8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://online.the3rdage.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Apr 2021 23:52:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1619188783439141"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28201
x-xss-protection: 0
expires: Wed, 28 Apr 2021 23:52:38 GMT

GET
H2 200 17001837757989653194
tpc.googlesyndication.com/simgad/ Frame CF44 19 KB
19 KB 33ms
13ms Image
image/png 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/17001837757989653194?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qlqtC6gStp6hQSYpGOUOjPwSVG-wg

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3867839607390295&output=html&h=600&slotname=2245490425&adk=2513646384&adf=955934993&pi=t.ma~as.2245490425&w=120&lmt=1509914650&url=http%3A%2F%2Fonline.the3rdage.net%2F&flash=0&wgl=1&dt=1619653958059&bpp=24&bdt=133&idt=88&shv=r20210426&cbv=r20190131&ptt=5&saldr=sa&abxe=1&correlator=8265793670272&frm=20&pv=2&ga_vid=167988659.1619653958&ga_sid=1619653958&ga_hid=1443133843&ga_fc=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1458&ady=306&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066433&oid=3&pvsid=1397964089763358&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&xpc=njY0IfOUrt&p=http%3A//online.the3rdage.net&dtd=108

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fefb83f6264d1e1d776051304a57aab90305397dda8e4b517eee088e2ae9c459

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 22 Apr 2021 15:35:48 GMT
x-content-type-options: nosniff
last-modified: Mon, 15 Mar 2021 17:47:45 GMT
server: sffe
age: 548210
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19165
x-xss-protection: 0
expires: Fri, 22 Apr 2022 15:35:48 GMT

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210426/r20110914/ Frame CF44 17 KB
7 KB 26ms
5ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210426/r20110914/abg_lite_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e0fad38c04932f3e71581d5ca798b326778fc0e54e3823de3b0f9eddbef0892e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Apr 2021 23:21:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1881
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7028
x-xss-protection: 0
server: cafe
etag: 12352184217982932987
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 12 May 2021 23:21:17 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210426/r20110914/client/ Frame CF44 2 KB
1 KB 29ms
11ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210426/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Apr 2021 23:46:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 358
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 12 May 2021 23:46:40 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame CF44 116 KB
35 KB 28ms
14ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d76c09ea49a67623c581149d87ec821d813b9302aea4f871df16156cd1d28a53

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Apr 2021 23:52:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1619188777539687"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36031
x-xss-protection: 0
expires: Wed, 28 Apr 2021 23:52:38 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210426/r20110914/client/ Frame CF44 13 KB
6 KB 24ms
6ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210426/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

439ab67fa3c312bb442bed574ea79be834dbd92f3bd7d2288b6f3fce4d0afb0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Apr 2021 23:41:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 690
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5604
x-xss-protection: 0
server: cafe
etag: 2846967340006788112
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 12 May 2021 23:41:08 GMT

GET
H2 200 one_click_handler_one_afma_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210426/r20110914/client/ Frame CF44 25 KB
10 KB 29ms
12ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210426/r20110914/client/one_click_handler_one_afma_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef701bcdb11abe6ee6b906497f307cf8591be7b46258e201b2da192ba009e308

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Apr 2021 14:38:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 33263
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10420
x-xss-protection: 0
server: cafe
etag: 5410920360913075790
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 12 May 2021 14:38:15 GMT

GET
H2 200 bg_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210426/r20110914/elements/html/ Frame CF44 6 KB
3 KB 30ms
12ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210426/r20110914/elements/html/bg_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3064051b55452898041bd544760775c16f1745bdf57f68f7178e85ba5d251803

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Apr 2021 20:39:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 11615
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2682
x-xss-protection: 0
server: cafe
etag: 2526539418818066319
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 12 May 2021 20:39:03 GMT

GET
H3-29 200 adview
googleads.g.doubleclick.net/pagead/ Frame CF44 0
0 17ms
17ms Fetch
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=Ckij4RvWJYKaYDNSPgAe-4aXoD7CWi_thz4nIkaUOrOri7o4bEAEg2vPrEGCViriCyAegAcLF6dYDyAECqAMByAPJBKoEvAFP0O3H1ePr-o8SrTHcIv0plHBThvbpADrwpxlTA8Z_83mJGxeI-S3oGnSeyvgnKdjLOTnIZRHGSP8BW0B3PdnxzjA2f8h2Svjiev-hh-NVBpQRyu7EHfgCA4cVn_bs7aFscB4Jvuu7w9s9Z5Tnbl2j-s2_GWK4Wez3Ood0_JsKd8GAQCVt90gdR1y6SLX6th241Cjk45Mouf2JMRQ_H_Xbpmh4nwnbV5wyOPDmjclAMFB_Ka6lRNo1pIcn0cAEvI7G3b8DkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBgKAB6v9jz-oB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfs1RvYBwHyBwQQ2dMh0ggJCIDhgBAQARgfgAoByAsB2BMCshcaChgIABIUcHViLTM4Njc4Mzk2MDczOTAyOTU&sigh=MRGS9f2gXsE

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3867839607390295&output=html&h=600&slotname=2245490425&adk=2513646384&adf=955934993&pi=t.ma~as.2245490425&w=120&lmt=1509914650&url=http%3A%2F%2Fonline.the3rdage.net%2F&flash=0&wgl=1&dt=1619653958059&bpp=24&bdt=133&idt=88&shv=r20210426&cbv=r20190131&ptt=5&saldr=sa&abxe=1&correlator=8265793670272&frm=20&pv=2&ga_vid=167988659.1619653958&ga_sid=1619653958&ga_hid=1443133843&ga_fc=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1458&ady=306&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066433&oid=3&pvsid=1397964089763358&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&xpc=njY0IfOUrt&p=http%3A//online.the3rdage.net&dtd=108
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Wed, 28 Apr 2021 23:52:38 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Wed, 28 Apr 2021 23:52:38 GMT

GET
H3-29 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 69DA 143 B
163 B 6ms
6ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/s?v=r20120211
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3867839607390295&output=html&h=600&slotname=2245490425&adk=2513646384&adf=955934993&pi=t.ma~as.2245490425&w=120&lmt=1509914650&url=http%3A%2F%2Fonline.the3rdage.net%2F&flash=0&wgl=1&dt=1619653958059&bpp=24&bdt=133&idt=88&shv=r20210426&cbv=r20190131&ptt=5&saldr=sa&abxe=1&correlator=8265793670272&frm=20&pv=2&ga_vid=167988659.1619653958&ga_sid=1619653958&ga_hid=1443133843&ga_fc=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1458&ady=306&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066433&oid=3&pvsid=1397964089763358&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&xpc=njY0IfOUrt&p=http%3A//online.the3rdage.net&dtd=108
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUl34tWF8VgR7Hk6LlLXrNG5Ji3dOMz3ZBA5WGRdxNUK95rlymvTmujSll5V4T4
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3867839607390295&output=html&h=600&slotname=2245490425&adk=2513646384&adf=955934993&pi=t.ma~as.2245490425&w=120&lmt=1509914650&url=http%3A%2F%2Fonline.the3rdage.net%2F&flash=0&wgl=1&dt=1619653958059&bpp=24&bdt=133&idt=88&shv=r20210426&cbv=r20190131&ptt=5&saldr=sa&abxe=1&correlator=8265793670272&frm=20&pv=2&ga_vid=167988659.1619653958&ga_sid=1619653958&ga_hid=1443133843&ga_fc=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1458&ady=306&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066433&oid=3&pvsid=1397964089763358&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&xpc=njY0IfOUrt&p=http%3A//online.the3rdage.net&dtd=108

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Wed, 28 Apr 2021 22:56:55 GMT
server: safe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 3343
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame CF44 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c06a43e1f02cade40f66a2458b5ec7dd99897db2d5483a1fa106652e11e88dd6

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 133 KB
47 KB 36ms
22ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b39b55f8696f4865e79b1ba6e61c5d287c670c2697af851e416983a45c990063

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://online.the3rdage.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Apr 2021 23:52:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48343
x-xss-protection: 0
server: cafe
etag: 3061156273208685884
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 28 Apr 2021 23:52:38 GMT

GET
H3-29 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 9 KB
7 KB 30ms
17ms XHR
application/json 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210426&st=env

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5123322dc2e6fa871632d8c88474ab46aab39ccb44ebfca69956c364c8844a42

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://online.the3rdage.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 28 Apr 2021 23:52:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6950
x-xss-protection: 0

GET
H3-29

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 69DA
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
16 B

14ms
14ms

Document
text/html

2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/si
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUl34tWF8VgR7Hk6LlLXrNG5Ji3dOMz3ZBA5WGRdxNUK95rlymvTmujSll5V4T4
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Wed, 28 Apr 2021 23:52:38 GMT
server: safe
content-length: 0
x-xss-protection: 0
set-cookie: DSID=NO_DATA; expires=Thu, 29-Apr-2021 00:52:38 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 28 Apr 2021 23:52:38 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Wed, 28 Apr 2021 23:52:38 GMT
server: safe
content-length: 246
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 kDRksX2Ww4e_xNClAyIBt4DTtML4DGkgzzkDas1N7gE.js Show response
pagead2.googlesyndication.com/bg/ Frame 539F 14 KB
6 KB 19ms
6ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/kDRksX2Ww4e_xNClAyIBt4DTtML4DGkgzzkDas1N7gE.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/js/r20210426/r20110914/elements/html/bg_fy2019.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

903464b17d96c387bfc4d0a5032201b780d3b4c2f80c6920cf39036acd4dee01

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Apr 2021 18:31:12 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 22 Apr 2021 15:58:00 GMT
server: sffe
age: 19286
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5651
x-xss-protection: 0
expires: Thu, 28 Apr 2022 18:31:12 GMT

GET
H3-29 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 28ms
14ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://online.the3rdage.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Apr 2021 23:52:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1616005470650935"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6437
x-xss-protection: 0
expires: Wed, 28 Apr 2021 23:52:38 GMT

GET
H3-29 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 30ms
16ms Script
application/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=online.the3rdage.net

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://online.the3rdage.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 28 Apr 2021 23:52:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 29ms
15ms Script
application/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=online.the3rdage.net

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://online.the3rdage.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 28 Apr 2021 23:52:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame EBF7 0
16 B 16ms
16ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3867839607390295&output=html&adk=1812271804&adf=3025194257&lmt=1509914650&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=http%3A%2F%2Fonline.the3rdage.net%2F&ea=0&flash=0&pra=7&wgl=1&dt=1619653958713&bpp=4&bdt=787&idt=4&shv=r20210426&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3fd29073e922ec90-225005a4f6c70011%3AT%3D1619653958%3ART%3D1619653958%3AS%3DALNI_Mah4cbyLDoOHPALxbaprirTFsBotg&prev_slotnames=2245490425&nras=1&correlator=8265793670272&frm=20&pv=1&ga_vid=167988659.1619653958&ga_sid=1619653958&ga_hid=1443133843&ga_fc=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066433&oid=3&psts=AGkb-H8keoNMnxbEHloJbt6X4UD9AVximlKef0nag6VOglCkMIjSjqr-FoOA4MdOMWy2QJoO1V7WXHIyOOQ&pvsid=1397964089763358&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&dtd=10

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-3867839607390295&output=html&adk=1812271804&adf=3025194257&lmt=1509914650&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=http%3A%2F%2Fonline.the3rdage.net%2F&ea=0&flash=0&pra=7&wgl=1&dt=1619653958713&bpp=4&bdt=787&idt=4&shv=r20210426&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3fd29073e922ec90-225005a4f6c70011%3AT%3D1619653958%3ART%3D1619653958%3AS%3DALNI_Mah4cbyLDoOHPALxbaprirTFsBotg&prev_slotnames=2245490425&nras=1&correlator=8265793670272&frm=20&pv=1&ga_vid=167988659.1619653958&ga_sid=1619653958&ga_hid=1443133843&ga_fc=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066433&oid=3&psts=AGkb-H8keoNMnxbEHloJbt6X4UD9AVximlKef0nag6VOglCkMIjSjqr-FoOA4MdOMWy2QJoO1V7WXHIyOOQ&pvsid=1397964089763358&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&dtd=10
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://online.the3rdage.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUl34tWF8VgR7Hk6LlLXrNG5Ji3dOMz3ZBA5WGRdxNUK95rlymvTmujSll5V4T4; DSID=NO_DATA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://online.the3rdage.net/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Wed, 28 Apr 2021 23:52:38 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/222/ Frame 395C 12 KB
5 KB 6ms
6ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/222/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://online.the3rdage.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://online.the3rdage.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5022
date: Wed, 28 Apr 2021 23:28:37 GMT
expires: Thu, 28 Apr 2022 23:28:37 GMT
last-modified: Wed, 20 Jan 2021 19:23:06 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 1441
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 kDRksX2Ww4e_xNClAyIBt4DTtML4DGkgzzkDas1N7gE.js Show response
pagead2.googlesyndication.com/bg/ Frame 395C 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/kDRksX2Ww4e_xNClAyIBt4DTtML4DGkgzzkDas1N7gE.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

