forexone.alghtas.xyz Open in urlscan Pro
2a06:98c1:3121::3 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://short-jambo.ink/CFx1GV8K
Effective URL:
https://forexone.alghtas.xyz/50-pips-a-day-forex-strategy/
Submission: On January 18 via manual (January 18th 2024, 9:25:29 pm UTC) from YE — Scanned from DE

Summary HTTP 455 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 50 IPs in 10 countries across 60 domains to perform 455 HTTP transactions. The main IP is 2a06:98c1:3121::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is forexone.alghtas.xyz.
TLS certificate: Issued by GTS CA 1P5 on December 11th 2023. Valid for: 3 months.

This is the only time forexone.alghtas.xyz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	184.94.215.169 184.94.215.169	22612 (NAMECHEAP...) (NAMECHEAP-NET)
1 23	2a06:98c1:312... 2a06:98c1:3121::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
27	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:82f::2001	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:82a::200a	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6812:bcf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	65.21.235.194 65.21.235.194	24940 (HETZNER-AS) (HETZNER-AS)
1	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a04:4e42:200... 2a04:4e42:200::649	54113 (FASTLY) (FASTLY)
1 2	2606:4700::68... 2606:4700::6810:7daf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
13	142.250.184.193 142.250.184.193	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:828::2003	15169 (GOOGLE) (GOOGLE)
24	2a00:1450:400... 2a00:1450:4001:81c::2002	15169 (GOOGLE) (GOOGLE)
47	2a00:1450:400... 2a00:1450:4001:802::2001	15169 (GOOGLE) (GOOGLE)
12	2a00:1450:400... 2a00:1450:4001:811::2004	15169 (GOOGLE) (GOOGLE)
10	2a00:1450:400... 2a00:1450:4001:80f::2001	15169 (GOOGLE) (GOOGLE)
92	2606:4700:20:... 2606:4700:20::ac43:4a81	13335 (CLOUDFLAR...) (CLOUDFLARENET)
12	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
5	2a02:fa8:8806... 2a02:fa8:8806:13::1400	41041 (VCLK-EU-SE) (VCLK-EU-SE)
3	35.71.131.137 35.71.131.137	16509 (AMAZON-02) (AMAZON-02)
4 4	35.186.193.173 35.186.193.173	15169 (GOOGLE) (GOOGLE)
5 58	142.250.186.34 142.250.186.34	15169 (GOOGLE) (GOOGLE)
5	35.186.253.211 35.186.253.211	15169 (GOOGLE) (GOOGLE)
9 9	46.228.174.117 46.228.174.117	56396 (AMOBEE) (AMOBEE)
5 5	13.248.245.213 13.248.245.213	16509 (AMAZON-02) (AMAZON-02)
1 1	35.214.180.228 35.214.180.228	15169 (GOOGLE) (GOOGLE)
11	2606:4700:20:... 2606:4700:20::ac43:444e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
20	2606:4700:20:... 2606:4700:20::681a:ad1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
10	2600:1901:0:7... 2600:1901:0:76b9::	15169 (GOOGLE) (GOOGLE)
1 2	34.96.105.8 34.96.105.8	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
3 3	85.114.159.93 85.114.159.93	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
3 3	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
6 9	51.75.86.98 51.75.86.98	16276 (OVH) (OVH)
2 5	2606:4700::68... 2606:4700::6812:19ad	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7 7	37.157.3.20 37.157.3.20	198622 (ADFORM) (ADFORM)
3 3	172.64.151.101 172.64.151.101	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	178.250.1.9 178.250.1.9	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2620:116:800d... 2620:116:800d:21:de2e:c7b3:55c0:d5a0	16509 (AMAZON-02) (AMAZON-02)
2 2	151.101.66.49 151.101.66.49	54113 (FASTLY) (FASTLY)
2 2	35.204.158.49 35.204.158.49	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	2600:9000:224... 2600:9000:224a:3600:1b:5138:8a40:93a1	16509 (AMAZON-02) (AMAZON-02)
2	34.249.157.147 34.249.157.147	16509 (AMAZON-02) (AMAZON-02)
3 3	52.58.114.78 52.58.114.78	16509 (AMAZON-02) (AMAZON-02)
2 4	2001:678:cb4:... 2001:678:cb4:bbbb::11	56396 (AMOBEE) (AMOBEE)
4	18.192.16.65 18.192.16.65	16509 (AMAZON-02) (AMAZON-02)
2 2	2a05:d018:d29... 2a05:d018:d29:3602:cc6c:4f79:2b51:3805	16509 (AMAZON-02) (AMAZON-02)
4 4	3.254.35.3 3.254.35.3	16509 (AMAZON-02) (AMAZON-02)
2	185.64.190.78 185.64.190.78	62713 (AS-PUBMATIC) (AS-PUBMATIC)
2	89.149.192.197 89.149.192.197	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
2	2a02:cb40:200... 2a02:cb40:200::242	20546 (SOPRADO-ANY) (SOPRADO-ANY)
4 6	23.199.221.167 23.199.221.167	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2606:4700::68... 2606:4700::6813:afbe	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	147.135.143.66 147.135.143.66	16276 (OVH) (OVH)
6 6	142.250.184.198 142.250.184.198	15169 (GOOGLE) (GOOGLE)
1	87.118.116.9 87.118.116.9	31103 (KEYWEB-AS) (KEYWEB-AS)
4 4	84.200.5.215 84.200.5.215	44066 (DE-FIRSTC...) (DE-FIRSTCOLO www.first-colo.net)
2	167.233.13.224 167.233.13.224	24940 (HETZNER-AS) (HETZNER-AS)
1	37.208.110.235 37.208.110.235	58010 (UVENSYS) (UVENSYS)
1	2606:4700:440... 2606:4700:4400::ac40:9b32	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	18.132.128.129 18.132.128.129	16509 (AMAZON-02) (AMAZON-02)
2	108.157.4.61 108.157.4.61	16509 (AMAZON-02) (AMAZON-02)
2	18.239.50.21 18.239.50.21	16509 (AMAZON-02) (AMAZON-02)
2	3.73.69.41 3.73.69.41	16509 (AMAZON-02) (AMAZON-02)
1	54.37.204.178 54.37.204.178	16276 (OVH) (OVH)
4	18.134.214.132 18.134.214.132	16509 (AMAZON-02) (AMAZON-02)
455	50

1 184.94.215.169 (United States) 1 redirects

ASN22612 (NAMECHEAP-NET, US)
PTR: server1.short-jambo.com

short-jambo.ink	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 2a06:98c1:3121::3 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

forexone.alghtas.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

27 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:82f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

lh3.ggpht.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:bcf (United States)

ASN13335 (CLOUDFLARENET, US)

stackpath.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.21.235.194 (Helsinki, Finland)

ASN24940 (HETZNER-AS, DE)
PTR: cdn16.top4top.io

k.top4top.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:200::649 (United States)

ASN54113 (FASTLY, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:7daf (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

unpkg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 142.250.184.193 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f1.1e100.net

e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 2a00:1450:4001:81c::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

47 2a00:1450:4001:802::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:811::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:80f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

92 2606:4700:20::ac43:4a81 (United States)

ASN13335 (CLOUDFLARENET, US)

as.ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
assets.ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a02:fa8:8806:13::1400 (Singapore)

ASN41041 (VCLK-EU-SE, US)

dclk-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.71.131.137 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.186.193.173 (Kansas City, United States) 4 redirects

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com

gcm.ctnsnet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

58 142.250.186.34 (United States) 5 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 35.186.253.211 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 46.228.174.117 (United Kingdom) 9 redirects

ASN56396 (AMOBEE, GB)

sync.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.targeting.unrulymedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 13.248.245.213 (United States) 5 redirects

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.214.180.228 (Groningen, Netherlands) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 228.180.214.35.bc.googleusercontent.com

csync.loopme.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2606:4700:20::ac43:444e (United States)

ASN13335 (CLOUDFLARENET, US)

static-de.ad4mat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 2606:4700:20::681a:ad1 (United States)

ASN13335 (CLOUDFLARENET, US)

ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2600:1901:0:76b9:: (Kansas City, United States)

ASN15169 (GOOGLE, US)

prod-rtb.ad4mat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.96.105.8 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.105.96.34.bc.googleusercontent.com

tr.blismedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 85.114.159.93 (Loerrach, Germany) 3 redirects

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com

dsp.adfarm1.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 69.173.144.139 (Frankfurt am Main, Germany) 3 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 51.75.86.98 (France) 6 redirects

ASN16276 (OVH, FR)
PTR: ip98.ip-51-75-86.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700::6812:19ad (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

a.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 37.157.3.20 (Denmark) 7 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.64.151.101 (United States) 3 redirects

ASN13335 (CLOUDFLARENET, US)

ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 178.250.1.9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800d:21:de2e:c7b3:55c0:d5a0 (United States)

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.66.49 (United States) 2 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.204.158.49 (Groningen, Netherlands) 2 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 49.158.204.35.bc.googleusercontent.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:224a:3600:1b:5138:8a40:93a1 (United States)

ASN16509 (AMAZON-02, US)

s.ad.smaato.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.249.157.147 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-249-157-147.eu-west-1.compute.amazonaws.com

match.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.58.114.78 (Frankfurt am Main, Germany) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-58-114-78.eu-central-1.compute.amazonaws.com

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2001:678:cb4:bbbb::11 (United Kingdom) 2 redirects

ASN56396 (AMOBEE, GB)

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
r.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 18.192.16.65 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-192-16-65.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a05:d018:d29:3602:cc6c:4f79:2b51:3805 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 3.254.35.3 (Dublin, Ireland) 4 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-254-35-3.eu-west-1.compute.amazonaws.com

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.64.190.78 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 89.149.192.197 (Bunschoten, Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

ssbsync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:cb40:200::242 (Germany)

ASN20546 (SOPRADO-ANY, DE)

t.adcell.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 23.199.221.167 (Düsseldorf, Germany) 4 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-199-221-167.deploy.static.akamaitechnologies.com

www.awin1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6813:afbe (United States)

ASN13335 (CLOUDFLARENET, US)

www.conrad.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 147.135.143.66 (Montpellier, France)

