www.ctfiot.com Open in urlscan Pro
43.254.217.178 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://www.ctfiot.com/71118.html
Submission: On January 05 via manual (January 5th 2023, 2:47:20 pm UTC) from US — Scanned from DE

Summary HTTP 99 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 28 IPs in 8 countries across 28 domains to perform 99 HTTP transactions. The main IP is 43.254.217.178, located in Hong Kong and belongs to CLOUDIE-AS-AP Cloudie Limited, HK. The main domain is www.ctfiot.com.

This is the only time www.ctfiot.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
20	43.254.217.178 43.254.217.178	55933 (CLOUDIE-A...) (CLOUDIE-AS-AP Cloudie Limited)
5	163.181.56.174 163.181.56.174	24429 (TAOBAO Zh...) (TAOBAO Zhejiang Taobao Network Co.)
11	59.110.190.229 59.110.190.229	37963 (ALIBABA-C...) (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.)
10	2a00:1450:400... 2a00:1450:4001:803::2002	15169 (GOOGLE) (GOOGLE)
2	2606:4700:303... 2606:4700:3032::ac43:8d18	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	2a00:1450:400... 2a00:1450:4001:801::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400d:807::2002	15169 (GOOGLE) (GOOGLE)
2	103.235.46.191 103.235.46.191	55967 (BAIDU Bei...) (BAIDU Beijing Baidu Netcom Science and Technology Co.)
1 2	212.64.63.190 212.64.63.190	45090 (TENCENT-N...) (TENCENT-NET-AP Shenzhen Tencent Computer Systems Company Limited)
1	2600:1901:0:7... 2600:1901:0:76b9::	15169 (GOOGLE) (GOOGLE)
12	2606:4700:20:... 2606:4700:20::681a:ad1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2a00:1450:400... 2a00:1450:4001:831::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400d:802::2002	15169 (GOOGLE) (GOOGLE)
1 2	2001:678:cb4:... 2001:678:cb4:bbbb::11	56396 (AMOBEE) (AMOBEE)
2 7	142.250.185.66 142.250.185.66	15169 (GOOGLE) (GOOGLE)
4 4	52.28.37.158 52.28.37.158	16509 (AMAZON-02) (AMAZON-02)
1 1	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
1 1	2600:9000:211... 2600:9000:211e:3600:1b:5138:8a40:93a1	16509 (AMAZON-02) (AMAZON-02)
1	185.86.139.94 185.86.139.94	201081 (SMARTADSE...) (SMARTADSERVER)
1 2	104.96.128.226 104.96.128.226	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2606:4700:20:... 2606:4700:20::681a:71b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700:20:... 2606:4700:20::ac43:4a81	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4 4	142.250.180.198 142.250.180.198	15169 (GOOGLE) (GOOGLE)
4 4	84.200.5.215 84.200.5.215	44066 (DE-FIRSTC...) (DE-FIRSTCOLO www.first-colo.net)
1	78.46.85.162 78.46.85.162	24940 (HETZNER-AS) (HETZNER-AS)
1	46.4.62.19 46.4.62.19	24940 (HETZNER-AS) (HETZNER-AS)
1 1	95.100.75.47 95.100.75.47	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2606:4700::68... 2606:4700::6812:7e05	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 4	163.181.56.157 163.181.56.157	24429 (TAOBAO Zh...) (TAOBAO Zhejiang Taobao Network Co.)
1	47.246.167.30 47.246.167.30	() ()
1	2a00:1450:400... 2a00:1450:4001:82f::2004	15169 (GOOGLE) (GOOGLE)
99	28

20 43.254.217.178 (Hong Kong)

ASN55933 (CLOUDIE-AS-AP Cloudie Limited, HK)

www.ctfiot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 163.181.56.174 (Frankfurt am Main, Germany)

ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN)

cdn.staticfile.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 59.110.190.229 (Beijing, China)

ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN)

ctfiot.oss-cn-beijing.aliyuncs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3032::ac43:8d18 (United States)

ASN13335 (CLOUDFLARENET, US)

sdn.geekzu.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:807::2002 (Ireland)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 103.235.46.191 (Hong Kong)

ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN)

hm.baidu.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 212.64.63.190 (China) 1 redirects

ASN45090 (TENCENT-NET-AP Shenzhen Tencent Computer Systems Company Limited, CN)

iowen.gitee.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1901:0:76b9:: (Kansas City, United States)

ASN15169 (GOOGLE, US)

prod-rtb.ad4mat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2606:4700:20::681a:ad1 (United States)

ASN13335 (CLOUDFLARENET, US)

as.ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
assets.ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:831::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:802::2002 (Ireland)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:678:cb4:bbbb::11 (United Kingdom) 1 redirects

ASN56396 (AMOBEE, GB)

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
r.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 142.250.185.66 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.28.37.158 (Frankfurt am Main, Germany) 4 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-28-37-158.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.165 (Frankfurt am Main, Germany) 1 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:211e:3600:1b:5138:8a40:93a1 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

s.ad.smaato.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.86.139.94 (France)

ASN201081 (SMARTADSERVER, FR)

ssbsync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.96.128.226 (Vienna, Austria) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-96-128-226.deploy.static.akamaitechnologies.com

sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:71b (United States)

ASN13335 (CLOUDFLARENET, US)

static-de.ad4mat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::ac43:4a81 (United States)

ASN13335 (CLOUDFLARENET, US)

ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.180.198 (United States) 4 redirects

ASN15169 (GOOGLE, US)
PTR: bud02s33-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 84.200.5.215 (Germany) 4 redirects

ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE)

www.telefonica-partner.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.lead-alliance.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 78.46.85.162 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: nonstopads1.sunbonet.de

partner.o2online.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 46.4.62.19 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: nonstopads4.sunbonet.de

partner.blau.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 95.100.75.47 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a95-100-75-47.deploy.static.akamaitechnologies.com

www.awin1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:7e05 (United States)

ASN13335 (CLOUDFLARENET, US)

www.conrad.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 163.181.56.157 (Frankfurt am Main, Germany) 1 redirects

ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN)

widget.qweather.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 47.246.167.30 (None, )

ASN- ()

webapi.amap.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
20	ctfiot.com www.ctfiot.com	350 KB
18	doubleclick.net 6 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 64 cm.g.doubleclick.net — Cisco Umbrella Rank: 321 ad.doubleclick.net — Cisco Umbrella Rank: 214	24 KB
15	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 145 tpc.googlesyndication.com — Cisco Umbrella Rank: 187	214 KB
14	ad4m.at as.ad4m.at — Cisco Umbrella Rank: 28784 ad4m.at — Cisco Umbrella Rank: 9270 assets.ad4m.at — Cisco Umbrella Rank: 40645	378 KB
11	aliyuncs.com ctfiot.oss-cn-beijing.aliyuncs.com	342 KB
5	staticfile.org cdn.staticfile.org — Cisco Umbrella Rank: 41717	186 KB
4	qweather.net 1 redirects widget.qweather.net — Cisco Umbrella Rank: 673802	64 KB
4	bidswitch.net 4 redirects x.bidswitch.net — Cisco Umbrella Rank: 411	2 KB
2	lead-alliance.net 2 redirects www.lead-alliance.net — Cisco Umbrella Rank: 76620	638 B
2	telefonica-partner.de 2 redirects www.telefonica-partner.de — Cisco Umbrella Rank: 78840	441 B
2	teads.tv 1 redirects sync.teads.tv — Cisco Umbrella Rank: 1585	460 B
2	turn.com 1 redirects ad.turn.com — Cisco Umbrella Rank: 1147 r.turn.com — Cisco Umbrella Rank: 4328	869 B
2	ad4mat.net prod-rtb.ad4mat.net — Cisco Umbrella Rank: 98393 static-de.ad4mat.net — Cisco Umbrella Rank: 155945	4 KB
2	gitee.io 1 redirects iowen.gitee.io	297 B
2	baidu.com hm.baidu.com — Cisco Umbrella Rank: 6569	12 KB
2	google.com adservice.google.com — Cisco Umbrella Rank: 142 www.google.com — Cisco Umbrella Rank: 16	2 KB
2	geekzu.org sdn.geekzu.org — Cisco Umbrella Rank: 745033	4 KB
1	amap.com webapi.amap.com
1	conrad.de www.conrad.de — Cisco Umbrella Rank: 64350	640 B
1	awin1.com 1 redirects www.awin1.com — Cisco Umbrella Rank: 16669	694 B
1	blau.de partner.blau.de — Cisco Umbrella Rank: 124721	1 KB
1	o2online.de partner.o2online.de — Cisco Umbrella Rank: 91895	1 KB
1	smartadserver.com ssbsync.smartadserver.com — Cisco Umbrella Rank: 1085	45 B
1	smaato.net 1 redirects s.ad.smaato.net — Cisco Umbrella Rank: 914	443 B
1	rubiconproject.com 1 redirects pixel.rubiconproject.com — Cisco Umbrella Rank: 452	464 B
1	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 221	48 KB
1	google.de adservice.google.de — Cisco Umbrella Rank: 5450	792 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 1011	694 B
99	28

	Domain	Requested by
20	www.ctfiot.com	www.ctfiot.com
11	ctfiot.oss-cn-beijing.aliyuncs.com	www.ctfiot.com
10	pagead2.googlesyndication.com	www.ctfiot.com pagead2.googlesyndication.com googleads.g.doubleclick.net www.googletagservices.com tpc.googlesyndication.com
7	cm.g.doubleclick.net	2 redirects googleads.g.doubleclick.net
7	googleads.g.doubleclick.net	pagead2.googlesyndication.com www.ctfiot.com
6	assets.ad4m.at	as.ad4m.at
5	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
5	cdn.staticfile.org	www.ctfiot.com cdn.staticfile.org
4	widget.qweather.net	1 redirects widget.qweather.net
4	ad.doubleclick.net	4 redirects
4	ad4m.at	as.ad4m.at ad4m.at
4	x.bidswitch.net	4 redirects
4	as.ad4m.at	googleads.g.doubleclick.net as.ad4m.at ad4m.at
2	www.lead-alliance.net	2 redirects
2	www.telefonica-partner.de	2 redirects
2	sync.teads.tv	1 redirects www.ctfiot.com
2	iowen.gitee.io	1 redirects www.ctfiot.com
2	hm.baidu.com	www.ctfiot.com
2	sdn.geekzu.org	www.ctfiot.com
1	www.google.com	tpc.googlesyndication.com
1	webapi.amap.com	widget.qweather.net
1	www.conrad.de	as.ad4m.at
1	www.awin1.com	1 redirects
1	partner.blau.de	as.ad4m.at
1	partner.o2online.de	as.ad4m.at
1	static-de.ad4mat.net	as.ad4m.at
1	ssbsync.smartadserver.com	googleads.g.doubleclick.net
1	s.ad.smaato.net	1 redirects
1	pixel.rubiconproject.com	1 redirects
1	r.turn.com	googleads.g.doubleclick.net
1	ad.turn.com	1 redirects
1	www.googletagservices.com	googleads.g.doubleclick.net
1	prod-rtb.ad4mat.net	www.ctfiot.com
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.de	pagead2.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
99	36

This site contains links to these domains. Also see Links.

Domain
www.chamd5.org
ctfiot.oss-cn-beijing.aliyuncs.com

Subject Issuer	Validity	Valid
*.oss-cn-beijing.aliyuncs.com GlobalSign Organization Validation CA - SHA256 - G2	`2022-07-18` - `2023-03-25`	8 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
baidu.com GlobalSign RSA OV SSL CA 2018	`2022-07-05` - `2023-08-06`	a year	crt.sh
prod-rtb.ad4mat.net GTS CA 1D4	`2022-12-13` - `2023-03-13`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-07` - `2023-06-06`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.smartadserver.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-01-25` - `2023-01-25`	a year	crt.sh
qweather.com Sectigo RSA Domain Validation Secure Server CA	`2022-10-17` - `2023-11-17`	a year	crt.sh
*.alibabacorp.com GlobalSign Organization Validation CA - SHA256 - G2	`2022-04-07` - `2023-05-09`	a year	crt.sh
www.google.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh

This page contains 14 frames:

Primary Page: http://www.ctfiot.com/71118.html
Frame ID: E37A237773C6EF1547A1F023E5CA14A1
Requests: 55 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230103/r20190131/zrt_lookup.html
Frame ID: 6DB4E1FD06B9C37582AFA8E42A537719
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5738725703232626&output=html&adk=1812271804&adf=3025194257&lmt=1672930034&plat=1%3A16777216%2C2%3A16777216%2C3%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A34635776%2C32%3A32%2C41%3A32&plas=188x810_r&format=0x0&url=http%3A%2F%2Fwww.ctfiot.com%2F71118.html&ea=0&pra=5&wgl=1&dt=1672930033960&bpp=5&bdt=997&idt=248&shv=r20230103&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7452244671938&frm=20&pv=2&ga_vid=185556637.1672930034&ga_sid=1672930034&ga_hid=895699368&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44773810%2C44780792&oid=2&pvsid=1871944371223498&tmod=670528813&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=1&uci=a!1&fsb=1&dtd=274
Frame ID: 8735FC23F03683A6B5FAB28014319B4D
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5738725703232626&output=html&h=187&slotname=1613153004&adk=3108791033&adf=2685228617&pi=t.ma~as.1613153004&w=745&fwrn=4&lmt=1672930034&rafmt=11&format=745x187&url=http%3A%2F%2Fwww.ctfiot.com%2F71118.html&wgl=1&dt=1672930033965&bpp=2&bdt=1001&idt=276&shv=r20230103&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7452244671938&frm=20&pv=1&ga_vid=185556637.1672930034&ga_sid=1672930034&ga_hid=895699368&ga_fc=0&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=295&ady=288&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44773810%2C44780792&oid=2&pvsid=1871944371223498&tmod=670528813&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=2&uci=a!2&fsb=1&xpc=O8EV1FeIi3&p=http%3A//www.ctfiot.com&dtd=281
Frame ID: 4D19CF16CF7FF9604EC98A53803BED98
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5738725703232626&output=html&h=447&slotname=6117731570&adk=1968854875&adf=3830709326&pi=t.ma~as.6117731570&w=745&cr_col=4&cr_row=2&fwrn=2&lmt=1672930034&rafmt=9&format=745x447&url=http%3A%2F%2Fwww.ctfiot.com%2F71118.html&crui=image_stacked&fwr=0&wgl=1&dt=1672930033967&bpp=1&bdt=1004&idt=281&shv=r20230103&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C745x187&nras=1&correlator=7452244671938&frm=20&pv=1&ga_vid=185556637.1672930034&ga_sid=1672930034&ga_hid=895699368&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=295&ady=2769&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44773810%2C44780792&oid=2&pvsid=1871944371223498&tmod=670528813&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=9lbo244SJK&p=http%3A//www.ctfiot.com&dtd=285
Frame ID: 7FE895DAAAB93DA131C864E248173055
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5738725703232626&output=html&h=250&slotname=8806081466&adk=440214258&adf=2235027668&pi=t.ma~as.8806081466&w=310&fwrn=4&fwrnh=100&lmt=1672930034&rafmt=1&format=310x250&url=http%3A%2F%2Fwww.ctfiot.com%2F71118.html&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1672930033968&bpp=1&bdt=1005&idt=286&shv=r20230103&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C745x187%2C745x447&nras=1&correlator=7452244671938&frm=20&pv=1&ga_vid=185556637.1672930034&ga_sid=1672930034&ga_hid=895699368&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1075&ady=183&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44773810%2C44780792&oid=2&pvsid=1871944371223498&tmod=670528813&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=4&uci=a!4&fsb=1&xpc=axPLPhC5Kt&p=http%3A//www.ctfiot.com&dtd=288
Frame ID: 2F66E98FEB87CE3520C0194C1123EA8D
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5738725703232626&output=html&h=250&slotname=8806081466&adk=440214258&adf=2235027668&pi=t.ma~as.8806081466&w=310&fwrn=4&fwrnh=100&lmt=1672930034&rafmt=1&format=310x250&url=http%3A%2F%2Fwww.ctfiot.com%2F71118.html&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1672930033968&bpp=1&bdt=1005&idt=286&shv=r20230103&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C745x187%2C745x447&nras=1&correlator=7452244671938&frm=20&pv=1&ga_vid=185556637.1672930034&ga_sid=1672930034&ga_hid=895699368&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1075&ady=183&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44773810%2C44780792&oid=2&pvsid=1871944371223498&tmod=670528813&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=4&uci=a!4&fsb=1&xpc=axPLPhC5Kt&p=http%3A//www.ctfiot.com&dtd=288
Frame ID: 4BD861CAFEB8ACF6670E333BF4055046
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/adview?ai=CJNdf8-K2Y5P_FMHptOUP0rWqkAWQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi01NzM4NzI1NzAzMjMyNjI2yAEJqQJsf92vI9CxPqgDAaoE3gFP0GuX9P0iz9pxeVwd_zn_0meJ8eJ2G0KZuV00v9ch_PIP9NR871MCzj3Gbz_iPsLcL70tra062-zyU2AGjcLfulWcKvAzThcAH-CBKF2bbP1i0khaw31gcNsMsj61s0OJWxYPRslpBZEK_cqJin5klimckWbk_RpdmFQ6_NO6P3RNoO-JL8vMmHuKDDIBYSihMAclFtuOeM-UBEQIK9PtQlhaPqPiCicBaUYJgBi5DYA4Hk917fdZHRBict7jgGqGI2quxlIigkYUGZN1xIsRhGuj0zW6s-TqksbWGo-ABry2mfOd_o_LMaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgECACgH6CwIIAYAMAdAVAYAXAbIXGgoYEhRwdWItNTczODcyNTcwMzIzMjYyNhgA&sigh=_gYGSJ0NJes&uach_m=[UACH]&cid=CAQSKQDq26N927L7DTWaFVtymQxBGzSsRnap-msmlKg2JbikCTmE1rIAn1skGAEgEw
Frame ID: D66AB40924570BD34389DECA50AB0A88
Requests: 7 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1jqpqrrq4e81330se65zw69yfvqg72h8vhmnpt43be0wr6hhczczb3q1nvp6057c603sc2zybpqypajy35yk1p24qz9tkgfb07vmdamy7ehmftbd0qjsyzq6fd4mp5wg15pgsf0gkps437kmfy7b0pb5f8nk8hcbhg505zbcp51th6sf93peb3j8phz28af6verwwm9hfc09bvkdvcwcagmkab20r6j8nme8ba45jtrw9z9fyxr1b13qemgjyg1wfegzafq1ns1k6vchs652q5epn380fece01zeng6vy8rwbjhjbwgwyh983rep2j4nef43nk98zjdnv0ebacz8hw746y0p197h7v0ncxn17k9ak8g4zg941rw0e15mnyjtryta7v3f434zgkah2jm7gzgr2rmqwrr2xf5dbm858ssmjjnpa5kkm&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCIHsR8-K2Y5P_FMHptOUP0rWqkAWQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi01NzM4NzI1NzAzMjMyNjI2yAEJqQJsf92vI9CxPqgDAaoE4QFP0GuX9P0iz9pxeVwd_zn_0meJ8eJ2G0KZuV00v9ch_PIP9NR871MCzj3Gbz_iPsLcL70tra062-zyU2AGjcLfulWcKvAzThcAH-CBKF2bbP1i0khaw31gcNsMsj61s0OJWxYPRslpBZEK_cqJin5klimckWbk_RpdmFQ6_NO6P3RNoO-JL8vMmHuKDDIBYSihMAclFtuOeM-UBEQIK9PtQlhaPqPiCicBaUYJgBi5DYA4Hk917fdZXxJD4AkaBypOpCI4HBuwcH8AEz5_6pPMBKnqQc0urcjyRxpJWkeGf6SABry2mfOd_o_LMaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3XVxihL3xFKEnoRW-ee_TQF3p0yQ%26client%3Dca-pub-5738725703232626%26adurl%3D
Frame ID: 1010AAEAB725B70519059BB6373C58E1
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: CE2EECF02D7D7F865CE7089A19DA89AD
Requests: 9 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: 590B966176A9965BA45AF9E842315771
Requests: 1 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=197101%2C19491%2C14019&b=qGXsmf1WUJVA2uZHgHDtJtXXxaPTgTq4s3%2CR5Xfgf6QFX27TkHwH3tQtddAFwTzT7gs7%2CD8qh3fWwhbJ6t3HmH9t1tZDAhWTmTgbtV&f=R5Xfgf6QFGd2RfkHwH3tzCddDawTzT7gs7%2CQpKH4fdjUWX7axH5HYt9CZZrTDT4TzPFV%2Cd9DSEfPkH43WhEHjHwtqCbXQf3T4T1rUj&c=300&d=250&e=&g=adbb7573546cf134532c168b94ba7f8e%2F6057688883000960475&i=20774%2C20773%2C21596&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1672930036095&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hk2tkhcejxy32qq08g2zhyr2kaya8tdxm72rksrna1xxcbrq0ajkpd4t1ztdbfynq3satqheh9brx070mq6s67ma2jp7ydsatf2d1gaynbwg3613fw16cg3pzs9rbyf5steh2msejk2q1zydmm4q69vbbqps7edw2yffscnkc718vtkwd42x9vgzvsdz1vc2a40avme2me3megjpv4ztcxnga2k0xjaaezxj19g8skv2maadkw029zyggwhhsxa41kwb3t1dmk9pyd5a530%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCIHsR8-K2Y5P_FMHptOUP0rWqkAWQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi01NzM4NzI1NzAzMjMyNjI2yAEJqQJsf92vI9CxPqgDAaoE4QFP0GuX9P0iz9pxeVwd_zn_0meJ8eJ2G0KZuV00v9ch_PIP9NR871MCzj3Gbz_iPsLcL70tra062-zyU2AGjcLfulWcKvAzThcAH-CBKF2bbP1i0khaw31gcNsMsj61s0OJWxYPRslpBZEK_cqJin5klimckWbk_RpdmFQ6_NO6P3RNoO-JL8vMmHuKDDIBYSihMAclFtuOeM-UBEQIK9PtQlhaPqPiCicBaUYJgBi5DYA4Hk917fdZXxJD4AkaBypOpCI4HBuwcH8AEz5_6pPMBKnqQc0urcjyRxpJWkeGf6SABry2mfOd_o_LMaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3XVxihL3xFKEnoRW-ee_TQF3p0yQ%2526client%253Dca-pub-5738725703232626%2526adurl%253D&y=1&s=&z=0
Frame ID: C74A9C5642E7344E33EB9CD2F11E207E
Requests: 11 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 16C31A1532F13EAA1F609EA5585B5341
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 5D86B76FFC84D8D0B1FA2428058B8886
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

webshell绕过案例 | CTF导航

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Baidu Analytics (百度统计) (Analytics) Expand

Overall confidence: 100%
Detected patterns

hm\.baidu\.com/hm\.js

Clipboard.js (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

clipboard(?:-([\d.]+))?(?:\.min)?\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

99
Requests

62 %
HTTPS

48 %
IPv6

28
Domains

36
Subdomains

28
IPs

8
Countries

1631 kB
Transfer

3323 kB
Size

23
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: http://www.chamd5.org/
Title: ChaMd5

Search URL Search Domain Scan URL

URL: https://ctfiot.oss-cn-beijing.aliyuncs.com/uploads/2022/11/3-1667780459.png

Search URL Search Domain Scan URL

URL: https://ctfiot.oss-cn-beijing.aliyuncs.com/uploads/2022/11/7-1667780460.png

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 43

http://iowen.gitee.io/ioimg/banner/wHoOcfQGhqvlUkd.jpg HTTP 301
https://iowen.gitee.io/ioimg/banner/wHoOcfQGhqvlUkd.jpg

Request Chain 59

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEJlUuHsvu_xs1e59yAwVD00&google_cver=1&google_push=AavPq0OdAZOCR2nj_YIYoj__esg2ZY72WPKq2x9Rnm94BgJAy0TEV085IMNTIyrwecBYLb9z6PuZhB4niIRCsOuOMwjSM4hfIvmJBg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=Mzg3ODUyNTcyOTE2MjgwNDE5OQ==&gdpr=&gdpr_consent= HTTP 302
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEJlUuHsvu_xs1e59yAwVD00&google_cver=1

Request Chain 60

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESELuUWzSzFkSwx1KPBdf9eDw&google_cver=1&google_push=AavPq0MgiOOh7lpozwWyTf0uW627x0v14BIC1RjmkzJUkVLvs7CWWByRfY2EoS4iIQN3RMwE9AcNo68T5NNHsjJXgdOUhyUWvcPegNY HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESELuUWzSzFkSwx1KPBdf9eDw&google_cver=1&google_push=AavPq0MgiOOh7lpozwWyTf0uW627x0v14BIC1RjmkzJUkVLvs7CWWByRfY2EoS4iIQN3RMwE9AcNo68T5NNHsjJXgdOUhyUWvcPegNY HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AavPq0MgiOOh7lpozwWyTf0uW627x0v14BIC1RjmkzJUkVLvs7CWWByRfY2EoS4iIQN3RMwE9AcNo68T5NNHsjJXgdOUhyUWvcPegNY&google_hm=SdHyFbCSRfGxb63v_0MpgA==