903464b17d96c387bfc4d0a5032201b780d3b4c2f80c6920cf39036acd4dee01

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Apr 2021 18:31:12 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 22 Apr 2021 15:58:00 GMT
server: sffe
age: 19286
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5651
x-xss-protection: 0
expires: Thu, 28 Apr 2022 18:31:12 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 15ms
15ms Image
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=222&t=2&li=gda_r20210426&jk=1397964089763358&bg=!pKelp-PNAAZLnZBaS507ACkAdvg8WnMQWlk6jukuCXF_LJby4tyl1k2MBr4-mdtlCpg2wGeCiE44iwIAAABaUgAAAAxoAQeZAh-nplMzQvz4ly_dLT3Gb34j2Ap_H12B0585VT-SL3JxXdWTGxV4off7WNnha4ebs9OVzO6HqSc2MYzLh_Py12zpt5xBJvWSwpfz8xviRgy7Wr61t3euuznGwRgQyjCF3QUA4CLFsfV6QPeMYeuolJAan_KFBnNaypSyhYUqkUBxW0havokI5eeKBwqiBIHUhR0K_qS53fQwGZHEVXTa22zfG9Vg2U9t1epMd8cJEgfS9nXQDJTBI3PjG3iwIZVS86cCgG9IwqJMzn_KhV5AGULDMHexvXvlXdDy3Gh2VWdHvLdIY0zxsoIwnOfSM6rd1SVT4cyc1z2BzwAzK-d1prYQAeU_rGjb6ny1Do75ZSlbfZfHcX2RGgGPjR_MXSE7y0QSwDdJ5tdvMOq5zken6jjjuVsFG1nZJomo3NEyN5aTsAKj3aIn7ielwxnVXgQfIRzRxM7A21hPNaAUM7p3AaajuDWw5WOb1gUoR-X3VnhnzGJaAfiivdqWZ89gsV95Nl2yIROhU7WgZ0VVdSJt6dJZOkHSk7VxQpLhpgIuwvxoe4mgvh_z2YiQSk1PKuQOn9BH75fEu8n-uH590MPxoUA6gWl_9Xx1g_i1Oztj1aVlf2M1pyOVAPteZMH1D8EdI6sJFbHa2Es1NK_Rgt-xG0OSvrVSZfUNZTpV8BJJhJNTd5qZXlbLL2j_z0GJboE-N6hjHS9qN7VIU9itMRIyD1M

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://online.the3rdage.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Apr 2021 23:52:38 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame CF44 42 B
64 B 16ms
15ms Fetch
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstrLRDyKLvyDIS3Wjc2ZnrpRPdtyRUbsXanpN7FTIVSufgvgfaAP-FprjWP9OQhG-9nB5FpZMVZEeA6IHB1a1quEdhNmAg5z3NoLCk-e1CTci0MS7JEtPET4DNzvg&sai=AMfl-YRRLz0J-ZK_9JvQtRSOBNtDnqt8u5fF0GOnossv22xEdz-UPQAA-SmbTxoHTrUPOjVcYCKqn_RBk4qf&sig=Cg0ArKJSzMVXJAFrwaXaEAE&id=lidar2&mcvt=1000&p=306,1458,756,1578&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20210423&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=4&adk=2513646384&rs=2&met=mue&la=0&cr=0&osd=1&vs=4&rst=1619653958170&dlt=323&rpt=70&isd=0&msd=0&r=v&fum=1

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Apr 2021 23:52:39 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

Primary Request / Show response
t3aonline.net/
Redirect Chain

http://t3aonline.net/
https://t3aonline.net/

13 KB
5 KB

113ms
62ms

Document
text/html

185.17.144.132
LEASEWEB-DE-FRA-10

General

Check archive.org

Show headers Download Go to

Full URL

https://t3aonline.net/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

185.17.144.132 , Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),

Reverse DNS

ripper.icetex-hosting.net

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

3b23b6c59e5c613104a313d2e10ccb02add0e88201815a398b5f6d14d0332f74

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Host: t3aonline.net
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: document
Referer: http://online.the3rdage.net/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://online.the3rdage.net/

Response headers

Server: nginx/1.14.0 (Ubuntu)
Date: Wed, 28 Apr 2021 23:52:44 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Cookie
X-Frame-Options: SAMEORIGIN
Content-Encoding: gzip

Redirect headers

Server: nginx/1.14.0 (Ubuntu)
Date: Wed, 28 Apr 2021 23:52:43 GMT
Content-Type: text/html
Content-Length: 194
Connection: keep-alive
Location: https://t3aonline.net/

GET activeview
pagead2.googlesyndication.com/pcs/ Frame CF44 0
0

GET
H/1.1 200
OK normalize.css
t3aonline.net/static/main/css/ 8 KB
8 KB 26ms
25ms Stylesheet
text/css 185.17.144.132
LEASEWEB-DE-FRA-10

General

Check archive.org

Show headers Download Go to

Full URL: https://t3aonline.net/static/main/css/normalize.css
Requested by: Host: t3aonline.net
URL: https://t3aonline.net/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.17.144.132 , Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS: ripper.icetex-hosting.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 69fcf7682b771176634dc54deb0c412cf9ec40df931d56a0480ee51b47ed1598

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: t3aonline.net
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Sec-Fetch-Dest: style
Referer: https://t3aonline.net/
Connection: keep-alive
Referer: https://t3aonline.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 28 Apr 2021 23:52:44 GMT
Last-Modified: Sat, 09 Jan 2021 19:55:52 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "5ffa0a48-1e1c"
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 7708

GET
H/1.1 200
OK bootstrap.min.css
t3aonline.net/static/main/css/ 107 KB
107 KB 54ms
27ms Stylesheet
text/css 185.17.144.132
LEASEWEB-DE-FRA-10

General

Check archive.org

Show headers Download Go to

Full URL: https://t3aonline.net/static/main/css/bootstrap.min.css
Requested by: Host: t3aonline.net
URL: https://t3aonline.net/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.17.144.132 , Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS: ripper.icetex-hosting.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 33cf87333f31ef34afa4cd2e2542059953bfd539d305b14cee9bf50bd6e4e2b6

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: t3aonline.net
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Sec-Fetch-Dest: style
Referer: https://t3aonline.net/
Connection: keep-alive
Referer: https://t3aonline.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 28 Apr 2021 23:52:44 GMT
Last-Modified: Sat, 09 Jan 2021 19:55:52 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "5ffa0a48-1abed"
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 109549

GET
H/1.1 200
OK jquery.fancybox.css
t3aonline.net/static/main/css/ 5 KB
5 KB 66ms
22ms Stylesheet
text/css 185.17.144.132
LEASEWEB-DE-FRA-10

General

Check archive.org

Show headers Download Go to

Full URL: https://t3aonline.net/static/main/css/jquery.fancybox.css
Requested by: Host: t3aonline.net
URL: https://t3aonline.net/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.17.144.132 , Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS: ripper.icetex-hosting.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: b6c82e597db8a41a9f1f39774d48c21446f13d0abebebe752c6b40b9e25e115c

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: t3aonline.net
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Sec-Fetch-Dest: style
Referer: https://t3aonline.net/
Connection: keep-alive
Referer: https://t3aonline.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 28 Apr 2021 23:52:44 GMT
Last-Modified: Sat, 09 Jan 2021 19:55:52 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "5ffa0a48-13af"
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 5039

GET
H/1.1 200
OK style.css
t3aonline.net/static/main/css/ 15 KB
15 KB 80ms
35ms Stylesheet
text/css 185.17.144.132
LEASEWEB-DE-FRA-10

General

Check archive.org

Show headers Download Go to

Full URL: https://t3aonline.net/static/main/css/style.css
Requested by: Host: t3aonline.net
URL: https://t3aonline.net/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.17.144.132 , Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS: ripper.icetex-hosting.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: fe0f677319b466d9ab2663327d932e54ce5766431a153902f69b0bb37e36654c

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: t3aonline.net
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Sec-Fetch-Dest: style
Referer: https://t3aonline.net/
Connection: keep-alive
Referer: https://t3aonline.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 28 Apr 2021 23:52:44 GMT
Last-Modified: Sat, 09 Jan 2021 19:55:52 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "5ffa0a48-3a71"
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 14961

GET
H/1.1 200
OK bfme1.css
t3aonline.net/static/main/css/ 3 KB
4 KB 67ms
22ms Stylesheet
text/css 185.17.144.132
LEASEWEB-DE-FRA-10

General

Check archive.org

Show headers Download Go to

Full URL: https://t3aonline.net/static/main/css/bfme1.css
Requested by: Host: t3aonline.net
URL: https://t3aonline.net/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.17.144.132 , Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS: ripper.icetex-hosting.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: f44ebddbc891891da98c1fe22881ebb93b699d5b99f2c3ba0a56e9a8c523aa03

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: t3aonline.net
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Sec-Fetch-Dest: style
Referer: https://t3aonline.net/
Connection: keep-alive
Referer: https://t3aonline.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 28 Apr 2021 23:52:44 GMT
Last-Modified: Sat, 09 Jan 2021 19:55:52 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "5ffa0a48-d4e"
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3406

GET
H/1.1 200
OK serverinfo.css
t3aonline.net/static/main/css/ 2 KB
2 KB 68ms
23ms Stylesheet
text/css 185.17.144.132
LEASEWEB-DE-FRA-10

General

Check archive.org

Show headers Download Go to

Full URL: https://t3aonline.net/static/main/css/serverinfo.css
Requested by: Host: t3aonline.net
URL: https://t3aonline.net/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.17.144.132 , Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS: ripper.icetex-hosting.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 78043fee064dc84954f0d07fe74e6db27d212a351cbb3ef7f1aa007b962d9131

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: t3aonline.net
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Sec-Fetch-Dest: style
Referer: https://t3aonline.net/
Connection: keep-alive
Referer: https://t3aonline.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 28 Apr 2021 23:52:44 GMT
Last-Modified: Sat, 09 Jan 2021 19:55:52 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "5ffa0a48-81b"
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2075

GET
H2 200 adscript.js Show response
ads.revora.net/static/ 7 KB
3 KB 105ms
8ms Script
application/javascript 2a00:c98:2050:a054:4::
LEASEWEB-DE-FRA-10

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.revora.net/static/adscript.js
Requested by: Host: t3aonline.net
URL: https://t3aonline.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a00:c98:2050:a054:4:: , Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS
Software: Apache/2 /
Resource Hash: 72741acd66724a989274233e8d64bb667389ec0bff47750ecf9099ae5d0c784e

Request headers

Referer: https://t3aonline.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Apr 2021 23:52:44 GMT
content-encoding: gzip
last-modified: Fri, 13 May 2016 17:54:41 GMT
server: Apache/2
etag: "1a45-532bcf8163a40-gzip"
vary: Accept-Encoding,User-Agent
content-type: application/javascript
accept-ranges: bytes
content-length: 2424

GET
H/1.1 200
OK logo_t3aonline.png
t3aonline.net/static/main/images/site/ 32 KB
32 KB 33ms
30ms Image
image/png 185.17.144.132
LEASEWEB-DE-FRA-10

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t3aonline.net/static/main/images/site/logo_t3aonline.png
Requested by: Host: t3aonline.net
URL: https://t3aonline.net/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.17.144.132 , Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS: ripper.icetex-hosting.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 93aa4b714e82fbd1f23513444beff66497114f31333eda57092b18a4032624fa

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: t3aonline.net
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://t3aonline.net/
Connection: keep-alive
Referer: https://t3aonline.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 28 Apr 2021 23:52:44 GMT
Last-Modified: Sat, 09 Jan 2021 19:55:52 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "5ffa0a48-7e04"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 32260

GET
H/1.1 200
OK fb_logo.png
t3aonline.net/static/main/images/site/ 1 KB
1 KB 24ms
22ms Image
image/png 185.17.144.132
LEASEWEB-DE-FRA-10

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t3aonline.net/static/main/images/site/fb_logo.png
Requested by: Host: t3aonline.net
URL: https://t3aonline.net/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.17.144.132 , Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS: ripper.icetex-hosting.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 494efdd49838663812cd4aa12f6dcf844d8635b979eed56147a21b0fc5469b99

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: t3aonline.net
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://t3aonline.net/
Connection: keep-alive
Referer: https://t3aonline.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 28 Apr 2021 23:52:44 GMT
Last-Modified: Sat, 09 Jan 2021 19:55:52 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "5ffa0a48-4c5"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1221

GET
H/1.1 200
OK discord_logo.png
t3aonline.net/static/main/images/site/ 1 KB
1 KB 25ms
22ms Image
image/png 185.17.144.132
LEASEWEB-DE-FRA-10

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t3aonline.net/static/main/images/site/discord_logo.png
Requested by: Host: t3aonline.net
URL: https://t3aonline.net/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.17.144.132 , Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS: ripper.icetex-hosting.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 59115834e1562bff544865d75ab7af3e2d26eb0733f8058f839e1d7099302008

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: t3aonline.net
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://t3aonline.net/
Connection: keep-alive
Referer: https://t3aonline.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 28 Apr 2021 23:52:44 GMT
Last-Modified: Sat, 09 Jan 2021 19:55:52 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "5ffa0a48-469"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1129