ASN16276 (OVH, FR)

netzwerk.uppr.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.184.198 (United States) 6 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 87.118.116.9 (Germany)

ASN31103 (KEYWEB-AS, DE)
PTR: km36617.keymachine.de

banner.congstar.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 84.200.5.215 (Germany) 4 redirects

ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE)

www.telefonica-partner.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.lead-alliance.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 167.233.13.224 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.224.13.233.167.clients.your-server.de

partner.o2online.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
partner.blau.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.208.110.235 (Germany)

ASN58010 (UVENSYS, DE)
PTR: web01.g-direct.de

www.guenther.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::ac40:9b32 (United States)

ASN13335 (CLOUDFLARENET, US)

pvx.freenet-mobilfunk.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.132.128.129 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-132-128-129.eu-west-2.compute.amazonaws.com

track.webgains.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 108.157.4.61 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-157-4-61.dus51.r.cloudfront.net

analytics.webgains.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.239.50.21 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-239-50-21.ams58.r.cloudfront.net

cdn.track.production.webgains.team	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.73.69.41 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-73-69-41.eu-central-1.compute.amazonaws.com

www.eprimo.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.37.204.178 (France)

ASN16276 (OVH, FR)
PTR: 178.ip-54-37-204.eu

ht.uppr.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 18.134.214.132 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-134-214-132.eu-west-2.compute.amazonaws.com

api.webgains.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
112	ad4m.at as.ad4m.at — Cisco Umbrella Rank: 29340 ad4m.at — Cisco Umbrella Rank: 11475 assets.ad4m.at — Cisco Umbrella Rank: 41583 Failed	986 KB
91	doubleclick.net 11 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 209 cm.g.doubleclick.net — Cisco Umbrella Rank: 260 ad.doubleclick.net — Cisco Umbrella Rank: 163	334 KB
84	googlesyndication.com e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 110 tpc.googlesyndication.com — Cisco Umbrella Rank: 157	400 KB
23	alghtas.xyz 1 redirects forexone.alghtas.xyz	1 MB
21	ad4mat.net static-de.ad4mat.net — Cisco Umbrella Rank: 164401 prod-rtb.ad4mat.net — Cisco Umbrella Rank: 125344	9 KB
12	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 230	780 KB
12	google.com www.google.com — Cisco Umbrella Rank: 2	1 KB
10	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 410	207 KB
9	onetag-sys.com 6 redirects onetag-sys.com — Cisco Umbrella Rank: 707	3 KB
8	gstatic.com fonts.gstatic.com	162 KB
7	adform.net 7 redirects c1.adform.net — Cisco Umbrella Rank: 583	5 KB
6	webgains.io analytics.webgains.io — Cisco Umbrella Rank: 28599 api.webgains.io — Cisco Umbrella Rank: 69568	38 KB
6	awin1.com 4 redirects www.awin1.com — Cisco Umbrella Rank: 16092	4 KB
5	tribalfusion.com 2 redirects a.tribalfusion.com — Cisco Umbrella Rank: 874 s.tribalfusion.com — Cisco Umbrella Rank: 2405	3 KB
5	3lift.com 5 redirects eb2.3lift.com — Cisco Umbrella Rank: 412	2 KB
5	1rx.io 5 redirects sync.1rx.io — Cisco Umbrella Rank: 547	3 KB
5	openx.net rtb.openx.net — Cisco Umbrella Rank: 625	504 B
5	dotomi.com dclk-match.dotomi.com — Cisco Umbrella Rank: 3445	516 B
5	ggpht.com lh3.ggpht.com — Cisco Umbrella Rank: 8657	1012 B
4	lijit.com 4 redirects ap.lijit.com — Cisco Umbrella Rank: 671	2 KB
4	bidswitch.net x.bidswitch.net — Cisco Umbrella Rank: 373	581 B
4	turn.com 2 redirects ad.turn.com — Cisco Umbrella Rank: 843 r.turn.com — Cisco Umbrella Rank: 4167	2 KB
4	criteo.com dis.criteo.com — Cisco Umbrella Rank: 608	1 KB
4	unrulymedia.com 4 redirects sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 1373	2 KB
4	ctnsnet.com 4 redirects gcm.ctnsnet.com — Cisco Umbrella Rank: 53518	1 KB
4	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 28	5 KB
3	w55c.net 3 redirects pm.w55c.net — Cisco Umbrella Rank: 875	3 KB
3	casalemedia.com 3 redirects ssum-sec.casalemedia.com — Cisco Umbrella Rank: 497	3 KB
3	rubiconproject.com 3 redirects pixel.rubiconproject.com — Cisco Umbrella Rank: 381	2 KB
3	adition.com 3 redirects dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1552	2 KB
3	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 357	445 B
2	eprimo.de www.eprimo.de — Cisco Umbrella Rank: 230444	3 KB
2	webgains.team cdn.track.production.webgains.team — Cisco Umbrella Rank: 69384	19 KB
2	webgains.com track.webgains.com — Cisco Umbrella Rank: 55633	4 KB
2	lead-alliance.net 2 redirects www.lead-alliance.net — Cisco Umbrella Rank: 70130	734 B
2	telefonica-partner.de 2 redirects www.telefonica-partner.de — Cisco Umbrella Rank: 69927	514 B
2	uppr.de netzwerk.uppr.de — Cisco Umbrella Rank: 241191 ht.uppr.de — Cisco Umbrella Rank: 127060	6 KB
2	adcell.com t.adcell.com — Cisco Umbrella Rank: 57836	917 B
2	smartadserver.com ssbsync.smartadserver.com — Cisco Umbrella Rank: 742	89 B
2	pubmatic.com image6.pubmatic.com — Cisco Umbrella Rank: 805	207 B
2	yahoo.com 2 redirects pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 495	1 KB
2	360yield.com match.360yield.com — Cisco Umbrella Rank: 1918	397 B
2	smaato.net s.ad.smaato.net — Cisco Umbrella Rank: 662	471 B
2	simpli.fi 2 redirects um.simpli.fi — Cisco Umbrella Rank: 856	1 KB
2	everesttech.net 2 redirects sync-tm.everesttech.net — Cisco Umbrella Rank: 716	891 B
2	blismedia.com 1 redirects tr.blismedia.com — Cisco Umbrella Rank: 1872	572 B
2	unpkg.com 1 redirects unpkg.com — Cisco Umbrella Rank: 867	2 KB
1	freenet-mobilfunk.de pvx.freenet-mobilfunk.de — Cisco Umbrella Rank: 197599	1 KB
1	guenther.de www.guenther.de	481 B
1	blau.de partner.blau.de — Cisco Umbrella Rank: 104015	1 KB
1	o2online.de partner.o2online.de — Cisco Umbrella Rank: 80544	1 KB
1	congstar.de banner.congstar.de — Cisco Umbrella Rank: 89383	549 B
1	conrad.de www.conrad.de — Cisco Umbrella Rank: 86865	493 B
1	quantserve.com cms.quantserve.com — Cisco Umbrella Rank: 764	463 B
1	loopme.me 1 redirects csync.loopme.me — Cisco Umbrella Rank: 897	412 B
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 760	30 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 225	11 KB
1	top4top.io k.top4top.io — Cisco Umbrella Rank: 699380	145 KB
1	bootstrapcdn.com stackpath.bootstrapcdn.com — Cisco Umbrella Rank: 2998	24 KB
1	short-jambo.ink 1 redirects short-jambo.ink	750 B
455	60

	Domain	Requested by
58	cm.g.doubleclick.net	5 redirects e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com
47	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com forexone.alghtas.xyz e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com
43	ad4m.at	as.ad4m.at ad4m.at
43	as.ad4m.at	e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com as.ad4m.at ad4m.at
27	securepubads.g.doubleclick.net	forexone.alghtas.xyz securepubads.g.doubleclick.net e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com
26	assets.ad4m.at	as.ad4m.at
24	pagead2.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com www.googletagservices.com
23	forexone.alghtas.xyz	1 redirects forexone.alghtas.xyz
13	e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
12	www.googletagservices.com	e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com
12	www.google.com	tpc.googlesyndication.com e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com forexone.alghtas.xyz
11	static-de.ad4mat.net	as.ad4m.at
10	prod-rtb.ad4mat.net	e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com securepubads.g.doubleclick.net
10	cdn.ampproject.org	securepubads.g.doubleclick.net
9	onetag-sys.com	6 redirects e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com
8	fonts.gstatic.com	fonts.googleapis.com
7	c1.adform.net	7 redirects
6	ad.doubleclick.net	6 redirects
6	www.awin1.com	4 redirects as.ad4m.at
5	eb2.3lift.com	5 redirects
5	sync.1rx.io	5 redirects
5	rtb.openx.net	e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com
5	dclk-match.dotomi.com	e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com
5	lh3.ggpht.com	forexone.alghtas.xyz
4	api.webgains.io	analytics.webgains.io
4	ap.lijit.com	4 redirects
4	x.bidswitch.net	e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com
4	dis.criteo.com	e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com
4	sync.targeting.unrulymedia.com	4 redirects
4	gcm.ctnsnet.com	4 redirects
4	fonts.googleapis.com	forexone.alghtas.xyz securepubads.g.doubleclick.net
3	pm.w55c.net	3 redirects
3	ssum-sec.casalemedia.com	3 redirects
3	a.tribalfusion.com	2 redirects e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com
3	pixel.rubiconproject.com	3 redirects
3	dsp.adfarm1.adition.com	3 redirects
3	match.adsrvr.org	e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com
2	www.eprimo.de	netzwerk.uppr.de www.eprimo.de
2	cdn.track.production.webgains.team	as.ad4m.at
2	analytics.webgains.io	track.webgains.com
2	track.webgains.com	as.ad4m.at
2	www.lead-alliance.net	2 redirects
2	www.telefonica-partner.de	2 redirects
2	t.adcell.com	as.ad4m.at
2	ssbsync.smartadserver.com	e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com
2	image6.pubmatic.com	e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com
2	pr-bh.ybp.yahoo.com	2 redirects
2	r.turn.com
2	ad.turn.com	2 redirects
2	match.360yield.com	e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com
2	s.ad.smaato.net	e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com
2	um.simpli.fi	2 redirects
2	sync-tm.everesttech.net	2 redirects
2	s.tribalfusion.com	e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com
2	tr.blismedia.com	1 redirects e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com
2	unpkg.com	1 redirects forexone.alghtas.xyz
1	ht.uppr.de	as.ad4m.at
1	pvx.freenet-mobilfunk.de	as.ad4m.at
1	www.guenther.de	as.ad4m.at
1	partner.blau.de	as.ad4m.at
1	partner.o2online.de	as.ad4m.at
1	banner.congstar.de	as.ad4m.at
1	netzwerk.uppr.de	as.ad4m.at
1	www.conrad.de	as.ad4m.at
1	cms.quantserve.com	e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com
1	csync.loopme.me	1 redirects
1	code.jquery.com	forexone.alghtas.xyz
1	cdnjs.cloudflare.com	forexone.alghtas.xyz
1	k.top4top.io	forexone.alghtas.xyz
1	stackpath.bootstrapcdn.com	forexone.alghtas.xyz
1	short-jambo.ink	1 redirects
455	71

This site contains links to these domains. Also see Links.