Request Chain 61

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEO4AGFGKvlKfzI5kC7Ie27I&google_cver=1&google_push=AavPq0PMhU4Jn_hOzO-4FgcgG6jVtZIsOHOO0Ck_LUeXpdKzxNaoufFI11GcdSZGv8vHXcc1nM0BkV1DMmIagHz3mQSyGAgDUQ4wSyE HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TENKN0NLWlctMUYtSDk3UQ==&google_push=AavPq0PMhU4Jn_hOzO-4FgcgG6jVtZIsOHOO0Ck_LUeXpdKzxNaoufFI11GcdSZGv8vHXcc1nM0BkV1DMmIagHz3mQSyGAgDUQ4wSyE

Request Chain 62

https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEAl9o8p5fJ1sBNcYbdd_tBM&google_cver=1&google_push=AavPq0MjkePewrc3VUglB452foR7UIPnRBR9RrFlFIH8kZaFIX0dc1lddCCPVb4bTd5GqaF-Nugu7kYg-l5kgirgeFn3ugIYL_uggSc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AavPq0MjkePewrc3VUglB452foR7UIPnRBR9RrFlFIH8kZaFIX0dc1lddCCPVb4bTd5GqaF-Nugu7kYg-l5kgirgeFn3ugIYL_uggSc

Request Chain 64

https://sync.teads.tv/um?eid=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEJKG-RGArtyvrEcSGoNnKS4&google_cver=1&google_push=AavPq0MmGuhtwPI8omIoLFJ7-3uv3O2TINpTXVW0FcmVdy4yA8sngky8OXGTR7cuRH146jjqOyMwA6G3QwCZrjY2mIohNXrd4hKaylg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=AavPq0MmGuhtwPI8omIoLFJ7-3uv3O2TINpTXVW0FcmVdy4yA8sngky8OXGTR7cuRH146jjqOyMwA6G3QwCZrjY2mIohNXrd4hKaylg HTTP 302
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

Request Chain 65

https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEGO1a_AggOhUb9GejsC1Mvo&google_cver=1&google_push=AavPq0MwhYnfvssNYMjKaQLZNA-KEJqxHT8NB3trADzWzXPM22Bs1mEf-p65ypeN-rd7JUYd_eTJKWyBfzu1Pqm8b3uq1H0qzAcH361R HTTP 302
https://x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEGO1a_AggOhUb9GejsC1Mvo&google_cver=1&google_push=AavPq0MwhYnfvssNYMjKaQLZNA-KEJqxHT8NB3trADzWzXPM22Bs1mEf-p65ypeN-rd7JUYd_eTJKWyBfzu1Pqm8b3uq1H0qzAcH361R HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=49d1f215-b092-45f1-b16f-adefff432980&%%GOOGLE_PUSH_PAIR%%

Request Chain 78

https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?https%3A%2F%2Fwww.telefonica-partner.de%2Ftpv.php%3Ft%3D117703V1226132702M%26subid%3Dreach_SUBIDTEST_view HTTP 302
https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_pre=CKnZsYTWsPwCFUrluwgd1egJWQ;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?https%3A%2F%2Fwww.telefonica-partner.de%2Ftpv.php%3Ft%3D117703V1226132702M%26subid%3Dreach_SUBIDTEST_view HTTP 302
https://www.telefonica-partner.de/tpv.php?t=117703V1226132702M&subid=reach_SUBIDTEST_view HTTP 302
https://www.lead-alliance.net/tpv.php?t=117703V1226132702M&subid=reach_SUBIDTEST_view HTTP 302
https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117703&s_id=2023010515471680141686369X117703V1226132702MSreach_SUBIDTEST_view&gdpr_consent=&gdpr=0&cons=0&spid=2023010515471680141686369X117703V1226132702MSreach_SUBIDTEST_view&wfid=117703&partnerid=12218

Request Chain 81

https://ad.doubleclick.net/ddm/trackimp/N773418.3163536BLAU_AFFILIATE/B25532621.345088000;dc_trk_aid=536454876;dc_trk_cid=177082088;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?https%3A%2F%2Fwww.telefonica-partner.de%2Ftpv.php%3Ft%3D113752V1225131106M%26subid%3DviewoneidR5Xfgf6QFX27TkHwH3tQtddAFwTzT7gs7oneid__suite_Netmix_Reach43_TopRotaMonth%26gdpr_consent=%26gdpr=0%26gdpr_pd=0 HTTP 302
https://ad.doubleclick.net/ddm/trackimp/N773418.3163536BLAU_AFFILIATE/B25532621.345088000;dc_pre=CN_gsYTWsPwCFd2XdwodYEUPTA;dc_trk_aid=536454876;dc_trk_cid=177082088;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?https%3A%2F%2Fwww.telefonica-partner.de%2Ftpv.php%3Ft%3D113752V1225131106M%26subid%3DviewoneidR5Xfgf6QFX27TkHwH3tQtddAFwTzT7gs7oneid__suite_Netmix_Reach43_TopRotaMonth%26gdpr_consent=%26gdpr=0%26gdpr_pd=0 HTTP 302
https://www.telefonica-partner.de/tpv.php?t=113752V1225131106M&subid=viewoneidR5Xfgf6QFX27TkHwH3tQtddAFwTzT7gs7oneid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://www.lead-alliance.net/tpv.php?t=113752V1225131106M&subid=viewoneidR5Xfgf6QFX27TkHwH3tQtddAFwTzT7gs7oneid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://partner.blau.de/a/?i=pview&client=blau&camp=pview&l=de&nw=lea1&affiliate=113752&s_id=2023010515471680141686367X113752V1225131106MSviewoneidR5Xfgf6QFX27TkHwH3tQtddAFwTzT7gs7oneid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&cons=0

Request Chain 84

https://www.awin1.com/cshow.php?s=2470185&v=11354&q=377129&r=412871&pv=1&pref3=oneidD8qh3fWwhbJ6t3HmH9t1tZDAhWTmTgbtVoneid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://www.conrad.de/ztpv.php?awc=11354_412871_1672930036_d8fa1931-8d07-11ed-bf55-2237d548a262&insert=AW&&gdpr=0&gdpr_consent=

Request Chain 87

http://widget.qweather.net/simple/static/js/he-simple-common.js?v=2.0 HTTP 301
https://widget.qweather.net/simple/static/js/he-simple-common.js?v=2.0

99 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request 71118.html Show response
www.ctfiot.com/ 70 KB
14 KB 1716ms
1069ms Document
text/html 43.254.217.178
CLOUDIE-AS-AP Clo...

General

Check archive.org

Show headers Download Go to

Full URL

http://www.ctfiot.com/71118.html

Protocol

HTTP/1.1

Server

43.254.217.178 , Hong Kong, ASN55933 (CLOUDIE-AS-AP Cloudie Limited, HK),

Reverse DNS

Software

nginx /

Resource Hash

5db48e6c2ef04b4456da13fcdb7e973d2103962ece5e6249339a0b56557f0b2f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Thu, 05 Jan 2023 14:47:12 GMT
Server: nginx
Strict-Transport-Security: max-age=31536000
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Pingback: http://www.ctfiot.com/xmlrpc.php

GET
H/1.1 200
OK classic-themes.min.css
www.ctfiot.com/wp-includes/css/ 217 B
561 B 197ms
196ms Stylesheet
text/css 43.254.217.178
CLOUDIE-AS-AP Clo...

General

Check archive.org

Show headers Download Go to

Full URL

http://www.ctfiot.com/wp-includes/css/classic-themes.min.css?ver=1

Requested by

Host: www.ctfiot.com
URL: http://www.ctfiot.com/71118.html

Protocol

HTTP/1.1

Server

43.254.217.178 , Hong Kong, ASN55933 (CLOUDIE-AS-AP Cloudie Limited, HK),

Reverse DNS

Software

nginx /

Resource Hash

5a5f39391fbf5b06db84b8f9716d53de575ee97a627d2c5f12f79a991a671eb5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.ctfiot.com/71118.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Thu, 05 Jan 2023 14:47:13 GMT
Strict-Transport-Security: max-age=31536000
Last-Modified: Fri, 04 Nov 2022 02:54:37 GMT
Server: nginx
ETag: "63647eed-d9"
Content-Type: text/css
Cache-Control: max-age=43200
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 217
Expires: Fri, 06 Jan 2023 02:47:13 GMT

GET
H/1.1 200
OK iconfont.css
www.ctfiot.com/wp-content/themes/onenav/css/ 6 KB
2 KB 397ms
198ms Stylesheet
text/css 43.254.217.178
CLOUDIE-AS-AP Clo...

General

Check archive.org

Show headers Download Go to

Full URL

http://www.ctfiot.com/wp-content/themes/onenav/css/iconfont.css?ver=3.1424

Requested by

Host: www.ctfiot.com
URL: http://www.ctfiot.com/71118.html

Protocol

HTTP/1.1

Server

43.254.217.178 , Hong Kong, ASN55933 (CLOUDIE-AS-AP Cloudie Limited, HK),

Reverse DNS

Software

nginx /

Resource Hash

5d84a57ce0022d737a58075ef1c11bb5d7c0e44f295322af3a2ab44624fa777a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.ctfiot.com/71118.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Thu, 05 Jan 2023 14:47:13 GMT
Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
Last-Modified: Fri, 25 Feb 2022 01:01:21 GMT
Server: nginx
ETag: W/"62182a61-18ce"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=43200
Connection: keep-alive
Expires: Fri, 06 Jan 2023 02:47:13 GMT

GET
H/1.1 200
OK all.min.css
cdn.staticfile.org/font-awesome/5.15.4/css/ 58 KB
14 KB 271ms
10ms Stylesheet
text/css 163.181.56.174
TAOBAO Zhejiang T...

General

Check archive.org

Show headers Download Go to

Full URL: http://cdn.staticfile.org/font-awesome/5.15.4/css/all.min.css?ver=3.1424
Requested by: Host: www.ctfiot.com
URL: http://www.ctfiot.com/71118.html
Protocol: HTTP/1.1
Server: 163.181.56.174 Frankfurt am Main, Germany, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software: Tengine /
Resource Hash: 99464ceb71bc9bbdcc72275faefe44f98eb5cbb6b5d8ee665b87b35376f1a96e

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.ctfiot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

X-Log: X-Log
Date: Wed, 04 Jan 2023 15:08:48 GMT
Via: cache26.l2de2[209,209,304-0,M], cache17.l2de2[211,0], ens-cache3.de4[0,0,200-0,H], ens-cache8.de4[2,0]
Content-Encoding: gzip
X-Svr: IO
Content-Md5: 7NUHsxJe3E0qA6pq5dB9qQ==
X-Reqid: uEYAAACvklmZIzcX
Age: 85105
X-Swift-CacheTime: 86400
X-Cache: HIT TCP_HIT dirn:10:357483476
Content-Transfer-Encoding: binary
Content-Disposition: inline; filename="all.min.css"; filename*=utf-8''all.min.css
Connection: keep-alive
X-Swift-SaveTime: Wed, 04 Jan 2023 15:08:48 GMT
Content-Length: 12832
Last-Modified: Thu, 05 Aug 2021 07:49:51 GMT
Server: Tengine
Etag: "FqV-5o0RYBsP2OUDf8JB_2WnVEc8.gz"
Access-Control-Max-Age: 2592000
Vary: Accept-Encoding
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Ali-Swift-Global-Savetime: 1672844928
Access-Control-Expose-Headers: X-Log, X-Reqid
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
X-Qiniu-Zone: 0
Timing-Allow-Origin: *
EagleId: 2ff62b2016729300332186544e

GET
H/1.1 200
OK v4-shims.min.css
cdn.staticfile.org/font-awesome/5.15.4/css/ 26 KB
5 KB 268ms
8ms Stylesheet
text/css 163.181.56.174
TAOBAO Zhejiang T...

General

Check archive.org

Show headers Download Go to

Full URL: http://cdn.staticfile.org/font-awesome/5.15.4/css/v4-shims.min.css?ver=3.1424
Requested by: Host: www.ctfiot.com
URL: http://www.ctfiot.com/71118.html
Protocol: HTTP/1.1
Server: 163.181.56.174 Frankfurt am Main, Germany, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software: Tengine /
Resource Hash: 8fe2f1cb7bc41c640ad3ea24449cfa1ba5291e16dbbbab0ef61bfe43f3212910

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.ctfiot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

X-Log: X-Log
Date: Wed, 04 Jan 2023 15:52:48 GMT
Via: cache8.l2de2[504,504,304-0,M], cache20.l2de2[506,0], ens-cache6.de4[0,0,200-0,H], ens-cache3.de4[2,0]
Content-Encoding: gzip
X-Svr: IO
Content-Md5: oDTTxxvuVG9iWHfXkykX+A==
X-Reqid: qfoAAACzXfn_JTcX
Age: 82465
X-Swift-CacheTime: 86400
X-Cache: HIT TCP_HIT dirn:10:66597415
Content-Transfer-Encoding: binary
Content-Disposition: inline; filename="v4-shims.min.css"; filename*=utf-8''v4-shims.min.css
Connection: keep-alive
X-Swift-SaveTime: Wed, 04 Jan 2023 15:52:48 GMT
Content-Length: 4163
Last-Modified: Thu, 19 Aug 2021 05:50:20 GMT
Server: Tengine
Etag: "FvIX1N7QvJ94a9m6HAnOiK7brtdu.gz"
Access-Control-Max-Age: 2592000
Vary: Accept-Encoding
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Ali-Swift-Global-Savetime: 1672847568
Access-Control-Expose-Headers: X-Log, X-Reqid
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
X-Qiniu-Zone: 0
Timing-Allow-Origin: *
EagleId: 2ff62b1b16729300332101128e

GET
H/1.1 200
OK bootstrap.min.css
www.ctfiot.com/wp-content/themes/onenav/css/ 158 KB
29 KB 398ms
198ms Stylesheet
text/css 43.254.217.178
CLOUDIE-AS-AP Clo...

General

Check archive.org

Show headers Download Go to

Full URL

http://www.ctfiot.com/wp-content/themes/onenav/css/bootstrap.min.css?ver=3.1424

Requested by

Host: www.ctfiot.com
URL: http://www.ctfiot.com/71118.html

Protocol

HTTP/1.1

Server

43.254.217.178 , Hong Kong, ASN55933 (CLOUDIE-AS-AP Cloudie Limited, HK),

Reverse DNS

Software

nginx /

Resource Hash

003a5b9f890301ca6d6a16067ba382c677704dbd777962094ceb13cc8e02691f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.ctfiot.com/71118.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Thu, 05 Jan 2023 14:47:13 GMT
Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
Last-Modified: Fri, 25 Feb 2022 01:01:21 GMT
Server: nginx
ETag: W/"62182a61-278ba"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=43200
Connection: keep-alive
Expires: Fri, 06 Jan 2023 02:47:13 GMT

GET
H/1.1 200
OK jquery.fancybox.min.css
www.ctfiot.com/wp-content/themes/onenav/css/ 12 KB
4 KB 404ms
199ms Stylesheet
text/css 43.254.217.178
CLOUDIE-AS-AP Clo...

General

Check archive.org

Show headers Download Go to

Full URL

http://www.ctfiot.com/wp-content/themes/onenav/css/jquery.fancybox.min.css?ver=3.1424

Requested by

Host: www.ctfiot.com
URL: http://www.ctfiot.com/71118.html

Protocol

HTTP/1.1

Server

43.254.217.178 , Hong Kong, ASN55933 (CLOUDIE-AS-AP Cloudie Limited, HK),

Reverse DNS

Software

nginx /

Resource Hash

5736e3eec0c34bfc288854b7b8d2a8f1e22e9e2e7dae3c8d1ad5dfb2d4734ad0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.ctfiot.com/71118.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Thu, 05 Jan 2023 14:47:13 GMT
Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
Last-Modified: Fri, 25 Feb 2022 01:01:21 GMT
Server: nginx
ETag: W/"62182a61-31fb"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=43200
Connection: keep-alive
Expires: Fri, 06 Jan 2023 02:47:13 GMT

GET
H/1.1 200
OK style.min.css
www.ctfiot.com/wp-content/themes/onenav/css/ 100 KB
25 KB 408ms
203ms Stylesheet
text/css 43.254.217.178
CLOUDIE-AS-AP Clo...

General

Check archive.org

Show headers Download Go to

Full URL

http://www.ctfiot.com/wp-content/themes/onenav/css/style.min.css?ver=3.1424

Requested by

Host: www.ctfiot.com
URL: http://www.ctfiot.com/71118.html

Protocol

HTTP/1.1

Server

43.254.217.178 , Hong Kong, ASN55933 (CLOUDIE-AS-AP Cloudie Limited, HK),

Reverse DNS

Software

nginx /

Resource Hash

6973024936e5b30b98046977013de466de5de1708457e2ab9cc2bb44dc09ff72

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.ctfiot.com/71118.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Thu, 05 Jan 2023 14:47:13 GMT
Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
Last-Modified: Fri, 25 Feb 2022 01:01:21 GMT
Server: nginx
ETag: W/"62182a61-19183"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=43200
Connection: keep-alive
Expires: Fri, 06 Jan 2023 02:47:13 GMT

GET
H/1.1 200
OK jquery.min.js Show response
www.ctfiot.com/wp-content/themes/onenav/js/ 85 KB
33 KB 408ms
204ms Script
application/javascript 43.254.217.178
CLOUDIE-AS-AP Clo...

General

Check archive.org

Show headers Download Go to

Full URL

http://www.ctfiot.com/wp-content/themes/onenav/js/jquery.min.js?ver=3.1424

Requested by

Host: www.ctfiot.com
URL: http://www.ctfiot.com/71118.html

Protocol

HTTP/1.1

Server

43.254.217.178 , Hong Kong, ASN55933 (CLOUDIE-AS-AP Cloudie Limited, HK),

Reverse DNS

Software

nginx /

Resource Hash

87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.ctfiot.com/71118.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Thu, 05 Jan 2023 14:47:13 GMT
Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
Last-Modified: Fri, 25 Feb 2022 01:01:21 GMT
Server: nginx
ETag: W/"62182a61-15283"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=43200
Connection: keep-alive
Expires: Fri, 06 Jan 2023 02:47:13 GMT

GET
H/1.1 200
OK %E6%A8%AA%E7%89%88Logo_360x80_%E4%B8%8D%E9%80%8F%E6%98%8E.png
ctfiot.oss-cn-beijing.aliyuncs.com/uploads/2021/10/ 17 KB
17 KB 727ms
186ms Image
image/png 59.110.190.229
ALIBABA-CN-NET Ha...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ctfiot.oss-cn-beijing.aliyuncs.com/uploads/2021/10/%E6%A8%AA%E7%89%88Logo_360x80_%E4%B8%8D%E9%80%8F%E6%98%8E.png
Requested by: Host: www.ctfiot.com
URL: http://www.ctfiot.com/71118.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 59.110.190.229 Beijing, China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software: AliyunOSS /
Resource Hash: 3b1fa54e2b1020eda18b88565c88b44463adefad297fac2f626d1ee655d95c81

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.ctfiot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Thu, 05 Jan 2023 14:47:14 GMT
x-oss-request-id: 63B6E2F27FFDC236342C496B
Content-MD5: OO3InPZ1ChyK0kyq1SHnDA==
Content-Disposition: attachment
Connection: keep-alive
Content-Length: 16917
x-oss-object-type: Normal
Last-Modified: Thu, 17 Mar 2022 08:01:17 GMT
Server: AliyunOSS
ETag: "38EDC89CF6750A1C8AD24CAAD521E70C"
Content-Type: image/png
x-oss-force-download: true
x-oss-storage-class: Standard
Accept-Ranges: bytes
x-oss-hash-crc64ecma: 4884741393747057177
x-oss-server-time: 3

GET
H/1.1 200
OK M-DESIGN-360-x-80-px-1.png
ctfiot.oss-cn-beijing.aliyuncs.com/uploads/2021/10/ 6 KB
7 KB 772ms
231ms Image
image/png 59.110.190.229
ALIBABA-CN-NET Ha...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ctfiot.oss-cn-beijing.aliyuncs.com/uploads/2021/10/M-DESIGN-360-x-80-px-1.png
Requested by: Host: www.ctfiot.com
URL: http://www.ctfiot.com/71118.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 59.110.190.229 Beijing, China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software: AliyunOSS /
Resource Hash: 9b4516ae3b2534cf72366dc9a08cc2b2b4515bc026ee27b1b9b3ae157eba0f75

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.ctfiot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Thu, 05 Jan 2023 14:47:14 GMT
x-oss-request-id: 63B6E2F235EB263138C9F1A0
Content-MD5: 3ZTfp/pnQ5CbjooEZ7+tdQ==
Content-Disposition: attachment
Connection: keep-alive
Content-Length: 6619
x-oss-object-type: Normal
Last-Modified: Thu, 17 Mar 2022 08:01:14 GMT
Server: AliyunOSS
ETag: "DD94DFA7FA6743909B8E8A0467BFAD75"
Content-Type: image/png
x-oss-force-download: true
x-oss-storage-class: Standard
Accept-Ranges: bytes
x-oss-hash-crc64ecma: 388601213416782964
x-oss-server-time: 40

GET
H/1.1 200
OK bitbug_favicon-1.ico
ctfiot.oss-cn-beijing.aliyuncs.com/uploads/2021/10/ 4 KB
5 KB 737ms
196ms Image
image/x-icon 59.110.190.229
ALIBABA-CN-NET Ha...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ctfiot.oss-cn-beijing.aliyuncs.com/uploads/2021/10/bitbug_favicon-1.ico
Requested by: Host: www.ctfiot.com
URL: http://www.ctfiot.com/71118.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 59.110.190.229 Beijing, China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software: AliyunOSS /
Resource Hash: 553300264e11fc1c15eb6c77712247af6f3279dd30635e8e18b908cc27773375

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.ctfiot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Thu, 05 Jan 2023 14:47:14 GMT
x-oss-request-id: 63B6E2F2ED63F0383427CD62
Content-MD5: FBY8gO3+vxztTgaFXfizAg==
Content-Disposition: attachment
Connection: keep-alive
Content-Length: 4286
x-oss-object-type: Normal
Last-Modified: Thu, 17 Mar 2022 08:01:09 GMT
Server: AliyunOSS
ETag: "14163C80EDFEBF1CED4E06855DF8B302"
Content-Type: image/x-icon
x-oss-force-download: true
x-oss-storage-class: Standard
Accept-Ranges: bytes
x-oss-hash-crc64ecma: 7285855754463750460
x-oss-server-time: 10

GET
H/1.1 200
OK Logo_80x80_%E9%80%8F%E6%98%8E.png
ctfiot.oss-cn-beijing.aliyuncs.com/uploads/2021/10/ 4 KB
4 KB 1035ms
329ms Image
image/png 59.110.190.229
ALIBABA-CN-NET Ha...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ctfiot.oss-cn-beijing.aliyuncs.com/uploads/2021/10/Logo_80x80_%E9%80%8F%E6%98%8E.png
Requested by: Host: www.ctfiot.com
URL: http://www.ctfiot.com/71118.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 59.110.190.229 Beijing, China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software: AliyunOSS /
Resource Hash: 69516c5b557bb540ee7689c3dcdd8b8a4e316e491ffbac7a5b68d9122e1b9bdd

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.ctfiot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Thu, 05 Jan 2023 14:47:14 GMT
x-oss-request-id: 63B6E2F26AD6D53231F2A155
Content-MD5: mhSKWM8aX4RcswhaWk2fZQ==
Content-Disposition: attachment
Connection: keep-alive
Content-Length: 3893
x-oss-object-type: Normal
Last-Modified: Thu, 17 Mar 2022 08:01:14 GMT
Server: AliyunOSS
ETag: "9A148A58CF1A5F845CB3085A5A4D9F65"
Content-Type: image/png
x-oss-force-download: true
x-oss-storage-class: Standard
Accept-Ranges: bytes
x-oss-hash-crc64ecma: 17247182101233306927
x-oss-server-time: 104

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 145 KB
49 KB 95ms
59ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5738725703232626

Requested by

Host: www.ctfiot.com
URL: http://www.ctfiot.com/71118.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8ad1d2fa1c1fe7fb0b39084c8abb8565a1788fe8b7be2569aca353da175e079a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.ctfiot.com/
Origin: http://www.ctfiot.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 14:47:13 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49594
x-xss-protection: 0
server: cafe
etag: 15494143393447974270
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 05 Jan 2023 14:47:13 GMT

GET
H/1.1 200
OK t.png
www.ctfiot.com/wp-content/themes/onenav/images/ 73 B
419 B 201ms
200ms Image
image/png 43.254.217.178
CLOUDIE-AS-AP Clo...