GET
H/1.1 200
OK paypal_logo2.png
t3aonline.net/static/main/images/site/ 2 KB
3 KB 22ms
22ms Image
image/png 185.17.144.132
LEASEWEB-DE-FRA-10

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t3aonline.net/static/main/images/site/paypal_logo2.png
Requested by: Host: t3aonline.net
URL: https://t3aonline.net/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.17.144.132 , Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS: ripper.icetex-hosting.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 83ccfff4490319b094df6902a815cdb15c41abbfdcaef2683ac1b0d85d7815ac

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: t3aonline.net
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://t3aonline.net/
Connection: keep-alive
Referer: https://t3aonline.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 28 Apr 2021 23:52:44 GMT
Last-Modified: Sat, 09 Jan 2021 19:55:52 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "5ffa0a48-936"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2358

GET
H/1.1 200
OK frame_tc.png
t3aonline.net/static/main/images/site/bfme1/bg/ 4 KB
5 KB 54ms
22ms Image
image/png 185.17.144.132
LEASEWEB-DE-FRA-10

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t3aonline.net/static/main/images/site/bfme1/bg/frame_tc.png
Requested by: Host: t3aonline.net
URL: https://t3aonline.net/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.17.144.132 , Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS: ripper.icetex-hosting.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 2471cf34ff0fcf1018f427e15b20f624dc61c37a98cfebb429f5918f3d0970c5

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: t3aonline.net
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://t3aonline.net/
Connection: keep-alive
Referer: https://t3aonline.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 28 Apr 2021 23:52:44 GMT
Last-Modified: Sat, 09 Jan 2021 19:55:52 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "5ffa0a48-1193"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4499

GET
H/1.1 200
OK frame_lc.png
t3aonline.net/static/main/images/site/bfme1/bg/ 5 KB
5 KB 24ms
23ms Image
image/png 185.17.144.132
LEASEWEB-DE-FRA-10

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t3aonline.net/static/main/images/site/bfme1/bg/frame_lc.png
Requested by: Host: t3aonline.net
URL: https://t3aonline.net/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.17.144.132 , Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS: ripper.icetex-hosting.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: ef64649cc13231b80be0fc92ce6d7dd8c9a474cb8c941796549800cd79520a97

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: t3aonline.net
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://t3aonline.net/
Connection: keep-alive
Referer: https://t3aonline.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 28 Apr 2021 23:52:44 GMT
Last-Modified: Sat, 09 Jan 2021 19:55:52 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "5ffa0a48-12e1"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4833

GET
H/1.1 200
OK revora_small.png
t3aonline.net/static/main/images/site/ 11 KB
11 KB 26ms
26ms Image
image/png 185.17.144.132
LEASEWEB-DE-FRA-10

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t3aonline.net/static/main/images/site/revora_small.png
Requested by: Host: t3aonline.net
URL: https://t3aonline.net/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.17.144.132 , Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS: ripper.icetex-hosting.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 15196e5bdae365fbd92fc062324e33a913f9cfdc2e68a8808e1699fa8fea809a

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: t3aonline.net
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://t3aonline.net/
Connection: keep-alive
Referer: https://t3aonline.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 28 Apr 2021 23:52:44 GMT
Last-Modified: Sat, 09 Jan 2021 19:55:52 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "5ffa0a48-2bbc"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 11196

GET
H/1.1 200
OK t3a_small.png
t3aonline.net/static/main/images/site/ 15 KB
15 KB 23ms
23ms Image
image/png 185.17.144.132
LEASEWEB-DE-FRA-10

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t3aonline.net/static/main/images/site/t3a_small.png
Requested by: Host: t3aonline.net
URL: https://t3aonline.net/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.17.144.132 , Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS: ripper.icetex-hosting.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: f8f6ea5dbb38c064389db4b0ff61017d22173d2dfcac263a51201ab4e1a568c7

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: t3aonline.net
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://t3aonline.net/
Connection: keep-alive
Referer: https://t3aonline.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 28 Apr 2021 23:52:44 GMT
Last-Modified: Sat, 09 Jan 2021 19:55:52 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "5ffa0a48-3c29"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 15401

GET
H/1.1 200
OK gr_small.png
t3aonline.net/static/main/images/site/ 9 KB
10 KB 24ms
23ms Image
image/png 185.17.144.132
LEASEWEB-DE-FRA-10

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t3aonline.net/static/main/images/site/gr_small.png
Requested by: Host: t3aonline.net
URL: https://t3aonline.net/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.17.144.132 , Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS: ripper.icetex-hosting.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: e21f2c58801101e489ab92416f5ae4a142411b7e9b657b07182aba1cef543f46

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: t3aonline.net
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://t3aonline.net/
Connection: keep-alive
Referer: https://t3aonline.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 28 Apr 2021 23:52:44 GMT
Last-Modified: Sat, 09 Jan 2021 19:55:52 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "5ffa0a48-255b"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 9563

GET
H/1.1 200
OK bfme2_rotwk.png
t3aonline.net/static/main/images/site/ 161 KB
161 KB 27ms
26ms Image
image/png 185.17.144.132
LEASEWEB-DE-FRA-10

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t3aonline.net/static/main/images/site/bfme2_rotwk.png
Requested by: Host: t3aonline.net
URL: https://t3aonline.net/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.17.144.132 , Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS: ripper.icetex-hosting.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 7d1aa9090770bfe95f96bd03128e1cd659a17f3ceb0155c18e77f2084f58af39

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: t3aonline.net
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://t3aonline.net/
Connection: keep-alive
Referer: https://t3aonline.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 28 Apr 2021 23:52:44 GMT
Last-Modified: Sat, 09 Jan 2021 19:55:52 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "5ffa0a48-2828c"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 164492

GET
H2 200 btn_donate_SM.gif
www.paypalobjects.com/WEBSCR-640-20110401-1/en_US/i/btn/ 572 B
821 B 105ms
25ms Image
image/webp 104.111.228.123
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.paypalobjects.com/WEBSCR-640-20110401-1/en_US/i/btn/btn_donate_SM.gif

Requested by

Host: t3aonline.net
URL: https://t3aonline.net/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.111.228.123 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-228-123.deploy.static.akamaitechnologies.com

Software

Akamai Image Manager /

Resource Hash

b7d12518cf552856fa8d719c5f2ff4fc32a88fb1a7d924bdf954433290906859

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://t3aonline.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Apr 2021 23:52:44 GMT
x-content-type-options: nosniff
last-modified: Sun, 28 Mar 2021 02:15:30 GMT
server: Akamai Image Manager
etag: "1aIVZifRjPFO0di977fXmATnR22RKif69v+eBiZ7AtU"
strict-transport-security: max-age=31536000
content-type: image/webp
cache-control: private, no-transform, max-age=43200
content-length: 572
expires: Thu, 29 Apr 2021 11:52:44 GMT

GET
H2 200 pixel.gif
www.paypalobjects.com/WEBSCR-640-20110401-1/en_US/i/scr/ 42 B
290 B 106ms
26ms Image
image/gif 104.111.228.123
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.paypalobjects.com/WEBSCR-640-20110401-1/en_US/i/scr/pixel.gif

Requested by

Host: t3aonline.net
URL: https://t3aonline.net/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.111.228.123 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-228-123.deploy.static.akamaitechnologies.com

Software

Akamai Image Manager /

Resource Hash

0c1ce4dd3afaa97d8627ecebc2e255fe5c1b3c2038f6961a86d10f0381056cc7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://t3aonline.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Apr 2021 23:52:44 GMT
x-content-type-options: nosniff
last-modified: Thu, 21 Jan 2021 20:37:40 GMT
server: Akamai Image Manager
etag: "dNSbNMYiK1Q98dwxkre+GOK5+qX2pefyT9A/BaBsoeM"
strict-transport-security: max-age=31536000
content-type: image/gif
cache-control: private, no-transform, max-age=43200
content-length: 42
expires: Thu, 29 Apr 2021 11:52:44 GMT

GET
H/1.1 200
OK frame_rc.png
t3aonline.net/static/main/images/site/bfme1/bg/ 5 KB
5 KB 26ms
23ms Image
image/png 185.17.144.132
LEASEWEB-DE-FRA-10

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t3aonline.net/static/main/images/site/bfme1/bg/frame_rc.png
Requested by: Host: t3aonline.net
URL: https://t3aonline.net/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.17.144.132 , Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS: ripper.icetex-hosting.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: ec1c81d004f3a59fb1360e1a3d31ee5ec8343149f953a4a9ef29a0f754128522

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: t3aonline.net
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://t3aonline.net/
Connection: keep-alive
Referer: https://t3aonline.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 28 Apr 2021 23:52:44 GMT
Last-Modified: Sat, 09 Jan 2021 19:55:52 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "5ffa0a48-1255"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4693

GET
H/1.1 200
OK frame_bc.png
t3aonline.net/static/main/images/site/bfme1/bg/ 4 KB
5 KB 24ms
23ms Image
image/png 185.17.144.132
LEASEWEB-DE-FRA-10

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t3aonline.net/static/main/images/site/bfme1/bg/frame_bc.png
Requested by: Host: t3aonline.net
URL: https://t3aonline.net/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.17.144.132 , Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS: ripper.icetex-hosting.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 732f27153a5a21e285b6a5a5037fa7a72e5a4758b37d681965bdf66420a38a14

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: t3aonline.net
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://t3aonline.net/
Connection: keep-alive
Referer: https://t3aonline.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 28 Apr 2021 23:52:44 GMT
Last-Modified: Sat, 09 Jan 2021 19:55:52 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "5ffa0a48-1118"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4376

GET
H/1.1 200
OK jquery.min.js Show response
t3aonline.net/static/main/js/ 94 KB
94 KB 24ms
24ms Script
application/javascript 185.17.144.132
LEASEWEB-DE-FRA-10

General

Check archive.org

Show headers Download Go to

Full URL: https://t3aonline.net/static/main/js/jquery.min.js
Requested by: Host: t3aonline.net
URL: https://t3aonline.net/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.17.144.132 , Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS: ripper.icetex-hosting.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 48c3710b29907479d3e9313e2ab9bf5d0f62a1cd378f2376ad9fd20b911ecf2b

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: t3aonline.net
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://t3aonline.net/
Connection: keep-alive
Referer: https://t3aonline.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 28 Apr 2021 23:52:44 GMT
Last-Modified: Sat, 09 Jan 2021 19:55:52 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "5ffa0a48-1762b"
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 95787

GET
H/1.1 200
OK jquery.fancybox.pack.js Show response
t3aonline.net/static/main/js/ 23 KB
23 KB 27ms
27ms Script
application/javascript 185.17.144.132
LEASEWEB-DE-FRA-10

General

Check archive.org

Show headers Download Go to

Full URL: https://t3aonline.net/static/main/js/jquery.fancybox.pack.js
Requested by: Host: t3aonline.net
URL: https://t3aonline.net/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.17.144.132 , Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS: ripper.icetex-hosting.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: bc50bf49cbe79ee49b4ee8b56f26ff4877bc4945c16f260b1481ba2355c96347

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: t3aonline.net
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://t3aonline.net/
Connection: keep-alive
Referer: https://t3aonline.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 28 Apr 2021 23:52:44 GMT
Last-Modified: Sat, 09 Jan 2021 19:55:52 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "5ffa0a48-5a5f"
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 23135

GET
H/1.1 200
OK serverinfo.js Show response
t3aonline.net/static/main/js/ 8 KB
8 KB 25ms
23ms Script
application/javascript 185.17.144.132
LEASEWEB-DE-FRA-10

General

Check archive.org

Show headers Download Go to

Full URL: https://t3aonline.net/static/main/js/serverinfo.js
Requested by: Host: t3aonline.net
URL: https://t3aonline.net/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.17.144.132 , Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS: ripper.icetex-hosting.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 179de6e08aeff5057b1f82239a8cc1dee448092294f988891702703bb74e1185

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: t3aonline.net
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://t3aonline.net/
Connection: keep-alive
Referer: https://t3aonline.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 28 Apr 2021 23:52:44 GMT
Last-Modified: Sat, 09 Jan 2021 19:55:52 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "5ffa0a48-1f8c"
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 8076

GET
H2 200 bar.js Show response
bar.revora.net/ 2 KB
831 B 27ms
8ms Script
application/javascript 2a00:c98:2050:a054:4::
LEASEWEB-DE-FRA-10

General

Check archive.org

Show headers Download Go to

Full URL: https://bar.revora.net/bar.js
Requested by: Host: t3aonline.net
URL: https://t3aonline.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a00:c98:2050:a054:4:: , Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS
Software: Apache/2 /
Resource Hash: fc23d6412c7b248fab040a2b6639ff2e8b7fc8fe04ae8dc2595c48bdd0c29910

Request headers

Referer: https://t3aonline.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Apr 2021 23:52:44 GMT
content-encoding: gzip
last-modified: Thu, 12 May 2016 23:45:12 GMT
server: Apache/2
etag: "674-532adbfca7200-gzip"
vary: Accept-Encoding,User-Agent
content-type: application/javascript
accept-ranges: bytes
content-length: 675