Domain
mhma12.tech

Subject Issuer	Validity	Valid
alghtas.xyz GTS CA 1P5	`2023-12-11` - `2024-03-10`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
*.googleusercontent.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
bootstrapcdn.com GTS CA 1P5	`2023-11-30` - `2024-02-28`	3 months	crt.sh
*.top4top.co R3	`2023-11-01` - `2024-01-30`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-07-03` - `2024-07-02`	a year	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2023-07-11` - `2024-07-14`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
misc-sni.google.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
*.dotomi.com GlobalSign RSA OV SSL CA 2018	`2023-08-15` - `2024-09-15`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2023-04-12` - `2024-05-13`	a year	crt.sh
*.openx.net RapidSSL TLS RSA CA G1	`2023-08-18` - `2024-08-18`	a year	crt.sh
ad4mat.net GTS CA 1P5	`2024-01-16` - `2024-04-15`	3 months	crt.sh
prod-rtb.ad4mat.net GTS CA 1D4	`2024-01-18` - `2024-04-17`	3 months	crt.sh
tr.blismedia.com GTS CA 1D4	`2023-12-02` - `2024-03-01`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-12-01` - `2024-03-01`	3 months	crt.sh
quantserve.com R3	`2023-12-27` - `2024-03-26`	3 months	crt.sh
s.ad.smaato.net Amazon RSA 2048 M03	`2023-09-04` - `2024-10-02`	a year	crt.sh
*.360yield.com Amazon RSA 2048 M01	`2023-05-29` - `2024-06-26`	a year	crt.sh
*.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2023-03-23` - `2024-03-23`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2023-04-20` - `2024-05-20`	a year	crt.sh
*.smartadserver.com DigiCert Global G3 TLS ECC SHA384 2020 CA1	`2024-01-17` - `2025-01-16`	a year	crt.sh
adcell.com Certum Domain Validation CA SHA2	`2023-07-28` - `2024-07-27`	a year	crt.sh
netzwerk.uppr.de R3	`2023-12-21` - `2024-03-20`	3 months	crt.sh
www.awin1.com DigiCert TLS RSA SHA256 2020 CA1	`2024-01-10` - `2025-01-10`	a year	crt.sh
*.webgains.com Amazon RSA 2048 M01	`2023-05-15` - `2024-06-13`	a year	crt.sh
*.webgains.io Amazon RSA 2048 M01	`2023-07-24` - `2024-08-22`	a year	crt.sh
cdn.track.production.webgains.team Amazon RSA 2048 M03	`2023-08-30` - `2024-09-27`	a year	crt.sh
eprimo.de Amazon RSA 2048 M01	`2023-04-29` - `2024-05-27`	a year	crt.sh
ht.uppr.de R3	`2023-12-03` - `2024-03-02`	3 months	crt.sh

This page contains 66 frames:

Primary Page: https://forexone.alghtas.xyz/50-pips-a-day-forex-strategy/
Frame ID: 8F0464C2586252ECFE8F57EE17AA69D0
Requests: 58 HTTP requests in this frame

Frame: https://e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 7819ECF9B05AB20CA83CF3EAC78EC9D0
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 519C42EB3719B511DE2EEE138AF4BD5B
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 4912F25A35B1814F66F8F6F713AEB0D6
Requests: 2 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012312191621000/amp4ads-v0.mjs
Frame ID: 499529D0F3181F8CA126F389F546F830
Requests: 15 HTTP requests in this frame

Frame: https://e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: CC3CE3E2FA2147D49AC6B2DE59F3A8D1
Requests: 10 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1hwtedvhwjb37v5gen2bgpff0swcsfyk8r7hg9hp5dfnjekpf6gd8ten8j1yp699x3h963ng27rngjfvf8ytwzrhncbbhawbd1fn4brfm0kk8rhvrpkyty8vft3wk5wn5ajvs5shk3zma1sskg2qx2hwppsqx7dvg77qa7mtq8dh8gft8qcnzbp3dqjc66ahkp62nazmqaffgdh3at151mf7gv8p16ttyfjs2j6zf2jmdarrjvd4h0jgtbyzv33yaqd21tw017x6kac29xgcg23hafvx7tnmx8q3fz82tbq9jttjdqgm3jfea1g2tf9cesrqae53mn8g0qms22wd3enhpcbsz0n6ej3cbjc0kg8nygcacsgjh7zvmfrg1f0p312ap8x6w30k0tw8wzhvs82qwyt2t9t59w2754dfctsfs829qh56ran96dk163kx8sray4t3&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCAU1VQpepZeecIf6g9u8P4eGvwAOQ4YGEXLaoworwAsCNtwEQASAAYJXKhoKYB4IBF2NhLXB1Yi04NzM3NzkzMzg5NjcxNTM1yAEJqQJ_jGMqIjiyPuACAKgDAcgDAqoEgwJP0M3ksRVfrDFlyhRQPIjJr-Dt-NitIhgY_hN6QDIH0lQTkWL4JvrrP_6vZ684YWjXTvN1JpSu9bctJCp8CJoWaMOuz6clFv3vs1q5JGQ3UYYEpyUEmtJraiOeeejXFhF7hDSmDARPwTIZhWMc0SvqVn3v5vhzUsJoBeOlEryV1-Ht2S2DA5jBolM5imNTPjaVlo_G0sw9S_fmqHu08CLWXW2FAMneeXAbIyeQhwfkFQ75jk7i5AgYyRNf6tcDXYK5cdUHxNDAizQefyjhpPHy8FHH-DsP0FRmWLqErL3PpkPCDncKjKQ0o6x6YuNcrt_VtTbi_bG1cAXrGIQAmDc7eo2K4AQBgAbF76qXrOryphygBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYhafugfDngwP6CwIIAYAMAeINEwjD0O6B8OeDAxV-kP0HHeHwCzjQFQGAFwE%26num%3D1%26sig%3DAOD64_2OF7bTznGEyNTsiwMm1LBv9imYFg%26client%3Dca-pub-8737793389671535%26adurl%3D
Frame ID: 18BCB73C3FEBFAC17BB4B565265511DA
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 4E2016C4292DA38872546E605D9820F1
Requests: 9 HTTP requests in this frame

Frame: https://e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: E2F12B6A07540DDE3B8BD0986B2187DB
Requests: 9 HTTP requests in this frame

Frame: https://ad4m.at/cookie-frame.html
Frame ID: 29945599F0A1E2E9A862CE115A2D46B9
Requests: 1 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1kp702xd79zs2wrtz10ktqzqm3bzypag6z7texs7fh76y0h1swh285vnzdv9jmjn8vsyhn7pnz0yg81aa0dw8ndxbxrtv2dqy00tbs5234hma9kkjb93sc0nemdacyrsf4e1s8by11r2e87vrt8vqsxv8xzwqvv1trsp0q282w5j6jterpx1bjzb84p8jy3haqqwtkvhm06zge3cvjpqegbvm87qn1g524vwzh40zgh0xh8qjbb3da81wchjchxqn9j79wn5fqmax1vf1ykzvw1hb6cq3226q1kx82qw4gpz09sban9rzpc32cj6fkdvn9s1et97vbnp7vz7tt7y1gbz4rermemm6530jzw23kgzmqdbm43nt1hpa28wzjqzazskd7an842bpkdrwfean97fdcfdt7v0gjjht9yj8hfjpkxd1fvvbd3p1b19x9e6p4en9376&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC5ItnQpepZb71Mb3F7_UPydaGuAuQ4YGEXLaoworwAsCNtwEQASAAYJXKhoKYB4IBF2NhLXB1Yi04NzM3NzkzMzg5NjcxNTM1yAEJqQJ_jGMqIjiyPuACAKgDAcgDAqoEgwJP0ALvUIyq_GFmBBUL_R6YKjEvnQleVbPxQBlopM8NwfnKXn8NCQxSotij4RdF728Atmek4KQ1OwGzePAhkFFZHG38NeK6Kr68QqvGqt71v9dwULTOLruHW7wT2za76vT778vytbQ0gL2Ys8DBbc-Fq4eyJIiK_2UHXC1uVeDmYnCJnOcGSLfqSOfRF-YsN241XNswuewL_TpO_5rxSrEspxovqcnVlFy5O49Feisjs9B-Gaw0ANO0Aexw-IaaV2qT5eaUwxoJQcwl9K3e-ov5TWgbE28epfs2RiatwtKvkJGCQEzYDBC7midRq80xshM1FI9INiXS8z9T7l9x9F1wevdj4AQBgAa30KrL2bTPoU2gBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYyezugfDngwP6CwIIAYAMAeINEwiknu-B8OeDAxW94rsIHUmrAbfQFQGAFwE%26num%3D1%26sig%3DAOD64_3zvmJ20m22VGwXjhjsrSNU6xmBgQ%26client%3Dca-pub-8737793389671535%26adurl%3D
Frame ID: F95F00EC7D8BF58FA8FBB98C1603BA8D
Requests: 4 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: EC457B7244F2E85A6D0CD4463392426F
Requests: 9 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=197862&b=Rx3HgfQfGPqeUkHwH3tQtw2A7u9SzTYMAhB3zZ&f=QxWH4fjfP93YUxH5HYt9CbqrpT6S4TGD4HEzJ5&c=320&d=50&e=&g=e7a727aff73b219c9cd180f3bb00b24a%2F15260885504098327350&i=71725&j=21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1705613123267&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1h5pvsm9pr7f9rry6pp87qgw0f976mrxjx7mha3newndrhcz012740vygsdfhh520xy2dr8x2yn08d0wzqdd5fpvsgp298f6dk8mndr520bz3jc465nxqskt8vey2xp8ybwm6wr1xd4x5t772a22vddedts6mbqztqb10assdn8ct2jefcas7xknbsbyz8swwj5e4186v4pc66ytzz4dmakc66eecxnjchhpbw4hgaj9n6dbhka6aczx9xe399dmnw7bsshwq9xq0966rkxyj6f2%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCAU1VQpepZeecIf6g9u8P4eGvwAOQ4YGEXLaoworwAsCNtwEQASAAYJXKhoKYB4IBF2NhLXB1Yi04NzM3NzkzMzg5NjcxNTM1yAEJqQJ_jGMqIjiyPuACAKgDAcgDAqoEgwJP0M3ksRVfrDFlyhRQPIjJr-Dt-NitIhgY_hN6QDIH0lQTkWL4JvrrP_6vZ684YWjXTvN1JpSu9bctJCp8CJoWaMOuz6clFv3vs1q5JGQ3UYYEpyUEmtJraiOeeejXFhF7hDSmDARPwTIZhWMc0SvqVn3v5vhzUsJoBeOlEryV1-Ht2S2DA5jBolM5imNTPjaVlo_G0sw9S_fmqHu08CLWXW2FAMneeXAbIyeQhwfkFQ75jk7i5AgYyRNf6tcDXYK5cdUHxNDAizQefyjhpPHy8FHH-DsP0FRmWLqErL3PpkPCDncKjKQ0o6x6YuNcrt_VtTbi_bG1cAXrGIQAmDc7eo2K4AQBgAbF76qXrOryphygBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYhafugfDngwP6CwIIAYAMAeINEwjD0O6B8OeDAxV-kP0HHeHwCzjQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2OF7bTznGEyNTsiwMm1LBv9imYFg%2526client%253Dca-pub-8737793389671535%2526adurl%253D&y=1&s=&z=0
Frame ID: DCC789EA833BDF6D9EE393A8C53E1A29
Requests: 4 HTTP requests in this frame