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://www.ctfiot.com/wp-content/themes/onenav/images/t.png

Requested by

Host: www.ctfiot.com
URL: http://www.ctfiot.com/71118.html

Protocol

HTTP/1.1

Server

43.254.217.178 , Hong Kong, ASN55933 (CLOUDIE-AS-AP Cloudie Limited, HK),

Reverse DNS

Software

nginx /

Resource Hash

11b9c95a68e295dddd0ea924647536578ce285b2c8469a223c01df1ff3166af1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.ctfiot.com/71118.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Thu, 05 Jan 2023 14:47:14 GMT
Strict-Transport-Security: max-age=31536000
Last-Modified: Fri, 25 Feb 2022 01:01:21 GMT
Server: nginx
ETag: "62182a61-49"
Content-Type: image/png
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 73
Expires: Sat, 04 Feb 2023 14:47:14 GMT

GET
H/1.1 200
OK gravatar.jpg
www.ctfiot.com/wp-content/themes/onenav/images/ 2 KB
2 KB 202ms
202ms Image
image/jpeg 43.254.217.178
CLOUDIE-AS-AP Clo...

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://www.ctfiot.com/wp-content/themes/onenav/images/gravatar.jpg

Requested by

Host: www.ctfiot.com
URL: http://www.ctfiot.com/71118.html

Protocol

HTTP/1.1

Server

43.254.217.178 , Hong Kong, ASN55933 (CLOUDIE-AS-AP Cloudie Limited, HK),

Reverse DNS

Software

nginx /

Resource Hash

4ad66d2fc22f2a561e0519fde0bd5201adb13638c2e915e1a6a6a718a7bf4dad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.ctfiot.com/71118.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Thu, 05 Jan 2023 14:47:14 GMT
Strict-Transport-Security: max-age=31536000
Last-Modified: Fri, 25 Feb 2022 01:01:21 GMT
Server: nginx
ETag: "62182a61-7ef"
Content-Type: image/jpeg
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2031
Expires: Sat, 04 Feb 2023 14:47:14 GMT

GET
H/1.1 200
OK clipboard.min.js Show response
www.ctfiot.com/wp-content/themes/onenav/js/ 10 KB
4 KB 200ms
200ms Script
application/javascript 43.254.217.178
CLOUDIE-AS-AP Clo...

General

Check archive.org

Show headers Download Go to

Full URL

http://www.ctfiot.com/wp-content/themes/onenav/js/clipboard.min.js?ver=3.1424

Requested by

Host: www.ctfiot.com
URL: http://www.ctfiot.com/71118.html

Protocol

HTTP/1.1

Server

43.254.217.178 , Hong Kong, ASN55933 (CLOUDIE-AS-AP Cloudie Limited, HK),

Reverse DNS

Software

nginx /

Resource Hash

8a7739925f4c03586479852df840b7061948832a7fda30c8c812d2ea4dd4c4f2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.ctfiot.com/71118.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Thu, 05 Jan 2023 14:47:13 GMT
Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
Last-Modified: Fri, 25 Feb 2022 01:01:21 GMT
Server: nginx
ETag: W/"62182a61-28d5"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=43200
Connection: keep-alive
Expires: Fri, 06 Jan 2023 02:47:13 GMT

GET
H/1.1 200
OK echarts.min.js Show response
www.ctfiot.com/wp-content/themes/onenav/js/ 365 KB
142 KB 200ms
200ms Script
application/javascript 43.254.217.178
CLOUDIE-AS-AP Clo...

General

Check archive.org

Show headers Download Go to

Full URL

http://www.ctfiot.com/wp-content/themes/onenav/js/echarts.min.js?ver=3.1424

Requested by

Host: www.ctfiot.com
URL: http://www.ctfiot.com/71118.html

Protocol

HTTP/1.1

Server

43.254.217.178 , Hong Kong, ASN55933 (CLOUDIE-AS-AP Cloudie Limited, HK),

Reverse DNS

Software

nginx /

Resource Hash

801ebc9c46c6ed651e93f00b2fab16e10313285daa06b4379ea2c01b29508306

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.ctfiot.com/71118.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Thu, 05 Jan 2023 14:47:13 GMT
Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
Last-Modified: Fri, 25 Feb 2022 01:01:21 GMT
Server: nginx
ETag: W/"62182a61-5b393"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=43200
Connection: keep-alive
Expires: Fri, 06 Jan 2023 02:47:13 GMT

GET
H/1.1 200
OK popper.min.js Show response
www.ctfiot.com/wp-content/themes/onenav/js/ 21 KB
8 KB 203ms
202ms Script
application/javascript 43.254.217.178
CLOUDIE-AS-AP Clo...

General

Check archive.org

Show headers Download Go to

Full URL

http://www.ctfiot.com/wp-content/themes/onenav/js/popper.min.js?ver=3.1424

Requested by

Host: www.ctfiot.com
URL: http://www.ctfiot.com/71118.html

Protocol

HTTP/1.1

Server

43.254.217.178 , Hong Kong, ASN55933 (CLOUDIE-AS-AP Cloudie Limited, HK),

Reverse DNS

Software

nginx /

Resource Hash

67bbcec2522f3b5d3e8a265e3057004fe9c9961bdce0646dcbc9c32bf06e5aeb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.ctfiot.com/71118.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Thu, 05 Jan 2023 14:47:13 GMT
Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
Last-Modified: Fri, 25 Feb 2022 01:01:21 GMT
Server: nginx
ETag: W/"62182a61-5283"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=43200
Connection: keep-alive
Expires: Fri, 06 Jan 2023 02:47:13 GMT

GET
H/1.1 200
OK bootstrap.min.js Show response
www.ctfiot.com/wp-content/themes/onenav/js/ 61 KB
18 KB 204ms
202ms Script
application/javascript 43.254.217.178
CLOUDIE-AS-AP Clo...

General

Check archive.org

Show headers Download Go to

Full URL

http://www.ctfiot.com/wp-content/themes/onenav/js/bootstrap.min.js?ver=3.1424

Requested by

Host: www.ctfiot.com
URL: http://www.ctfiot.com/71118.html

Protocol

HTTP/1.1

Server

43.254.217.178 , Hong Kong, ASN55933 (CLOUDIE-AS-AP Cloudie Limited, HK),

Reverse DNS

Software

nginx /

Resource Hash

5112ac3168dcb0f524c0f4b7fe192ba56498cfced86ba0f43e2317fd203f769c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.ctfiot.com/71118.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Thu, 05 Jan 2023 14:47:13 GMT
Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
Last-Modified: Fri, 25 Feb 2022 01:01:21 GMT
Server: nginx
ETag: W/"62182a61-f3c5"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=43200
Connection: keep-alive
Expires: Fri, 06 Jan 2023 02:47:13 GMT

GET
H/1.1 200
OK theia-sticky-sidebar.js Show response
www.ctfiot.com/wp-content/themes/onenav/js/ 15 KB
4 KB 205ms
203ms Script
application/javascript 43.254.217.178
CLOUDIE-AS-AP Clo...

General

Check archive.org

Show headers Download Go to

Full URL

http://www.ctfiot.com/wp-content/themes/onenav/js/theia-sticky-sidebar.js?ver=3.1424

Requested by

Host: www.ctfiot.com
URL: http://www.ctfiot.com/71118.html

Protocol

HTTP/1.1

Server

43.254.217.178 , Hong Kong, ASN55933 (CLOUDIE-AS-AP Cloudie Limited, HK),

Reverse DNS

Software

nginx /

Resource Hash

01e105efa6aa2dac21ed4c473d9e4a2d7a4fa9b75dfbf422492b811a90d23381

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.ctfiot.com/71118.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Thu, 05 Jan 2023 14:47:13 GMT
Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
Last-Modified: Fri, 25 Feb 2022 01:01:21 GMT
Server: nginx
ETag: W/"62182a61-3ca5"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=43200
Connection: keep-alive
Expires: Fri, 06 Jan 2023 02:47:13 GMT

GET
H/1.1 200
OK lazyload.min.js Show response
www.ctfiot.com/wp-content/themes/onenav/js/ 8 KB
3 KB 198ms
196ms Script
application/javascript 43.254.217.178
CLOUDIE-AS-AP Clo...

General

Check archive.org

Show headers Download Go to

Full URL

http://www.ctfiot.com/wp-content/themes/onenav/js/lazyload.min.js?ver=3.1424

Requested by

Host: www.ctfiot.com
URL: http://www.ctfiot.com/71118.html

Protocol

HTTP/1.1

Server

43.254.217.178 , Hong Kong, ASN55933 (CLOUDIE-AS-AP Cloudie Limited, HK),

Reverse DNS

Software

nginx /

Resource Hash

3eabaf6acfbd158fa8f9b6c8e2a7f59a93cd3c19ca45e66c709f2170964541de

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.ctfiot.com/71118.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Thu, 05 Jan 2023 14:47:13 GMT
Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
Last-Modified: Fri, 25 Feb 2022 01:01:21 GMT
Server: nginx
ETag: W/"62182a61-20c1"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=43200
Connection: keep-alive
Expires: Fri, 06 Jan 2023 02:47:13 GMT

GET
H/1.1 200
OK jquery.fancybox.min.js Show response
www.ctfiot.com/wp-content/themes/onenav/js/ 67 KB
25 KB 203ms
201ms Script
application/javascript 43.254.217.178
CLOUDIE-AS-AP Clo...

General

Check archive.org

Show headers Download Go to

Full URL

http://www.ctfiot.com/wp-content/themes/onenav/js/jquery.fancybox.min.js?ver=3.1424

Requested by

Host: www.ctfiot.com
URL: http://www.ctfiot.com/71118.html

Protocol

HTTP/1.1

Server

43.254.217.178 , Hong Kong, ASN55933 (CLOUDIE-AS-AP Cloudie Limited, HK),

Reverse DNS

Software

nginx /

Resource Hash

ca2427c5350b6c6ee1acd7342ca166a97be33dbae0dc55901774a4de8c6cd706

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.ctfiot.com/71118.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Thu, 05 Jan 2023 14:47:13 GMT
Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
Last-Modified: Fri, 25 Feb 2022 01:01:21 GMT
Server: nginx
ETag: W/"62182a61-10a94"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=43200
Connection: keep-alive
Expires: Fri, 06 Jan 2023 02:47:13 GMT

GET
H/1.1 200
OK app.min.js Show response
www.ctfiot.com/wp-content/themes/onenav/js/ 39 KB
14 KB 200ms
200ms Script
application/javascript 43.254.217.178
CLOUDIE-AS-AP Clo...

General

Check archive.org

Show headers Download Go to

Full URL

http://www.ctfiot.com/wp-content/themes/onenav/js/app.min.js?ver=3.1424

Requested by

Host: www.ctfiot.com
URL: http://www.ctfiot.com/71118.html

Protocol

HTTP/1.1

Server

43.254.217.178 , Hong Kong, ASN55933 (CLOUDIE-AS-AP Cloudie Limited, HK),

Reverse DNS

Software

nginx /

Resource Hash

e12c6e6b042870857fb07f66c9fc2358a428a07f1690b4d8af56d0142b340f3a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.ctfiot.com/71118.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Thu, 05 Jan 2023 14:47:14 GMT
Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
Last-Modified: Fri, 25 Feb 2022 01:01:21 GMT
Server: nginx
ETag: W/"62182a61-9def"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=43200
Connection: keep-alive
Expires: Fri, 06 Jan 2023 02:47:14 GMT

GET
H/1.1 200
OK comment-reply.min.js Show response
www.ctfiot.com/wp-includes/js/ 3 KB
2 KB 457ms
457ms Script
application/javascript 43.254.217.178
CLOUDIE-AS-AP Clo...

General

Check archive.org

Show headers Download Go to

Full URL

http://www.ctfiot.com/wp-includes/js/comment-reply.min.js?ver=6.1.1

Requested by

Host: www.ctfiot.com
URL: http://www.ctfiot.com/71118.html

Protocol

HTTP/1.1

Server

43.254.217.178 , Hong Kong, ASN55933 (CLOUDIE-AS-AP Cloudie Limited, HK),

Reverse DNS

Software

nginx /

Resource Hash

e174a58a503ab84b3d1b9de12fd3895788204485170f1289e445f7b5b98ec789

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.ctfiot.com/71118.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Thu, 05 Jan 2023 14:47:14 GMT
Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
Last-Modified: Sat, 25 Jun 2022 09:18:40 GMT
Server: nginx
ETag: W/"62b6d2f0-ba5"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=43200
Connection: keep-alive
Expires: Fri, 06 Jan 2023 02:47:14 GMT

GET
H/1.1 200
OK comments-ajax.js Show response
www.ctfiot.com/wp-content/themes/onenav/js/ 2 KB
1 KB 201ms
200ms Script
application/javascript 43.254.217.178
CLOUDIE-AS-AP Clo...

General

Check archive.org

Show headers Download Go to

Full URL

http://www.ctfiot.com/wp-content/themes/onenav/js/comments-ajax.js?ver=3.1424

Requested by

Host: www.ctfiot.com
URL: http://www.ctfiot.com/71118.html

Protocol

HTTP/1.1

Server

43.254.217.178 , Hong Kong, ASN55933 (CLOUDIE-AS-AP Cloudie Limited, HK),

Reverse DNS

Software

nginx /

Resource Hash

d08ce327aecaf9346df404c646d7888923fe28749ed47a094a2dfa7785a77809

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.ctfiot.com/71118.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Thu, 05 Jan 2023 14:47:14 GMT
Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
Last-Modified: Fri, 25 Feb 2022 01:01:21 GMT
Server: nginx
ETag: W/"62182a61-829"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=43200
Connection: keep-alive
Expires: Fri, 06 Jan 2023 02:47:14 GMT

GET
H/1.1 200
OK fa-brands-400.woff2
cdn.staticfile.org/font-awesome/5.15.4/webfonts/ 75 KB
76 KB 14ms
7ms Font
application/octet-stream 163.181.56.174
TAOBAO Zhejiang T...

General

Check archive.org

Show headers Download Go to

Full URL: http://cdn.staticfile.org/font-awesome/5.15.4/webfonts/fa-brands-400.woff2
Requested by: Host: cdn.staticfile.org
URL: http://cdn.staticfile.org/font-awesome/5.15.4/css/all.min.css?ver=3.1424
Protocol: HTTP/1.1
Server: 163.181.56.174 Frankfurt am Main, Germany, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software: Tengine /
Resource Hash: 23cc8f32949c8b6960b1a4ca216ccaff2db4b769f6565bef2ee1fa954e072029

Request headers

Referer: http://cdn.staticfile.org/font-awesome/5.15.4/css/all.min.css?ver=3.1424
Origin: http://www.ctfiot.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

X-Log: X-Log
Date: Thu, 05 Jan 2023 05:03:45 GMT
Via: cache15.l2de2[0,0,304-0,H], cache21.l2de2[1,0], ens-cache10.de4[0,0,200-0,H], ens-cache5.de4[1,0]
X-Svr: IO
Content-Md5: 7TEcegremnW7Pr9adnDzHQ==
X-Reqid: HdMAAAAMIIMpUTcX
Age: 35008
X-Swift-CacheTime: 86079
X-Cache: HIT TCP_MEM_HIT dirn:10:205963565
Content-Transfer-Encoding: binary
Content-Disposition: inline; filename="fa-brands-400.woff2"; filename*=utf-8''fa-brands-400.woff2
Connection: keep-alive
X-Swift-SaveTime: Thu, 05 Jan 2023 05:09:06 GMT
Content-Length: 76736
Last-Modified: Mon, 09 Aug 2021 14:51:14 GMT
Server: Tengine
Etag: "FgYTx-u6Ve5H7zAsD3dmMkaS-Jmn"
Vary: Origin
Access-Control-Max-Age: 2592000
Content-Type: application/octet-stream; charset=utf-8
Access-Control-Allow-Origin: *
Ali-Swift-Global-Savetime: 1672895025
Access-Control-Expose-Headers: X-Log, X-Reqid
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
X-Qiniu-Zone: 0
Timing-Allow-Origin: *
EagleId: 2ff62b1d16729300337893339e

GET
H/1.1 200
OK fa-solid-900.woff2
cdn.staticfile.org/font-awesome/5.15.4/webfonts/ 76 KB
77 KB 14ms
8ms Font
application/octet-stream 163.181.56.174
TAOBAO Zhejiang T...

General

Check archive.org

Show headers Download Go to

Full URL: http://cdn.staticfile.org/font-awesome/5.15.4/webfonts/fa-solid-900.woff2
Requested by: Host: cdn.staticfile.org
URL: http://cdn.staticfile.org/font-awesome/5.15.4/css/all.min.css?ver=3.1424
Protocol: HTTP/1.1
Server: 163.181.56.174 Frankfurt am Main, Germany, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software: Tengine /
Resource Hash: 8f52ae059ebd18fcb45ca5d2f81ab410ade2b54e096aa1284fd4b2b97bf3ddc9

Request headers

Referer: http://cdn.staticfile.org/font-awesome/5.15.4/css/all.min.css?ver=3.1424
Origin: http://www.ctfiot.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

X-Log: X-Log
Date: Thu, 05 Jan 2023 05:03:45 GMT
Via: cache14.l2de2[0,0,304-0,H], cache17.l2de2[1,0], ens-cache6.de4[0,0,200-0,H], ens-cache4.de4[1,0]
X-Svr: IO
Content-Md5: 2CTffrLiaGJqLdmmp0GsTg==
X-Reqid: jeUAAADhqIEpUTcX
Age: 35008
X-Swift-CacheTime: 86079
X-Cache: HIT TCP_MEM_HIT dirn:10:392807298
Content-Transfer-Encoding: binary
Content-Disposition: inline; filename="fa-solid-900.woff2"; filename*=utf-8''fa-solid-900.woff2
Connection: keep-alive
X-Swift-SaveTime: Thu, 05 Jan 2023 05:09:06 GMT
Content-Length: 78268
Last-Modified: Thu, 05 Aug 2021 05:48:24 GMT
Server: Tengine
Etag: "FgzLLIFKfkyhLEd4ghYzgJywNh6q"
Vary: Origin
Access-Control-Max-Age: 2592000
Content-Type: application/octet-stream; charset=utf-8
Access-Control-Allow-Origin: *
Ali-Swift-Global-Savetime: 1672895025
Access-Control-Expose-Headers: X-Log, X-Reqid
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
X-Qiniu-Zone: 0
Timing-Allow-Origin: *
EagleId: 2ff62b1c16729300337967515e

GET
H/1.1 200
OK iconfont.woff2
www.ctfiot.com/wp-content/themes/onenav/css/fonts/ 18 KB
18 KB 379ms
196ms Font
font/woff2 43.254.217.178
CLOUDIE-AS-AP Clo...

General

Check archive.org

Show headers Download Go to

Full URL

http://www.ctfiot.com/wp-content/themes/onenav/css/fonts/iconfont.woff2?t=1627493826118

Requested by

Host: www.ctfiot.com
URL: http://www.ctfiot.com/wp-content/themes/onenav/css/iconfont.css?ver=3.1424

Protocol

HTTP/1.1

Server

43.254.217.178 , Hong Kong, ASN55933 (CLOUDIE-AS-AP Cloudie Limited, HK),

Reverse DNS

Software

nginx /

Resource Hash

b00e1b2de916ebd46dabc76a63345844e4cf92f194552c2657b50f1c11cc2be8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: http://www.ctfiot.com/wp-content/themes/onenav/css/iconfont.css?ver=3.1424
Origin: http://www.ctfiot.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Thu, 05 Jan 2023 14:47:14 GMT
Strict-Transport-Security: max-age=31536000
Last-Modified: Fri, 25 Feb 2022 01:01:21 GMT
Server: nginx
ETag: "62182a61-46d8"
Content-Type: font/woff2
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 18136

GET
H/1.1 200
OK fa-regular-400.woff2
cdn.staticfile.org/font-awesome/5.15.4/webfonts/ 13 KB
14 KB 13ms
7ms Font
application/octet-stream 163.181.56.174
TAOBAO Zhejiang T...

General

Check archive.org

Show headers Download Go to

Full URL: http://cdn.staticfile.org/font-awesome/5.15.4/webfonts/fa-regular-400.woff2
Requested by: Host: cdn.staticfile.org
URL: http://cdn.staticfile.org/font-awesome/5.15.4/css/all.min.css?ver=3.1424
Protocol: HTTP/1.1
Server: 163.181.56.174 Frankfurt am Main, Germany, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software: Tengine /
Resource Hash: 3e072a40ac7b8d13ac916ea7414702ef308c98d0b3d53835a361ffff11a4fcaa

Request headers

Referer: http://cdn.staticfile.org/font-awesome/5.15.4/css/all.min.css?ver=3.1424
Origin: http://www.ctfiot.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

X-Log: X-Log
Date: Thu, 05 Jan 2023 05:13:44 GMT
Via: cache6.l2de2[0,0,304-0,H], cache9.l2de2[0,0], ens-cache6.de4[0,0,200-0,H], ens-cache3.de4[0,0]
X-Svr: IO
Content-Md5: uR03a412RtZxzYIJUNX38Q==
X-Reqid: BAoAAADahxW1UTcX
Age: 34409
X-Swift-CacheTime: 85484
X-Cache: HIT TCP_MEM_HIT dirn:9:29336959
Content-Transfer-Encoding: binary
Content-Disposition: inline; filename="fa-regular-400.woff2"; filename*=utf-8''fa-regular-400.woff2
Connection: keep-alive
X-Swift-SaveTime: Thu, 05 Jan 2023 05:29:00 GMT
Content-Length: 13224
Last-Modified: Sat, 07 Aug 2021 17:26:33 GMT
Server: Tengine
Etag: "FhNRdSmv-jniWFxZGsrm3DNraqkX"
Vary: Origin
Access-Control-Max-Age: 2592000
Content-Type: application/octet-stream; charset=utf-8
Access-Control-Allow-Origin: *
Ali-Swift-Global-Savetime: 1672895624
Access-Control-Expose-Headers: X-Log, X-Reqid
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
X-Qiniu-Zone: 0
Timing-Allow-Origin: *
EagleId: 2ff62b1b16729300337981932e

GET
H/1.1 200
OK 55cbcfe920516e4e54bd3aba2f30e585
sdn.geekzu.org/avatar/ 837 B
2 KB 584ms
520ms Image
image/jpeg 2606:4700:3032::ac43:8d18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://sdn.geekzu.org/avatar/55cbcfe920516e4e54bd3aba2f30e585?s=20&d=mm&r=g
Requested by: Host: www.ctfiot.com
URL: http://www.ctfiot.com/71118.html
Protocol: HTTP/1.1
Server: 2606:4700:3032::ac43:8d18 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e2b94f353fafcae37092fdd244b0c1af1c80d050c614dc3c1f9bcd7ff2d1bdd6

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.ctfiot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Thu, 05 Jan 2023 14:47:14 GMT
CF-Cache-Status: MISS
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Content-Disposition: inline; filename="55cbcfe920516e4e54bd3aba2f30e585.png"
Connection: keep-alive
Server-Timing: cf-q-config;dur=5.9999983932357e-06
Geekzu-Cache: EXPIRED from JP-HND-1
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 837
Last-Modified: Wed, 11 Jan 1984 08:00:00 GMT
Server: cloudflare
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=V6gQggfheQLF35v7EZXKgrtq%2FMiQTC4%2BNEqiwyOHt3of0lnsC5Wvgmi%2Fng%2FJJMlLV3w9w8PHR%2BjL3gQcIDJNlvqRoQliUx6FGoqYbY8jEQplU6jLJNanGSp4PhHjNjvVDBcO%2FJ6JHAvq9FLHXQ%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: max-age=1209600
Accept-Ranges: bytes
CF-RAY: 784d02088b9e2be9-FRA
Expires: Thu, 19 Jan 2023 14:47:14 GMT

GET
H/1.1 200
OK 55cbcfe920516e4e54bd3aba2f30e585
sdn.geekzu.org/avatar/ 1 KB
2 KB 1570ms
1519ms Image
image/jpeg 2606:4700:3032::ac43:8d18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://sdn.geekzu.org/avatar/55cbcfe920516e4e54bd3aba2f30e585?s=80&d=mm&r=g
Requested by: Host: www.ctfiot.com
URL: http://www.ctfiot.com/71118.html
Protocol: HTTP/1.1
Server: 2606:4700:3032::ac43:8d18 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4faa1d5635283a0d49e1933de318b24491751c9a3ccf2fe404b9137929e3eb86