GET
H/1.1 200
OK head_bg.png
t3aonline.net/static/main/images/site/bfme1/bg/ 524 KB
524 KB 46ms
29ms Image
image/png 185.17.144.132
LEASEWEB-DE-FRA-10

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t3aonline.net/static/main/images/site/bfme1/bg/head_bg.png
Requested by: Host: t3aonline.net
URL: https://t3aonline.net/static/main/css/bfme1.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.17.144.132 , Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS: ripper.icetex-hosting.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 4851979181f534b0e131fda476bc76238f94e271670bbbba7995a48e10d0bc60

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: t3aonline.net
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://t3aonline.net/static/main/css/bfme1.css
Connection: keep-alive
Referer: https://t3aonline.net/static/main/css/bfme1.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 28 Apr 2021 23:52:44 GMT
Last-Modified: Sat, 09 Jan 2021 19:55:52 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "5ffa0a48-83085"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 536709

GET
H/1.1 200
OK userbar_bg.png
t3aonline.net/static/main/images/site/bfme1/bg/ 6 KB
6 KB 39ms
22ms Image
image/png 185.17.144.132
LEASEWEB-DE-FRA-10

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t3aonline.net/static/main/images/site/bfme1/bg/userbar_bg.png
Requested by: Host: t3aonline.net
URL: https://t3aonline.net/static/main/css/bfme1.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.17.144.132 , Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS: ripper.icetex-hosting.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 884bf116007f250562b57f28d782d80b6130ed7343942aced03a08dd049b15bd

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: t3aonline.net
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://t3aonline.net/static/main/css/bfme1.css
Connection: keep-alive
Referer: https://t3aonline.net/static/main/css/bfme1.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 28 Apr 2021 23:52:44 GMT
Last-Modified: Sat, 09 Jan 2021 19:55:52 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "5ffa0a48-1866"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 6246

GET
H/1.1 200
OK bg.png
t3aonline.net/static/main/images/site/bfme1/bg/ 8 KB
8 KB 66ms
25ms Image
image/png 185.17.144.132
LEASEWEB-DE-FRA-10

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t3aonline.net/static/main/images/site/bfme1/bg/bg.png
Requested by: Host: t3aonline.net
URL: https://t3aonline.net/static/main/css/bfme1.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.17.144.132 , Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS: ripper.icetex-hosting.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: fa9bf85920aefa3e221aef0d61a71a95b213faf0874ede1f393152f42e7ac7cd

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: t3aonline.net
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://t3aonline.net/static/main/css/bfme1.css
Connection: keep-alive
Referer: https://t3aonline.net/static/main/css/bfme1.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 28 Apr 2021 23:52:44 GMT
Last-Modified: Sat, 09 Jan 2021 19:55:52 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "5ffa0a48-202e"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 8238

GET
H/1.1 200
OK frame_tl.png
t3aonline.net/static/main/images/site/bfme1/bg/ 308 B
555 B 42ms
22ms Image
image/png 185.17.144.132
LEASEWEB-DE-FRA-10

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t3aonline.net/static/main/images/site/bfme1/bg/frame_tl.png
Requested by: Host: t3aonline.net
URL: https://t3aonline.net/static/main/css/bfme1.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.17.144.132 , Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS: ripper.icetex-hosting.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 66a0577fea988532c0eb95fc61c41ac6eac979e6c9771493fab516f71ab13c11

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: t3aonline.net
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://t3aonline.net/static/main/css/bfme1.css
Connection: keep-alive
Referer: https://t3aonline.net/static/main/css/bfme1.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 28 Apr 2021 23:52:44 GMT
Last-Modified: Sat, 09 Jan 2021 19:55:52 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "5ffa0a48-134"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 308

GET
H/1.1 200
OK frame_t.png
t3aonline.net/static/main/images/site/bfme1/bg/ 299 B
546 B 39ms
22ms Image
image/png 185.17.144.132
LEASEWEB-DE-FRA-10

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t3aonline.net/static/main/images/site/bfme1/bg/frame_t.png
Requested by: Host: t3aonline.net
URL: https://t3aonline.net/static/main/css/bfme1.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.17.144.132 , Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS: ripper.icetex-hosting.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 1b8c66888665edcd9465ce192cf5ba528880a75047fa57950b7843666d0c0e03

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: t3aonline.net
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://t3aonline.net/static/main/css/bfme1.css
Connection: keep-alive
Referer: https://t3aonline.net/static/main/css/bfme1.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 28 Apr 2021 23:52:44 GMT
Last-Modified: Sat, 09 Jan 2021 19:55:52 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "5ffa0a48-12b"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 299

GET
H/1.1 200
OK frame_tr.png
t3aonline.net/static/main/images/site/bfme1/bg/ 320 B
567 B 40ms
21ms Image
image/png 185.17.144.132
LEASEWEB-DE-FRA-10

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t3aonline.net/static/main/images/site/bfme1/bg/frame_tr.png
Requested by: Host: t3aonline.net
URL: https://t3aonline.net/static/main/css/bfme1.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.17.144.132 , Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS: ripper.icetex-hosting.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 2b42b3088b5dcdfef483335a041a4f4a0913443e6fc7dac1716db9655e88d98b

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: t3aonline.net
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://t3aonline.net/static/main/css/bfme1.css
Connection: keep-alive
Referer: https://t3aonline.net/static/main/css/bfme1.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 28 Apr 2021 23:52:44 GMT
Last-Modified: Sat, 09 Jan 2021 19:55:52 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "5ffa0a48-140"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 320

GET
H3-29 200 show_ads.js Show response
pagead2.googlesyndication.com/pagead/ 91 KB
32 KB 20ms
19ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/show_ads.js

Requested by

Host: ads.revora.net
URL: https://ads.revora.net/static/adscript.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7c14f29c7a023955bb4e94c3742339ce4b4aa3d639d7fc98c4045f3e46076bed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://t3aonline.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Wed, 28 Apr 2021 23:52:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33087
x-xss-protection: 0
server: cafe
etag: 5162291175011496970
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 28 Apr 2021 23:52:44 GMT

GET
H3-29 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20210426/r20190131/ 223 KB
83 KB 29ms
28ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210426/r20190131/show_ads_impl_with_ama_fy2019.js?client=pub-3867839607390295&plah=t3aonline.net&amaexp=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e5d13a315184e4cc69d5c495682f8e5539478b0f7331165dc63e9aa4f224add0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://t3aonline.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Apr 2021 23:52:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 84531
x-xss-protection: 0
server: cafe
etag: 5298758904806933499
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 28 Apr 2021 23:52:44 GMT

GET
H3-29 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20210426/r20190131/ Frame EFC5 10 KB
5 KB 7ms
6ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20210426/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a5cb642ef22434a24612329870579fbb272cb9fa7475360035596ea56fb0431a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20210426/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://t3aonline.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUl34tWF8VgR7Hk6LlLXrNG5Ji3dOMz3ZBA5WGRdxNUK95rlymvTmujSll5V4T4; DSID=NO_DATA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://t3aonline.net/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Wed, 28 Apr 2021 01:17:22 GMT
expires: Wed, 12 May 2021 01:17:22 GMT
content-type: text/html; charset=UTF-8
etag: 10446291943670460780
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4644
x-xss-protection: 0
age: 81322
cache-control: public, max-age=1209600
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK frame_l.png
t3aonline.net/static/main/images/site/bfme1/bg/ 192 B
438 B 22ms
22ms Image
image/png 185.17.144.132
LEASEWEB-DE-FRA-10

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t3aonline.net/static/main/images/site/bfme1/bg/frame_l.png
Requested by: Host: t3aonline.net
URL: https://t3aonline.net/static/main/css/bfme1.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.17.144.132 , Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS: ripper.icetex-hosting.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 09690aff18722b3ef68e3d67f9d610ff8329373bf467cbb84c08ac20faef3fb8

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: t3aonline.net
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://t3aonline.net/static/main/css/bfme1.css
Connection: keep-alive
Referer: https://t3aonline.net/static/main/css/bfme1.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 28 Apr 2021 23:52:44 GMT
Last-Modified: Sat, 09 Jan 2021 19:55:52 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "5ffa0a48-c0"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 192

GET
H/1.1 200
OK frame_r.png
t3aonline.net/static/main/images/site/bfme1/bg/ 312 B
559 B 23ms
22ms Image
image/png 185.17.144.132
LEASEWEB-DE-FRA-10

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t3aonline.net/static/main/images/site/bfme1/bg/frame_r.png
Requested by: Host: t3aonline.net
URL: https://t3aonline.net/static/main/css/bfme1.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.17.144.132 , Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS: ripper.icetex-hosting.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: cb76b11fbb1f20e04f99fa5ae8555ffd00d9fec465b72b21edea43e1ccb606fd

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: t3aonline.net
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://t3aonline.net/static/main/css/bfme1.css
Connection: keep-alive
Referer: https://t3aonline.net/static/main/css/bfme1.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 28 Apr 2021 23:52:44 GMT
Last-Modified: Sat, 09 Jan 2021 19:55:52 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "5ffa0a48-138"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 312

GET
H/1.1 200
OK frame_bl.png
t3aonline.net/static/main/images/site/bfme1/bg/ 317 B
564 B 23ms
22ms Image
image/png 185.17.144.132
LEASEWEB-DE-FRA-10

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t3aonline.net/static/main/images/site/bfme1/bg/frame_bl.png
Requested by: Host: t3aonline.net
URL: https://t3aonline.net/static/main/css/bfme1.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.17.144.132 , Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS: ripper.icetex-hosting.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 81dbf3790cf70a135b5d84161bebb8b2d6fb4083e587e91886a4b7b8eb31b76f

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: t3aonline.net
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://t3aonline.net/static/main/css/bfme1.css
Connection: keep-alive
Referer: https://t3aonline.net/static/main/css/bfme1.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 28 Apr 2021 23:52:44 GMT
Last-Modified: Sat, 09 Jan 2021 19:55:52 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "5ffa0a48-13d"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 317

GET
H/1.1 200
OK frame_b.png
t3aonline.net/static/main/images/site/bfme1/bg/ 3 KB
3 KB 23ms
23ms Image
image/png 185.17.144.132
LEASEWEB-DE-FRA-10

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t3aonline.net/static/main/images/site/bfme1/bg/frame_b.png
Requested by: Host: t3aonline.net
URL: https://t3aonline.net/static/main/css/bfme1.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.17.144.132 , Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS: ripper.icetex-hosting.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 2a589cc012760bf4a51613e143d3f3118f467f870f2e4014996c0c9b01419085

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: t3aonline.net
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://t3aonline.net/static/main/css/bfme1.css
Connection: keep-alive
Referer: https://t3aonline.net/static/main/css/bfme1.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 28 Apr 2021 23:52:44 GMT
Last-Modified: Sat, 09 Jan 2021 19:55:52 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "5ffa0a48-b75"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2933

GET
H/1.1 200
OK frame_br.png
t3aonline.net/static/main/images/site/bfme1/bg/ 238 B
484 B 23ms
23ms Image
image/png 185.17.144.132
LEASEWEB-DE-FRA-10

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t3aonline.net/static/main/images/site/bfme1/bg/frame_br.png
Requested by: Host: t3aonline.net
URL: https://t3aonline.net/static/main/css/bfme1.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.17.144.132 , Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS: ripper.icetex-hosting.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: ef401723a5f987ab1255b0ed5b567de6c2ccb39ee9e3b6427e9034d1fc87f71c

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: t3aonline.net
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://t3aonline.net/static/main/css/bfme1.css
Connection: keep-alive
Referer: https://t3aonline.net/static/main/css/bfme1.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 28 Apr 2021 23:52:44 GMT
Last-Modified: Sat, 09 Jan 2021 19:55:52 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "5ffa0a48-ee"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 238

GET
H/1.1 200
OK bottombar_bg.png
t3aonline.net/static/main/images/site/bfme1/bg/ 6 KB
6 KB 24ms
23ms Image
image/png 185.17.144.132
LEASEWEB-DE-FRA-10

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t3aonline.net/static/main/images/site/bfme1/bg/bottombar_bg.png
Requested by: Host: t3aonline.net
URL: https://t3aonline.net/static/main/css/bfme1.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.17.144.132 , Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS: ripper.icetex-hosting.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 0c11a09e52ccd3b839163bd07d94213588b23fb9aac7e09717f0dd160b8398b6

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: t3aonline.net
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://t3aonline.net/static/main/css/bfme1.css
Connection: keep-alive
Referer: https://t3aonline.net/static/main/css/bfme1.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 28 Apr 2021 23:52:44 GMT
Last-Modified: Sat, 09 Jan 2021 19:55:52 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "5ffa0a48-1879"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 6265

GET
H/1.1 200
OK ringholder.png
t3aonline.net/static/main/images/site/bfme1/bg/ 19 KB
19 KB 22ms
21ms Image
image/png 185.17.144.132
LEASEWEB-DE-FRA-10