Frame: https://e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: CE2E26F5C511E6C01EE6B1723BA704A4
Requests: 1 HTTP requests in this frame

Frame: https://ad4m.at/cookie-frame.html
Frame ID: 4A950E8AF87C49DFA2A20B41A540CE7E
Requests: 1 HTTP requests in this frame

Frame: https://e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 17CAB16BF09A6D8C74BA901664F3100C
Requests: 10 HTTP requests in this frame

Frame: https://e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: EBBD96C8462E3CEA9DE38AF652CFFE6B
Requests: 10 HTTP requests in this frame

Frame: https://e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: B11176C6AAF88D4CBC427716EB78790D
Requests: 10 HTTP requests in this frame

Frame: https://e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: EAA6CACC92698168CD109A453B3DD9D5
Requests: 10 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012312191621000/amp4ads-v0.mjs
Frame ID: 37B3F88CFB8D83319371E9D8FDED19BE
Requests: 17 HTTP requests in this frame

Frame: https://e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 31B410FFE7CECF54C2DD5B3B9AE239D2
Requests: 10 HTTP requests in this frame

Frame: https://e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 87BEEEE1101714EF0647143B6E2C8460
Requests: 10 HTTP requests in this frame

Frame: https://e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 1959AEEC3AF6670886006C3AD4A1DC41
Requests: 10 HTTP requests in this frame

Frame: https://e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 3A1A451D5ACC1FC1B727950373DDA339
Requests: 1 HTTP requests in this frame

Frame: https://e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: D92150E29781B66B64CD753857B4EBBC
Requests: 10 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1k82fwaa71m9y1h8a1jzq5kdmv4t8ykfrfnxzfh6n4yjxrp63rfh96nj2h9aq9awdk26znkgx5y2jgt0xhf64wzayrgmtfx67qcqwypnpp4hpqzztdp2sbmqcy7qgf2a2s4bwc4c406w61pge3a8qkhvnvnjj3raxka4de3kqkpk6npdt266p1dekqyqhsrj9h8ck478mzgdvjjpzkqj7drznc55mxengzwgfy24r6q2ag3zwhgdyz6k8sdrhg7stkspfgjk1np73r4vsq0dcay0tg9ncgq8xtnnaz67c3xgza1d0g4x4qjvsacgaccedfbmfwj131xfegqtq85tzxqvwm6yp2x3mvkdqj8yznv2j7ck453c7pp84avq046eytx2rzwx5czd1wgm7p43vjzazm7ftgdq7dzgabe6t0p3ngwhfnbw63v9xcyb16gnxvvyynr2&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC4FAHQpepZeCdKdC59u8PmJeqmAWQ4YGEXLaoworwAsCNtwEQASAAYJXKhoKYB4IBF2NhLXB1Yi04NzM3NzkzMzg5NjcxNTM1yAEJqQJ_jGMqIjiyPuACAKgDAcgDAqoEhgJP0Ett7skyQfoYRRPKpiX9WgXdPcMNWDJ4nTInIxpolEr0y8H6tIF5ELWg7Ag17pMRJia3KvOSoNO1ajzSG8PsVP9zZy3FhZQ4uimw5zyxlN8J1--hLUiEekCruKRdCxGi4MkvWRtZh7P9qNNjeAat8OccFiw6td_zEBnZ6WWduKUhl58QMqgVRnSB3K16UBNaQiuZxTdKV74fmjY94UqCcFT34_P_cXlnIJJwKlJ69EyiJzmH3fMxiz8qukSXXXuFWhxarZNAD156hIEAp45_FpkvBUbBFWYms-5quea3K93K54OUq6F2f04ujZ6evrJLSK3dGDz5yQbbMTbBOSmNsz6wzmlG4AQBgAbF76qXrOryphygBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYlKCygvDngwP6CwIIAYAMAeINEwiYgbOC8OeDAxXQnP0HHZiLClPQFQGAFwE%26num%3D1%26sig%3DAOD64_1_n6-vsi77KJFloNhNiGuHizwxOQ%26client%3Dca-pub-8737793389671535%26adurl%3D
Frame ID: 746D2580DCEC223701884EC2848F98AD
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 2397F2F83F8170AAF230AE4D9ABFC0EF
Requests: 9 HTTP requests in this frame