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.ctfiot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Thu, 05 Jan 2023 14:47:15 GMT
CF-Cache-Status: MISS
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Content-Disposition: inline; filename="55cbcfe920516e4e54bd3aba2f30e585.png"
Connection: keep-alive
Server-Timing: cf-q-config;dur=6.9999987317715e-06
Geekzu-Cache: EXPIRED from JP-HND-1
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 1323
Last-Modified: Wed, 11 Jan 1984 08:00:00 GMT
Server: cloudflare
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g98hyE7Tn01lxuSGWRiruLoofpNEks9k6ixvJIdUmN37Xcob9nqCDBb4Du3%2B66w0PGSrrOPEx5TZT9DZjUIDUuwX57m5Q6d%2F8KhtU%2FaNeg3R3CjokNwxIsnd6CwDgyydw0ZsCqy8QOWqn1IzVg%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: max-age=1209600
Accept-Ranges: bytes
CF-RAY: 784d020888d79bbc-FRA
Expires: Thu, 19 Jan 2023 14:47:15 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212010101/ 356 KB
117 KB 96ms
80ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212010101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5738725703232626&plah=www.ctfiot.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5738725703232626

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f6693a145042b71aa87b3c9afc892856ed7ca3da0960b1f67f7feac78dd77b50

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.ctfiot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 14:47:14 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 119962
x-xss-protection: 0
server: cafe
etag: 15751360413864266366
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 05 Jan 2023 14:47:14 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230103/r20190131/ Frame 6DB4 10 KB
5 KB 30ms
6ms Document
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230103/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5738725703232626

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.ctfiot.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 37100
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 05 Jan 2023 04:28:54 GMT
etag: 10353107486223812946
expires: Thu, 19 Jan 2023 04:28:54 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 387 B
694 B 67ms
16ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.ctfiot.com&callback=_gfp_s_&client=ca-pub-5738725703232626&gpid_exp=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212010101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5738725703232626&plah=www.ctfiot.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

79e0dab4ee148ba5a83ddfc41088f3d4c54c75bedc52d0fa1ccb111d0dfc7e6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.ctfiot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 14:47:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 249
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 38ms
15ms Script
application/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.ctfiot.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.ctfiot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 14:47:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 105ms
42ms Script
application/javascript 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.ctfiot.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.ctfiot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 14:47:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 41ms
40ms Image
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=http%3A%2F%2Fwww.ctfiot.com%2F71118.html&tn=DIV&id=sidebar&cls=sticky%20sidebar-nav%20fade%20mini-sidebar&ign=false&pw=1600&ph=1200&x=0&y=1060.8

Requested by

Host: www.ctfiot.com
URL: http://www.ctfiot.com/71118.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.ctfiot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 Jan 2023 14:47:14 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 43ms
42ms Image
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: www.ctfiot.com
URL: http://www.ctfiot.com/71118.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.ctfiot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 Jan 2023 14:47:14 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 8735 13 KB
5 KB 473ms
458ms Document
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5738725703232626&output=html&adk=1812271804&adf=3025194257&lmt=1672930034&plat=1%3A16777216%2C2%3A16777216%2C3%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A34635776%2C32%3A32%2C41%3A32&plas=188x810_r&format=0x0&url=http%3A%2F%2Fwww.ctfiot.com%2F71118.html&ea=0&pra=5&wgl=1&dt=1672930033960&bpp=5&bdt=997&idt=248&shv=r20230103&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7452244671938&frm=20&pv=2&ga_vid=185556637.1672930034&ga_sid=1672930034&ga_hid=895699368&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44773810%2C44780792&oid=2&pvsid=1871944371223498&tmod=670528813&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=1&uci=a!1&fsb=1&dtd=274

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bf6c605d85ba4313c9c09410cb86c1fba8ea9a830cf25d7b4cc240e92d50e0fc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.ctfiot.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 4694
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 05 Jan 2023 14:47:14 GMT
expires: Thu, 05 Jan 2023 14:47:14 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 4D19 436 B
236 B 580ms
576ms Document
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5738725703232626&output=html&h=187&slotname=1613153004&adk=3108791033&adf=2685228617&pi=t.ma~as.1613153004&w=745&fwrn=4&lmt=1672930034&rafmt=11&format=745x187&url=http%3A%2F%2Fwww.ctfiot.com%2F71118.html&wgl=1&dt=1672930033965&bpp=2&bdt=1001&idt=276&shv=r20230103&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7452244671938&frm=20&pv=1&ga_vid=185556637.1672930034&ga_sid=1672930034&ga_hid=895699368&ga_fc=0&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=295&ady=288&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44773810%2C44780792&oid=2&pvsid=1871944371223498&tmod=670528813&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=2&uci=a!2&fsb=1&xpc=O8EV1FeIi3&p=http%3A//www.ctfiot.com&dtd=281

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

14ef9c5fd430240c3e3ffae7acb9a102b1645a25ade3ac2e3c2d5f18327bbc1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.ctfiot.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 213
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 05 Jan 2023 14:47:14 GMT
expires: Thu, 05 Jan 2023 14:47:14 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 7FE8 436 B
235 B 555ms
555ms Document
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5738725703232626&output=html&h=447&slotname=6117731570&adk=1968854875&adf=3830709326&pi=t.ma~as.6117731570&w=745&cr_col=4&cr_row=2&fwrn=2&lmt=1672930034&rafmt=9&format=745x447&url=http%3A%2F%2Fwww.ctfiot.com%2F71118.html&crui=image_stacked&fwr=0&wgl=1&dt=1672930033967&bpp=1&bdt=1004&idt=281&shv=r20230103&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C745x187&nras=1&correlator=7452244671938&frm=20&pv=1&ga_vid=185556637.1672930034&ga_sid=1672930034&ga_hid=895699368&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=295&ady=2769&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44773810%2C44780792&oid=2&pvsid=1871944371223498&tmod=670528813&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=9lbo244SJK&p=http%3A//www.ctfiot.com&dtd=285

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ff48982640a87c46f361199e072b24b3be5afe9e2c4cfd8cb503c6a74253c172

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.ctfiot.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 212
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 05 Jan 2023 14:47:14 GMT
expires: Thu, 05 Jan 2023 14:47:14 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 2F66 436 B
235 B 430ms
429ms Document
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5738725703232626&output=html&h=250&slotname=8806081466&adk=440214258&adf=2235027668&pi=t.ma~as.8806081466&w=310&fwrn=4&fwrnh=100&lmt=1672930034&rafmt=1&format=310x250&url=http%3A%2F%2Fwww.ctfiot.com%2F71118.html&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1672930033968&bpp=1&bdt=1005&idt=286&shv=r20230103&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C745x187%2C745x447&nras=1&correlator=7452244671938&frm=20&pv=1&ga_vid=185556637.1672930034&ga_sid=1672930034&ga_hid=895699368&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1075&ady=183&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44773810%2C44780792&oid=2&pvsid=1871944371223498&tmod=670528813&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=4&uci=a!4&fsb=1&xpc=axPLPhC5Kt&p=http%3A//www.ctfiot.com&dtd=288

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3b342ff8948e759f4d6886629f309a3f8fb025b2b3ff464a0b8665945eb3a624

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.ctfiot.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 212
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 05 Jan 2023 14:47:14 GMT
expires: Thu, 05 Jan 2023 14:47:14 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK hm.js Show response
hm.baidu.com/ 29 KB
12 KB 973ms
342ms Script
application/javascript 103.235.46.191
BAIDU Beijing Bai...

General

Check archive.org

Show headers Download Go to

Full URL

https://hm.baidu.com/hm.js?bfb1bae1f7c3200e814dc48812eadb24

Requested by

Host: www.ctfiot.com
URL: http://www.ctfiot.com/71118.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),

Reverse DNS

Software

apache /

Resource Hash

82cfc47b089c65402685e31a32c32916e84ba41323dadb2dbcc44c2d268b439c

Security Headers

Name	Value
Strict-Transport-Security	max-age=172800

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.ctfiot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Thu, 05 Jan 2023 14:47:16 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=172800
Server: apache
Etag: b8ab4492e1388543d19d9d298afa4e6f
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Content-Type: application/javascript
Cache-Control: max-age=0, must-revalidate
Content-Length: 11302

GET
H/1.1

404
Not Found

wHoOcfQGhqvlUkd.jpg
iowen.gitee.io/ioimg/banner/
Redirect Chain

http://iowen.gitee.io/ioimg/banner/wHoOcfQGhqvlUkd.jpg
https://iowen.gitee.io/ioimg/banner/wHoOcfQGhqvlUkd.jpg

0
0

992ms
321ms

Image
text/html

212.64.63.190
TENCENT-NET-AP Sh...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://iowen.gitee.io/ioimg/banner/wHoOcfQGhqvlUkd.jpg
Requested by: Host: www.ctfiot.com
URL: http://www.ctfiot.com/71118.html
Protocol: HTTP/1.1
Server: 212.64.63.190 , China, ASN45090 (TENCENT-NET-AP Shenzhen Tencent Computer Systems Company Limited, CN),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.ctfiot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Redirect headers

Date: Thu, 05 Jan 2023 14:47:15 GMT
Server: openresty
Content-Type: text/html
Location: https://iowen.gitee.io/ioimg/banner/wHoOcfQGhqvlUkd.jpg
Cache-Control: max-age=86400
Connection: keep-alive
Content-Length: 182
Expires: Fri, 06 Jan 2023 14:47:15 GMT

GET
H/1.1 200
OK 5-1672889032.jpeg
ctfiot.oss-cn-beijing.aliyuncs.com/uploads/2023/01/ 94 KB
95 KB 266ms
265ms Image
image/jpeg 59.110.190.229
ALIBABA-CN-NET Ha...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ctfiot.oss-cn-beijing.aliyuncs.com/uploads/2023/01/5-1672889032.jpeg
Requested by: Host: www.ctfiot.com
URL: http://www.ctfiot.com/71118.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 59.110.190.229 Beijing, China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software: AliyunOSS /
Resource Hash: 174883adcbfae2d24f1961f1188d2d4cf6a376f7d76c897deeae6ae73d9f9187

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.ctfiot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Thu, 05 Jan 2023 14:47:15 GMT
x-oss-request-id: 63B6E2F36AD6D5323168A355
Content-MD5: SSzN9NgWi+nPzOSkEeDlIA==
Content-Disposition: attachment
Connection: keep-alive
Content-Length: 96481
x-oss-object-type: Normal
Last-Modified: Thu, 05 Jan 2023 03:23:52 GMT
Server: AliyunOSS
ETag: "492CCDF4D8168BE9CFCCE4A411E0E520"
Content-Type: image/jpeg
x-oss-force-download: true
x-oss-storage-class: Standard
Accept-Ranges: bytes
x-oss-hash-crc64ecma: 147564106666470785
x-oss-server-time: 35

GET
H/1.1 200
OK 9-1672881475.jpeg
ctfiot.oss-cn-beijing.aliyuncs.com/uploads/2023/01/ 24 KB
24 KB 1281ms
1280ms Image
image/jpeg 59.110.190.229
ALIBABA-CN-NET Ha...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ctfiot.oss-cn-beijing.aliyuncs.com/uploads/2023/01/9-1672881475.jpeg
Requested by: Host: www.ctfiot.com
URL: http://www.ctfiot.com/71118.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 59.110.190.229 Beijing, China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software: AliyunOSS /
Resource Hash: 6220d576020da1b860f606f64ccf285812d4aa96cc31b94ef9e021c782b3357c

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.ctfiot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Thu, 05 Jan 2023 14:47:16 GMT
x-oss-request-id: 63B6E2F47FFDC236347A4D6B
Content-MD5: 704k6mkWTa8B/OyrXtERNw==
Content-Disposition: attachment
Connection: keep-alive
Content-Length: 24141
x-oss-object-type: Normal
Last-Modified: Thu, 05 Jan 2023 01:17:56 GMT
Server: AliyunOSS
ETag: "EF4E24EA69164DAF01FCECAB5ED11137"
Content-Type: image/jpeg
x-oss-force-download: true
x-oss-storage-class: Standard
Accept-Ranges: bytes
x-oss-hash-crc64ecma: 11655672552662190666
x-oss-server-time: 63

GET
H/1.1 200
OK 5-1672839240.jpeg
ctfiot.oss-cn-beijing.aliyuncs.com/uploads/2023/01/ 26 KB
27 KB 203ms
202ms Image
image/jpeg 59.110.190.229
ALIBABA-CN-NET Ha...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ctfiot.oss-cn-beijing.aliyuncs.com/uploads/2023/01/5-1672839240.jpeg
Requested by: Host: www.ctfiot.com
URL: http://www.ctfiot.com/71118.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 59.110.190.229 Beijing, China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software: AliyunOSS /
Resource Hash: 40223a3dd6674dcbe84b1dc6f6abdc04ff1258b059edc3d22dc246d5969e0532

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.ctfiot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Thu, 05 Jan 2023 14:47:15 GMT
x-oss-request-id: 63B6E2F335EB26313898F3A0
Content-MD5: PhZ6PjbvGiK5yYlCnWzcfg==
Content-Disposition: attachment
Connection: keep-alive
Content-Length: 26859
x-oss-object-type: Normal
Last-Modified: Wed, 04 Jan 2023 13:34:00 GMT
Server: AliyunOSS
ETag: "3E167A3E36EF1A22B9C989429D6CDC7E"
Content-Type: image/jpeg
x-oss-force-download: true
x-oss-storage-class: Standard
Accept-Ranges: bytes
x-oss-hash-crc64ecma: 554336230227183259
x-oss-server-time: 20

GET
H/1.1 200
OK 10-1672839140.jpeg
ctfiot.oss-cn-beijing.aliyuncs.com/uploads/2023/01/ 44 KB
45 KB 216ms
215ms Image
image/jpeg 59.110.190.229
ALIBABA-CN-NET Ha...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ctfiot.oss-cn-beijing.aliyuncs.com/uploads/2023/01/10-1672839140.jpeg
Requested by: Host: www.ctfiot.com
URL: http://www.ctfiot.com/71118.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 59.110.190.229 Beijing, China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software: AliyunOSS /
Resource Hash: 0cafba5325245d89181067c5b42608e9e52a4b91b147e6aab01b4d6cc0b0ce48

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.ctfiot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Thu, 05 Jan 2023 14:47:15 GMT
x-oss-request-id: 63B6E2F3ED63F03834EDCE62
Content-MD5: rDUHNjKruBmnXRgGacwE0A==
Content-Disposition: attachment
Connection: keep-alive
Content-Length: 45136
x-oss-object-type: Normal
Last-Modified: Wed, 04 Jan 2023 13:32:20 GMT
Server: AliyunOSS
ETag: "AC35073632ABB819A75D180669CC04D0"
Content-Type: image/jpeg
x-oss-force-download: true
x-oss-storage-class: Standard
Accept-Ranges: bytes
x-oss-hash-crc64ecma: 4039897033450519410
x-oss-server-time: 33

GET
H/1.1 200
OK 7-1672881462.jpeg
ctfiot.oss-cn-beijing.aliyuncs.com/uploads/2023/01/ 4 KB
5 KB 330ms
208ms Image
image/jpeg 59.110.190.229
ALIBABA-CN-NET Ha...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ctfiot.oss-cn-beijing.aliyuncs.com/uploads/2023/01/7-1672881462.jpeg
Requested by: Host: www.ctfiot.com
URL: http://www.ctfiot.com/71118.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 59.110.190.229 Beijing, China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software: AliyunOSS /
Resource Hash: b9efb5c7960bebaff510def1f3de9b22f7fa1147a85b34e66dbe2805d912f5e4

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.ctfiot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Thu, 05 Jan 2023 14:47:15 GMT
x-oss-request-id: 63B6E2F3E80D0137349E927A
Content-MD5: fgLTYepmNzZN3JLwZ/Za2g==
Content-Disposition: attachment
Connection: keep-alive
Content-Length: 4131
x-oss-object-type: Normal
Last-Modified: Thu, 05 Jan 2023 01:17:43 GMT
Server: AliyunOSS
ETag: "7E02D361EA6637364DDC92F067F65ADA"
Content-Type: image/jpeg
x-oss-force-download: true
x-oss-storage-class: Standard
Accept-Ranges: bytes
x-oss-hash-crc64ecma: 9279591783855607811
x-oss-server-time: 28

GET
H/1.1 200
OK 4-1672839255.jpeg
ctfiot.oss-cn-beijing.aliyuncs.com/uploads/2023/01/ 19 KB
19 KB 539ms
208ms Image
image/jpeg 59.110.190.229
ALIBABA-CN-NET Ha...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ctfiot.oss-cn-beijing.aliyuncs.com/uploads/2023/01/4-1672839255.jpeg
Requested by: Host: www.ctfiot.com
URL: http://www.ctfiot.com/71118.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 59.110.190.229 Beijing, China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software: AliyunOSS /
Resource Hash: ad7f705be0fc7ef112c80face74e074a07130d533d8e2892e65aebefbbd44d07

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.ctfiot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Thu, 05 Jan 2023 14:47:15 GMT
x-oss-request-id: 63B6E2F3E80D01373426937A
Content-MD5: d6rDrFeNDtDI/GSNFRLSxg==
Content-Disposition: attachment
Connection: keep-alive
Content-Length: 19424
x-oss-object-type: Normal
Last-Modified: Wed, 04 Jan 2023 13:34:16 GMT
Server: AliyunOSS
ETag: "77AAC3AC578D0ED0C8FC648D1512D2C6"
Content-Type: image/jpeg
x-oss-force-download: true
x-oss-storage-class: Standard
Accept-Ranges: bytes
x-oss-hash-crc64ecma: 7141506560197013559
x-oss-server-time: 30

GET
H/1.1 200
OK 6-1672839283.jpeg
ctfiot.oss-cn-beijing.aliyuncs.com/uploads/2023/01/ 94 KB
95 KB 242ms
206ms Image
image/jpeg 59.110.190.229
ALIBABA-CN-NET Ha...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ctfiot.oss-cn-beijing.aliyuncs.com/uploads/2023/01/6-1672839283.jpeg
Requested by: Host: www.ctfiot.com
URL: http://www.ctfiot.com/71118.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 59.110.190.229 Beijing, China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software: AliyunOSS /
Resource Hash: 174883adcbfae2d24f1961f1188d2d4cf6a376f7d76c897deeae6ae73d9f9187

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.ctfiot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Thu, 05 Jan 2023 14:47:15 GMT
x-oss-request-id: 63B6E2F39849B4343906BAAA
Content-MD5: SSzN9NgWi+nPzOSkEeDlIA==
Content-Disposition: attachment
Connection: keep-alive
Content-Length: 96481
x-oss-object-type: Normal
Last-Modified: Wed, 04 Jan 2023 13:34:43 GMT
Server: AliyunOSS
ETag: "492CCDF4D8168BE9CFCCE4A411E0E520"
Content-Type: image/jpeg
x-oss-force-download: true
x-oss-storage-class: Standard
Accept-Ranges: bytes
x-oss-hash-crc64ecma: 147564106666470785
x-oss-server-time: 28

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 4BD8 31 KB
12 KB 467ms
467ms Document
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.ctfiot.com
URL: http://www.ctfiot.com/wp-content/themes/onenav/js/jquery.min.js?ver=3.1424

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f18a75151b3f92f9e3a74514a68c15f9d7e3b90a816311ba3e01f97c9f780c50

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.ctfiot.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 12327
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 05 Jan 2023 14:47:15 GMT
expires: Thu, 05 Jan 2023 14:47:15 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame D66A 0
0 58ms
57ms Fetch
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CJNdf8-K2Y5P_FMHptOUP0rWqkAWQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi01NzM4NzI1NzAzMjMyNjI2yAEJqQJsf92vI9CxPqgDAaoE3gFP0GuX9P0iz9pxeVwd_zn_0meJ8eJ2G0KZuV00v9ch_PIP9NR871MCzj3Gbz_iPsLcL70tra062-zyU2AGjcLfulWcKvAzThcAH-CBKF2bbP1i0khaw31gcNsMsj61s0OJWxYPRslpBZEK_cqJin5klimckWbk_RpdmFQ6_NO6P3RNoO-JL8vMmHuKDDIBYSihMAclFtuOeM-UBEQIK9PtQlhaPqPiCicBaUYJgBi5DYA4Hk917fdZHRBict7jgGqGI2quxlIigkYUGZN1xIsRhGuj0zW6s-TqksbWGo-ABry2mfOd_o_LMaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgECACgH6CwIIAYAMAdAVAYAXAbIXGgoYEhRwdWItNTczODcyNTcwMzIzMjYyNhgA&sigh=_gYGSJ0NJes&uach_m=[UACH]&cid=CAQSKQDq26N927L7DTWaFVtymQxBGzSsRnap-msmlKg2JbikCTmE1rIAn1skGAEgEw

Requested by

Host: www.ctfiot.com
URL: http://www.ctfiot.com/71118.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5738725703232626&output=html&h=250&slotname=8806081466&adk=440214258&adf=2235027668&pi=t.ma~as.8806081466&w=310&fwrn=4&fwrnh=100&lmt=1672930034&rafmt=1&format=310x250&url=http%3A%2F%2Fwww.ctfiot.com%2F71118.html&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1672930033968&bpp=1&bdt=1005&idt=286&shv=r20230103&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C745x187%2C745x447&nras=1&correlator=7452244671938&frm=20&pv=1&ga_vid=185556637.1672930034&ga_sid=1672930034&ga_hid=895699368&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1075&ady=183&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44773810%2C44780792&oid=2&pvsid=1871944371223498&tmod=670528813&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=4&uci=a!4&fsb=1&xpc=axPLPhC5Kt&p=http%3A//www.ctfiot.com&dtd=288
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 05 Jan 2023 14:47:15 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 204 winResponse
prod-rtb.ad4mat.net/ Frame D66A 0
0 54ms
16ms Fetch
image/gif 2600:1901:0:76b9::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://prod-rtb.ad4mat.net/winResponse?a=1hrdbvtdggmndjq5yenb0ggdvgdc9fqnqc4dwb54tr1y27r2k5n4jpn4bw9ab1fa8t04wdspxnqrqp8b7fg82nk024wv7wwe3k8pd2aey2c5m12hbe54kr7e8r4gw5qyp69vmbrv9kdy2ktgw3d376eqww8medyp1f3gsnrft6abqth33tr4gdp6gfcreg829j8syn31bzasc8cetjyt6ybyhjv4yce1pwcd4dbyzmwrs9ga11pgwh9pczekggwbwza1fh3vycpszwvpsdy99vc1fs29mmjen3e232876bmyrdznwt7pp5ezssb35wyr6vgb377sretn971k5n42rea63tj5wsnrafqq7tkeam9ycyqp35bsvpmkyddg9wag3h0g80e5gm&b=Y7bi8wAFP5MGrTTBAAqa0henuFhUgj6TBy59ow
Requested by: Host: www.ctfiot.com
URL: http://www.ctfiot.com/71118.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 05 Jan 2023 14:47:15 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: image/gif

GET
H2 200 dr Show response
as.ad4m.at/ad/ Frame 1010 2 KB
2 KB 63ms
27ms Document
text/html 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/dr?ed=1jqpqrrq4e81330se65zw69yfvqg72h8vhmnpt43be0wr6hhczczb3q1nvp6057c603sc2zybpqypajy35yk1p24qz9tkgfb07vmdamy7ehmftbd0qjsyzq6fd4mp5wg15pgsf0gkps437kmfy7b0pb5f8nk8hcbhg505zbcp51th6sf93peb3j8phz28af6verwwm9hfc09bvkdvcwcagmkab20r6j8nme8ba45jtrw9z9fyxr1b13qemgjyg1wfegzafq1ns1k6vchs652q5epn380fece01zeng6vy8rwbjhjbwgwyh983rep2j4nef43nk98zjdnv0ebacz8hw746y0p197h7v0ncxn17k9ak8g4zg941rw0e15mnyjtryta7v3f434zgkah2jm7gzgr2rmqwrr2xf5dbm858ssmjjnpa5kkm&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCIHsR8-K2Y5P_FMHptOUP0rWqkAWQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi01NzM4NzI1NzAzMjMyNjI2yAEJqQJsf92vI9CxPqgDAaoE4QFP0GuX9P0iz9pxeVwd_zn_0meJ8eJ2G0KZuV00v9ch_PIP9NR871MCzj3Gbz_iPsLcL70tra062-zyU2AGjcLfulWcKvAzThcAH-CBKF2bbP1i0khaw31gcNsMsj61s0OJWxYPRslpBZEK_cqJin5klimckWbk_RpdmFQ6_NO6P3RNoO-JL8vMmHuKDDIBYSihMAclFtuOeM-UBEQIK9PtQlhaPqPiCicBaUYJgBi5DYA4Hk917fdZXxJD4AkaBypOpCI4HBuwcH8AEz5_6pPMBKnqQc0urcjyRxpJWkeGf6SABry2mfOd_o_LMaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3XVxihL3xFKEnoRW-ee_TQF3p0yQ%26client%3Dca-pub-5738725703232626%26adurl%3D