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t3aonline.net/static/main/images/site/bfme1/bg/ringholder.png
Requested by: Host: t3aonline.net
URL: https://t3aonline.net/static/main/css/bfme1.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.17.144.132 , Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS: ripper.icetex-hosting.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: a908535933dcc28f0828f9efab43b23991931bcc624ed85cf2bd3ea2a98086e7

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: t3aonline.net
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://t3aonline.net/static/main/css/bfme1.css
Connection: keep-alive
Referer: https://t3aonline.net/static/main/css/bfme1.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 28 Apr 2021 23:52:44 GMT
Last-Modified: Sat, 09 Jan 2021 19:55:52 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "5ffa0a48-4ced"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 19693

GET
H3-29 200 analytics.js Show response
www.google-analytics.com/ 48 KB
19 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: t3aonline.net
URL: https://t3aonline.net/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://t3aonline.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 09 Apr 2021 23:59:54 GMT
server: Golfe2
age: 1369
date: Wed, 28 Apr 2021 23:29:55 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19569
expires: Thu, 29 Apr 2021 01:29:55 GMT

GET
H/1.1 200
OK / Show response
info.server.cnc-online.net/ 2 KB
1 KB 506ms
25ms Script
text/javascript 185.17.144.132
LEASEWEB-DE-FRA-10

General

Check archive.org

Show headers Download Go to

Full URL: https://info.server.cnc-online.net/?callback=jQuery111105433924325211243_1619653964289&site=t3aonline&_=1619653964290
Requested by: Host: t3aonline.net
URL: https://t3aonline.net/static/main/js/jquery.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.17.144.132 , Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS: ripper.icetex-hosting.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 21880b4c854ba07449501b01219dbc96284759c8041a56b83e4fc1229bf068b1

Request headers

Referer: https://t3aonline.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 28 Apr 2021 23:52:44 GMT
Content-Encoding: br
Server: nginx/1.14.0 (Ubuntu)
Connection: keep-alive
Content-Length: 887
Content-Type: text/javascript; charset=utf-8

GET
H2 200 bar_system.js Show response
bar.revora.net/ 11 KB
3 KB 10ms
8ms Script
application/javascript 2a00:c98:2050:a054:4::
LEASEWEB-DE-FRA-10

General

Check archive.org

Show headers Download Go to

Full URL: https://bar.revora.net/bar_system.js
Requested by: Host: bar.revora.net
URL: https://bar.revora.net/bar.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a00:c98:2050:a054:4:: , Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS
Software: Apache/2 /
Resource Hash: c4ef859427cb7724627a9c82fcf5323dd28c36bd9b22b89e5c06ffb3dc8c06e0

Request headers

Referer: https://t3aonline.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Apr 2021 23:52:44 GMT
content-encoding: gzip
last-modified: Wed, 02 Jul 2014 22:26:43 GMT
server: Apache/2
etag: "2cb1-4fd3d6305cec0-gzip"
vary: Accept-Encoding,User-Agent
content-type: application/javascript
accept-ranges: bytes
content-length: 2600

GET
H2 200 rnb_default.css
bar.revora.net/ 5 KB
2 KB 9ms
7ms Stylesheet
text/css 2a00:c98:2050:a054:4::
LEASEWEB-DE-FRA-10

General

Check archive.org

Show headers Download Go to

Full URL: https://bar.revora.net/rnb_default.css
Requested by: Host: bar.revora.net
URL: https://bar.revora.net/bar.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a00:c98:2050:a054:4:: , Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS
Software: Apache/2 /
Resource Hash: a7156badf9e06c20cec6608b802cb82633c3bafaf62ba711c0d1c95245113a73

Request headers

Referer: https://t3aonline.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Apr 2021 23:52:44 GMT
content-encoding: gzip
last-modified: Thu, 12 May 2016 23:56:31 GMT
server: Apache/2
etag: "14a1-532ade84329c0-gzip"
vary: Accept-Encoding,User-Agent
content-type: text/css
accept-ranges: bytes
content-length: 1737

GET
H2 200 bar_content.js Show response
bar.revora.net/ 40 KB
7 KB 10ms
9ms Script
application/javascript 2a00:c98:2050:a054:4::
LEASEWEB-DE-FRA-10

General

Check archive.org

Show headers Download Go to

Full URL: https://bar.revora.net/bar_content.js
Requested by: Host: bar.revora.net
URL: https://bar.revora.net/bar.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a00:c98:2050:a054:4:: , Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS
Software: Apache/2 /
Resource Hash: 23d98d3f1c3a43aee9f4023a42127fedae05b2b67118efc3bc251854809bf8c5

Request headers

Referer: https://t3aonline.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Apr 2021 23:52:44 GMT
content-encoding: gzip
last-modified: Wed, 18 May 2016 13:56:06 GMT
server: Apache/2
etag: "9fac-5331e380d8980-gzip"
vary: Accept-Encoding,User-Agent
content-type: application/javascript
accept-ranges: bytes
content-length: 6893

GET
H3-29 200 cookie.js Show response
partner.googleadservices.com/gampad/ 203 B
215 B 59ms
30ms Script
text/javascript 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=t3aonline.net&callback=_gfp_s_&client=ca-pub-3867839607390295

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

182a28e82b69fc368a3cd40cc33aa7930ca44c36ed947458750f50b533519e11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://t3aonline.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Apr 2021 23:52:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 193
x-xss-protection: 0

GET
H3-29 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 15ms
14ms Script
application/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=t3aonline.net

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://t3aonline.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 28 Apr 2021 23:52:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 15ms
15ms Script
application/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=t3aonline.net

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://t3aonline.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 28 Apr 2021 23:52:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 3A3D 60 KB
23 KB 482ms
482ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3867839607390295&output=html&h=600&slotname=8497838249&adk=4264655683&adf=3240750105&pi=t.ma~as.8497838249&w=120&lmt=1619653964&url=https%3A%2F%2Ft3aonline.net%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619653964215&bpp=48&bdt=151&idt=109&shv=r20210426&cbv=r20190131&ptt=5&saldr=sa&abxe=1&correlator=79865575646&frm=20&pv=2&ga_vid=1519302360.1619653964&ga_sid=1619653964&ga_hid=506349865&ga_fc=0&u_tz=120&u_his=3&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1468&ady=316&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671&oid=3&pvsid=2782390440334303&ref=http%3A%2F%2Fonline.the3rdage.net%2F&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=gUMYd5zf7Q&p=https%3A//t3aonline.net&dtd=129

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2ed020dbf9bf4a4db74cf7a47d50e208f59a900fcdc6b120e308b911d3fbe059

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-3867839607390295&output=html&h=600&slotname=8497838249&adk=4264655683&adf=3240750105&pi=t.ma~as.8497838249&w=120&lmt=1619653964&url=https%3A%2F%2Ft3aonline.net%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619653964215&bpp=48&bdt=151&idt=109&shv=r20210426&cbv=r20190131&ptt=5&saldr=sa&abxe=1&correlator=79865575646&frm=20&pv=2&ga_vid=1519302360.1619653964&ga_sid=1619653964&ga_hid=506349865&ga_fc=0&u_tz=120&u_his=3&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1468&ady=316&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671&oid=3&pvsid=2782390440334303&ref=http%3A%2F%2Fonline.the3rdage.net%2F&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=gUMYd5zf7Q&p=https%3A//t3aonline.net&dtd=129
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://t3aonline.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUl34tWF8VgR7Hk6LlLXrNG5Ji3dOMz3ZBA5WGRdxNUK95rlymvTmujSll5V4T4; DSID=NO_DATA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://t3aonline.net/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Wed, 28 Apr 2021 23:52:44 GMT
server: cafe
content-length: 23888
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 73 KB
28 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5c96c91c4ab2c0572ec8371c0f49d9f722eb71ae47224f29eabadf59f5fabe8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://t3aonline.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Apr 2021 23:52:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1619188783439141"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28201
x-xss-protection: 0
expires: Wed, 28 Apr 2021 23:52:44 GMT

POST
H3-29 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 13ms
13ms XHR
text/plain 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j90&a=506349865&t=pageview&_s=1&dl=https%3A%2F%2Ft3aonline.net%2F&dr=http%3A%2F%2Fonline.the3rdage.net%2F&ul=en-us&de=UTF-8&dt=T3A%3AOnline%20-%20The%20Return%20of%20BFME%20Multiplayer&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IAhAAEABAAAAAC~&jid=765776946&gjid=1439716058&cid=1519302360.1619653964&tid=UA-6027426-1&_gid=2087814144.1619653964&_r=1&_slc=1&z=136509259

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://t3aonline.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 28 Apr 2021 23:52:44 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://t3aonline.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 section-revora.png
bar.revora.net/images/sections/ 658 B
706 B 9ms
7ms Image
image/png 2a00:c98:2050:a054:4::
LEASEWEB-DE-FRA-10

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bar.revora.net/images/sections/section-revora.png
Requested by: Host: t3aonline.net
URL: https://t3aonline.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a00:c98:2050:a054:4:: , Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS
Software: Apache/2 /
Resource Hash: 95b0a3950851bcf7b5d45eb07e2d18a0666077ddda9e1bc1d0766a919cc24fc1

Request headers

Referer: https://t3aonline.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Apr 2021 23:52:44 GMT
last-modified: Wed, 02 Jul 2014 22:26:43 GMT
server: Apache/2
accept-ranges: bytes
etag: "292-4fd3d6305cec0"
content-length: 658
content-type: image/png

GET
H2 200 section-cnc.png
bar.revora.net/images/sections/ 1 KB
1 KB 9ms
7ms Image
image/png 2a00:c98:2050:a054:4::
LEASEWEB-DE-FRA-10

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bar.revora.net/images/sections/section-cnc.png
Requested by: Host: t3aonline.net
URL: https://t3aonline.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a00:c98:2050:a054:4:: , Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS
Software: Apache/2 /
Resource Hash: 81f153eeb5f4623e923029983e8c8f0ac0f485d52e5ad9569bdcb53b9a375f54

Request headers

Referer: https://t3aonline.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Apr 2021 23:52:44 GMT
last-modified: Wed, 02 Jul 2014 22:26:43 GMT
server: Apache/2
accept-ranges: bytes
etag: "492-4fd3d6305cec0"
content-length: 1170
content-type: image/png

GET
H2 200 section-bfme.png
bar.revora.net/images/sections/ 1 KB
1 KB 9ms
7ms Image
image/png 2a00:c98:2050:a054:4::
LEASEWEB-DE-FRA-10

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bar.revora.net/images/sections/section-bfme.png
Requested by: Host: t3aonline.net
URL: https://t3aonline.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a00:c98:2050:a054:4:: , Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS
Software: Apache/2 /
Resource Hash: c506e90b46af2b80e36cc23516ac15fb03f00df24cda5357d434734cfa2bbfa0

Request headers

Referer: https://t3aonline.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Apr 2021 23:52:44 GMT
last-modified: Wed, 02 Jul 2014 22:26:43 GMT
server: Apache/2
accept-ranges: bytes
etag: "4c7-4fd3d6305cec0"
content-length: 1223
content-type: image/png

GET
H2 200 section-petro.png
bar.revora.net/images/sections/ 2 KB
2 KB 9ms
6ms Image
image/png 2a00:c98:2050:a054:4::
LEASEWEB-DE-FRA-10

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bar.revora.net/images/sections/section-petro.png
Requested by: Host: t3aonline.net
URL: https://t3aonline.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a00:c98:2050:a054:4:: , Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS
Software: Apache/2 /
Resource Hash: 94cd1b15da1857ed1637f3d9ef293650256a57d261d6e642723e6d673dd46886

Request headers

Referer: https://t3aonline.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Apr 2021 23:52:44 GMT
last-modified: Wed, 02 Jul 2014 22:26:43 GMT
server: Apache/2
accept-ranges: bytes
etag: "791-4fd3d6305cec0"
content-length: 1937
content-type: image/png

GET
H2 200 section-etc.png
bar.revora.net/images/sections/ 1 KB
1 KB 8ms
6ms Image
image/png 2a00:c98:2050:a054:4::
LEASEWEB-DE-FRA-10

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bar.revora.net/images/sections/section-etc.png
Requested by: Host: t3aonline.net
URL: https://t3aonline.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a00:c98:2050:a054:4:: , Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS
Software: Apache/2 /
Resource Hash: 1ca7e2aaa6d6eab6748b20605586049a241c0c020ae7e4086d8f41a523f23656

Request headers

Referer: https://t3aonline.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Apr 2021 23:52:44 GMT
last-modified: Wed, 02 Jul 2014 22:26:43 GMT
server: Apache/2
accept-ranges: bytes
etag: "4ce-4fd3d6305cec0"
content-length: 1230
content-type: image/png

GET
H2 200 section-donate.png
bar.revora.net/images/sections/ 1 KB
1 KB 9ms
7ms Image
image/png 2a00:c98:2050:a054:4::
LEASEWEB-DE-FRA-10

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bar.revora.net/images/sections/section-donate.png
Requested by: Host: t3aonline.net
URL: https://t3aonline.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a00:c98:2050:a054:4:: , Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS
Software: Apache/2 /
Resource Hash: 2eb67b833a99fb00e94d2a831c5f05d594e2332287f31269a6c12c39f17d0336