Frame: https://e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 8C20523F200FA75FE819B76E08C58047
Requests: 9 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1je340jfd228zvnf0q95ga1ft02vnq4z8fq0ykmcwnj0mbxgxe3kysqeszd6exnb87ysqky0z8fzdskeq84ecve03k57ffd57zd65q08ebm5vfg4jkgbq421enfwaz2kvq5n5yjw7dk1wja8cmewa6f7knpveqz3kvsfwfrmmdg1mg688nffz0ecbrn699jb76w4fhanf7sbp6km6dfk2jtrdf1cqgns948cp3b3shgfej0528aq2pqejtmsb5cyetjt280gf8ryd72tavfdmft3wb28ep35p5et7npbypmtx6ytb0caqt20kt83s4bbrn4w7vs45ee0y3jgq7ra0r39gpxz33qbwb6aw4ye36afk9fdtrdhydgs84y58ysjqpxvdz4nz5njrg3f08xmnq39qdwyj58zfdppf0f80vbwa7wpnp3k0sqmzt30x2hrneczbdyj&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCm0PWQpepZeGdKdC59u8PmJeqmAWQ4YGEXLaoworwAsCNtwEQASAAYJXKhoKYB4IBF2NhLXB1Yi04NzM3NzkzMzg5NjcxNTM1yAEJqQJ_jGMqIjiyPuACAKgDAcgDAqoEjAJP0EvPm_--F40JGJsXkGL709w-3Xb-hK9O0aQlWNW8eXKrS9niy86RMKIKVQNRDXkD1A1YVfmNcM3lD-KNIA9kIAoglKNPVJGH0h7vLcdeQjjwHAyd4b4N72NXS049xNP_7ljfI_glR5Cb6K837op1zPidyHMJ31GTKLBcU0K6gLyMTEpTdicrZfztCco4kCoBZ11vH7aeidML0FfBSVYelhoPi34Za9IRw_eWyMQ68jiQOn1IfEr0z4bQn8s12N0MmcbWGTDwWhDKdMYws5Ej1xJ01NWkgbVxc1MkSNEqPib9e4P3lA2mUErQGzXPKz3xVf_68srB3EXX2p-A9RWziFVYDHESVjdo-RQ34AQBgAbF76qXrOryphygBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYlKCygvDngwP6CwIIAYAMAeINEwiZgbOC8OeDAxXQnP0HHZiLClPQFQGAFwE%26num%3D1%26sig%3DAOD64_2VhP59kPk0szm7BFx6c0fKMWvzLA%26client%3Dca-pub-8737793389671535%26adurl%3D
Frame ID: A6B71B2E35661E99E24AB7EDFA70066A
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 3E6DB31143DF1C7727A867BB4BD74EBB
Requests: 9 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1jsqdqm9ee35ee3gz890c88g4qt219rmksvyhd7skyt4x5vwc7v6kcst7psk0hj8q17awpfcxbgvamxptdtcce5h9be70bh9dq0zc5s6xbwyy73dfea3d8ge91vn49f8efcfyenmksksevha0nh8qwgwk84b39qngy58dq0nbnckfeznkcsx9d92pfsrassqx5d84y9v5j030d13retra42xcnsgb963akq3j590ad3a08vzmy0zqh0px55vp0ey61g28a6svf2kz40rab5yynvtdtdx8h6s9c00eagcb30njjnbp4s0pndrcye7t849gdepb2r1hnnzse08rdftrx7x92zj9k7pv34xbrn1e1gbjv5kafs01paeykvc4k7q4jymb6vyfevhm48ak7dxqpah4q17v8c3hjkx003mgtseczxj4yk1spqz2pw36r48sm2pwk41&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCtPB9QpepZeKdKdC59u8PmJeqmAWQ4YGEXLaoworwAsCNtwEQASAAYJXKhoKYB4IBF2NhLXB1Yi04NzM3NzkzMzg5NjcxNTM1yAEJqQJ_jGMqIjiyPuACAKgDAcgDAqoEhAJP0OtZ1_I-FReEEu1b1XYJN7Bo-IPb6lpnjj4x4oVcoW0j6giPr7UZA9-tRlOAX5guRohYqP3Y67j0ZLS2vaEhFPxgP-QuS2J6usst6MR8vgRRpgcfHmqd4WA-5igH-y379aEJN6Wj6335NyEFWWN6_H-C8AjC63TyqNiL44QRKZ71dhPVJIR-RjkXfTFmYQB3qJfF7xaplm4s8-3WQRiM-IjXI0R1Nl8cokKwjrOU78ncOPTNLxX_9hvte2YWSqXkRFtA0VU8elAiyTV4rOKgxheNd0dlZrlpX78DkaNGYxmeoME7Mi1-kCy92hIZ9Ye6C75r7c9hohJIHtGXknpbBYkM4uAEAYAGt9Cqy9m0z6FNoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WJSgsoLw54MD-gsCCAGADAHiDRMImoGzgvDngwMV0Jz9Bx2YiwpT0BUBgBcB%26num%3D1%26sig%3DAOD64_1zwwti0WAFL0ikk2qmZuL9tYhPIQ%26client%3Dca-pub-8737793389671535%26adurl%3D
Frame ID: 27730F3FEEB2AC9C2412C1499C81E28C
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: CF5D29C14188749D15ACB9C3BC2584C2
Requests: 9 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1h8pnxxp0v725nf0drkjesfq2hypgddh1pmjm6m6a132xmb962sa9ecnqfmhandkwe4br4mwvdb53mhvxcvrh4t7szymapg7bgdy40w7dffcm6mkn13fendbzxhdy64g0j7nfg8mfpttxr1zha3zcwew9dy84zcfqx46swyf6qa0vxn1jrd1sf0f55n06mfsx7chyb61d6a8g0akxqdkv26r0vnd5bjh8vk48b3weawa0sxfcm8z5dak713w9tef9eb99fekpw8rraevyh8jzq9e41dqnp8930eavan5813qjjpeg47dfp9mzmg5eypsz9c9h21jbfz2tkjhgjwjb2s0jsaqfk1670tph22c3ffk6v2ty7nawgfx0q7wapxe6073xpxyrk87d0t7t09bkaatc8523a1qr6tpepncw177xqfh64daw1w0prgn0kyzee8jzhz1dm&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCNNT0QpepZeOdKdC59u8PmJeqmAWQ4YGEXLaoworwAsCNtwEQASAAYJXKhoKYB4IBF2NhLXB1Yi04NzM3NzkzMzg5NjcxNTM1yAEJqQJ_jGMqIjiyPuACAKgDAcgDAqoEhAJP0MwmwCg5YxAqi76R6vO-0wsn070VASjPs9c2OiFixa5HPA8Xs_2cOeog2ZfIRA948PGaJPhymlUdINExB7iuKMK_Y92kcHFIYod5hfSX4m2CSkrdThoktXTdQWyPCw_pTe2MlY4b_qUBVyUCP4Wmch4jg65jFQZmEx5WYxVM9VC6DeVfushzEVvQ-1Jz-Nc6m5JZa3HUOjBcaCmqG-sEUcW7ORfj37GfFA4lgCGr0Y7GTemDey7pckoFZn44qD0AyszTyfc6Vz0miE4SvaBbk1x3A_JuKky9OJQNvkBqq4Uhw8qghSn1CbL8UGMwkUUxi5ZlW4z9I7fkx-I-LpZAJAsTKuAEAYAG_JOsh_LJp4IroAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WJSgsoLw54MD-gsCCAGADAHiDRMIm4GzgvDngwMV0Jz9Bx2YiwpT0BUBgBcB%26num%3D1%26sig%3DAOD64_0ZmvmF0SkpxWZukQSu8WKxJoJ3sw%26client%3Dca-pub-8737793389671535%26adurl%3D
Frame ID: A25F98C643AFCEF7897243C0F8AA4310
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 4BD3B287E7BF471C2E6DF01787AD212C
Requests: 9 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1ke86mf6dm70xvm7jqqxnb8nmcajh1x2pq7reyze8yr34stwmm2xznwm633q7tz3xq6qgnt6rdt4mk8vxz70jcxvt7qxbq199h8gbcv49rv0azyzcarfa4vn27z43h5398gw0pmq4t6z6p89m4ts487rteyepkhmr5x80n2y9sdameck9qm8phh3ssz858rehnzcqq01czaqd68te1v23s4tnzea2nhv9x72sp5gpy78w3pa3kcdf9e4h1y0zrr18p8r3etsdgh8wbwppe5v3d3t3h6v1cs4tjms1gf54qqw1336wyv1v493wttzc0d7q7z5fhpvq6c02ybjp9wn8fg7f8025pt40rprfgp22c9mnqdpesvwfnsyfbkqde20rk8s71xc9w38fzhsp8vpxk2ezjb7gesyh90x6rznb17j8272kz3a0qxegeasqjgpmqn615r0&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC3AQhQpepZeWdKdC59u8PmJeqmAWQ4YGEXLaoworwAsCNtwEQASAAYJXKhoKYB4IBF2NhLXB1Yi04NzM3NzkzMzg5NjcxNTM1yAEJqQJ_jGMqIjiyPuACAKgDAcgDAqoEgwJP0JhaGKntI5dxd7BZXGlZL0O9C3HOc7JjESywKmgWftaAzpJzP-Hn35jCzG8cH_tdqDJQRV0nFwNWdTfwgpVR2WPvaUSXTu6NPBng83BgIHPfHG92PQddGg61ILVNfH-7bXW61okQt1FVFUhY0bSEddHqe8NpnUhUk9G92i34hLXj8Qmm--KPrFE_4rQFE2l3Ygm0PGiwkoqaF91X_DPEbYpYVo88pFSsqMNXy3d6ACrRkQHgC7tzaV8H58OEY3CDtZewRlvu1-SImh56lsKIwIesI21zl4a8JpYFVLQJ2s4GiBWhWuUADgqA6di9tEPn295qaPGoshRHIbqKIDeNko7Y4AQBgAa30KrL2bTPoU2gBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYlKCygvDngwP6CwIIAYAMAeINEwidgbOC8OeDAxXQnP0HHZiLClPQFQGAFwE%26num%3D1%26sig%3DAOD64_178tbH9G9URzUp7AZay1k0biEWrw%26client%3Dca-pub-8737793389671535%26adurl%3D
Frame ID: 2FED4AC7CA23966A15C91B6B15C08215
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 0781FB2C6F294631DEE8E1C15DA16DD5
Requests: 9 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1gc66tg9cfq6j4pfazv716h1m5e0gdarh678z4qb88nrypsdndqfvgn5nh09kta5bgyjhpwn3mfvyq2p9fz33kf8axbv5b6k8q33y85ffgv4qnh6v4jcg7mgydq6wr70zdpq92sgqbtjmpbb60a03rb38915b5rcyv0ckms29ftsqvn2khhvtpb3gf5cnscdb7sfmws2zhvw0mrjds6x7dvh49qjgjy22t7evqfdmtnj0z4dws20kd68abwzjxe44yj0s4yn7et8pabq535wvs0d7wbz19hx119276vgxp3q3vf4d9086reqy8nd037jy1s3dcsc0h3fx7p5hf683v8kc5ezn5jfxkzzdmtreqbk3aapdp6r36bv7pp2edk98hwdbdb0w9fdybd71yhkq9ybrz5te6kaqpsd20pc53f0nqg8ayqqz3yk6hyg9eghka97pe1c&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DChPcsQpepZeadKdC59u8PmJeqmAWQ4YGEXLaoworwAsCNtwEQASAAYJXKhoKYB4IBF2NhLXB1Yi04NzM3NzkzMzg5NjcxNTM1yAEJqQJ_jGMqIjiyPuACAKgDAcgDAqoEgwJP0ETFi-D7ciiTFDJYeBCBditdVJ4a9sKhVtl9jwMfXkwI5DNsKWLd3Z1ocT5AG2UufrWAYt9mMud9y5pQXKkxx0c-HPLFoshxX2OmwVXNDAKna8hTgoCBdRyZj7wSLI0HzsS9Y5MY1R7ZcYRq4JEGLxHx4eCKsDjsniqSa09nhArmy0_t2fMRIIhARQK7DndYCDK2b6coX-P_jltr-70fXlGLZ3ktiNuyQBDK2PRsKjUeahB_JMgGsgKcslN7P42VfdMSC0fztYQKsLLXpKIwsZnOGTi96tKq82vwjPB2Po-7wV_NKhAnXSfi9olNlm_1A1QzYq2a7x0bjaXLq4iSTZbr4AQBgAa30KrL2bTPoU2gBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYlKCygvDngwP6CwIIAYAMAeINEwiegbOC8OeDAxXQnP0HHZiLClPQFQGAFwE%26num%3D1%26sig%3DAOD64_0gYVPiK-bFPhR6od-6LJWulx-5lQ%26client%3Dca-pub-8737793389671535%26adurl%3D
Frame ID: B9DDFA3FBB42DD0213ED42A830665ADA
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 5CE158025FF7FC76671830D38F7BEA7A
Requests: 9 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1j9jdgmc8n4040a457g2269cm40z3aaexatkn8s5ms7fdkbf4a48x700tdv39gcrf9hpbyxwk1pe7e6qpezq953f9vp9yxdwj2dxxekfrsmbjkx9jqxx79xasfbyxx9g6qjmv87fgmbyw5ra924kzrjx1fbagesysmqqm3h7b5h7dtzq10362jw7rx082es7y208842gc9dhd75e1racn5x5k024h52zn0rkvtyw8bwhcntpde70esx3bdsw9y4v8bge4jvvz4ehdt6t7zz6q2rc4wjs1pxm4rs6qtd1vkr0tvya0beqq615h04p0jgwky8c7xyrk83veqwre3k3jebebds3az63dxq3pbfjfke1fnwh9d080efgesjkwsmqgk3n5ew4ybzc5mwc7c4xv4856w1jyt6gkxmnjtcwd85cfym729t9et70ekhrd5g68wyvw2yrkg&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC4HAoQpepZeedKdC59u8PmJeqmAWQ4YGEXLaoworwAsCNtwEQASAAYJXKhoKYB4IBF2NhLXB1Yi04NzM3NzkzMzg5NjcxNTM1yAEJqQJ_jGMqIjiyPuACAKgDAcgDAqoEgwJP0EQZSy_YxyYeWJe0FvzAOgF9DCM-wvvMcIByxHSDvj57eYTD4yANOmWaZ7CjNBvrdCegGDx910UNaA2OgLtvj8bPhgQsa7qZHYh-7UFjOclPSV162U_3WXDd72JYIU96QVooo35aOoY0yYkSz7DHYrmwrvx6uA02_xbalcflZx29ydNrtNsPgBEiT4Qre0R1JBUC-kXhDWcP0zG_FFx2v97wpWyPC6eGNj26KYVLxkrJFGrUr2jetGmXcofo4-bUVJWxJNNp3DL22jp_9vZ7pRw23y9k9yi4RPsaU8F7GFFoo37POcrwhHKN520scucETRTkXGCDmzgQ77ED_4FbF7i-4AQBgAb8k6yH8smngiugBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYlKCygvDngwP6CwIIAYAMAeINEwifgbOC8OeDAxXQnP0HHZiLClPQFQGAFwE%26num%3D1%26sig%3DAOD64_2Voj4mfJ1FTjTsOig2RUYFg9HoZw%26client%3Dca-pub-8737793389671535%26adurl%3D
Frame ID: C61ADF9A7BB4A8088899A499AEA793B8
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 656346727B3737D2C795613C27B8ED0E
Requests: 9 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1k58n4ke2fskstdqka0wk8f3stts72mdzqgywxgrvhcvmvh0jkv44e88a49x6k4dy6mmfsg761m1btcppj33tmq92kr6qqh0gsm5mt4vpjz7g9sxvyb4krtvf083gpzpbm4zp1t3dpg9nmxhmb97mp8ekfyhv8r9qrt1x78kmdk0q07tf186jx5aemcft45mstdy0xbrk63qwzrjszzh5kec8qg66hwmpgtgxt22maaqs4c52hax0w0q0jw6z7ez2wewjf4ek9vnznhg2hnbdxk4y3p19520ffajz5h0exvxxagd2aqjythhw33d6jqxytasqc3rjygrw9qaqf7a38pxa41pr6m7zsvftsz3dgnbnwt9smnkf59qw4p9evp70vk4megm4yav69m0t0q0t4gfgdaktdhjdshxkx2r7msw04rn0aartjsh326bb4akwedbp4455m&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCNLq2QpepZemdKdC59u8PmJeqmAWQ4YGEXLaoworwAsCNtwEQASAAYJXKhoKYB4IBF2NhLXB1Yi04NzM3NzkzMzg5NjcxNTM1yAEJqQJ_jGMqIjiyPuACAKgDAcgDAqoEiQJP0ILqF87FdOOwwc69UoYwi65WIrwMt9Ev5dBLeK149nf7xaqemVLoSZNnuyWyKK5VEyH8-I9wFMaU62ApUnrVyz1ENo7QqSLuu0pn7rarSKmMTsdaokQK670W92Qb_g7NvAR-HLFFkOCvBChey65h50s7nKwaW4vffnxczSywO3B1XzoWp_GKpGAiv9kW7CooZaT4EQ8QrrAs6s0Ef0w-Bl7iCEEEocA81t5BaCTH8gzGsmIQ6CMoCRVmJzbYyjJfuTaoDDnvqZi0mpLOtuCp9J8CPkWEGuoD13JIdAJxnfpIOv8AxtMPor_nmXp-jEvwPe-0noGhMVPJGHB6QGSIv_mjTOuzkMzr4AQBgAb8k6yH8smngiugBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYlKCygvDngwP6CwIIAYAMAeINEwihgbOC8OeDAxXQnP0HHZiLClPQFQGAFwE%26num%3D1%26sig%3DAOD64_0f5NF168n8YAsfziiNEpoRfW7vHw%26client%3Dca-pub-8737793389671535%26adurl%3D
Frame ID: B11B0F5AB596FA6B10812A7063A8A6C5
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 1F269CF97ABFF76E2E53CC8FF1F528CE
Requests: 9 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1jcc5hcpqznnv7mjsj4mx01wzdn22jes4x30x28ddwtrvrjhaxadamy9c3n4pxnx4yfyw9f05q6n65xzmjqveyrckfcbyrzd5xnwp6fehd6127cyzqbx4m7rspmxctgnx0x2phzmvwcqq7qqj35kv21d602fm8t7h6hd1xmjq0bzm2bejhnrpp4rtyxes123grtfktnaybnfwtm5681vbek44wck9ykb618jd4y4dp14ctzx68pgf677bmde26p7shdnxandbcpzaw1hsz90p1jtykkt4cjqp6cm5vgj9fecmf15kmhfnm0t22g9g1e3p4jd9msk53xcch7rwm93p7ejqqa2jbhan3h6p8w8rsvb3swh0f9bg8xwv7q3gey65q6tn03btedyv0zreye6cqcfnmsp0et1f4k07rsw2a21gncqtd3zaj205mhaqshvvd7xedfd&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCTpZ8Q5epZbObE4zG7_UP9Kq4uAWQ4YGEXLaoworwAsCNtwEQASAAYJXKhoKYB4IBF2NhLXB1Yi04NzM3NzkzMzg5NjcxNTM1yAEJqQJ_jGMqIjiyPuACAKgDAcgDAqoEiQJP0OkgxITHVZOI1453C2XKum5n-Q4SxwuH2zSO_5ruY-lT8D1wqSULVmBfMP1jmJTQo-MCB_gnXAFGNNI4iFKa4KTNP866Rh2yciNJeY_SQftNFLguL_c3vp35eILbhMvguRyNAIKiYE4u8Dqj3PiUynR6omSY8TaGlmXo66ysgjy_QewFSDLs_N7bFYRjlBbFBkfWjxhVBwy-VrwlgKCBmW6lA9jxELDTZJfjFgpEhiWHV7tloHUw3roDIXYWgN5t5EkbTtDY_1o-XrCsd3YTleNwKe2vVSRGMts0Q4XSyCUGlpDejkSLUtR9k8cV-jeOhxD7qbDQ2B0BYP8Jnjff4q_ZgF00p3my4AQBgAa30KrL2bTPoU2gBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYn7DvgfDngwP6CwIIAYAMAeINEwjr3O-B8OeDAxUM47sIHXQVDlfQFQGAFwE%26num%3D1%26sig%3DAOD64_3MnQzipmEEKofrvyluvTpnUjWdXQ%26client%3Dca-pub-8737793389671535%26adurl%3D
Frame ID: 87EA2D11D49941A39845BC3F73AC5265
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: A904BA54FB46330DD3A51214F9052707
Requests: 9 HTTP requests in this frame