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5738725703232626&output=html&h=250&slotname=8806081466&adk=440214258&adf=2235027668&pi=t.ma~as.8806081466&w=310&fwrn=4&fwrnh=100&lmt=1672930034&rafmt=1&format=310x250&url=http%3A%2F%2Fwww.ctfiot.com%2F71118.html&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1672930033968&bpp=1&bdt=1005&idt=286&shv=r20230103&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C745x187%2C745x447&nras=1&correlator=7452244671938&frm=20&pv=1&ga_vid=185556637.1672930034&ga_sid=1672930034&ga_hid=895699368&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1075&ady=183&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44773810%2C44780792&oid=2&pvsid=1871944371223498&tmod=670528813&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=4&uci=a!4&fsb=1&xpc=axPLPhC5Kt&p=http%3A//www.ctfiot.com&dtd=288

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

416266744c21abbe7404d6a0d24a9cf430f430d967446983919ffdffb552e8dd

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-ancestors * data:;frame-src ;img-src data:;manifest-src 'none';media-src 'none';navigate-to ;object-src 'none';prefetch-src 'none';script-src 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 784d02139c429a05-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Thu, 05 Jan 2023 14:47:15 GMT
expires: 0
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230103/r20110914/client/ Frame D66A 3 KB
1 KB 44ms
7ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230103/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 14:06:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2443
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 19 Jan 2023 14:06:32 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame CE2E 1 KB
643 B 16ms
15ms Document
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 7027
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 05 Jan 2023 12:50:08 GMT
etag: 48472445140208031
expires: Fri, 06 Jan 2023 12:50:08 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230103/r20110914/client/ Frame D66A 18 KB
8 KB 42ms
7ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230103/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

727e6a1f4a634d6298af8636fd331912b036b6f7783c771d2e06baeb82e2341e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 12:50:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7027
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7527
x-xss-protection: 0
server: cafe
etag: 8658061406568722807
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 19 Jan 2023 12:50:08 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame D66A 154 KB
48 KB 163ms
86ms Script
text/javascript 2a00:1450:400d:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:802::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2110cce190ab5366863b7d652b06b90ea32ad84d8241b5a492a8dead67594335

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 14:47:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48184
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1672836157132942"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 05 Jan 2023 14:47:15 GMT

GET
H2

200

/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame CE2E
Redirect Chain

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEJlUuHsvu_xs1e59yAwVD00&google_cver=1&google_push=AavPq0OdAZOCR2nj_YIYoj__esg2ZY72WPKq2x9Rnm94BgJAy0TEV085IMNTIyrwecBYLb9z6PuZhB4niIRCsOuOMwjSM4hfIvmJBg
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=Mzg3ODUyNTcyOTE2MjgwNDE5OQ==&gdpr=&gdpr_consent=
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEJlUuHsvu_xs1e59yAwVD00&google_cver=1

43 B
398 B

113ms
31ms

Image
image/gif

2001:678:cb4:bbbb::11
AMOBEE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEJlUuHsvu_xs1e59yAwVD00&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5738725703232626&output=html&h=250&slotname=8806081466&adk=440214258&adf=2235027668&pi=t.ma~as.8806081466&w=310&fwrn=4&fwrnh=100&lmt=1672930034&rafmt=1&format=310x250&url=http%3A%2F%2Fwww.ctfiot.com%2F71118.html&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1672930033968&bpp=1&bdt=1005&idt=286&shv=r20230103&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C745x187%2C745x447&nras=1&correlator=7452244671938&frm=20&pv=1&ga_vid=185556637.1672930034&ga_sid=1672930034&ga_hid=895699368&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1075&ady=183&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44773810%2C44780792&oid=2&pvsid=1871944371223498&tmod=670528813&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=4&uci=a!4&fsb=1&xpc=axPLPhC5Kt&p=http%3A//www.ctfiot.com&dtd=288
Protocol: H2
Server: 2001:678:cb4:bbbb::11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software: /
Resource Hash: 48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Thu, 05 Jan 2023 14:47:15 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 43
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma: no-cache
date: Thu, 05 Jan 2023 14:47:15 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEJlUuHsvu_xs1e59yAwVD00&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame CE2E
Redirect Chain

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESELuUWzSzFkSwx1KPBdf9eDw&google_cver=1&google_push=AavPq0MgiOOh7lpozwWyTf0uW627x0v14BIC1RjmkzJUkVLvs7CWWByRfY2EoS4iIQN3RMwE9AcNo68T5NNHsjJXgdOU...
https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESELuUWzSzFkSwx1KPBdf9eDw&google_cver=1&google_push=AavPq0MgiOOh7lpozwWyTf0uW627x0v14BIC1RjmkzJUkVLvs7CWWByRfY2EoS4iIQN3RMwE9AcNo68T5NNHsj...
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AavPq0MgiOOh7lpozwWyTf0uW627x0v14BIC1RjmkzJUkVLvs7CWWByRfY2EoS4iIQN3RMwE9AcNo68T5NNHsjJXgdOUhyUWvcPegNY&google_hm=SdHyFbCSRfGxb63v_0Mp...

170 B
329 B

20ms
16ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AavPq0MgiOOh7lpozwWyTf0uW627x0v14BIC1RjmkzJUkVLvs7CWWByRfY2EoS4iIQN3RMwE9AcNo68T5NNHsjJXgdOUhyUWvcPegNY&google_hm=SdHyFbCSRfGxb63v_0MpgA==

Requested by

Protocol

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 Jan 2023 14:47:15 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: //cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AavPq0MgiOOh7lpozwWyTf0uW627x0v14BIC1RjmkzJUkVLvs7CWWByRfY2EoS4iIQN3RMwE9AcNo68T5NNHsjJXgdOUhyUWvcPegNY&google_hm=SdHyFbCSRfGxb63v_0MpgA==
date: Thu, 05 Jan 2023 14:47:15 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame CE2E
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEO4AGFGKvlKfzI5kC7Ie27I&google_cver=1&google_push=AavPq0PMhU4Jn_hOzO-4FgcgG6jVtZIsOHOO0Ck_LUeXpdKzxNaoufFI11GcdSZGv8vHXcc1nM0...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TENKN0NLWlctMUYtSDk3UQ==&google_push=AavPq0PMhU4Jn_hOzO-4FgcgG6jVtZIsOHOO0Ck_LUeXpdKzxNaoufFI11GcdSZGv8vHXcc1nM0BkV1DMmIagHz3mQSyGAgDUQ4wSyE

170 B
232 B

25ms
19ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TENKN0NLWlctMUYtSDk3UQ==&google_push=AavPq0PMhU4Jn_hOzO-4FgcgG6jVtZIsOHOO0Ck_LUeXpdKzxNaoufFI11GcdSZGv8vHXcc1nM0BkV1DMmIagHz3mQSyGAgDUQ4wSyE

Requested by

Protocol

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 Jan 2023 14:47:15 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TENKN0NLWlctMUYtSDk3UQ==&google_push=AavPq0PMhU4Jn_hOzO-4FgcgG6jVtZIsOHOO0Ck_LUeXpdKzxNaoufFI11GcdSZGv8vHXcc1nM0BkV1DMmIagHz3mQSyGAgDUQ4wSyE
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 4cdacfaa68e4ab216fffbcc107c5b898
Expires: 0

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame CE2E
Redirect Chain

https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEAl9o8p5fJ1sBNcYbdd_tBM&google_cver=1&google_push=AavPq0MjkePewrc3VUglB452foR7UIPnRBR9RrFlFIH8kZaFIX0dc1lddCCPVb4bTd5GqaF-Nugu7kYg-l5kgirg...
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AavPq0MjkePewrc3VUglB452foR7UIPnRBR9RrFlFIH8kZaFIX0dc1lddCCPVb4bTd5GqaF-Nugu7kYg-l5kgirgeFn3ugIYL_uggSc

170 B
232 B

20ms
20ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AavPq0MjkePewrc3VUglB452foR7UIPnRBR9RrFlFIH8kZaFIX0dc1lddCCPVb4bTd5GqaF-Nugu7kYg-l5kgirgeFn3ugIYL_uggSc

Requested by

Protocol

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 Jan 2023 14:47:15 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Thu, 05 Jan 2023 14:47:15 GMT
via: 1.1 dca6db3c8f31f3cd48bb06d78a8be624.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA56-C2
x-cache: FunctionGeneratedResponse from cloudfront
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AavPq0MjkePewrc3VUglB452foR7UIPnRBR9RrFlFIH8kZaFIX0dc1lddCCPVb4bTd5GqaF-Nugu7kYg-l5kgirgeFn3ugIYL_uggSc
cache-control: no-cache, must-revalidate
content-length: 0
x-amz-cf-id: ShJLS0WznetAGj_yuw2iht_GuvdKZAY_g-7I4Hqzr-SsqTwuWTzlIQ==

GET
H2 200 sync
ssbsync.smartadserver.com/api/ Frame CE2E 0
45 B 131ms
26ms Image
text/plain 185.86.139.94
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEAl8Ygg4T9BFIDfWuY0OdMc&google_cver=1&google_push=AavPq0NE_uisVI4oe5Q5UT-BixGU4hgXqbNOSH4zeJ-ws7M41LOtgKVMAybwSPSP_i6NltXo59E3uPt1Lf46nNasqsNeS5lWo7mNdU0
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5738725703232626&output=html&h=250&slotname=8806081466&adk=440214258&adf=2235027668&pi=t.ma~as.8806081466&w=310&fwrn=4&fwrnh=100&lmt=1672930034&rafmt=1&format=310x250&url=http%3A%2F%2Fwww.ctfiot.com%2F71118.html&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1672930033968&bpp=1&bdt=1005&idt=286&shv=r20230103&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C745x187%2C745x447&nras=1&correlator=7452244671938&frm=20&pv=1&ga_vid=185556637.1672930034&ga_sid=1672930034&ga_hid=895699368&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1075&ady=183&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44773810%2C44780792&oid=2&pvsid=1871944371223498&tmod=670528813&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=4&uci=a!4&fsb=1&xpc=axPLPhC5Kt&p=http%3A//www.ctfiot.com&dtd=288
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.94 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 14:47:15 GMT
content-length: 0

GET
H2

200

report
sync.teads.tv/um/ Frame CE2E
Redirect Chain

https://sync.teads.tv/um?eid=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEJKG-RGArtyvrEcSGoNnKS4&...
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=AavPq0MmGuhtwPI8omIoLFJ7-3uv3O2TINpTXVW0FcmVdy4yA8sngky8OXGTR7cuRH146jjqOyMwA6G3QwCZrjY2mIohNXrd4hKaylg
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

23 B
172 B

199ms
199ms

Image
image/gif

104.96.128.226
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Requested by: Host: www.ctfiot.com
URL: http://www.ctfiot.com/71118.html
Protocol: H2
Server: 104.96.128.226 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-96-128-226.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.9 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

expires: Thu, 05 Jan 2023 14:47:16 GMT
pragma: no-cache
date: Thu, 05 Jan 2023 14:47:16 GMT
cache-control: max-age=0, no-cache, no-store
server: akka-http/10.2.9
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Thu, 05 Jan 2023 14:47:16 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 260
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame CE2E
Redirect Chain

https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEGO1a_Agg...
https://x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEGO...
https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=49d1f215-b092-45f1-b16f-adefff432980&%%GOOGLE_PUSH_PAIR%%

170 B
232 B

21ms
18ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=49d1f215-b092-45f1-b16f-adefff432980&%%GOOGLE_PUSH_PAIR%%

Requested by

Protocol

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 Jan 2023 14:47:15 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=49d1f215-b092-45f1-b16f-adefff432980&%%GOOGLE_PUSH_PAIR%%
date: Thu, 05 Jan 2023 14:47:15 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame CE2E 0
223 B 53ms
14ms Image
text/html 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KNTDwzialydNUpiHMLHHjqadnVoqK2wz2R4-xX3Ly4kyzmpvtwGtu7yjE-obzjuwIBi-aB6FM

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 14:47:15 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
DATA 200
OK truncated
/ Frame D66A 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7145c78c4fa5645f133bb1617175b0da68d7ba07b3853a9b90d96a3afc636394

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.27/one-ad/ Frame 1010 89 KB
12 KB 60ms
50ms Stylesheet
text/css 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.27/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1jqpqrrq4e81330se65zw69yfvqg72h8vhmnpt43be0wr6hhczczb3q1nvp6057c603sc2zybpqypajy35yk1p24qz9tkgfb07vmdamy7ehmftbd0qjsyzq6fd4mp5wg15pgsf0gkps437kmfy7b0pb5f8nk8hcbhg505zbcp51th6sf93peb3j8phz28af6verwwm9hfc09bvkdvcwcagmkab20r6j8nme8ba45jtrw9z9fyxr1b13qemgjyg1wfegzafq1ns1k6vchs652q5epn380fece01zeng6vy8rwbjhjbwgwyh983rep2j4nef43nk98zjdnv0ebacz8hw746y0p197h7v0ncxn17k9ak8g4zg941rw0e15mnyjtryta7v3f434zgkah2jm7gzgr2rmqwrr2xf5dbm858ssmjjnpa5kkm&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCIHsR8-K2Y5P_FMHptOUP0rWqkAWQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi01NzM4NzI1NzAzMjMyNjI2yAEJqQJsf92vI9CxPqgDAaoE4QFP0GuX9P0iz9pxeVwd_zn_0meJ8eJ2G0KZuV00v9ch_PIP9NR871MCzj3Gbz_iPsLcL70tra062-zyU2AGjcLfulWcKvAzThcAH-CBKF2bbP1i0khaw31gcNsMsj61s0OJWxYPRslpBZEK_cqJin5klimckWbk_RpdmFQ6_NO6P3RNoO-JL8vMmHuKDDIBYSihMAclFtuOeM-UBEQIK9PtQlhaPqPiCicBaUYJgBi5DYA4Hk917fdZXxJD4AkaBypOpCI4HBuwcH8AEz5_6pPMBKnqQc0urcjyRxpJWkeGf6SABry2mfOd_o_LMaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3XVxihL3xFKEnoRW-ee_TQF3p0yQ%26client%3Dca-pub-5738725703232626%26adurl%3D
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4ab995345cf38f3951bc840ab2c0d043269e700e59f1c6d6cb7fb8946268b358

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/dr?ed=1jqpqrrq4e81330se65zw69yfvqg72h8vhmnpt43be0wr6hhczczb3q1nvp6057c603sc2zybpqypajy35yk1p24qz9tkgfb07vmdamy7ehmftbd0qjsyzq6fd4mp5wg15pgsf0gkps437kmfy7b0pb5f8nk8hcbhg505zbcp51th6sf93peb3j8phz28af6verwwm9hfc09bvkdvcwcagmkab20r6j8nme8ba45jtrw9z9fyxr1b13qemgjyg1wfegzafq1ns1k6vchs652q5epn380fece01zeng6vy8rwbjhjbwgwyh983rep2j4nef43nk98zjdnv0ebacz8hw746y0p197h7v0ncxn17k9ak8g4zg941rw0e15mnyjtryta7v3f434zgkah2jm7gzgr2rmqwrr2xf5dbm858ssmjjnpa5kkm&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCIHsR8-K2Y5P_FMHptOUP0rWqkAWQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi01NzM4NzI1NzAzMjMyNjI2yAEJqQJsf92vI9CxPqgDAaoE4QFP0GuX9P0iz9pxeVwd_zn_0meJ8eJ2G0KZuV00v9ch_PIP9NR871MCzj3Gbz_iPsLcL70tra062-zyU2AGjcLfulWcKvAzThcAH-CBKF2bbP1i0khaw31gcNsMsj61s0OJWxYPRslpBZEK_cqJin5klimckWbk_RpdmFQ6_NO6P3RNoO-JL8vMmHuKDDIBYSihMAclFtuOeM-UBEQIK9PtQlhaPqPiCicBaUYJgBi5DYA4Hk917fdZXxJD4AkaBypOpCI4HBuwcH8AEz5_6pPMBKnqQc0urcjyRxpJWkeGf6SABry2mfOd_o_LMaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3XVxihL3xFKEnoRW-ee_TQF3p0yQ%26client%3Dca-pub-5738725703232626%26adurl%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 14:47:15 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime: 1670930538
age: 784800
cf-polished: origSize=91628
x-guploader-uploadid: ADPycduR5Ol9pg3grc4HAIdmrbMEndwceyBRaKPEzp4btA3cKENGM-ZcNqNRgrH_pFRA6eQ6LFPYNJBaKno_nvJ48NOr
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Tue, 13 Dec 2022 11:22:46 GMT
server: cloudflare
etag: W/"575def06e70febb0cbd25403e37880bf"
vary: Accept-Encoding
x-goog-generation: 1670930566724484
content-type: text/css
x-goog-hash: crc32c=ttlcew==, md5=V13vBucP67DL0lQD43iAvw==
cache-control: public, max-age=3600
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nLk%2FokaVKKXqT41jILYTjS39sdfH5t5LRZ1D2D49KwGKqG4Us0xhj2cTZF6dd8NXkIXjNhIFs9Hw0ET3o2n9s5EpKRKhFWV6lBRPMQVy6HF3neLVGC5WU8gP2nFyI1QhRXVsNYyX5VY%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 91628
cf-ray: 784d0213fdd69a0c-FRA
expires: Thu, 05 Jan 2023 15:47:15 GMT

GET
H2 200 r62eglto.js Show response
ad4m.at/ Frame 1010 35 KB
12 KB 37ms
23ms Script
application/javascript 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/r62eglto.js
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1jqpqrrq4e81330se65zw69yfvqg72h8vhmnpt43be0wr6hhczczb3q1nvp6057c603sc2zybpqypajy35yk1p24qz9tkgfb07vmdamy7ehmftbd0qjsyzq6fd4mp5wg15pgsf0gkps437kmfy7b0pb5f8nk8hcbhg505zbcp51th6sf93peb3j8phz28af6verwwm9hfc09bvkdvcwcagmkab20r6j8nme8ba45jtrw9z9fyxr1b13qemgjyg1wfegzafq1ns1k6vchs652q5epn380fece01zeng6vy8rwbjhjbwgwyh983rep2j4nef43nk98zjdnv0ebacz8hw746y0p197h7v0ncxn17k9ak8g4zg941rw0e15mnyjtryta7v3f434zgkah2jm7gzgr2rmqwrr2xf5dbm858ssmjjnpa5kkm&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCIHsR8-K2Y5P_FMHptOUP0rWqkAWQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi01NzM4NzI1NzAzMjMyNjI2yAEJqQJsf92vI9CxPqgDAaoE4QFP0GuX9P0iz9pxeVwd_zn_0meJ8eJ2G0KZuV00v9ch_PIP9NR871MCzj3Gbz_iPsLcL70tra062-zyU2AGjcLfulWcKvAzThcAH-CBKF2bbP1i0khaw31gcNsMsj61s0OJWxYPRslpBZEK_cqJin5klimckWbk_RpdmFQ6_NO6P3RNoO-JL8vMmHuKDDIBYSihMAclFtuOeM-UBEQIK9PtQlhaPqPiCicBaUYJgBi5DYA4Hk917fdZXxJD4AkaBypOpCI4HBuwcH8AEz5_6pPMBKnqQc0urcjyRxpJWkeGf6SABry2mfOd_o_LMaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3XVxihL3xFKEnoRW-ee_TQF3p0yQ%26client%3Dca-pub-5738725703232626%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9624c9f30634be84a224d007e5df178a51107bff3e456e2a90b504cbf350d190

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 14:47:15 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 22 Nov 2022 06:17:51 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 203343
etag: W/"49e3b0ffd5e74f27b691e89cf271d672"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=So5Ym%2FyGGRIZb7Mh3OseXvtrPj1K%2BDoeYCGFMFqfrHJyjCUXRvDqFalxRiMCL%2Bg0Iejn%2BpgewXVb6KM3u974gpzSqyDTrkOXEBLTTxWp43AXO7THSiAoTEkOfmxcykUz3Y8Di%2F8%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray: 784d0213dcb79a05-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Tue, 03 Jan 2023 06:18:12 GMT

GET
H2 200 adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame 1010 3 KB
4 KB 55ms
24ms Image
image/png 2606:4700:20::681a:71b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/style/0.1.27/one-ad/default.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:71b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 14:47:15 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 29834317
x-guploader-uploadid: ADPycdvwP-NwgXqNEbyI2qkcz3h5-Ehsvrbo1BzPr2w5R7YEx4A4494G82MbZGb67-CgTESrTtVZjLf5PX4N9CeItuw
x-goog-storage-class: STANDARD
x-goog-custom-time: 1970-01-01T00:00:00Z
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3262
x-goog-meta-
last-modified: Wed, 09 Jun 2021 12:35:14 GMT
server: cloudflare
etag: "794c84d30e213ec6a144d64215f07551"
vary: Accept-Encoding
x-goog-generation: 1623242114099744
content-type: image/png
x-goog-hash: crc32c=v7nNsg==, md5=eUyE0w4hPsahRNZCFfB1UQ==
cache-control: public, max-age=31536000, immutable
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IZp9F8CjkfB0vWR%2Fql6LKycF0iUEr6yxoCQo7CRxMuJD%2FDH1IJWrUqDivStDXGxerBfV36Gb5%2BwW%2B6mS%2Fhu6%2FfcWEKr9n6RyjgVLl1U8WyKlMPk24SCHDDWc4MAWwogIkq8WiyVevA4oUGYJD1dkJOf8"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 3262
accept-ranges: bytes
cf-ray: 784d0214795fbb77-FRA
expires: Wed, 25 Jan 2023 07:28:38 GMT

GET
H3 200 frame.html Show response
ad4m.at/ Frame 590B 2 KB
1 KB 51ms
51ms Document
text/html 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/frame.html
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 758520
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: public, max-age=3600
cf-cache-status: HIT
cf-ray: 784d02144e449a0c-FRA
content-encoding: br
content-language: en
content-type: text/html; charset=utf-8
date: Thu, 05 Jan 2023 14:47:15 GMT
expires: Sat, 26 Nov 2022 23:36:57 GMT
last-modified: Thu, 25 Aug 2022 14:12:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gRPsdsIt94qqA%2BhH7l6AMHc536yfDX%2BSyVdOp0cJ2Oit8uXGb%2BFKW4uXGgj6zUcSly%2BmuAiZJZ3k7TvD9vT0x%2BpjuEbhWvqEXP0tJLiRcZwhgCiH8UGTdHpjkMwVpqv0%2FdbqLgM%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

POST
H3 200 rs Show response
ad4m.at/ Frame 1010 1 KB
2 KB 119ms
118ms XHR
text/plain 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9300540176f6ba0fb9f47fcd35582b65621776b6a6d61f730d8f25ed966e39be

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 05 Jan 2023 14:47:16 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qR%2FFcTXYtxJqzOIeBG0jc937Is97eaS8rko7EiI6GBewV2CwYKUiAOajzWfT1Cit1ikFJJt6aompIeuOFcVu%2BxXeHIbFaArDDtLOL5g%2B063egS%2FuwTw43N4EdJMjeZbPVP6%2BMEI%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain
access-control-allow-origin: https://as.ad4m.at
access-control-allow-credentials: true
cf-ray: 784d02150cac6903-FRA
x-backend-server: aa-reachservice-group-europe-west1-3b3l
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

OPTIONS
H3 200 rs
ad4m.at/ Frame 0
0 56ms
45ms Preflight
text/plain 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://as.ad4m.at
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin: https://as.ad4m.at
access-control-max-age: 1800
allow: HEAD,POST,GET,OPTIONS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 784d0214cc206903-FRA
content-length: 24
content-type: text/plain
date: Thu, 05 Jan 2023 14:47:15 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OcxUtanWLIA94TwjTQVYF4ei2PG8T3xtZuP96%2BlIIfg2QonMGj0OjArSZSdR6uq2id3Vx3VNW%2FHSvRS%2F%2BbU%2BPoLckkYCRB2vtLSP3oKlxKrURBwNo80EROx%2B%2Fc1RbSQ5k5HG9Dg%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
via: 1.1 google
x-backend-server: aa-reachservice-group-europe-west1-tbx2