Request headers

Referer: https://t3aonline.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Apr 2021 23:52:44 GMT
last-modified: Wed, 02 Jul 2014 22:26:43 GMT
server: Apache/2
accept-ranges: bytes
etag: "507-4fd3d6305cec0"
content-length: 1287
content-type: image/png

GET
H2 200 barbg.png
bar.revora.net/images/ 3 KB
3 KB 9ms
8ms Image
image/png 2a00:c98:2050:a054:4::
LEASEWEB-DE-FRA-10

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bar.revora.net/images/barbg.png
Requested by: Host: bar.revora.net
URL: https://bar.revora.net/rnb_default.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a00:c98:2050:a054:4:: , Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS
Software: Apache/2 /
Resource Hash: a7eebede294a23e848a816188a5551725984b01ed240617fb7408c3b8eac826d

Request headers

Referer: https://bar.revora.net/rnb_default.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Apr 2021 23:52:44 GMT
last-modified: Wed, 02 Jul 2014 22:26:43 GMT
server: Apache/2
accept-ranges: bytes
etag: "b24-4fd3d6305cec0"
content-length: 2852
content-type: image/png

GET
H2 200 bg-notch.png
bar.revora.net/images/ 3 KB
3 KB 8ms
8ms Image
image/png 2a00:c98:2050:a054:4::
LEASEWEB-DE-FRA-10

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bar.revora.net/images/bg-notch.png
Requested by: Host: bar.revora.net
URL: https://bar.revora.net/rnb_default.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a00:c98:2050:a054:4:: , Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS
Software: Apache/2 /
Resource Hash: 79548dceb70e56b6b956cbb4669e6bfc8e8ae7797152635d48eda12fbf2f289a

Request headers

Referer: https://bar.revora.net/rnb_default.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Apr 2021 23:52:44 GMT
last-modified: Wed, 02 Jul 2014 22:26:43 GMT
server: Apache/2
accept-ranges: bytes
etag: "b58-4fd3d6305cec0"
content-length: 2904
content-type: image/png

GET
H3-29 200 16929682834802948107
tpc.googlesyndication.com/simgad/ Frame 3A3D 28 KB
28 KB 7ms
7ms Image
image/gif 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/16929682834802948107

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3867839607390295&output=html&h=600&slotname=8497838249&adk=4264655683&adf=3240750105&pi=t.ma~as.8497838249&w=120&lmt=1619653964&url=https%3A%2F%2Ft3aonline.net%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619653964215&bpp=48&bdt=151&idt=109&shv=r20210426&cbv=r20190131&ptt=5&saldr=sa&abxe=1&correlator=79865575646&frm=20&pv=2&ga_vid=1519302360.1619653964&ga_sid=1619653964&ga_hid=506349865&ga_fc=0&u_tz=120&u_his=3&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1468&ady=316&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671&oid=3&pvsid=2782390440334303&ref=http%3A%2F%2Fonline.the3rdage.net%2F&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=gUMYd5zf7Q&p=https%3A//t3aonline.net&dtd=129

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3f2a0d0a0d398d133d79f43103d1025e0ef133fd7c30ccd151d17396adfccff7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Apr 2021 15:08:26 GMT
x-content-type-options: nosniff
age: 117858
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28669
x-xss-protection: 0
last-modified: Wed, 17 Mar 2021 15:13:58 GMT
server: sffe
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 27 Apr 2022 15:08:26 GMT

GET
H3-29 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210426/r20110914/ Frame 3A3D 17 KB
7 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210426/r20110914/abg_lite_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e0fad38c04932f3e71581d5ca798b326778fc0e54e3823de3b0f9eddbef0892e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Apr 2021 23:21:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1887
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7028
x-xss-protection: 0
server: cafe
etag: 12352184217982932987
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 12 May 2021 23:21:17 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210426/r20110914/client/ Frame 3A3D 2 KB
1 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210426/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Apr 2021 23:46:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 364
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 12 May 2021 23:46:40 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 3A3D 116 KB
35 KB 16ms
14ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d76c09ea49a67623c581149d87ec821d813b9302aea4f871df16156cd1d28a53

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Apr 2021 23:52:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1619188777539687"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36031
x-xss-protection: 0
expires: Wed, 28 Apr 2021 23:52:44 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210426/r20110914/client/ Frame 3A3D 13 KB
5 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210426/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

439ab67fa3c312bb442bed574ea79be834dbd92f3bd7d2288b6f3fce4d0afb0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Apr 2021 23:41:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 696
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5604
x-xss-protection: 0
server: cafe
etag: 2846967340006788112
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 12 May 2021 23:41:08 GMT

GET
H3-29 204 l
www.google.com/ads/measurement/ Frame 3A3D 0
0 24ms
22ms Image
text/html 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRxQv2vSjev8xkrkz1RucgX22xz-NkJyfFKbtV2UiYBx_lzvvOtxP4CRdekzm-ucV-DHotfSna3dmgr5Yc5fFS_zo22yA
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3867839607390295&output=html&h=600&slotname=8497838249&adk=4264655683&adf=3240750105&pi=t.ma~as.8497838249&w=120&lmt=1619653964&url=https%3A%2F%2Ft3aonline.net%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619653964215&bpp=48&bdt=151&idt=109&shv=r20210426&cbv=r20190131&ptt=5&saldr=sa&abxe=1&correlator=79865575646&frm=20&pv=2&ga_vid=1519302360.1619653964&ga_sid=1619653964&ga_hid=506349865&ga_fc=0&u_tz=120&u_his=3&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1468&ady=316&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671&oid=3&pvsid=2782390440334303&ref=http%3A%2F%2Fonline.the3rdage.net%2F&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=gUMYd5zf7Q&p=https%3A//t3aonline.net&dtd=129
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 one_click_handler_one_afma_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210426/r20110914/client/ Frame 3A3D 25 KB
10 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210426/r20110914/client/one_click_handler_one_afma_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef701bcdb11abe6ee6b906497f307cf8591be7b46258e201b2da192ba009e308

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Apr 2021 14:38:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 33269
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10420
x-xss-protection: 0
server: cafe
etag: 5410920360913075790
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 12 May 2021 14:38:15 GMT

GET
H3-29 200 adview
googleads.g.doubleclick.net/pagead/ Frame 3A3D 0
0 18ms
17ms Fetch
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C3mmETPWJYLGPFoT53gPctrnIAZDU_Lhi3-Txx8EN2tkeEAEg2vPrEGCViriCyAegAbaKr4oDyAEDqQKLZTd0flm0PqgDAcgDyQSqBKwBT9Cn9hJWFsG6Qry1XTpN6LsSQVzwXPWahkPboFDbE0aZQ5rxXDFzhq0cmoF4F7wuZHiOIe4m76oYvH0Gre6feu3negplgVTBTlin5pt_jJxNlKaBta1BaKjny5XkfaKI-qKUHembvnhvbTThD5embgNBfdAxtZbFaHtsgAp_QbhuKU9tuNpvmiJxRUh9_pz5CEjYY07268qkCYnYsYWVd995XZt4RDkjLnkqssAEnp3JxPUCkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBgOAB7L10HWoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfs1RvYBwHyBwQQgMAd0ggJCIDhgBAQARgfgAoByAsB2BMNshcaChgIABIUcHViLTM4Njc4Mzk2MDczOTAyOTU&sigh=lOL5cLmJYEU

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3867839607390295&output=html&h=600&slotname=8497838249&adk=4264655683&adf=3240750105&pi=t.ma~as.8497838249&w=120&lmt=1619653964&url=https%3A%2F%2Ft3aonline.net%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619653964215&bpp=48&bdt=151&idt=109&shv=r20210426&cbv=r20190131&ptt=5&saldr=sa&abxe=1&correlator=79865575646&frm=20&pv=2&ga_vid=1519302360.1619653964&ga_sid=1619653964&ga_hid=506349865&ga_fc=0&u_tz=120&u_his=3&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1468&ady=316&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671&oid=3&pvsid=2782390440334303&ref=http%3A%2F%2Fonline.the3rdage.net%2F&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=gUMYd5zf7Q&p=https%3A//t3aonline.net&dtd=129
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Wed, 28 Apr 2021 23:52:44 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-29 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 1B4A 1 KB
749 B 8ms
7ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: pagead2.googlesyndication.com
:scheme: https
:path: /pagead/s/cookie_push_onload.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Wed, 28 Apr 2021 03:14:09 GMT
expires: Thu, 29 Apr 2021 03:14:09 GMT
content-type: text/html; charset=UTF-8
etag: 48472445140208031
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
cache-control: public, max-age=86400
age: 74315
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 3A3D 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: acfa88dd1678f8e7ca8c3bbb85f9fc07bbb7c6262d01df92601bc52273c71a12

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 dpixel
cms.quantserve.com/ Frame 1B4A 35 B
465 B 24ms
8ms Image
image/gif 2620:116:800d:21:51e4:db4b:4436:b305
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEBSUUbMQZGEy92qgfw_JL80&google_cver=1&google_push=AQvitUKVlR1QUo95S5k0SrspQkRxzKjKKxYjLNNWvT3l-gBV1wSstkzYJZlrdeHXOvGDfNzhwKGc7xQ85MUOY17W-jYV5H4RU_RB

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:51e4:db4b:4436:b305 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Apr 2021 23:52:44 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 1B4A
Redirect Chain

https://pixel.everesttech.net/1/m?url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Deverest%26google_hm%3D__EFGSURFER_USB64__%26google_push%3DAQvitULoEWy9BGMzGwXh7k7vBj99HKBExneikDzB7x1...
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WUluMVRBQUFBS0JZdFJOQA&google_push=AQvitULoEWy9BGMzGwXh7k7vBj99HKBExneikDzB7x1Fe50aLrWCW6d9m5zw-sqFckza5f26ZbND9h5FAfHwx04ognSOvpmgV7iY

170 B
188 B

62ms
34ms

Image
image/png

172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WUluMVRBQUFBS0JZdFJOQA&google_push=AQvitULoEWy9BGMzGwXh7k7vBj99HKBExneikDzB7x1Fe50aLrWCW6d9m5zw-sqFckza5f26ZbND9h5FAfHwx04ognSOvpmgV7iY

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Apr 2021 23:52:45 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WUluMVRBQUFBS0JZdFJOQA&google_push=AQvitULoEWy9BGMzGwXh7k7vBj99HKBExneikDzB7x1Fe50aLrWCW6d9m5zw-sqFckza5f26ZbND9h5FAfHwx04ognSOvpmgV7iY
Date: Wed, 28 Apr 2021 23:52:44 GMT
Server: Apache
Connection: keep-alive
Content-Length: 391
Content-Type: text/html; charset=iso-8859-1

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 1B4A
Redirect Chain

https://rtb.openx.net/sync/dds?google_gid=CAESEDG0mFlo3fT2arN4Kuvkug4&google_cver=1&google_push=AQvitUJEgTVlmqfKVyI-l3rBlL0IyKSRnX-Bu4Rrea3TcPX9-tYm4kIqq-VBViTmU3Wvo68mkLHHFekFsmfkEazxPEHTofRX9h8a
https://rtb.openx.net/sync/dds?google_gid=CAESEDG0mFlo3fT2arN4Kuvkug4&google_cver=1&google_push=AQvitUJEgTVlmqfKVyI-l3rBlL0IyKSRnX-Bu4Rrea3TcPX9-tYm4kIqq-VBViTmU3Wvo68mkLHHFekFsmfkEazxPEHTofRX9h8a&...
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AQvitUJEgTVlmqfKVyI-l3rBlL0IyKSRnX-Bu4Rrea3TcPX9-tYm4kIqq-VBViTmU3Wvo68mkLHHFekFsmfkEazxPEHTofRX9h8a&google_hm=7R0Uxkv6yfI8HMRoQBhNiQ==

170 B
188 B

62ms
33ms

Image
image/png

172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AQvitUJEgTVlmqfKVyI-l3rBlL0IyKSRnX-Bu4Rrea3TcPX9-tYm4kIqq-VBViTmU3Wvo68mkLHHFekFsmfkEazxPEHTofRX9h8a&google_hm=7R0Uxkv6yfI8HMRoQBhNiQ==

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Apr 2021 23:52:45 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 28 Apr 2021 23:52:44 GMT
via: 1.1 google
server: Cowboy
access-control-allow-origin: null
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AQvitUJEgTVlmqfKVyI-l3rBlL0IyKSRnX-Bu4Rrea3TcPX9-tYm4kIqq-VBViTmU3Wvo68mkLHHFekFsmfkEazxPEHTofRX9h8a&google_hm=7R0Uxkv6yfI8HMRoQBhNiQ==
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
alt-svc: clear
content-length: 0
x-request-id: bh74b0tsn5ubpno7vj0e0n069qiidj5u

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 1B4A
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=ZY_H5jnISsKF09KsCi6L7Q%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

40ms
34ms

Image
image/png

172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=ZY_H5jnISsKF09KsCi6L7Q%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AQvitULOqghkJjrAqctbF4GToAJNe4dRG8mjcXwHOIPFW1Hs_DmVuX5PmB_4vmoyw92dexzIkfhAkgjCtKSlsEfy6den1hl8vzjH