Frame: https://ad4m.at/cookie-frame.html
Frame ID: A3C6EC8A80069F2954924BD5B4F8B889
Requests: 1 HTTP requests in this frame

Frame: https://e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 89542916076679F9D8978E6A67189B8A
Requests: 8 HTTP requests in this frame

Frame: https://ad4m.at/cookie-frame.html
Frame ID: 5466F0E8A6EC0459E389F0F1A92149A6
Requests: 1 HTTP requests in this frame

Frame: https://ad4m.at/cookie-frame.html
Frame ID: 51911C403DBAAA3433AAECE37E0DBCCF
Requests: 1 HTTP requests in this frame

Frame: https://ad4m.at/cookie-frame.html
Frame ID: 2A7C37066DF75CC02F012D14E90E702B
Requests: 1 HTTP requests in this frame

Frame: https://ad4m.at/cookie-frame.html
Frame ID: 2732140FDDAFFDF09FC165E11F64DC11
Requests: 1 HTTP requests in this frame

Frame: https://ad4m.at/cookie-frame.html
Frame ID: 15EB7CD66EF816B8B53B1F0B71F1ADCA
Requests: 1 HTTP requests in this frame

Frame: https://ad4m.at/cookie-frame.html
Frame ID: 1BAE7A63CE89C3C2C8CC5428CCDB136E
Requests: 1 HTTP requests in this frame