GET
H3 200 rar Show response
as.ad4m.at/ad/ Frame C74A 9 KB
4 KB 36ms
33ms Document
text/html 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/rar?a=197101%2C19491%2C14019&b=qGXsmf1WUJVA2uZHgHDtJtXXxaPTgTq4s3%2CR5Xfgf6QFX27TkHwH3tQtddAFwTzT7gs7%2CD8qh3fWwhbJ6t3HmH9t1tZDAhWTmTgbtV&f=R5Xfgf6QFGd2RfkHwH3tzCddDawTzT7gs7%2CQpKH4fdjUWX7axH5HYt9CZZrTDT4TzPFV%2Cd9DSEfPkH43WhEHjHwtqCbXQf3T4T1rUj&c=300&d=250&e=&g=adbb7573546cf134532c168b94ba7f8e%2F6057688883000960475&i=20774%2C20773%2C21596&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1672930036095&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hk2tkhcejxy32qq08g2zhyr2kaya8tdxm72rksrna1xxcbrq0ajkpd4t1ztdbfynq3satqheh9brx070mq6s67ma2jp7ydsatf2d1gaynbwg3613fw16cg3pzs9rbyf5steh2msejk2q1zydmm4q69vbbqps7edw2yffscnkc718vtkwd42x9vgzvsdz1vc2a40avme2me3megjpv4ztcxnga2k0xjaaezxj19g8skv2maadkw029zyggwhhsxa41kwb3t1dmk9pyd5a530%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCIHsR8-K2Y5P_FMHptOUP0rWqkAWQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi01NzM4NzI1NzAzMjMyNjI2yAEJqQJsf92vI9CxPqgDAaoE4QFP0GuX9P0iz9pxeVwd_zn_0meJ8eJ2G0KZuV00v9ch_PIP9NR871MCzj3Gbz_iPsLcL70tra062-zyU2AGjcLfulWcKvAzThcAH-CBKF2bbP1i0khaw31gcNsMsj61s0OJWxYPRslpBZEK_cqJin5klimckWbk_RpdmFQ6_NO6P3RNoO-JL8vMmHuKDDIBYSihMAclFtuOeM-UBEQIK9PtQlhaPqPiCicBaUYJgBi5DYA4Hk917fdZXxJD4AkaBypOpCI4HBuwcH8AEz5_6pPMBKnqQc0urcjyRxpJWkeGf6SABry2mfOd_o_LMaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3XVxihL3xFKEnoRW-ee_TQF3p0yQ%2526client%253Dca-pub-5738725703232626%2526adurl%253D&y=1&s=&z=0

Requested by

Host: ad4m.at
URL: https://ad4m.at/r62eglto.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

249ac04965257eb4483f422faa7da8f7807c5a2f9b33683dc8647bc11168c857

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-ancestors * data:;frame-src ;img-src data:;manifest-src 'none';media-src 'none';navigate-to ;object-src 'none';prefetch-src 'none';script-src 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://as.ad4m.at/ad/dr?ed=1jqpqrrq4e81330se65zw69yfvqg72h8vhmnpt43be0wr6hhczczb3q1nvp6057c603sc2zybpqypajy35yk1p24qz9tkgfb07vmdamy7ehmftbd0qjsyzq6fd4mp5wg15pgsf0gkps437kmfy7b0pb5f8nk8hcbhg505zbcp51th6sf93peb3j8phz28af6verwwm9hfc09bvkdvcwcagmkab20r6j8nme8ba45jtrw9z9fyxr1b13qemgjyg1wfegzafq1ns1k6vchs652q5epn380fece01zeng6vy8rwbjhjbwgwyh983rep2j4nef43nk98zjdnv0ebacz8hw746y0p197h7v0ncxn17k9ak8g4zg941rw0e15mnyjtryta7v3f434zgkah2jm7gzgr2rmqwrr2xf5dbm858ssmjjnpa5kkm&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCIHsR8-K2Y5P_FMHptOUP0rWqkAWQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi01NzM4NzI1NzAzMjMyNjI2yAEJqQJsf92vI9CxPqgDAaoE4QFP0GuX9P0iz9pxeVwd_zn_0meJ8eJ2G0KZuV00v9ch_PIP9NR871MCzj3Gbz_iPsLcL70tra062-zyU2AGjcLfulWcKvAzThcAH-CBKF2bbP1i0khaw31gcNsMsj61s0OJWxYPRslpBZEK_cqJin5klimckWbk_RpdmFQ6_NO6P3RNoO-JL8vMmHuKDDIBYSihMAclFtuOeM-UBEQIK9PtQlhaPqPiCicBaUYJgBi5DYA4Hk917fdZXxJD4AkaBypOpCI4HBuwcH8AEz5_6pPMBKnqQc0urcjyRxpJWkeGf6SABry2mfOd_o_LMaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3XVxihL3xFKEnoRW-ee_TQF3p0yQ%26client%3Dca-pub-5738725703232626%26adurl%3D
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 784d0215e8e79a0c-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Thu, 05 Jan 2023 14:47:16 GMT
expires: 0
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.27/one-ad/ Frame C74A 89 KB
11 KB 24ms
23ms Stylesheet
text/css 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.27/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197101%2C19491%2C14019&b=qGXsmf1WUJVA2uZHgHDtJtXXxaPTgTq4s3%2CR5Xfgf6QFX27TkHwH3tQtddAFwTzT7gs7%2CD8qh3fWwhbJ6t3HmH9t1tZDAhWTmTgbtV&f=R5Xfgf6QFGd2RfkHwH3tzCddDawTzT7gs7%2CQpKH4fdjUWX7axH5HYt9CZZrTDT4TzPFV%2Cd9DSEfPkH43WhEHjHwtqCbXQf3T4T1rUj&c=300&d=250&e=&g=adbb7573546cf134532c168b94ba7f8e%2F6057688883000960475&i=20774%2C20773%2C21596&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1672930036095&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hk2tkhcejxy32qq08g2zhyr2kaya8tdxm72rksrna1xxcbrq0ajkpd4t1ztdbfynq3satqheh9brx070mq6s67ma2jp7ydsatf2d1gaynbwg3613fw16cg3pzs9rbyf5steh2msejk2q1zydmm4q69vbbqps7edw2yffscnkc718vtkwd42x9vgzvsdz1vc2a40avme2me3megjpv4ztcxnga2k0xjaaezxj19g8skv2maadkw029zyggwhhsxa41kwb3t1dmk9pyd5a530%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCIHsR8-K2Y5P_FMHptOUP0rWqkAWQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi01NzM4NzI1NzAzMjMyNjI2yAEJqQJsf92vI9CxPqgDAaoE4QFP0GuX9P0iz9pxeVwd_zn_0meJ8eJ2G0KZuV00v9ch_PIP9NR871MCzj3Gbz_iPsLcL70tra062-zyU2AGjcLfulWcKvAzThcAH-CBKF2bbP1i0khaw31gcNsMsj61s0OJWxYPRslpBZEK_cqJin5klimckWbk_RpdmFQ6_NO6P3RNoO-JL8vMmHuKDDIBYSihMAclFtuOeM-UBEQIK9PtQlhaPqPiCicBaUYJgBi5DYA4Hk917fdZXxJD4AkaBypOpCI4HBuwcH8AEz5_6pPMBKnqQc0urcjyRxpJWkeGf6SABry2mfOd_o_LMaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3XVxihL3xFKEnoRW-ee_TQF3p0yQ%2526client%253Dca-pub-5738725703232626%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4ab995345cf38f3951bc840ab2c0d043269e700e59f1c6d6cb7fb8946268b358

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/rar?a=197101%2C19491%2C14019&b=qGXsmf1WUJVA2uZHgHDtJtXXxaPTgTq4s3%2CR5Xfgf6QFX27TkHwH3tQtddAFwTzT7gs7%2CD8qh3fWwhbJ6t3HmH9t1tZDAhWTmTgbtV&f=R5Xfgf6QFGd2RfkHwH3tzCddDawTzT7gs7%2CQpKH4fdjUWX7axH5HYt9CZZrTDT4TzPFV%2Cd9DSEfPkH43WhEHjHwtqCbXQf3T4T1rUj&c=300&d=250&e=&g=adbb7573546cf134532c168b94ba7f8e%2F6057688883000960475&i=20774%2C20773%2C21596&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1672930036095&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hk2tkhcejxy32qq08g2zhyr2kaya8tdxm72rksrna1xxcbrq0ajkpd4t1ztdbfynq3satqheh9brx070mq6s67ma2jp7ydsatf2d1gaynbwg3613fw16cg3pzs9rbyf5steh2msejk2q1zydmm4q69vbbqps7edw2yffscnkc718vtkwd42x9vgzvsdz1vc2a40avme2me3megjpv4ztcxnga2k0xjaaezxj19g8skv2maadkw029zyggwhhsxa41kwb3t1dmk9pyd5a530%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCIHsR8-K2Y5P_FMHptOUP0rWqkAWQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi01NzM4NzI1NzAzMjMyNjI2yAEJqQJsf92vI9CxPqgDAaoE4QFP0GuX9P0iz9pxeVwd_zn_0meJ8eJ2G0KZuV00v9ch_PIP9NR871MCzj3Gbz_iPsLcL70tra062-zyU2AGjcLfulWcKvAzThcAH-CBKF2bbP1i0khaw31gcNsMsj61s0OJWxYPRslpBZEK_cqJin5klimckWbk_RpdmFQ6_NO6P3RNoO-JL8vMmHuKDDIBYSihMAclFtuOeM-UBEQIK9PtQlhaPqPiCicBaUYJgBi5DYA4Hk917fdZXxJD4AkaBypOpCI4HBuwcH8AEz5_6pPMBKnqQc0urcjyRxpJWkeGf6SABry2mfOd_o_LMaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3XVxihL3xFKEnoRW-ee_TQF3p0yQ%2526client%253Dca-pub-5738725703232626%2526adurl%253D&y=1&s=&z=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 14:47:16 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime: 1670930538
age: 784801
cf-polished: origSize=91628
x-guploader-uploadid: ADPycduR5Ol9pg3grc4HAIdmrbMEndwceyBRaKPEzp4btA3cKENGM-ZcNqNRgrH_pFRA6eQ6LFPYNJBaKno_nvJ48NOr
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Tue, 13 Dec 2022 11:22:46 GMT
server: cloudflare
etag: W/"575def06e70febb0cbd25403e37880bf"
vary: Accept-Encoding
x-goog-generation: 1670930566724484
content-type: text/css
x-goog-hash: crc32c=ttlcew==, md5=V13vBucP67DL0lQD43iAvw==
cache-control: public, max-age=3600
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MTNc3YnJpEDrdfD6fJHosnz%2BGho1WMHphdPzI0kYfeRHxDxjLrZ9HewaZ4bsDBEjKIkenwE%2FLlnQuXDf0v3DqHkYNQoOFF8E2lmlSPsxTNfkvs4ntivO8troFqX%2B3hnFXYW3aG3Qi%2FI%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 91628
cf-ray: 784d021649819a0c-FRA
expires: Thu, 05 Jan 2023 15:47:16 GMT

GET
H2 200 D694B3AB12381C049B127B34DC11A792684BA8B6EE8B598D6E4045678591B7D0DC6B2CEF7528F06BB05FC11826A1D16CF24DA68FCFC2416343996FBFC05A3155
assets.ad4m.at/logo/ Frame C74A 53 KB
54 KB 66ms
51ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/D694B3AB12381C049B127B34DC11A792684BA8B6EE8B598D6E4045678591B7D0DC6B2CEF7528F06BB05FC11826A1D16CF24DA68FCFC2416343996FBFC05A3155
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197101%2C19491%2C14019&b=qGXsmf1WUJVA2uZHgHDtJtXXxaPTgTq4s3%2CR5Xfgf6QFX27TkHwH3tQtddAFwTzT7gs7%2CD8qh3fWwhbJ6t3HmH9t1tZDAhWTmTgbtV&f=R5Xfgf6QFGd2RfkHwH3tzCddDawTzT7gs7%2CQpKH4fdjUWX7axH5HYt9CZZrTDT4TzPFV%2Cd9DSEfPkH43WhEHjHwtqCbXQf3T4T1rUj&c=300&d=250&e=&g=adbb7573546cf134532c168b94ba7f8e%2F6057688883000960475&i=20774%2C20773%2C21596&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1672930036095&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hk2tkhcejxy32qq08g2zhyr2kaya8tdxm72rksrna1xxcbrq0ajkpd4t1ztdbfynq3satqheh9brx070mq6s67ma2jp7ydsatf2d1gaynbwg3613fw16cg3pzs9rbyf5steh2msejk2q1zydmm4q69vbbqps7edw2yffscnkc718vtkwd42x9vgzvsdz1vc2a40avme2me3megjpv4ztcxnga2k0xjaaezxj19g8skv2maadkw029zyggwhhsxa41kwb3t1dmk9pyd5a530%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCIHsR8-K2Y5P_FMHptOUP0rWqkAWQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi01NzM4NzI1NzAzMjMyNjI2yAEJqQJsf92vI9CxPqgDAaoE4QFP0GuX9P0iz9pxeVwd_zn_0meJ8eJ2G0KZuV00v9ch_PIP9NR871MCzj3Gbz_iPsLcL70tra062-zyU2AGjcLfulWcKvAzThcAH-CBKF2bbP1i0khaw31gcNsMsj61s0OJWxYPRslpBZEK_cqJin5klimckWbk_RpdmFQ6_NO6P3RNoO-JL8vMmHuKDDIBYSihMAclFtuOeM-UBEQIK9PtQlhaPqPiCicBaUYJgBi5DYA4Hk917fdZXxJD4AkaBypOpCI4HBuwcH8AEz5_6pPMBKnqQc0urcjyRxpJWkeGf6SABry2mfOd_o_LMaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3XVxihL3xFKEnoRW-ee_TQF3p0yQ%2526client%253Dca-pub-5738725703232626%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f7cdf71044448cb736733f5163fff96081d51ba4101567d61d22ee5998a7a399

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 14:47:16 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1905880
cf-polished: origFmt=png, origSize=115129
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 54564
cf-bgj: imgq:85,h2pri
last-modified: Tue, 09 Feb 2021 15:11:24 GMT
server: cloudflare
etag: "0a277d59efca0369a6983645e273659e"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cLJlso%2Fx4G%2FkCnSqhoSagC6DmfCsfzL23UDepVvLBOWyivSOX%2FhmXL8xIcAVSSsRgMThHGtq%2Fiw3tMQOyRP%2FNFRd9tr6FkSYHYHTNgLTEtE%2BLNCRAk2bTrQmEc0RjAeS4AC2YEalsqd6FXpy"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 784d021668c49a05-FRA
expires: Fri, 06 Jan 2023 14:47:16 GMT

GET
H2 200 3778CF797E3A529087D97C23A5BCA9FADE012AB01E21FB1929557E8BD70A789A1F44E5D867099979B17313F69D44515CF12B8C937634907539AB1C54C4F5334B
assets.ad4m.at/product_image/ Frame C74A 11 KB
11 KB 26ms
17ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/3778CF797E3A529087D97C23A5BCA9FADE012AB01E21FB1929557E8BD70A789A1F44E5D867099979B17313F69D44515CF12B8C937634907539AB1C54C4F5334B
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197101%2C19491%2C14019&b=qGXsmf1WUJVA2uZHgHDtJtXXxaPTgTq4s3%2CR5Xfgf6QFX27TkHwH3tQtddAFwTzT7gs7%2CD8qh3fWwhbJ6t3HmH9t1tZDAhWTmTgbtV&f=R5Xfgf6QFGd2RfkHwH3tzCddDawTzT7gs7%2CQpKH4fdjUWX7axH5HYt9CZZrTDT4TzPFV%2Cd9DSEfPkH43WhEHjHwtqCbXQf3T4T1rUj&c=300&d=250&e=&g=adbb7573546cf134532c168b94ba7f8e%2F6057688883000960475&i=20774%2C20773%2C21596&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1672930036095&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hk2tkhcejxy32qq08g2zhyr2kaya8tdxm72rksrna1xxcbrq0ajkpd4t1ztdbfynq3satqheh9brx070mq6s67ma2jp7ydsatf2d1gaynbwg3613fw16cg3pzs9rbyf5steh2msejk2q1zydmm4q69vbbqps7edw2yffscnkc718vtkwd42x9vgzvsdz1vc2a40avme2me3megjpv4ztcxnga2k0xjaaezxj19g8skv2maadkw029zyggwhhsxa41kwb3t1dmk9pyd5a530%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCIHsR8-K2Y5P_FMHptOUP0rWqkAWQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi01NzM4NzI1NzAzMjMyNjI2yAEJqQJsf92vI9CxPqgDAaoE4QFP0GuX9P0iz9pxeVwd_zn_0meJ8eJ2G0KZuV00v9ch_PIP9NR871MCzj3Gbz_iPsLcL70tra062-zyU2AGjcLfulWcKvAzThcAH-CBKF2bbP1i0khaw31gcNsMsj61s0OJWxYPRslpBZEK_cqJin5klimckWbk_RpdmFQ6_NO6P3RNoO-JL8vMmHuKDDIBYSihMAclFtuOeM-UBEQIK9PtQlhaPqPiCicBaUYJgBi5DYA4Hk917fdZXxJD4AkaBypOpCI4HBuwcH8AEz5_6pPMBKnqQc0urcjyRxpJWkeGf6SABry2mfOd_o_LMaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3XVxihL3xFKEnoRW-ee_TQF3p0yQ%2526client%253Dca-pub-5738725703232626%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0fc6327e965679b41a818cf88fdaf0b16e586c0ac03bc72d49c4f47e2ed02336

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 14:47:16 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 487370
cf-polished: qual=85, origFmt=jpeg, origSize=46259
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 10888
cf-bgj: imgq:85,h2pri
last-modified: Wed, 16 Nov 2022 16:09:44 GMT
server: cloudflare
etag: "b2cf554576629d98986c459034c76d1a"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rgmFcxD%2B%2FuOJQ13a7UdAMOfZfflpmrPJHxqJFsCZhVEt5nMCKb%2BklB9n5m0X8MkMFi0zoK1FtiwhRksYeGljZIjgEmTMSVauvmlvvZno7zxZJuDgsXdEeTaBGmi5tEJogSYi39Cu3LcMqthY"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 784d021668c29a05-FRA
expires: Fri, 06 Jan 2023 14:47:16 GMT

GET
H/1.1

200
OK

/
partner.o2online.de/a/ Frame C74A
Redirect Chain

https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_t...
https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_pre=CKnZsYTWsPwCFUrluwgd1egJWQ;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=...
https://www.telefonica-partner.de/tpv.php?t=117703V1226132702M&subid=reach_SUBIDTEST_view
https://www.lead-alliance.net/tpv.php?t=117703V1226132702M&subid=reach_SUBIDTEST_view
https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117703&s_id=2023010515471680141686369X117703V1226132702MSreach_SUBIDTEST_view&gdpr_consent=&gdpr=0&cons=0&spid=202...

49 B
1 KB

105ms
21ms

Image
image/gif

78.46.85.162
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117703&s_id=2023010515471680141686369X117703V1226132702MSreach_SUBIDTEST_view&gdpr_consent=&gdpr=0&cons=0&spid=2023010515471680141686369X117703V1226132702MSreach_SUBIDTEST_view&wfid=117703&partnerid=12218
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197101%2C19491%2C14019&b=qGXsmf1WUJVA2uZHgHDtJtXXxaPTgTq4s3%2CR5Xfgf6QFX27TkHwH3tQtddAFwTzT7gs7%2CD8qh3fWwhbJ6t3HmH9t1tZDAhWTmTgbtV&f=R5Xfgf6QFGd2RfkHwH3tzCddDawTzT7gs7%2CQpKH4fdjUWX7axH5HYt9CZZrTDT4TzPFV%2Cd9DSEfPkH43WhEHjHwtqCbXQf3T4T1rUj&c=300&d=250&e=&g=adbb7573546cf134532c168b94ba7f8e%2F6057688883000960475&i=20774%2C20773%2C21596&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1672930036095&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hk2tkhcejxy32qq08g2zhyr2kaya8tdxm72rksrna1xxcbrq0ajkpd4t1ztdbfynq3satqheh9brx070mq6s67ma2jp7ydsatf2d1gaynbwg3613fw16cg3pzs9rbyf5steh2msejk2q1zydmm4q69vbbqps7edw2yffscnkc718vtkwd42x9vgzvsdz1vc2a40avme2me3megjpv4ztcxnga2k0xjaaezxj19g8skv2maadkw029zyggwhhsxa41kwb3t1dmk9pyd5a530%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCIHsR8-K2Y5P_FMHptOUP0rWqkAWQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi01NzM4NzI1NzAzMjMyNjI2yAEJqQJsf92vI9CxPqgDAaoE4QFP0GuX9P0iz9pxeVwd_zn_0meJ8eJ2G0KZuV00v9ch_PIP9NR871MCzj3Gbz_iPsLcL70tra062-zyU2AGjcLfulWcKvAzThcAH-CBKF2bbP1i0khaw31gcNsMsj61s0OJWxYPRslpBZEK_cqJin5klimckWbk_RpdmFQ6_NO6P3RNoO-JL8vMmHuKDDIBYSihMAclFtuOeM-UBEQIK9PtQlhaPqPiCicBaUYJgBi5DYA4Hk917fdZXxJD4AkaBypOpCI4HBuwcH8AEz5_6pPMBKnqQc0urcjyRxpJWkeGf6SABry2mfOd_o_LMaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3XVxihL3xFKEnoRW-ee_TQF3p0yQ%2526client%253Dca-pub-5738725703232626%2526adurl%253D&y=1&s=&z=0
Protocol: HTTP/1.1
Server: 78.46.85.162 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: nonstopads1.sunbonet.de
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Thu, 05 Jan 2023 14:47:16 GMT
X-NODEIP: 78.46.85.162
Server: nginx/1.10.3 (Ubuntu)
RM-PrivacyPolicy: https://www.nonstoppartner.net/
Content-Type: image/gif
P3P: policyref="https://a.nonstoppartner.net/w3c/p3p.a.xml", CP="NOI CUR OUR STP"
Connection: keep-alive
Keep-Alive: timeout=10
Content-Length: 49

Redirect headers

location: https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117703&s_id=2023010515471680141686369X117703V1226132702MSreach_SUBIDTEST_view&gdpr_consent=&gdpr=0&cons=0&spid=2023010515471680141686369X117703V1226132702MSreach_SUBIDTEST_view&wfid=117703&partnerid=12218
date: Thu, 05 Jan 2023 14:47:16 GMT
x-content-type-options: nosniff
server: nginx
x-xss-protection: 1; mode=block
content-type: text/html; charset=UTF-8

GET
H2 200 DF9A32151D42BCC835EC0C9BE62CF0094313EE46FD4E5D3DC0F1217B7F8F1AD49F0F4DDF5D50AE1511A12D11F97A6BCA3DF8CE9D056CE7A3DC11AF6ED1255D71
assets.ad4m.at/logo/ Frame C74A 9 KB
9 KB 35ms
26ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/DF9A32151D42BCC835EC0C9BE62CF0094313EE46FD4E5D3DC0F1217B7F8F1AD49F0F4DDF5D50AE1511A12D11F97A6BCA3DF8CE9D056CE7A3DC11AF6ED1255D71
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197101%2C19491%2C14019&b=qGXsmf1WUJVA2uZHgHDtJtXXxaPTgTq4s3%2CR5Xfgf6QFX27TkHwH3tQtddAFwTzT7gs7%2CD8qh3fWwhbJ6t3HmH9t1tZDAhWTmTgbtV&f=R5Xfgf6QFGd2RfkHwH3tzCddDawTzT7gs7%2CQpKH4fdjUWX7axH5HYt9CZZrTDT4TzPFV%2Cd9DSEfPkH43WhEHjHwtqCbXQf3T4T1rUj&c=300&d=250&e=&g=adbb7573546cf134532c168b94ba7f8e%2F6057688883000960475&i=20774%2C20773%2C21596&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1672930036095&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hk2tkhcejxy32qq08g2zhyr2kaya8tdxm72rksrna1xxcbrq0ajkpd4t1ztdbfynq3satqheh9brx070mq6s67ma2jp7ydsatf2d1gaynbwg3613fw16cg3pzs9rbyf5steh2msejk2q1zydmm4q69vbbqps7edw2yffscnkc718vtkwd42x9vgzvsdz1vc2a40avme2me3megjpv4ztcxnga2k0xjaaezxj19g8skv2maadkw029zyggwhhsxa41kwb3t1dmk9pyd5a530%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCIHsR8-K2Y5P_FMHptOUP0rWqkAWQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi01NzM4NzI1NzAzMjMyNjI2yAEJqQJsf92vI9CxPqgDAaoE4QFP0GuX9P0iz9pxeVwd_zn_0meJ8eJ2G0KZuV00v9ch_PIP9NR871MCzj3Gbz_iPsLcL70tra062-zyU2AGjcLfulWcKvAzThcAH-CBKF2bbP1i0khaw31gcNsMsj61s0OJWxYPRslpBZEK_cqJin5klimckWbk_RpdmFQ6_NO6P3RNoO-JL8vMmHuKDDIBYSihMAclFtuOeM-UBEQIK9PtQlhaPqPiCicBaUYJgBi5DYA4Hk917fdZXxJD4AkaBypOpCI4HBuwcH8AEz5_6pPMBKnqQc0urcjyRxpJWkeGf6SABry2mfOd_o_LMaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3XVxihL3xFKEnoRW-ee_TQF3p0yQ%2526client%253Dca-pub-5738725703232626%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5eeedf9055f9efab9127642b4c44135be9f404caa7ce08e51a5ea734dfd28828