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Apr 2021 23:52:45 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=ZY_H5jnISsKF09KsCi6L7Q%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AQvitULOqghkJjrAqctbF4GToAJNe4dRG8mjcXwHOIPFW1Hs_DmVuX5PmB_4vmoyw92dexzIkfhAkgjCtKSlsEfy6den1hl8vzjH
Date: Wed, 28 Apr 2021 23:52:43 GMT
P3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 1B4A
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEEr93zzyyZkqi8jSAXQiwsc&google_cver=1&google_push=AQvitUJSkIFR_Nb-LMUxmECMqd6_NOqRNt4wJqPkFE_9fIgTEQqHZutZxGs8Xnm4xt-q7KevnYz...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S08yNDVITzMtNC03STdD&google_push=AQvitUJSkIFR_Nb-LMUxmECMqd6_NOqRNt4wJqPkFE_9fIgTEQqHZutZxGs8Xnm4xt-q7KevnYznQ0LYFJbx2lr2p-bK88Mh5foo

170 B
188 B

61ms
31ms

Image
image/png

172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S08yNDVITzMtNC03STdD&google_push=AQvitUJSkIFR_Nb-LMUxmECMqd6_NOqRNt4wJqPkFE_9fIgTEQqHZutZxGs8Xnm4xt-q7KevnYznQ0LYFJbx2lr2p-bK88Mh5foo

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Apr 2021 23:52:45 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S08yNDVITzMtNC03STdD&google_push=AQvitUJSkIFR_Nb-LMUxmECMqd6_NOqRNt4wJqPkFE_9fIgTEQqHZutZxGs8Xnm4xt-q7KevnYznQ0LYFJbx2lr2p-bK88Mh5foo
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
content-length: 0
X-RPHost: 78e3bdce5107450057bade54d54a0a7e
Expires: 0

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 1B4A
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEI3bqy7ulLgA1LU1ymCdfa4&google_cver=1&googl...
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEI3bqy7ulLgA1LU1ymCdfa4&google_cver=1&googl...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YIn1TKE6r44iu1KRdGAUQAAABGkAAAAB&google_push=AQvitULTjzPRwRKYrjzaTezaJ7ZWuEou3WkkbSQMzTcBwqO_N63LKvAIFYdS4bkMvWYx9ZKKm3Awu7ZGXGJuM4zi0q...

170 B
188 B

56ms
32ms

Image
image/png

172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YIn1TKE6r44iu1KRdGAUQAAABGkAAAAB&google_push=AQvitULTjzPRwRKYrjzaTezaJ7ZWuEou3WkkbSQMzTcBwqO_N63LKvAIFYdS4bkMvWYx9ZKKm3Awu7ZGXGJuM4zi0qAKAUrLpAw&google_cver=1&google_gid=CAESEI3bqy7ulLgA1LU1ymCdfa4

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Apr 2021 23:52:45 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 28 Apr 2021 23:52:45 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YIn1TKE6r44iu1KRdGAUQAAABGkAAAAB&google_push=AQvitULTjzPRwRKYrjzaTezaJ7ZWuEou3WkkbSQMzTcBwqO_N63LKvAIFYdS4bkMvWYx9ZKKm3Awu7ZGXGJuM4zi0qAKAUrLpAw&google_cver=1&google_gid=CAESEI3bqy7ulLgA1LU1ymCdfa4
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 459
Expires: Wed, 28 Apr 2021 23:52:45 GMT

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 1B4A
Redirect Chain

https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEOPIoqUeRUkDj_jrOBVS18A&google_cver=1&google_push=AQvitUJNMETm3GGpAUpxy5Fn...
https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AQvitUJNMETm3GGpAUpxy5Fnl8SJARF_j1FsUzBiboBmjrpOxA6ql0W__TihgGpuy9ki4_RAhy__S1bFVi_jE6XUH4SPqAw8kcxc&google_hm=

170 B
188 B

31ms
31ms

Image
image/png

172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AQvitUJNMETm3GGpAUpxy5Fnl8SJARF_j1FsUzBiboBmjrpOxA6ql0W__TihgGpuy9ki4_RAhy__S1bFVi_jE6XUH4SPqAw8kcxc&google_hm=

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Apr 2021 23:52:45 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 28 Apr 2021 23:52:45 GMT
server: GHC
p3p: CP="NOI DSP COR NID PSAo OUR IND"
location: https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AQvitUJNMETm3GGpAUpxy5Fnl8SJARF_j1FsUzBiboBmjrpOxA6ql0W__TihgGpuy9ki4_RAhy__S1bFVi_jE6XUH4SPqAw8kcxc&google_hm=
cache-control: no-store, no-cache, must-revalidate, max-age=0
accept-ranges: none
content-length: 0
expires: Tue, 27 Apr 2021 23:52:45 GMT

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 1B4A 0
236 B 84ms
29ms Image
text/html 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Jm1__mR0sRV0XQDBlGrWFUj-E6mgwk-vTxT8TnsJ0YxoWvNkaPW1FrWE0c-RS5zv6NyJWQ7Q

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Apr 2021 23:52:44 GMT
server: HTTP server (unknown)
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3-29 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 133 KB
47 KB 24ms
24ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b39b55f8696f4865e79b1ba6e61c5d287c670c2697af851e416983a45c990063

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://t3aonline.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Apr 2021 23:52:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48343
x-xss-protection: 0
server: cafe
etag: 3061156273208685884
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 28 Apr 2021 23:52:44 GMT

GET
H3-29 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 9 KB
7 KB 18ms
17ms XHR
application/json 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210426&st=env

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c610a028438b36145c906624585544dd88d0bc2a905fb8b79e7381e1ac8273e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://t3aonline.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 28 Apr 2021 23:52:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6969
x-xss-protection: 0

GET
H3-29 200 kDRksX2Ww4e_xNClAyIBt4DTtML4DGkgzzkDas1N7gE.js Show response
pagead2.googlesyndication.com/bg/ Frame CE42 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/kDRksX2Ww4e_xNClAyIBt4DTtML4DGkgzzkDas1N7gE.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

903464b17d96c387bfc4d0a5032201b780d3b4c2f80c6920cf39036acd4dee01

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Apr 2021 18:31:12 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 22 Apr 2021 15:58:00 GMT
server: sffe
age: 19292
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5651
x-xss-protection: 0
expires: Thu, 28 Apr 2022 18:31:12 GMT

GET
H3-29 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://t3aonline.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Apr 2021 23:52:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1616005470650935"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6437
x-xss-protection: 0
expires: Wed, 28 Apr 2021 23:52:44 GMT

GET
H3-29 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 15ms
14ms Script
application/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=t3aonline.net

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://t3aonline.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 28 Apr 2021 23:52:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 15ms
15ms Script
application/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=t3aonline.net

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://t3aonline.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 28 Apr 2021 23:52:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame B0E9 0
16 B 16ms
16ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3867839607390295&output=html&adk=1812271804&adf=3025194257&lmt=1619653964&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Ft3aonline.net%2F&ea=0&flash=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619653964989&bpp=1&bdt=925&idt=2&shv=r20210426&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Ddc354a5da123cda9-2206a617f4c70040%3AT%3D1619653964%3ART%3D1619653964%3AS%3DALNI_Mbt7yyZp2a_CSnxzb2wNdnAET-Xuw&prev_slotnames=8497838249&nras=1&correlator=79865575646&frm=20&pv=1&ga_vid=1519302360.1619653964&ga_sid=1619653964&ga_hid=506349865&ga_fc=0&u_tz=120&u_his=3&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671&oid=3&psts=AGkb-H9SEqOKbJZjzDFzr3kVXeVAx0i9mB51l1KkzSqP7VOSn40X26cXs6wIdtVjRMqq_tyfTbrsu7OTfLU&pvsid=2782390440334303&ref=http%3A%2F%2Fonline.the3rdage.net%2F&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&dtd=11

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-3867839607390295&output=html&adk=1812271804&adf=3025194257&lmt=1619653964&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Ft3aonline.net%2F&ea=0&flash=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619653964989&bpp=1&bdt=925&idt=2&shv=r20210426&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Ddc354a5da123cda9-2206a617f4c70040%3AT%3D1619653964%3ART%3D1619653964%3AS%3DALNI_Mbt7yyZp2a_CSnxzb2wNdnAET-Xuw&prev_slotnames=8497838249&nras=1&correlator=79865575646&frm=20&pv=1&ga_vid=1519302360.1619653964&ga_sid=1619653964&ga_hid=506349865&ga_fc=0&u_tz=120&u_his=3&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671&oid=3&psts=AGkb-H9SEqOKbJZjzDFzr3kVXeVAx0i9mB51l1KkzSqP7VOSn40X26cXs6wIdtVjRMqq_tyfTbrsu7OTfLU&pvsid=2782390440334303&ref=http%3A%2F%2Fonline.the3rdage.net%2F&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&dtd=11
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://t3aonline.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUl34tWF8VgR7Hk6LlLXrNG5Ji3dOMz3ZBA5WGRdxNUK95rlymvTmujSll5V4T4; DSID=NO_DATA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://t3aonline.net/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Wed, 28 Apr 2021 23:52:45 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/222/ Frame E268 12 KB
5 KB 6ms
6ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/222/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://t3aonline.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://t3aonline.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5022
date: Wed, 28 Apr 2021 23:28:37 GMT
expires: Thu, 28 Apr 2022 23:28:37 GMT
last-modified: Wed, 20 Jan 2021 19:23:06 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 1448
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 kDRksX2Ww4e_xNClAyIBt4DTtML4DGkgzzkDas1N7gE.js Show response
pagead2.googlesyndication.com/bg/ Frame E268 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/kDRksX2Ww4e_xNClAyIBt4DTtML4DGkgzzkDas1N7gE.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

903464b17d96c387bfc4d0a5032201b780d3b4c2f80c6920cf39036acd4dee01

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Apr 2021 18:31:12 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 22 Apr 2021 15:58:00 GMT
server: sffe
age: 19293
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5651
x-xss-protection: 0
expires: Thu, 28 Apr 2022 18:31:12 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 15ms
15ms Image
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=222&t=2&li=gda_r20210426&jk=2782390440334303&bg=!ISKlImbNAAZLnZBaS507ACkAdvg8Wmk0spjufMADhl9FV6a6qa8JyDDUVtiVgjkV4xp5oqAhQhtVLgIAAABMUgAAAAloAQcKAQvViD83MKW23DhWWKeI5suU8S5_Q-Jx3uLLxnr2bGER4j80lKPYp5OEq2S8GnZIERT7N0EzP92rdL8NxeCiH7H3oLVB3eQtrGvIGtmXtbPbARURxo24O_qsBIqWVIyXiZrYWUqpB0MS5T-c7q0zSm49d9jQfypqoqvXHGbtbLpNGqD6AYM4ri6nCEIYNBpzgk_l9NpyZYpjwakGCCtDXSIpjJqZpTlKAwRPfqlaBL-v8UgKGPJz4zVV7Sz9Yn491Al8X7Q116X47s3NSkNM-mn1AjMwFhZ-gKzAtpZxGN78I7wYkgtEKXfgMFclxnFR3up0v7uWeDlwmcuiQpbgqY6HY1ZkEENWagyBQN2ZAhNokRK1bQexJ_D6Yv6aPzUQZXZbU2qRSU-TC1bcX29rb0jGig0slgraM8EHclXRzU_Mfwg1FiIDUICGiBqJuMOywIB6VnlIkzGqT_X8Nobs9l0uNutAMk0_AOBw7CZ6gh5Y7abOkrashFUHQ7EBRwC-FRvYtUUcDCNqvFmQSjzmsK_Nn9SLurPBeWtn3F5vTvIABJLkLt_NDC7ztlhYPlZLl8PvjPt0AWbFrLfUiuUOCWvcHxmy27s1ns4VKdpX4gbzzS-yKIYsw7dAHYcLZC79iUzxKx_btK3WHxvUGfaE8EFOGL3Qo-l23aDDgLUFQwpI-7gq-XNHBG5A7PLtGyjDQ9cvGckW_pnbE3X83926PotMxup87yUkEEdMuyHSgQqK5RIpMn0H8_CuM0N9rfWxJ2wvcVF8l5k_oFG16JXtdh33hGL_Bg-jH8Vu89QYiB77_stQlfKI4JLe1RqHctfQBIWFaAFgUfNJSCVAJjsqs8ZdvWhwVsjBJvzkCtXHkd2wJrvPZDVtiYlCrSW-Ttk9Ci1XQa37IG74eyf3vcTCNHyrn92n49N6JOx69YytUC5yFKznV_shKz6hsdtOJ2kRHMLeTfkaNwUJfl_TW3EzM9uE24MoLqZcL5-ZaMZ2o_2MmKzoPOZxKdJqKFsKbfe1moc1MlQRDjGM0IKSqCArwBHJfxfo3KNWT-0zDM3Xr7ebVd8