Frame: https://ad4m.at/cookie-frame.html
Frame ID: EFBCAD154B41CCB4DB970A61285C3EFF
Requests: 1 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1hdjme2qwrk1y1j85brqw0kneghnv8g6tq3d8x01d1cgaj8qkbjvf6cs4z7f3sk4jy9h58qmm10xnd1ja2jn3y8sst4jqa7smdqgsh4vj36fhpaqhree0h2tr7jjkq1deb63tx15qdx5wnvnd98rr3rebn54yn7cqfrpstr4tzgm9b810wx9bpjvbam7861832xd2hbd9rvmwnvmy86aqnfdhtfk6njzmq68y11vrzqfy58gks6r3c7tekv6z2a9rx2e7nedyjae0afbyt81c01qa9ryvvvazfy2atff9k2b0k897z0ddb2q5cdbfpge369cj079b1bgjs9m6v1r7r8x7tvjrx1sdpsdrhpxakwe0e4vg491sh0hezs53zjjsyt3t3bn2vhxncscej2nb5y1zy33ncwqsvvsr459t867a989wq3z3w817n6nqjh8ab3mc0v6&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCohtDQ5epZeihH8_89u8P472V8AeQ4YGEXLaoworwAsCNtwEQASAAYJXKhoKYB4IBF2NhLXB1Yi04NzM3NzkzMzg5NjcxNTM1yAEJqQJ_jGMqIjiyPuACAKgDAcgDAqoEiQJP0G-PNPT9Fjth6QpbvKN1FDJz39Zp6JKsZMCWIo4SXnv02uFS---wKG7-WXfB9z3CPaF7SxjuJwUV1LFTEamg3_uy7PWbzdZy8VNkwxc99dkuySH3e-wtg0YxU7VlL2UiVonkpl_EULtaHYnnOV1ZSOhl8vXHMJmA2OrUaiIsZX7bcciB-SAvKvE6erHLsrP43phz16ih-ofYBn7M-C1JP3J43NPcwTvmN8y_1y_OadOSCMnY2eLQ4_Qk_w7Ym7qcTSgKxhKBKLTwpbxpF7gGsuCumJ-x5t0hRGXFN8fTEMDUPQrJpDb59d3lYvRuuNBl21B1j0Yfb4gK3yR_71XzD3rDwvicVs0Y4AQBgAbF76qXrOryphygBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYqvnvgfDngwP6CwIIAYAMAeINEwj-wPCB8OeDAxVPvv0HHeNeBX7QFQGAFwE%26num%3D1%26sig%3DAOD64_12Y0Xy455BLkZuiWwmasQGap0LiA%26client%3Dca-pub-8737793389671535%26adurl%3D
Frame ID: C1A1D8ABD1BD18DC25964B10FB3244BB
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: B2BF548D6618CA07427EA7C536FB7FE3
Requests: 9 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=765&b=7QWSqfzf38crHXHgtAtBGMc4S1TQ8Eu2k1j&f=EjgSDfEfgVhzHAHjt6Cq6daKSVTYr3hBgQ5&c=320&d=50&e=&g=0795b19f7aa8586d55b3a66b5f59ba07%2F7760633811250529273&i=1676&j=4&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1705613124042&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gjtva3bs5ne7w2t1ay7k7485950w6cycetaxhmm1skshr0vmr8qxrjwm0khq7n0k2rj2pahjqf2frnpbm7w7y0b2d0dr3fktzkk36v0qenm64d2x6yq2xwsct65js4p6tckc9a9ny01x22s0pb190w6hh5yvq0cezgaw6xc9wvffmqhe49m6wk4yv6z9tc7n88wq51tnp3mmagdd9ghw907qw998afp0grgmq281yx07mjttdkj5a6xvc63qkqejp2wzv7st9yhr7vda61g5cst%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC4FAHQpepZeCdKdC59u8PmJeqmAWQ4YGEXLaoworwAsCNtwEQASAAYJXKhoKYB4IBF2NhLXB1Yi04NzM3NzkzMzg5NjcxNTM1yAEJqQJ_jGMqIjiyPuACAKgDAcgDAqoEhgJP0Ett7skyQfoYRRPKpiX9WgXdPcMNWDJ4nTInIxpolEr0y8H6tIF5ELWg7Ag17pMRJia3KvOSoNO1ajzSG8PsVP9zZy3FhZQ4uimw5zyxlN8J1--hLUiEekCruKRdCxGi4MkvWRtZh7P9qNNjeAat8OccFiw6td_zEBnZ6WWduKUhl58QMqgVRnSB3K16UBNaQiuZxTdKV74fmjY94UqCcFT34_P_cXlnIJJwKlJ69EyiJzmH3fMxiz8qukSXXXuFWhxarZNAD156hIEAp45_FpkvBUbBFWYms-5quea3K93K54OUq6F2f04ujZ6evrJLSK3dGDz5yQbbMTbBOSmNsz6wzmlG4AQBgAbF76qXrOryphygBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYlKCygvDngwP6CwIIAYAMAeINEwiYgbOC8OeDAxXQnP0HHZiLClPQFQGAFwE%2526num%253D1%2526sig%253DAOD64_1_n6-vsi77KJFloNhNiGuHizwxOQ%2526client%253Dca-pub-8737793389671535%2526adurl%253D&y=1&s=&z=0
Frame ID: 4FD324B825C128121F966C5F6F947829
Requests: 5 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=14019&b=Rx3HgfQfZx7TkHwH3tQtdWgf9SzTYMAhB3zZ&f=QxWH4fjfbV7txH5HYt9CZekh6S4TGD4HEzJ5&c=300&d=50&e=&g=8c6452da297663b6e2690788bbc887d2%2F5576148969009994260&i=21596&j=16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1705613124068&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hawzpj54exkcbkrc9m4rtwx3xxfdc5jt57ha2yqbssnndchkwncb2vdd08rmzqvmfqqmfybchsn5nd233x40ehnc6e7tkwcwj1a6q1m5hwkfr88q0qncr8qgf4cns3fbzpbwg8snnep0zxftj8fy2f96dbtbj6cv5fhd8qejc34rq9ax75nq7g8540thntkjd51m7600pc9davtceecp802m7ep01a7c64eb5409xa02xceyn9ykx17wykz4s4r61g14y6pjymnjx6th83vg61h%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCtPB9QpepZeKdKdC59u8PmJeqmAWQ4YGEXLaoworwAsCNtwEQASAAYJXKhoKYB4IBF2NhLXB1Yi04NzM3NzkzMzg5NjcxNTM1yAEJqQJ_jGMqIjiyPuACAKgDAcgDAqoEhAJP0OtZ1_I-FReEEu1b1XYJN7Bo-IPb6lpnjj4x4oVcoW0j6giPr7UZA9-tRlOAX5guRohYqP3Y67j0ZLS2vaEhFPxgP-QuS2J6usst6MR8vgRRpgcfHmqd4WA-5igH-y379aEJN6Wj6335NyEFWWN6_H-C8AjC63TyqNiL44QRKZ71dhPVJIR-RjkXfTFmYQB3qJfF7xaplm4s8-3WQRiM-IjXI0R1Nl8cokKwjrOU78ncOPTNLxX_9hvte2YWSqXkRFtA0VU8elAiyTV4rOKgxheNd0dlZrlpX78DkaNGYxmeoME7Mi1-kCy92hIZ9Ye6C75r7c9hohJIHtGXknpbBYkM4uAEAYAGt9Cqy9m0z6FNoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WJSgsoLw54MD-gsCCAGADAHiDRMImoGzgvDngwMV0Jz9Bx2YiwpT0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1zwwti0WAFL0ikk2qmZuL9tYhPIQ%2526client%253Dca-pub-8737793389671535%2526adurl%253D&y=1&s=&z=0
Frame ID: DAD61C1DAEAA47ECF78DD71800D9EC3D
Requests: 5 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=12798&b=13mUbfKf2Ama9HdH9tAt2zmS2SKTGRWHx7dr&f=wAjudfjfZk3SEHRH2tEC4m9hzSATmrZTKJQ1&c=320&d=50&e=&g=ca6cf9288b5ffa853a40754ddc07265b%2F17633747351325930973&i=20363&j=24&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1705613124072&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hr2scez6rxe1adtasmt78cdtybmnj45cad7je9jxcxq9x2az4cm2b0ftwweec05j9banxtbrssvw4j1bk8t98ex83qw11hkxv8mycgfv9c26rcxexg7khj73274rn5fq330mpyt4q45qm9fda9t1h0trk99d7534ynq4fc94y3r58d935kaxmcxebbq6gpcjxjpgb5wfnrz82b8gfrjbm6w1k7jy1sthmr7e2dn2hep1tydqgkk6c5sfgveth9w4hsxqkw2akkdj7kksc3bg7jv%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCm0PWQpepZeGdKdC59u8PmJeqmAWQ4YGEXLaoworwAsCNtwEQASAAYJXKhoKYB4IBF2NhLXB1Yi04NzM3NzkzMzg5NjcxNTM1yAEJqQJ_jGMqIjiyPuACAKgDAcgDAqoEjAJP0EvPm_--F40JGJsXkGL709w-3Xb-hK9O0aQlWNW8eXKrS9niy86RMKIKVQNRDXkD1A1YVfmNcM3lD-KNIA9kIAoglKNPVJGH0h7vLcdeQjjwHAyd4b4N72NXS049xNP_7ljfI_glR5Cb6K837op1zPidyHMJ31GTKLBcU0K6gLyMTEpTdicrZfztCco4kCoBZ11vH7aeidML0FfBSVYelhoPi34Za9IRw_eWyMQ68jiQOn1IfEr0z4bQn8s12N0MmcbWGTDwWhDKdMYws5Ej1xJ01NWkgbVxc1MkSNEqPib9e4P3lA2mUErQGzXPKz3xVf_68srB3EXX2p-A9RWziFVYDHESVjdo-RQ34AQBgAbF76qXrOryphygBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYlKCygvDngwP6CwIIAYAMAeINEwiZgbOC8OeDAxXQnP0HHZiLClPQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2VhP59kPk0szm7BFx6c0fKMWvzLA%2526client%253Dca-pub-8737793389671535%2526adurl%253D&y=1&s=&z=0
Frame ID: 78476BB2BAECD4837F192904C0939695
Requests: 6 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=19769%2C196439%2C183975&b=8R3cDf8f2qZfgHJHEtxtkZEhGSwTpQZtbw6A%2CJB7Uzf5f3drKCBH6H7tptrjQtxSgT4EGaP39W%2Ce7mt3fVfrkRMajHZHet1t4jXTwSQTK3gsJxrj&f=ZxqHwfBf6A8UmHDHDtDCJQ2a6SXTQRBuY51p%2CGjMSBfpfXwxkcKHeHGtBC31dHZSYTJ78sQVeB%2CDjBS3fwfGA3rF3HmH9twCZ3kTxSmTYEXhZMAz&c=300&d=250&e=&g=d4385695d55eaa2d0e068eeee766ae09%2F15788385245188353517&i=21630%2C25174%2C20597&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1705613124106&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jb9kbepzfvrx502kdp61etz6tpvvhrbp9pn7zw7kf1cyzkhe32dc37bz27p9jzbfejkqn4gvhyxn24taffjfr08c6jq9wadzhwfpks2h53fyprpmtnc73vxm22tz0n7a91cggtjxzk8c0w31zkkbn4gr4pn6scs5t7r8pvjnys393g7ep2vz7vhan2ws0gk8g73kxtta0yg8f4y5m2psxtdrpshjn1j15m3qthwxs6b9d28ewftx2yw1gn4cssw5v7yqnr99hbftwz0tsbscfbe%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCNNT0QpepZeOdKdC59u8PmJeqmAWQ4YGEXLaoworwAsCNtwEQASAAYJXKhoKYB4IBF2NhLXB1Yi04NzM3NzkzMzg5NjcxNTM1yAEJqQJ_jGMqIjiyPuACAKgDAcgDAqoEhAJP0MwmwCg5YxAqi76R6vO-0wsn070VASjPs9c2OiFixa5HPA8Xs_2cOeog2ZfIRA948PGaJPhymlUdINExB7iuKMK_Y92kcHFIYod5hfSX4m2CSkrdThoktXTdQWyPCw_pTe2MlY4b_qUBVyUCP4Wmch4jg65jFQZmEx5WYxVM9VC6DeVfushzEVvQ-1Jz-Nc6m5JZa3HUOjBcaCmqG-sEUcW7ORfj37GfFA4lgCGr0Y7GTemDey7pckoFZn44qD0AyszTyfc6Vz0miE4SvaBbk1x3A_JuKky9OJQNvkBqq4Uhw8qghSn1CbL8UGMwkUUxi5ZlW4z9I7fkx-I-LpZAJAsTKuAEAYAG_JOsh_LJp4IroAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WJSgsoLw54MD-gsCCAGADAHiDRMIm4GzgvDngwMV0Jz9Bx2YiwpT0BUBgBcB%2526num%253D1%2526sig%253DAOD64_0ZmvmF0SkpxWZukQSu8WKxJoJ3sw%2526client%253Dca-pub-8737793389671535%2526adurl%253D&y=1&s=&z=0
Frame ID: 9F1205EC10FD6FEA45164155379A4D5F
Requests: 14 HTTP requests in this frame