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 14:47:16 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1702401
cf-polished: origFmt=png, origSize=24833
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 9258
cf-bgj: imgq:85,h2pri
last-modified: Tue, 09 Feb 2021 15:11:57 GMT
server: cloudflare
etag: "174bb0dc35647e204b09aa120965604a"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FOV6Ov0jkGAU%2BSC9K7%2B90lFlFKlFUpDQhDbQv5aCH9%2Fi0e5zj96nA6KcLdB2F6D%2Br2GyY49yhh7MulccUrFO7vv%2BfiS4IluTXu4K4X1JcQhsIa8MdLfZcTG%2F8%2FdOSobeZmZuSOu7YX6Ro%2Fr1"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 784d021668c19a05-FRA
expires: Fri, 06 Jan 2023 14:47:16 GMT

GET
H2 200 FDA524315CF1A84E9D46619FD10F0264DD2260394DD71198EE8FEC75572B31C1B960B5E4A647F88B6C04B0DBC247510EFFF5F03328E33405460FFEDC3D0CE020
assets.ad4m.at/product_image/ Frame C74A 20 KB
20 KB 34ms
25ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/FDA524315CF1A84E9D46619FD10F0264DD2260394DD71198EE8FEC75572B31C1B960B5E4A647F88B6C04B0DBC247510EFFF5F03328E33405460FFEDC3D0CE020
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197101%2C19491%2C14019&b=qGXsmf1WUJVA2uZHgHDtJtXXxaPTgTq4s3%2CR5Xfgf6QFX27TkHwH3tQtddAFwTzT7gs7%2CD8qh3fWwhbJ6t3HmH9t1tZDAhWTmTgbtV&f=R5Xfgf6QFGd2RfkHwH3tzCddDawTzT7gs7%2CQpKH4fdjUWX7axH5HYt9CZZrTDT4TzPFV%2Cd9DSEfPkH43WhEHjHwtqCbXQf3T4T1rUj&c=300&d=250&e=&g=adbb7573546cf134532c168b94ba7f8e%2F6057688883000960475&i=20774%2C20773%2C21596&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1672930036095&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hk2tkhcejxy32qq08g2zhyr2kaya8tdxm72rksrna1xxcbrq0ajkpd4t1ztdbfynq3satqheh9brx070mq6s67ma2jp7ydsatf2d1gaynbwg3613fw16cg3pzs9rbyf5steh2msejk2q1zydmm4q69vbbqps7edw2yffscnkc718vtkwd42x9vgzvsdz1vc2a40avme2me3megjpv4ztcxnga2k0xjaaezxj19g8skv2maadkw029zyggwhhsxa41kwb3t1dmk9pyd5a530%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCIHsR8-K2Y5P_FMHptOUP0rWqkAWQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi01NzM4NzI1NzAzMjMyNjI2yAEJqQJsf92vI9CxPqgDAaoE4QFP0GuX9P0iz9pxeVwd_zn_0meJ8eJ2G0KZuV00v9ch_PIP9NR871MCzj3Gbz_iPsLcL70tra062-zyU2AGjcLfulWcKvAzThcAH-CBKF2bbP1i0khaw31gcNsMsj61s0OJWxYPRslpBZEK_cqJin5klimckWbk_RpdmFQ6_NO6P3RNoO-JL8vMmHuKDDIBYSihMAclFtuOeM-UBEQIK9PtQlhaPqPiCicBaUYJgBi5DYA4Hk917fdZXxJD4AkaBypOpCI4HBuwcH8AEz5_6pPMBKnqQc0urcjyRxpJWkeGf6SABry2mfOd_o_LMaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3XVxihL3xFKEnoRW-ee_TQF3p0yQ%2526client%253Dca-pub-5738725703232626%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6b094a140ea1c9e6edece62a54ab0d4fb5a600ba71495dc8835a12621e49204e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 14:47:16 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1633165
cf-polished: qual=85, origFmt=jpeg, origSize=85977
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 20094
cf-bgj: imgq:85,h2pri
last-modified: Wed, 16 Nov 2022 16:32:10 GMT
server: cloudflare
etag: "115bea0885590f780802fd14548a1cde"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MVucWZj9Gmn8zMuKGvNPj%2FGFUje9p4BJR46T0OdQsd3ozNbaq%2BJb55%2FlNXsSOENOQHGObIN7Fqc6brviAgHXOGPewslFZF%2Fv67IxYkkJkpJ72h77USzm8imT%2BUm7AzdhBflI%2Fmr04QExm9ES"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 784d021668bf9a05-FRA
expires: Fri, 06 Jan 2023 14:47:16 GMT

GET
H/1.1

200
OK

/
partner.blau.de/a/ Frame C74A
Redirect Chain

https://ad.doubleclick.net/ddm/trackimp/N773418.3163536BLAU_AFFILIATE/B25532621.345088000;dc_trk_aid=536454876;dc_trk_cid=177082088;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed...
https://ad.doubleclick.net/ddm/trackimp/N773418.3163536BLAU_AFFILIATE/B25532621.345088000;dc_pre=CN_gsYTWsPwCFd2XdwodYEUPTA;dc_trk_aid=536454876;dc_trk_cid=177082088;ord=%7B%7Btimestamp%7D%7D;dc_la...
https://www.telefonica-partner.de/tpv.php?t=113752V1225131106M&subid=viewoneidR5Xfgf6QFX27TkHwH3tQtddAFwTzT7gs7oneid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&gdpr_pd=0
https://www.lead-alliance.net/tpv.php?t=113752V1225131106M&subid=viewoneidR5Xfgf6QFX27TkHwH3tQtddAFwTzT7gs7oneid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&gdpr_pd=0
https://partner.blau.de/a/?i=pview&client=blau&camp=pview&l=de&nw=lea1&affiliate=113752&s_id=2023010515471680141686367X113752V1225131106MSviewoneidR5Xfgf6QFX27TkHwH3tQtddAFwTzT7gs7oneid__suite_Netm...

49 B
1 KB

70ms
24ms

Image
image/gif

46.4.62.19
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://partner.blau.de/a/?i=pview&client=blau&camp=pview&l=de&nw=lea1&affiliate=113752&s_id=2023010515471680141686367X113752V1225131106MSviewoneidR5Xfgf6QFX27TkHwH3tQtddAFwTzT7gs7oneid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&cons=0
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197101%2C19491%2C14019&b=qGXsmf1WUJVA2uZHgHDtJtXXxaPTgTq4s3%2CR5Xfgf6QFX27TkHwH3tQtddAFwTzT7gs7%2CD8qh3fWwhbJ6t3HmH9t1tZDAhWTmTgbtV&f=R5Xfgf6QFGd2RfkHwH3tzCddDawTzT7gs7%2CQpKH4fdjUWX7axH5HYt9CZZrTDT4TzPFV%2Cd9DSEfPkH43WhEHjHwtqCbXQf3T4T1rUj&c=300&d=250&e=&g=adbb7573546cf134532c168b94ba7f8e%2F6057688883000960475&i=20774%2C20773%2C21596&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1672930036095&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hk2tkhcejxy32qq08g2zhyr2kaya8tdxm72rksrna1xxcbrq0ajkpd4t1ztdbfynq3satqheh9brx070mq6s67ma2jp7ydsatf2d1gaynbwg3613fw16cg3pzs9rbyf5steh2msejk2q1zydmm4q69vbbqps7edw2yffscnkc718vtkwd42x9vgzvsdz1vc2a40avme2me3megjpv4ztcxnga2k0xjaaezxj19g8skv2maadkw029zyggwhhsxa41kwb3t1dmk9pyd5a530%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCIHsR8-K2Y5P_FMHptOUP0rWqkAWQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi01NzM4NzI1NzAzMjMyNjI2yAEJqQJsf92vI9CxPqgDAaoE4QFP0GuX9P0iz9pxeVwd_zn_0meJ8eJ2G0KZuV00v9ch_PIP9NR871MCzj3Gbz_iPsLcL70tra062-zyU2AGjcLfulWcKvAzThcAH-CBKF2bbP1i0khaw31gcNsMsj61s0OJWxYPRslpBZEK_cqJin5klimckWbk_RpdmFQ6_NO6P3RNoO-JL8vMmHuKDDIBYSihMAclFtuOeM-UBEQIK9PtQlhaPqPiCicBaUYJgBi5DYA4Hk917fdZXxJD4AkaBypOpCI4HBuwcH8AEz5_6pPMBKnqQc0urcjyRxpJWkeGf6SABry2mfOd_o_LMaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3XVxihL3xFKEnoRW-ee_TQF3p0yQ%2526client%253Dca-pub-5738725703232626%2526adurl%253D&y=1&s=&z=0
Protocol: HTTP/1.1
Server: 46.4.62.19 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: nonstopads4.sunbonet.de
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Thu, 05 Jan 2023 14:47:16 GMT
X-NODEIP: 46.4.62.19
Server: nginx/1.10.3 (Ubuntu)
RM-PrivacyPolicy: https://www.nonstoppartner.net/
Content-Type: image/gif
P3P: policyref="https://a.nonstoppartner.net/w3c/p3p.a.xml", CP="NOI CUR OUR STP"
Connection: keep-alive
Keep-Alive: timeout=10
Content-Length: 49

Redirect headers

location: https://partner.blau.de/a/?i=pview&client=blau&camp=pview&l=de&nw=lea1&affiliate=113752&s_id=2023010515471680141686367X113752V1225131106MSviewoneidR5Xfgf6QFX27TkHwH3tQtddAFwTzT7gs7oneid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&cons=0
date: Thu, 05 Jan 2023 14:47:16 GMT
x-content-type-options: nosniff
server: nginx
x-xss-protection: 1; mode=block
content-type: text/html; charset=UTF-8

GET
H2 200 CE11F4A269236C0AF074ADB7F1ADA1F8C472CD7AC3290EFBF4A7DADA0100B8792254D4F2CF871D3311E6317269487774B650CDD0B207BED389DBEA35CD2DBC8F
assets.ad4m.at/logo/ Frame C74A 16 KB
16 KB 34ms
26ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/CE11F4A269236C0AF074ADB7F1ADA1F8C472CD7AC3290EFBF4A7DADA0100B8792254D4F2CF871D3311E6317269487774B650CDD0B207BED389DBEA35CD2DBC8F
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197101%2C19491%2C14019&b=qGXsmf1WUJVA2uZHgHDtJtXXxaPTgTq4s3%2CR5Xfgf6QFX27TkHwH3tQtddAFwTzT7gs7%2CD8qh3fWwhbJ6t3HmH9t1tZDAhWTmTgbtV&f=R5Xfgf6QFGd2RfkHwH3tzCddDawTzT7gs7%2CQpKH4fdjUWX7axH5HYt9CZZrTDT4TzPFV%2Cd9DSEfPkH43WhEHjHwtqCbXQf3T4T1rUj&c=300&d=250&e=&g=adbb7573546cf134532c168b94ba7f8e%2F6057688883000960475&i=20774%2C20773%2C21596&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1672930036095&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hk2tkhcejxy32qq08g2zhyr2kaya8tdxm72rksrna1xxcbrq0ajkpd4t1ztdbfynq3satqheh9brx070mq6s67ma2jp7ydsatf2d1gaynbwg3613fw16cg3pzs9rbyf5steh2msejk2q1zydmm4q69vbbqps7edw2yffscnkc718vtkwd42x9vgzvsdz1vc2a40avme2me3megjpv4ztcxnga2k0xjaaezxj19g8skv2maadkw029zyggwhhsxa41kwb3t1dmk9pyd5a530%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCIHsR8-K2Y5P_FMHptOUP0rWqkAWQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi01NzM4NzI1NzAzMjMyNjI2yAEJqQJsf92vI9CxPqgDAaoE4QFP0GuX9P0iz9pxeVwd_zn_0meJ8eJ2G0KZuV00v9ch_PIP9NR871MCzj3Gbz_iPsLcL70tra062-zyU2AGjcLfulWcKvAzThcAH-CBKF2bbP1i0khaw31gcNsMsj61s0OJWxYPRslpBZEK_cqJin5klimckWbk_RpdmFQ6_NO6P3RNoO-JL8vMmHuKDDIBYSihMAclFtuOeM-UBEQIK9PtQlhaPqPiCicBaUYJgBi5DYA4Hk917fdZXxJD4AkaBypOpCI4HBuwcH8AEz5_6pPMBKnqQc0urcjyRxpJWkeGf6SABry2mfOd_o_LMaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3XVxihL3xFKEnoRW-ee_TQF3p0yQ%2526client%253Dca-pub-5738725703232626%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e07d58c68b83a3c283f75063f562aadc164ebb7cf068ffaef89bdde5011c3da8

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 14:47:16 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1273464
cf-polished: origFmt=png, origSize=39979
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 15996
cf-bgj: imgq:85,h2pri
last-modified: Wed, 22 Jan 2020 13:07:55 GMT
server: cloudflare
etag: "ad9334664514d900a0c3b76d17ca960f"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Fwg3aYEPiE38gtFum9IVza3aKGOjNUn8XPeRk8Z27d%2F5CqOoqHcVkO70GcJGy0%2FOKVdzdOJsRV6gzRJqgjhqzht8h7FA9kn2ehk2trleO5xojqJSFVxqSvdDm1Pzu76A0DTwDSUQhEOldH9n"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 784d021668c59a05-FRA
expires: Fri, 06 Jan 2023 14:47:16 GMT

GET
H2 200 EC9093D4AF3799CF781B1E590A25D192F3BFBB8EF4C33117758FB5ADF524B34A287AF80FDD08D80A46541DEAE1FFA692B6F4CA688E7C199182253AEB01A2863C
assets.ad4m.at/product_image/ Frame C74A 222 KB
222 KB 26ms
18ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/EC9093D4AF3799CF781B1E590A25D192F3BFBB8EF4C33117758FB5ADF524B34A287AF80FDD08D80A46541DEAE1FFA692B6F4CA688E7C199182253AEB01A2863C
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197101%2C19491%2C14019&b=qGXsmf1WUJVA2uZHgHDtJtXXxaPTgTq4s3%2CR5Xfgf6QFX27TkHwH3tQtddAFwTzT7gs7%2CD8qh3fWwhbJ6t3HmH9t1tZDAhWTmTgbtV&f=R5Xfgf6QFGd2RfkHwH3tzCddDawTzT7gs7%2CQpKH4fdjUWX7axH5HYt9CZZrTDT4TzPFV%2Cd9DSEfPkH43WhEHjHwtqCbXQf3T4T1rUj&c=300&d=250&e=&g=adbb7573546cf134532c168b94ba7f8e%2F6057688883000960475&i=20774%2C20773%2C21596&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1672930036095&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hk2tkhcejxy32qq08g2zhyr2kaya8tdxm72rksrna1xxcbrq0ajkpd4t1ztdbfynq3satqheh9brx070mq6s67ma2jp7ydsatf2d1gaynbwg3613fw16cg3pzs9rbyf5steh2msejk2q1zydmm4q69vbbqps7edw2yffscnkc718vtkwd42x9vgzvsdz1vc2a40avme2me3megjpv4ztcxnga2k0xjaaezxj19g8skv2maadkw029zyggwhhsxa41kwb3t1dmk9pyd5a530%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCIHsR8-K2Y5P_FMHptOUP0rWqkAWQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi01NzM4NzI1NzAzMjMyNjI2yAEJqQJsf92vI9CxPqgDAaoE4QFP0GuX9P0iz9pxeVwd_zn_0meJ8eJ2G0KZuV00v9ch_PIP9NR871MCzj3Gbz_iPsLcL70tra062-zyU2AGjcLfulWcKvAzThcAH-CBKF2bbP1i0khaw31gcNsMsj61s0OJWxYPRslpBZEK_cqJin5klimckWbk_RpdmFQ6_NO6P3RNoO-JL8vMmHuKDDIBYSihMAclFtuOeM-UBEQIK9PtQlhaPqPiCicBaUYJgBi5DYA4Hk917fdZXxJD4AkaBypOpCI4HBuwcH8AEz5_6pPMBKnqQc0urcjyRxpJWkeGf6SABry2mfOd_o_LMaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3XVxihL3xFKEnoRW-ee_TQF3p0yQ%2526client%253Dca-pub-5738725703232626%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 41b9b9d488e3a57902a671111dd089363c2f7d3a41ec3177f196abbb7cbac078

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 14:47:16 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1269329
cf-polished: origFmt=png, origSize=342797
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 226916
cf-bgj: imgq:85,h2pri
last-modified: Wed, 15 Jun 2022 14:01:11 GMT
server: cloudflare
etag: "82c7de0f42ff55fdd0acc07731664031"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=swRTp2h1dvwOf6jBGLHwrtMMAKIOG8BcFjWMoLM%2Ft6C7lkoLEv35eT8dGBy2x%2FmStla8Ouas2K%2BNdcyre5Y3nQ5O%2FHLhR21%2Bpwj7WOvSC1N8yzOSCvoQr9Z9VTtlNp5y1ATi4npZ7cBew8V2"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 784d021668bd9a05-FRA
expires: Fri, 06 Jan 2023 14:47:16 GMT

GET
H2

200

ztpv.php
www.conrad.de/ Frame C74A
Redirect Chain

https://www.awin1.com/cshow.php?s=2470185&v=11354&q=377129&r=412871&pv=1&pref3=oneidD8qh3fWwhbJ6t3HmH9t1tZDAhWTmTgbtVoneid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&gdpr_pd=0
https://www.conrad.de/ztpv.php?awc=11354_412871_1672930036_d8fa1931-8d07-11ed-bf55-2237d548a262&insert=AW&&gdpr=0&gdpr_consent=

0
640 B

112ms
41ms

Image
text/html

2606:4700::6812:7e05
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.conrad.de/ztpv.php?awc=11354_412871_1672930036_d8fa1931-8d07-11ed-bf55-2237d548a262&insert=AW&&gdpr=0&gdpr_consent=

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197101%2C19491%2C14019&b=qGXsmf1WUJVA2uZHgHDtJtXXxaPTgTq4s3%2CR5Xfgf6QFX27TkHwH3tQtddAFwTzT7gs7%2CD8qh3fWwhbJ6t3HmH9t1tZDAhWTmTgbtV&f=R5Xfgf6QFGd2RfkHwH3tzCddDawTzT7gs7%2CQpKH4fdjUWX7axH5HYt9CZZrTDT4TzPFV%2Cd9DSEfPkH43WhEHjHwtqCbXQf3T4T1rUj&c=300&d=250&e=&g=adbb7573546cf134532c168b94ba7f8e%2F6057688883000960475&i=20774%2C20773%2C21596&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1672930036095&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hk2tkhcejxy32qq08g2zhyr2kaya8tdxm72rksrna1xxcbrq0ajkpd4t1ztdbfynq3satqheh9brx070mq6s67ma2jp7ydsatf2d1gaynbwg3613fw16cg3pzs9rbyf5steh2msejk2q1zydmm4q69vbbqps7edw2yffscnkc718vtkwd42x9vgzvsdz1vc2a40avme2me3megjpv4ztcxnga2k0xjaaezxj19g8skv2maadkw029zyggwhhsxa41kwb3t1dmk9pyd5a530%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCIHsR8-K2Y5P_FMHptOUP0rWqkAWQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi01NzM4NzI1NzAzMjMyNjI2yAEJqQJsf92vI9CxPqgDAaoE4QFP0GuX9P0iz9pxeVwd_zn_0meJ8eJ2G0KZuV00v9ch_PIP9NR871MCzj3Gbz_iPsLcL70tra062-zyU2AGjcLfulWcKvAzThcAH-CBKF2bbP1i0khaw31gcNsMsj61s0OJWxYPRslpBZEK_cqJin5klimckWbk_RpdmFQ6_NO6P3RNoO-JL8vMmHuKDDIBYSihMAclFtuOeM-UBEQIK9PtQlhaPqPiCicBaUYJgBi5DYA4Hk917fdZXxJD4AkaBypOpCI4HBuwcH8AEz5_6pPMBKnqQc0urcjyRxpJWkeGf6SABry2mfOd_o_LMaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3XVxihL3xFKEnoRW-ee_TQF3p0yQ%2526client%253Dca-pub-5738725703232626%2526adurl%253D&y=1&s=&z=0

Protocol

Server

2606:4700::6812:7e05 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 14:47:16 GMT
via: 1.1 additional-webserver-blue-115j (Varnish/7.2)
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
strict-transport-security: max-age=15552000
age: 0
content-type: text/html; charset=UTF-8
p3p: policyref="http://www.conrad.de/w3c/p3p.xml", CP="NOI NID STP STA CUR OUR"
x-varnish: 208282191
cache-control: no-cache
cf-ray: 784d021788202be6-FRA
expires: -1

Redirect headers

Date: Thu, 05 Jan 2023 14:47:16 GMT
Strict-Transport-Security: max-age=86400
Node: Helix
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Location: https://www.conrad.de/ztpv.php?awc=11354_412871_1672930036_d8fa1931-8d07-11ed-bf55-2237d548a262&insert=AW&&gdpr=0&gdpr_consent=
Awin-Akamai-Rule-Set: default
Connection: keep-alive
Content-Length: 0

GET
H/1.1 200
OK hm.gif
hm.baidu.com/ 43 B
299 B 365ms
365ms Image
image/gif 103.235.46.191
BAIDU Beijing Bai...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1600x1200&vl=1200&et=0&ja=0&ln=en-us&lo=0&rnd=1811286141&si=bfb1bae1f7c3200e814dc48812eadb24&v=1.3.0&lv=1&sn=18091&r=0&ww=1600&u=http%3A%2F%2Fwww.ctfiot.com%2F71118.html&tt=webshell%E7%BB%95%E8%BF%87%E6%A1%88%E4%BE%8B%20%7C%20CTF%E5%AF%BC%E8%88%AA

Requested by

Host: www.ctfiot.com
URL: http://www.ctfiot.com/71118.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),

Reverse DNS

Software

apache /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=172800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.ctfiot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 05 Jan 2023 14:47:16 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
Server: apache
Content-Type: image/gif
Cache-Control: private, max-age=0, no-cache
Content-Length: 43

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame D66A 42 B
64 B 58ms
42ms Fetch
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstStAv8aWCRzRQwo37L9cq0lD752roQml3VBg3WxMBMT-T2Oj9ieVAX1fZLw4BdgD36soqZ7naynJyaQL2wegaVmOL0&sig=Cg0ArKJSzKUXN04dKTdqEAE&cid=CAASF-Ro1E0cVWT777cw_xuyB3C-CA8m6OR5&id=lidar2&mcvt=1000&p=0,0,250,300&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230104&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=440214258&rs=2&la=0&cr=0&vs=4&r=v&rst=1672930035720&rpt=254&met=ie&wmsd=0&pbe=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 Jan 2023 14:47:17 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

he-simple-common.js Show response
widget.qweather.net/simple/static/js/
Redirect Chain

http://widget.qweather.net/simple/static/js/he-simple-common.js?v=2.0
https://widget.qweather.net/simple/static/js/he-simple-common.js?v=2.0

400 B
1 KB

37ms
7ms

Script
application/javascript

163.181.56.157
TAOBAO Zhejiang T...

General

Check archive.org

Show headers Download Go to

Full URL: https://widget.qweather.net/simple/static/js/he-simple-common.js?v=2.0
Protocol: H2
Server: 163.181.56.157 Frankfurt am Main, Germany, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software: Tengine /
Resource Hash: 89204a080269f635d11ee5d9954f75a059304b0c63447563d7af8f5703100620

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.ctfiot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 30 Dec 2022 03:02:15 GMT
via: cache3.l2de2[0,0,304-0,H], cache21.l2de2[1,0], ens-cache4.de4[0,0,200-0,H], ens-cache3.de4[1,0]
x-oss-request-id: 63AE54B78C0B5C3134F6C6BE
content-md5: NF7XU9uyKG/OHjNNbTHykw==
age: 560702
x-swift-cachetime: 604667
x-cache: HIT TCP_MEM_HIT dirn:10:258791445
x-oss-cdn-auth: success
x-swift-savetime: Fri, 30 Dec 2022 03:04:28 GMT
content-length: 400
x-oss-object-type: Normal
last-modified: Fri, 20 May 2022 02:31:21 GMT
server: Tengine
etag: "345ED753DBB2286FCE1E334D6D31F293"
access-control-max-age: 86400
access-control-allow-methods: GET, POST, HEAD
content-type: application/javascript
access-control-allow-origin: *
ali-swift-global-savetime: 1672369335
cache-control: max-age=2592000
x-oss-storage-class: Standard
accept-ranges: bytes
timing-allow-origin: *
x-oss-hash-crc64ecma: 7812729354021640612
eagleid: 2ff62b1b16729300374037257e
x-oss-server-time: 4

Redirect headers

Date: Thu, 05 Jan 2023 14:47:17 GMT
Via: ens-cache3.de4[,0]
Server: Tengine
Content-Type: text/html
Location: https://widget.qweather.net/simple/static/js/he-simple-common.js?v=2.0
Access-Control-Allow-Origin: *
Cache-Control: max-age=2592000
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 262
EagleId: 2ff62b1b16729300373657201e

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 57ms
56ms XHR
application/json 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230103&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5bdfa03d6723d7000718c584a449bcf7e81875b3425f9e8146f78d883f9a78a3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.ctfiot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 14:47:17 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11127
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 405ms
380ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.ctfiot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 14:47:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 05 Jan 2023 14:47:17 GMT

GET
H2 200 he-simple.css
widget.qweather.net/simple/static/css/ 9 KB
2 KB 12ms
11ms Stylesheet
text/css 163.181.56.157
TAOBAO Zhejiang T...