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://t3aonline.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Apr 2021 23:52:45 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 3A3D 42 B
64 B 21ms
21ms Fetch
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu-rN8N5yTxivmn-Slb0FPoxg_RBueRwqaS1-PqsZBtlgzNeDSMWANDnWHfbrXPKEN4EFthesXhWhrJXoJjsatwx9Z5f645Mjz_8MS-pkkyxhn5cljB5uzvPHEIk0LU3NhjKaVnCECTBZuY5WdQ_U-MXA&sai=AMfl-YRYDmJVtzPO9J0T05arUPl4RWcwxchM964w0FZxo1nMzOIlA-iX7TTKwheSvi15-WphYII77B5UkJvIh5im2kuXI3Z11Ep-bG8&sig=Cg0ArKJSzDH8rWOpc6A4EAE&cid=CAASF-RoW-wB8ffh_0cq4E_hJKJSg-BLutX-&id=lidar2&mcvt=1000&p=338,1468,938,1588&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20210423&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=4&adk=4264655683&rs=2&met=mue&la=0&cr=0&osd=1&vs=4&rst=1619653964348&dlt=483&rpt=47&isd=0&msd=0&r=v&fum=1

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Apr 2021 23:52:45 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstrLRDyKLvyDIS3Wjc2ZnrpRPdtyRUbsXanpN7FTIVSufgvgfaAP-FprjWP9OQhG-9nB5FpZMVZEeA6IHB1a1quEdhNmAg5z3NoLCk-e1CTci0MS7JEtPET4DNzvg&sai=AMfl-YRRLz0J-ZK_9JvQtRSOBNtDnqt8u5fF0GOnossv22xEdz-UPQAA-SmbTxoHTrUPOjVcYCKqn_RBk4qf&sig=Cg0ArKJSzMVXJAFrwaXaEAE&id=lidartos&mcvt=5464&p=306,1458,756,1578&mtos=5464,5464,5464,5464,5464&tos=5464,0,0,0,0&v=20210423&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=4&adk=2513646384&rs=2&met=mue&la=0&cr=0&osd=1&vs=4&rst=1619653958170&dlt=323&rpt=70&isd=0&msd=0&r=u&fum=1

Verdicts & Comments Add Verdict or Comment

252 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.doubleclick.net/	1970-01-19 17:54:17	Name: DSID Value: NO_DATA
.doubleclick.net/	1970-01-20 03:15:49	Name: IDE Value: AHWqTUl34tWF8VgR7Hk6LlLXrNG5Ji3dOMz3ZBA5WGRdxNUK95rlymvTmujSll5V4T4
.t3aonline.net/	1970-01-20 11:25:25	Name: _ga Value: GA1.2.1519302360.1619653964
.t3aonline.net/	1970-01-20 03:15:49	Name: __gads Value: ID=dc354a5da123cda9-2206a617f4c70040:T=1619653964:RT=1619653964:S=ALNI_Mbt7yyZp2a_CSnxzb2wNdnAET-Xuw
.t3aonline.net/	1970-01-19 17:55:40	Name: _gid Value: GA1.2.2087814144.1619653964
.t3aonline.net/	1970-01-19 17:54:14	Name: _gat Value: 1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ads.revora.net
adservice.google.com
adservice.google.de
bar.revora.net
cm.g.doubleclick.net
cms.quantserve.com
googleads.g.doubleclick.net
googlecm.hit.gemius.pl
image6.pubmatic.com
info.server.cnc-online.net
online.the3rdage.net
pagead2.googlesyndication.com
partner.googleadservices.com
pixel.everesttech.net
pixel.rubiconproject.com
rtb.openx.net
ssum-sec.casalemedia.com
t3aonline.net
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.googletagservices.com
www.paypalobjects.com
pagead2.googlesyndication.com
104.111.228.123
142.250.185.98
172.217.23.98
185.17.144.132
185.64.190.78
2.18.234.21
2620:116:800d:21:51e4:db4b:4436:b305
2a00:1450:4001:80e::2002
2a00:1450:4001:810::2004
2a00:1450:4001:811::2004
2a00:1450:4001:811::200e
2a00:1450:4001:812::2002
2a00:1450:4001:813::2002
2a00:1450:4001:829::2001
2a00:1450:4001:82a::2002
2a00:c98:2050:a054:4::
34.246.227.69
35.186.253.211
69.173.144.139
79.137.68.187
09690aff18722b3ef68e3d67f9d610ff8329373bf467cbb84c08ac20faef3fb8
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bc6c04193084c292185fbc6e8482e797e9e378f61bc228a8ca52e19a9d9a9ba
0c11a09e52ccd3b839163bd07d94213588b23fb9aac7e09717f0dd160b8398b6
0c1ce4dd3afaa97d8627ecebc2e255fe5c1b3c2038f6961a86d10f0381056cc7
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
15196e5bdae365fbd92fc062324e33a913f9cfdc2e68a8808e1699fa8fea809a
179de6e08aeff5057b1f82239a8cc1dee448092294f988891702703bb74e1185
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
182a28e82b69fc368a3cd40cc33aa7930ca44c36ed947458750f50b533519e11
1b8c66888665edcd9465ce192cf5ba528880a75047fa57950b7843666d0c0e03
1ca7e2aaa6d6eab6748b20605586049a241c0c020ae7e4086d8f41a523f23656
21880b4c854ba07449501b01219dbc96284759c8041a56b83e4fc1229bf068b1
23d98d3f1c3a43aee9f4023a42127fedae05b2b67118efc3bc251854809bf8c5
2471cf34ff0fcf1018f427e15b20f624dc61c37a98cfebb429f5918f3d0970c5
2854680526ddb8f83d2fc8ad6e6373ccef0c27d191d0848ed800e2a44f66564a
2a589cc012760bf4a51613e143d3f3118f467f870f2e4014996c0c9b01419085
2b42b3088b5dcdfef483335a041a4f4a0913443e6fc7dac1716db9655e88d98b
2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a
2eb67b833a99fb00e94d2a831c5f05d594e2332287f31269a6c12c39f17d0336
2ed020dbf9bf4a4db74cf7a47d50e208f59a900fcdc6b120e308b911d3fbe059
3064051b55452898041bd544760775c16f1745bdf57f68f7178e85ba5d251803
33cf87333f31ef34afa4cd2e2542059953bfd539d305b14cee9bf50bd6e4e2b6
3b23b6c59e5c613104a313d2e10ccb02add0e88201815a398b5f6d14d0332f74
3f2a0d0a0d398d133d79f43103d1025e0ef133fd7c30ccd151d17396adfccff7
4127736fe523600d9c8cd4c1266c5c51798f15a373e97755c2c834fd6088e36a
439ab67fa3c312bb442bed574ea79be834dbd92f3bd7d2288b6f3fce4d0afb0c
4851979181f534b0e131fda476bc76238f94e271670bbbba7995a48e10d0bc60
48c3710b29907479d3e9313e2ab9bf5d0f62a1cd378f2376ad9fd20b911ecf2b
494efdd49838663812cd4aa12f6dcf844d8635b979eed56147a21b0fc5469b99
5123322dc2e6fa871632d8c88474ab46aab39ccb44ebfca69956c364c8844a42
59115834e1562bff544865d75ab7af3e2d26eb0733f8058f839e1d7099302008
5c05a5e42180315f444931e81251f96ea09d36c4ec2408658e52444bf86f9079
66a0577fea988532c0eb95fc61c41ac6eac979e6c9771493fab516f71ab13c11
6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc
69fcf7682b771176634dc54deb0c412cf9ec40df931d56a0480ee51b47ed1598
72741acd66724a989274233e8d64bb667389ec0bff47750ecf9099ae5d0c784e
731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233
732f27153a5a21e285b6a5a5037fa7a72e5a4758b37d681965bdf66420a38a14
78043fee064dc84954f0d07fe74e6db27d212a351cbb3ef7f1aa007b962d9131
79548dceb70e56b6b956cbb4669e6bfc8e8ae7797152635d48eda12fbf2f289a
7c14f29c7a023955bb4e94c3742339ce4b4aa3d639d7fc98c4045f3e46076bed
7d1aa9090770bfe95f96bd03128e1cd659a17f3ceb0155c18e77f2084f58af39
81dbf3790cf70a135b5d84161bebb8b2d6fb4083e587e91886a4b7b8eb31b76f
81f153eeb5f4623e923029983e8c8f0ac0f485d52e5ad9569bdcb53b9a375f54
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83ccfff4490319b094df6902a815cdb15c41abbfdcaef2683ac1b0d85d7815ac
884bf116007f250562b57f28d782d80b6130ed7343942aced03a08dd049b15bd
903464b17d96c387bfc4d0a5032201b780d3b4c2f80c6920cf39036acd4dee01
93aa4b714e82fbd1f23513444beff66497114f31333eda57092b18a4032624fa
94cd1b15da1857ed1637f3d9ef293650256a57d261d6e642723e6d673dd46886
95b0a3950851bcf7b5d45eb07e2d18a0666077ddda9e1bc1d0766a919cc24fc1
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5c96c91c4ab2c0572ec8371c0f49d9f722eb71ae47224f29eabadf59f5fabe8
a5cb642ef22434a24612329870579fbb272cb9fa7475360035596ea56fb0431a
a7156badf9e06c20cec6608b802cb82633c3bafaf62ba711c0d1c95245113a73
a7eebede294a23e848a816188a5551725984b01ed240617fb7408c3b8eac826d
a908535933dcc28f0828f9efab43b23991931bcc624ed85cf2bd3ea2a98086e7
acfa88dd1678f8e7ca8c3bbb85f9fc07bbb7c6262d01df92601bc52273c71a12
b39b55f8696f4865e79b1ba6e61c5d287c670c2697af851e416983a45c990063
b6c82e597db8a41a9f1f39774d48c21446f13d0abebebe752c6b40b9e25e115c
b7d12518cf552856fa8d719c5f2ff4fc32a88fb1a7d924bdf954433290906859
bc50bf49cbe79ee49b4ee8b56f26ff4877bc4945c16f260b1481ba2355c96347
c06a43e1f02cade40f66a2458b5ec7dd99897db2d5483a1fa106652e11e88dd6
c4ef859427cb7724627a9c82fcf5323dd28c36bd9b22b89e5c06ffb3dc8c06e0
c506e90b46af2b80e36cc23516ac15fb03f00df24cda5357d434734cfa2bbfa0
c610a028438b36145c906624585544dd88d0bc2a905fb8b79e7381e1ac8273e9
c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645
cb76b11fbb1f20e04f99fa5ae8555ffd00d9fec465b72b21edea43e1ccb606fd
d40be97635358c67c894ac7ae28aca38629260c97c097823c4105b6a5742f540
d76c09ea49a67623c581149d87ec821d813b9302aea4f871df16156cd1d28a53
e0fad38c04932f3e71581d5ca798b326778fc0e54e3823de3b0f9eddbef0892e
e21f2c58801101e489ab92416f5ae4a142411b7e9b657b07182aba1cef543f46
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5d13a315184e4cc69d5c495682f8e5539478b0f7331165dc63e9aa4f224add0
ec1c81d004f3a59fb1360e1a3d31ee5ec8343149f953a4a9ef29a0f754128522
ed19bf4f63123be89ef2e9d7469f158359da2c3d89ccdfea44ce0b2f3175757e
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef401723a5f987ab1255b0ed5b567de6c2ccb39ee9e3b6427e9034d1fc87f71c
ef64649cc13231b80be0fc92ce6d7dd8c9a474cb8c941796549800cd79520a97
ef701bcdb11abe6ee6b906497f307cf8591be7b46258e201b2da192ba009e308
f36c969375f6fe75aa1dacfbb4824eae8bbf87023d9b01d28f7e24f396db446b
f38ffa971c63258acc757d2f96de3a613435032dc95723c7c038eedb18c808a9
f44ebddbc891891da98c1fe22881ebb93b699d5b99f2c3ba0a56e9a8c523aa03
f8f6ea5dbb38c064389db4b0ff61017d22173d2dfcac263a51201ab4e1a568c7
fa9bf85920aefa3e221aef0d61a71a95b213faf0874ede1f393152f42e7ac7cd
fc23d6412c7b248fab040a2b6639ff2e8b7fc8fe04ae8dc2595c48bdd0c29910
fe0f677319b466d9ab2663327d932e54ce5766431a153902f69b0bb37e36654c
fefb83f6264d1e1d776051304a57aab90305397dda8e4b517eee088e2ae9c459

t3aonline.net Open in urlscan Pro 185.17.144.132 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

156 Requests

76 %HTTPS

50 %IPv6

19 Domains

23 Subdomains

14 IPs

5 Countries

2447 kBTransfer

3642 kBSize

6 Cookies

11 Outgoing links

Page URL History

Redirected requests

156 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

t3aonline.net Open in urlscan Pro
185.17.144.132 Public Scan

Screenshot
Live screenshot

Full Image

156
Requests

76 %
HTTPS

50 %
IPv6

19
Domains

23
Subdomains

14
IPs

5
Countries

2447 kB
Transfer

3642 kB
Size

6
Cookies

156 HTTP transactions
2 data transactions