General

Check archive.org

Show headers Download Go to

Full URL: https://widget.qweather.net/simple/static/css/he-simple.css?v=1.4.0
Requested by: Host: widget.qweather.net
URL: http://widget.qweather.net/simple/static/js/he-simple-common.js?v=2.0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 163.181.56.157 Frankfurt am Main, Germany, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software: Tengine /
Resource Hash: 555a32719a765814ed74707dab579134cbc81165f78cda3d4b18384db9fb1dad

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.ctfiot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 30 Dec 2022 02:52:59 GMT
via: cache6.l2de2[0,0,304-0,H], cache20.l2de2[1,0], ens-cache9.de4[0,0,200-0,H], ens-cache3.de4[2,0]
content-encoding: gzip
x-oss-request-id: 63AE528BC0D44936393A7F6D
content-md5: pgP9B04rMTmmqhQNCgZ6oQ==
age: 561258
x-swift-cachetime: 604768
x-cache: HIT TCP_MEM_HIT dirn:9:341608695
x-oss-cdn-auth: success
x-swift-savetime: Fri, 30 Dec 2022 02:53:31 GMT
content-length: 1942
x-oss-object-type: Normal
last-modified: Sun, 26 Dec 2021 02:47:24 GMT
server: Tengine
etag: "A603FD074E2B3139A6AA140D0A067AA1"
vary: Accept-Encoding
ali-swift-global-savetime: 1672368779
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=2592000
x-oss-storage-class: Standard
accept-ranges: bytes
timing-allow-origin: *
x-oss-hash-crc64ecma: 5991946234440923657
eagleid: 2ff62b1b16729300374137277e
x-oss-server-time: 2

GET
H2 200 he-simple.js Show response
widget.qweather.net/simple/static/js/ 181 KB
60 KB 25ms
24ms Script
application/javascript 163.181.56.157
TAOBAO Zhejiang T...

General

Check archive.org

Show headers Download Go to

Full URL: https://widget.qweather.net/simple/static/js/he-simple.js?v=1.4.0
Requested by: Host: widget.qweather.net
URL: http://widget.qweather.net/simple/static/js/he-simple-common.js?v=2.0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 163.181.56.157 Frankfurt am Main, Germany, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software: Tengine /
Resource Hash: f2a01ffdbb2c049057e57832f0ea54ba8dddcd2ef7f685c55ba68024502035f0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.ctfiot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 30 Dec 2022 02:53:00 GMT
via: cache6.l2de2[0,0,304-0,H], cache9.l2de2[0,0], ens-cache3.de4[0,0,200-0,H], ens-cache3.de4[2,0]
content-encoding: gzip
x-oss-request-id: 63AE528B23AD1D353836DDEC
content-md5: mGL1OgUUr4n/bmtOIfgqfg==
age: 561257
x-swift-cachetime: 604770
x-cache: HIT TCP_MEM_HIT dirn:8:261007420
x-oss-cdn-auth: success
x-swift-savetime: Fri, 30 Dec 2022 02:53:30 GMT
content-length: 61384
x-oss-object-type: Normal
last-modified: Sun, 26 Dec 2021 02:47:05 GMT
server: Tengine
etag: "9862F53A0514AF89FF6E6B4E21F82A7E"
vary: Accept-Encoding
ali-swift-global-savetime: 1672368780
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000
x-oss-storage-class: Standard
accept-ranges: bytes
timing-allow-origin: *
x-oss-hash-crc64ecma: 64774404036544135
eagleid: 2ff62b1b16729300374137278e
x-oss-server-time: 13

GET
H2 200 maps
webapi.amap.com/ 99 KB
0 2611ms
349ms Script
application/javascript 47.246.167.30

General

Check archive.org

Show headers Download Go to

Full URL

https://webapi.amap.com/maps?v=1.4.14&key=e2b04289e870b005374ee030148d64fd

Requested by

Host: widget.qweather.net
URL: https://widget.qweather.net/simple/static/js/he-simple.js?v=1.4.0

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

47.246.167.30 -, , ASN (),

Reverse DNS

Software

Tengine/Aserver /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.ctfiot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 14:47:19 GMT
content-encoding: gzip
strict-transport-security: max-age=0
server: Tengine/Aserver
etag: W/84ba2ae0a710022d26fb3970dd1e1d20
vary: Accept-Encoding
access-control-allow-methods: *
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
x-server-id: 72446e765a0ee479614554419edfe3ecb5c00795a60de184b696e5babb81b79d84a5d848ba9f3278a30891e97ac3cbae
cache-control: max-age=0
x-readtime: 2
timing-allow-origin: *
access-control-allow-headers: *
eagleeye-traceid: 2102f00516729300398303313e1941

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 16C3 13 KB
5 KB 9ms
8ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.ctfiot.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1468
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 05 Jan 2023 14:22:49 GMT
expires: Fri, 05 Jan 2024 14:22:49 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 5D86 783 B
1 KB 40ms
16ms Document
text/html 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

b7d28b6c2f9046fee508421faf7ee95ad096d134eb8dae652b6c3eb2f4fd039e

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-PvYT_RYA7wj0a_KcYCsYSg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.ctfiot.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 512
content-security-policy: script-src 'report-sample' 'nonce-PvYT_RYA7wj0a_KcYCsYSg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 05 Jan 2023 14:47:17 GMT
expires: Thu, 05 Jan 2023 14:47:17 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 JwRg8GnJRbSbwgtubA3x1Twn6jgCPCxSQn9TsX0K1wE.js Show response
pagead2.googlesyndication.com/bg/ Frame 16C3 36 KB
16 KB 9ms
9ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/JwRg8GnJRbSbwgtubA3x1Twn6jgCPCxSQn9TsX0K1wE.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

270460f069c945b49bc20b6e6c0df1d53c27ea38023c2c52427f53b17d0ad701

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 13:42:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3890
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16089
x-xss-protection: 0
last-modified: Tue, 03 Jan 2023 14:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 05 Jan 2024 13:42:27 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 5D86 0
0 108ms
108ms Image
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230103&jk=1871944371223498&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 16C3 0
10 B 7ms
6ms Image
text/plain 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?nxY0ew
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 14:47:17 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 116ms
115ms Image
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230103&jk=1871944371223498&bg=!wcKlwobNAAYDMoyoIzI7ACkAdvg8WnnkDbe_-xyMgzIs048MhAGMMyE9ojRGUshvVtWAMtg9MJRr3QIAAABSUgAAAAJoAQcKANt4-nbaFvTfJ9Qr5Vk4kFu2RYybnyg56h4XMks16M3ZsNxEQWJuH_pzHgay-TfGhRlJk-A157hV9FlZi6-nGg8HGUCKLFhXz6BOHXDa89eVihSaBau3wqqqMZ9ZyXQGRigqjKHGaLCunKYc3q-Z2MY3t_PDFVtvwxtYY1_vfABT0ncQ9BdY18JTyolcw9xrYyYgUgcv0Bt2cdwPwZikqahy0J0h1WShKU4NYanivfLAZz9AkpKMLpFBdVjsEGP2a0ERu98TlEifWx61zTAicz_vBC1_wI-U-yDnpvuZAqG2qiWqEtkhkH6E0ZDG4H678BmMZURhO1_g9WoB15pUycvnbLrOnvFWG8Bfhz9snW6xgPFObcrqZE8WIhRSP4eLx5_RUCHyR3bJYw13Ncu6-pqKC6ERA39I22VetjYXUoF0k4x2Yfi8lOvjfzNgCZlN34PTpFEmgtsmYQ8ABOUXcI98-Jt8f3LZuV0iK1TbHdwtTlZAeqw78gdjZqLsXFlQGZQ0Z-kurtOGz5jxSlmYLIjQS0Ac7Gr8gJXkrMWEZFMhMahyFysvFsqKKZszDYxLcRX0nTcYEUvFgXzQcl1bq5kioDa1wymwDAdY42nx_1JWNgF7Q3_O7JjH04iU9JedJDx9qrE9zUcmatbUs-J1RtzGmtlsfQ8deH9ZhjX0zI9DhiQ6MuC_FH7uIJWcoYPGIdyJJ3bPp-aynLTHJh8xB6vTZqZ3WY_JLXibTS2O6awuxs_hj2rKqdMgt-cVRO5GQPwYtS0aQdI_Mzwaz05BhnWb25r3d-4hiYUPYazK1X9svmOVZXk0E6QxfCfrWW9d4DQwcZFJfZOTH_8QwoZgTqq16yW2q4-W_vVPPof2gYJBJVQhtOS8yJb5znJJsNyaOKJuBAxxjEleLPoKWAy1D-o64aNkcOuyxnehrjplibGWogDjWOI65Uh19SmxfWYVoKhr2ZvuDuE6fo_azZ-73cwf4J_rC_OPz8MvWeTbRflY3_w1Ij93vQblgsRrAooN8YvTrHchHHEXTrfXkAE8OHS6TWtC3E1fBtc8Qy7v01nsg6ymdAh1xvKxQLXZjpgw_ssvMvoopTCxlUGHoinIGXMfWCQUa3EOzHyBujWo26qrjU5MdjyCNkMCLcYQXOUPEcL5xtk2sF53OwE68IBjBdNWyy_kRG6-ATr-eIhIW3k1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.ctfiot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

89 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

23 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.ctfiot.com/	1970-01-20 18:18:10	Name: X_CACHE_KEY Value: 88c052d582fd789941159b58378bab5f
.ctfiot.com/	1970-01-20 18:03:46	Name: __gads Value: ID=4024efd853cefd4f-2201201dfeda0056:T=1672930034:RT=1672930034:S=ALNI_MamDRPjXIsup3NMqzunhi5MArm5Zg
.ctfiot.com/	1970-01-20 18:03:46	Name: __gpi Value: UID=00000b9df4ef0435:T=1672930034:RT=1672930034:S=ALNI_MZ5eZxN5YBjlk1RcVmD8v46zErk1g
.doubleclick.net/	1970-01-20 18:03:46	Name: IDE Value: AHWqTUl30yFBS_K_OJzmdqhpmoedq52BVuySV6DL5qYnu6UId8I5RBLl4D79Vf-iGUc
.bidswitch.net/	1970-01-20 17:27:46	Name: c Value: 1672930035
.bidswitch.net/	1970-01-20 17:27:46	Name: tuuid_lu Value: 1672930035
.bidswitch.net/	1970-01-20 17:27:46	Name: tuuid Value: 49d1f215-b092-45f1-b16f-adefff432980
.bidswitch.net/	1970-01-20 08:42:10	Name: google_push Value: AavPq0MgiOOh7lpozwWyTf0uW627x0v14BIC1RjmkzJUkVLvs7CWWByRfY2EoS4iIQN3RMwE9AcNo68T5NNHsjJXgdOUhyUWvcPegNY
.turn.com/	1970-01-20 13:01:22	Name: uid Value: 3878525729162804199
.hm.baidu.com/	1970-01-20 18:18:10	Name: HMACCOUNT_BFESS Value: 8CD0F26E86AE1D17
.awin1.com/	1970-01-20 08:46:29	Name: awpv11354 Value: 412871\|1672930036\|d8fa1931-8d07-11ed-bf55-2237d548a262
.awin1.com/	1969-12-31 23:59:59	Name: AWSESS Value: 377129:2470185
.ctfiot.com/	1970-01-20 17:27:46	Name: Hm_lvt_bfb1bae1f7c3200e814dc48812eadb24 Value: 1672930036
.ctfiot.com/	1969-12-31 23:59:59	Name: Hm_lpvt_bfb1bae1f7c3200e814dc48812eadb24 Value: 1672930036
www.conrad.de/	1970-01-20 08:49:22	Name: HTLP_timestamp Value: 1672930036
www.conrad.de/	1970-01-20 08:49:22	Name: CEAffHA Value: YD
.www.conrad.de/	1970-01-20 08:42:11	Name: __cf_bm Value: uymfcZ7BQ.bhZMNs7w5hunQXRDKX7KNioOYUkiyeAqE-1672930036-0-AV4RPYNiqGOxIVaI6hQbSRdwg4GrqL67eqmTjULUMlK6EzFoNJgpvzMRPXFNHFYohvjrcx1Ga0+JYGsn38b4YoM=
.blau.de/	1970-01-20 08:52:14	Name: nscT486 Value: v01MTQyMTExMzExMTExMTExMTEwMTQyMTI3MDAwMDAwMDA2MTY3MjkzMDAzNnZsZWExZGUyMDIzMDEwNTE1NDcxNjgwMTQxNjg2MzY3WDExMzc1MlYxMjI1MTMxMTA2TVN2aWV3b25laWRSNVhmZ2Y2UUZYMjdUa0h3SDN0UXRkZEFGd1R6VDdnczdvbmVpZF9fc3VpdGVfTmV0bWl4X1JlYWNoNDNfVG9wUm90YU1vbnRoMTEzNzUy
.blau.de/	1970-01-20 08:52:14	Name: nscQ486 Value: V
.blau.de/	1970-01-20 08:52:14	Name: webShopPV Value: ?partnerId=BLU_AFF_POV_EXA_35008&mediacode=AFF_la_113752_-HTLP&utm_term=AFF_la_113752_-HTLP&utm_content=BLU_AFF_POV_EXA_35008&spid=2023010515471680141686367X113752V1225131106MSviewoneidR5Xfgf6QFX27TkHwH3tQtddAFwTzT7gs7oneid__suite_Netmix_Reach43_TopRotaMonth&wfid=113752
.o2online.de/	1970-01-20 08:52:14	Name: nscT485 Value: v01MTQyMTExMjExMTExMTExMTEwMTQyNjUwMDAwMDAwMDYxNjcyOTMwMDM2dmxlYTFkZTIwMjMwMTA1MTU0NzE2ODAxNDE2ODYzNjlYMTE3NzAzVjEyMjYxMzI3MDJNU3JlYWNoX1NVQklEVEVTVF92aWV3MTE3NzAz
.o2online.de/	1970-01-20 08:52:14	Name: nscQ485 Value: V
.o2online.de/	1970-01-20 08:52:14	Name: webShopPV Value: ?partnerId=O2_AFF_POV_EXA_15008&mediacode=AFF_la_117703_-HTLP&utm_term=AFF_la_117703_-HTLP&utm_content=O2_AFF_POV_EXA_15008&spid=2023010515471680141686369X117703V1226132702MSreach_SUBIDTEST_view&wfid=117703&affiliateId=v01MTQyMTExMjExMTExMTExMTEwMTQyNjUwMDAwMDAwMDYxNjcyOTMwMDM2dmxlYTFkZTIwMjMwMTA1MTU0NzE2ODAxNDE2ODYzNjlYMTE3NzAzVjEyMjYxMzI3MDJNU

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://iowen.gitee.io/ioimg/banner/wHoOcfQGhqvlUkd.jpg Message: Failed to load resource: the server responded with a status of 404 (Not Found)

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.doubleclick.net
ad.turn.com
ad4m.at
adservice.google.com
adservice.google.de
as.ad4m.at
assets.ad4m.at
cdn.staticfile.org
cm.g.doubleclick.net
ctfiot.oss-cn-beijing.aliyuncs.com
googleads.g.doubleclick.net
hm.baidu.com
iowen.gitee.io
pagead2.googlesyndication.com
partner.blau.de
partner.googleadservices.com
partner.o2online.de
pixel.rubiconproject.com
prod-rtb.ad4mat.net
r.turn.com
s.ad.smaato.net
sdn.geekzu.org
ssbsync.smartadserver.com
static-de.ad4mat.net
sync.teads.tv
tpc.googlesyndication.com
webapi.amap.com
widget.qweather.net
www.awin1.com
www.conrad.de
www.ctfiot.com
www.google.com
www.googletagservices.com
www.lead-alliance.net
www.telefonica-partner.de
x.bidswitch.net
103.235.46.191
104.96.128.226
142.250.180.198
142.250.185.66
163.181.56.157
163.181.56.174
185.86.139.94
2001:678:cb4:bbbb::11
212.64.63.190
2600:1901:0:76b9::
2600:9000:211e:3600:1b:5138:8a40:93a1
2606:4700:20::681a:71b
2606:4700:20::681a:ad1
2606:4700:20::ac43:4a81
2606:4700:3032::ac43:8d18
2606:4700::6812:7e05
2a00:1450:4001:801::2002
2a00:1450:4001:803::2002
2a00:1450:4001:827::2002
2a00:1450:4001:82a::2002
2a00:1450:4001:82f::2004
2a00:1450:4001:831::2001
2a00:1450:400d:802::2002
2a00:1450:400d:807::2002
43.254.217.178
46.4.62.19
47.246.167.30
52.28.37.158
59.110.190.229
69.173.144.165
78.46.85.162
84.200.5.215
95.100.75.47
003a5b9f890301ca6d6a16067ba382c677704dbd777962094ceb13cc8e02691f
01e105efa6aa2dac21ed4c473d9e4a2d7a4fa9b75dfbf422492b811a90d23381
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0cafba5325245d89181067c5b42608e9e52a4b91b147e6aab01b4d6cc0b0ce48
0fc6327e965679b41a818cf88fdaf0b16e586c0ac03bc72d49c4f47e2ed02336
11b9c95a68e295dddd0ea924647536578ce285b2c8469a223c01df1ff3166af1
14ef9c5fd430240c3e3ffae7acb9a102b1645a25ade3ac2e3c2d5f18327bbc1e
174883adcbfae2d24f1961f1188d2d4cf6a376f7d76c897deeae6ae73d9f9187
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944
2110cce190ab5366863b7d652b06b90ea32ad84d8241b5a492a8dead67594335
23cc8f32949c8b6960b1a4ca216ccaff2db4b769f6565bef2ee1fa954e072029
249ac04965257eb4483f422faa7da8f7807c5a2f9b33683dc8647bc11168c857
270460f069c945b49bc20b6e6c0df1d53c27ea38023c2c52427f53b17d0ad701
2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
3b1fa54e2b1020eda18b88565c88b44463adefad297fac2f626d1ee655d95c81
3b342ff8948e759f4d6886629f309a3f8fb025b2b3ff464a0b8665945eb3a624
3e072a40ac7b8d13ac916ea7414702ef308c98d0b3d53835a361ffff11a4fcaa
3eabaf6acfbd158fa8f9b6c8e2a7f59a93cd3c19ca45e66c709f2170964541de
40223a3dd6674dcbe84b1dc6f6abdc04ff1258b059edc3d22dc246d5969e0532
416266744c21abbe7404d6a0d24a9cf430f430d967446983919ffdffb552e8dd
41b9b9d488e3a57902a671111dd089363c2f7d3a41ec3177f196abbb7cbac078
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4ab995345cf38f3951bc840ab2c0d043269e700e59f1c6d6cb7fb8946268b358
4ad66d2fc22f2a561e0519fde0bd5201adb13638c2e915e1a6a6a718a7bf4dad
4faa1d5635283a0d49e1933de318b24491751c9a3ccf2fe404b9137929e3eb86
5112ac3168dcb0f524c0f4b7fe192ba56498cfced86ba0f43e2317fd203f769c
553300264e11fc1c15eb6c77712247af6f3279dd30635e8e18b908cc27773375
555a32719a765814ed74707dab579134cbc81165f78cda3d4b18384db9fb1dad
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5736e3eec0c34bfc288854b7b8d2a8f1e22e9e2e7dae3c8d1ad5dfb2d4734ad0
5a5f39391fbf5b06db84b8f9716d53de575ee97a627d2c5f12f79a991a671eb5
5bdfa03d6723d7000718c584a449bcf7e81875b3425f9e8146f78d883f9a78a3
5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab
5d84a57ce0022d737a58075ef1c11bb5d7c0e44f295322af3a2ab44624fa777a
5db48e6c2ef04b4456da13fcdb7e973d2103962ece5e6249339a0b56557f0b2f
5eeedf9055f9efab9127642b4c44135be9f404caa7ce08e51a5ea734dfd28828
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6220d576020da1b860f606f64ccf285812d4aa96cc31b94ef9e021c782b3357c
67bbcec2522f3b5d3e8a265e3057004fe9c9961bdce0646dcbc9c32bf06e5aeb
69516c5b557bb540ee7689c3dcdd8b8a4e316e491ffbac7a5b68d9122e1b9bdd
6973024936e5b30b98046977013de466de5de1708457e2ab9cc2bb44dc09ff72
6b094a140ea1c9e6edece62a54ab0d4fb5a600ba71495dc8835a12621e49204e
7145c78c4fa5645f133bb1617175b0da68d7ba07b3853a9b90d96a3afc636394
727e6a1f4a634d6298af8636fd331912b036b6f7783c771d2e06baeb82e2341e
79e0dab4ee148ba5a83ddfc41088f3d4c54c75bedc52d0fa1ccb111d0dfc7e6e
801ebc9c46c6ed651e93f00b2fab16e10313285daa06b4379ea2c01b29508306
82cfc47b089c65402685e31a32c32916e84ba41323dadb2dbcc44c2d268b439c
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
89204a080269f635d11ee5d9954f75a059304b0c63447563d7af8f5703100620
8a7739925f4c03586479852df840b7061948832a7fda30c8c812d2ea4dd4c4f2
8ad1d2fa1c1fe7fb0b39084c8abb8565a1788fe8b7be2569aca353da175e079a
8f52ae059ebd18fcb45ca5d2f81ab410ade2b54e096aa1284fd4b2b97bf3ddc9
8fe2f1cb7bc41c640ad3ea24449cfa1ba5291e16dbbbab0ef61bfe43f3212910
9300540176f6ba0fb9f47fcd35582b65621776b6a6d61f730d8f25ed966e39be
9624c9f30634be84a224d007e5df178a51107bff3e456e2a90b504cbf350d190
99464ceb71bc9bbdcc72275faefe44f98eb5cbb6b5d8ee665b87b35376f1a96e
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9b4516ae3b2534cf72366dc9a08cc2b2b4515bc026ee27b1b9b3ae157eba0f75
9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
ad7f705be0fc7ef112c80face74e074a07130d533d8e2892e65aebefbbd44d07
b00e1b2de916ebd46dabc76a63345844e4cf92f194552c2657b50f1c11cc2be8
b7d28b6c2f9046fee508421faf7ee95ad096d134eb8dae652b6c3eb2f4fd039e
b9efb5c7960bebaff510def1f3de9b22f7fa1147a85b34e66dbe2805d912f5e4
bf6c605d85ba4313c9c09410cb86c1fba8ea9a830cf25d7b4cc240e92d50e0fc
ca2427c5350b6c6ee1acd7342ca166a97be33dbae0dc55901774a4de8c6cd706
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d08ce327aecaf9346df404c646d7888923fe28749ed47a094a2dfa7785a77809
e07d58c68b83a3c283f75063f562aadc164ebb7cf068ffaef89bdde5011c3da8
e12c6e6b042870857fb07f66c9fc2358a428a07f1690b4d8af56d0142b340f3a
e174a58a503ab84b3d1b9de12fd3895788204485170f1289e445f7b5b98ec789
e2b94f353fafcae37092fdd244b0c1af1c80d050c614dc3c1f9bcd7ff2d1bdd6
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f18a75151b3f92f9e3a74514a68c15f9d7e3b90a816311ba3e01f97c9f780c50
f2a01ffdbb2c049057e57832f0ea54ba8dddcd2ef7f685c55ba68024502035f0
f6693a145042b71aa87b3c9afc892856ed7ca3da0960b1f67f7feac78dd77b50
f7cdf71044448cb736733f5163fff96081d51ba4101567d61d22ee5998a7a399
ff48982640a87c46f361199e072b24b3be5afe9e2c4cfd8cb503c6a74253c172

www.ctfiot.com Open in urlscan Pro 43.254.217.178 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

99 Requests

62 %HTTPS

48 %IPv6

28 Domains

36 Subdomains

28 IPs

8 Countries

1631 kBTransfer

3323 kBSize

23 Cookies

3 Outgoing links

Redirected requests

99 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.ctfiot.com Open in urlscan Pro
43.254.217.178 Public Scan

Screenshot
Live screenshot

Full Image

99
Requests

62 %
HTTPS

48 %
IPv6

28
Domains

36
Subdomains

28
IPs

8
Countries

1631 kB
Transfer

3323 kB
Size

23
Cookies

99 HTTP transactions
1 data transactions