Frame: https://ad4m.at/cookie-frame.html
Frame ID: 00C4FEA395ACBC8366A6B23C4B625841
Requests: 1 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=23576&b=dE7HEfkf8x8cEHjHwtEtbbrfeS4T59ATgVmM&f=K1mCRfZfjwju5HMHktzCBB4C7SAT84Jtp2Qx&c=300&d=50&e=&g=d732031732cbe6f4eec8fca0374bebe8%2F15050855953402232539&i=20774&j=14&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1705613124109&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1j353jxc9qrz19cf1s2ex4jywzkpzk5d1txg60d9wtrb4wjwarpkcstk0jfbma5k0bakh2m1yh1mt1k6dnabyey6c3g1pvfyfpeydt2t0vgdtp43k0ahx99jr7kzhkrn9d3qnwr7de9d1j5f0wh55m701492q8h8jeth3v4a67qhjtk008vjq7wn4c3qygb5034z82shekcxxq36mrn28sheqkbxkaxa08m1tmq0496zhq4z8bsj1mrv300436pd0dkmavt2nm5z8x8njqkdcyh6%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC3AQhQpepZeWdKdC59u8PmJeqmAWQ4YGEXLaoworwAsCNtwEQASAAYJXKhoKYB4IBF2NhLXB1Yi04NzM3NzkzMzg5NjcxNTM1yAEJqQJ_jGMqIjiyPuACAKgDAcgDAqoEgwJP0JhaGKntI5dxd7BZXGlZL0O9C3HOc7JjESywKmgWftaAzpJzP-Hn35jCzG8cH_tdqDJQRV0nFwNWdTfwgpVR2WPvaUSXTu6NPBng83BgIHPfHG92PQddGg61ILVNfH-7bXW61okQt1FVFUhY0bSEddHqe8NpnUhUk9G92i34hLXj8Qmm--KPrFE_4rQFE2l3Ygm0PGiwkoqaF91X_DPEbYpYVo88pFSsqMNXy3d6ACrRkQHgC7tzaV8H58OEY3CDtZewRlvu1-SImh56lsKIwIesI21zl4a8JpYFVLQJ2s4GiBWhWuUADgqA6di9tEPn295qaPGoshRHIbqKIDeNko7Y4AQBgAa30KrL2bTPoU2gBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYlKCygvDngwP6CwIIAYAMAeINEwidgbOC8OeDAxXQnP0HHZiLClPQFQGAFwE%2526num%253D1%2526sig%253DAOD64_178tbH9G9URzUp7AZay1k0biEWrw%2526client%253Dca-pub-8737793389671535%2526adurl%253D&y=1&s=&z=0
Frame ID: 8815D4862167B0E789B3FED548924E35
Requests: 5 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=19491&b=EjgSDfEf8YMUzHAHjt4t44bfKSVTYr3hBgQ5&f=ADYaYfqf7JdtAHRH4tMCMMGsRS4TRrAH3JMm&c=300&d=50&e=&g=f1811c35ca41d34fd65ae3a475b0e4e5%2F9585655961760570765&i=20773&j=14&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1705613124109&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1h6aemsdhc4kk1s4jngmaf3wakmv8zv0jhczy80hd8egmcqzxjdd6s018fxx57a29swsk2fjzb4sp7pnabxzz77zdr8bqzfmvcvjwdxwfmcasc30arfqc0rqmv1c0xft6979x91y7pktcht9x3kyqmnmg0pnmg2qs6x5nf8a9xjmt8pjjqvkk0gn1kcaw4nmz8p0htrya5pqy6d7p6y0cykpzfme8871m06f8axhq4gwjr3nnvvhmkqsmb0jp0qe440ky656k3b0yfdvzw133vx3%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DChPcsQpepZeadKdC59u8PmJeqmAWQ4YGEXLaoworwAsCNtwEQASAAYJXKhoKYB4IBF2NhLXB1Yi04NzM3NzkzMzg5NjcxNTM1yAEJqQJ_jGMqIjiyPuACAKgDAcgDAqoEgwJP0ETFi-D7ciiTFDJYeBCBditdVJ4a9sKhVtl9jwMfXkwI5DNsKWLd3Z1ocT5AG2UufrWAYt9mMud9y5pQXKkxx0c-HPLFoshxX2OmwVXNDAKna8hTgoCBdRyZj7wSLI0HzsS9Y5MY1R7ZcYRq4JEGLxHx4eCKsDjsniqSa09nhArmy0_t2fMRIIhARQK7DndYCDK2b6coX-P_jltr-70fXlGLZ3ktiNuyQBDK2PRsKjUeahB_JMgGsgKcslN7P42VfdMSC0fztYQKsLLXpKIwsZnOGTi96tKq82vwjPB2Po-7wV_NKhAnXSfi9olNlm_1A1QzYq2a7x0bjaXLq4iSTZbr4AQBgAa30KrL2bTPoU2gBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYlKCygvDngwP6CwIIAYAMAeINEwiegbOC8OeDAxXQnP0HHZiLClPQFQGAFwE%2526num%253D1%2526sig%253DAOD64_0gYVPiK-bFPhR6od-6LJWulx-5lQ%2526client%253Dca-pub-8737793389671535%2526adurl%253D&y=1&s=&z=0
Frame ID: 3819189DEF3E2D4B89A59D61D8C4347A
Requests: 5 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=199445&b=Rx3HgfQfGzwYCkHwH3tQt4dYF9SzTYMAhB3zZ&f=QxWH4fjfP65ZHxH5HYt9C6ZmH6S4TGD4HEzJ5&c=300&d=50&e=&g=7b4ad5b854ff9ef9bb7978ced8ef2386%2F8179706762366311116&i=30890&j=16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1705613124123&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jwgbhy018eewg53ten630360e4zn7cs19hb9rmxrqr5vfmdvqkhy6bn0gp7d9685etm8yza3a49bprebt9wxkwpwwadbms812dbwab72c3ejbm4qr98vn3gdxbdkcrns684gwwywth290qmbfkweqpq9jdh7y4m3nx3kq9a0b4s26rbdq6rc18jpdxcxgdahmtm2g53c9xxbfbfspg3m00ne69g3gf9dskgvtd2mgpefrffvyqhxemeghakwds27q4kscbh04e77b7zf9jrje3s%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCTpZ8Q5epZbObE4zG7_UP9Kq4uAWQ4YGEXLaoworwAsCNtwEQASAAYJXKhoKYB4IBF2NhLXB1Yi04NzM3NzkzMzg5NjcxNTM1yAEJqQJ_jGMqIjiyPuACAKgDAcgDAqoEiQJP0OkgxITHVZOI1453C2XKum5n-Q4SxwuH2zSO_5ruY-lT8D1wqSULVmBfMP1jmJTQo-MCB_gnXAFGNNI4iFKa4KTNP866Rh2yciNJeY_SQftNFLguL_c3vp35eILbhMvguRyNAIKiYE4u8Dqj3PiUynR6omSY8TaGlmXo66ysgjy_QewFSDLs_N7bFYRjlBbFBkfWjxhVBwy-VrwlgKCBmW6lA9jxELDTZJfjFgpEhiWHV7tloHUw3roDIXYWgN5t5EkbTtDY_1o-XrCsd3YTleNwKe2vVSRGMts0Q4XSyCUGlpDejkSLUtR9k8cV-jeOhxD7qbDQ2B0BYP8Jnjff4q_ZgF00p3my4AQBgAa30KrL2bTPoU2gBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYn7DvgfDngwP6CwIIAYAMAeINEwjr3O-B8OeDAxUM47sIHXQVDlfQFQGAFwE%2526num%253D1%2526sig%253DAOD64_3MnQzipmEEKofrvyluvTpnUjWdXQ%2526client%253Dca-pub-8737793389671535%2526adurl%253D&y=1&s=&z=0
Frame ID: 6571E873B2AC819AC100F39F74997221
Requests: 5 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=29002%2C685%2C197862&b=ZxqHwfBfMzDtmHDHDt3t6R4T6SXTQRBuY51p%2CYxRHrf3fkXaVH9HetQteg5ukS1Td9rF1Z6q%2CRx3HgfQfGPqeUkHwH3tQtw2A7u9SzTYMAhB3zZ&f=9jbSMfmfGdBtKHBH2tzCVWAc9SmTzPMfrbJW%2Cq42umfWfAzSZHgHDtRCwrdHeSgTJD5sq4xM%2CQxWH4fjfP93YUxH5HYt9CbqrpT6S4TGD4HEzJ5&c=300&d=250&e=&g=9386754a2ee639bbd1c939ab1bfc040f%2F4994517816740415661&i=25052%2C17908%2C71725&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1705613124126&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jsy38rndxpbqy3a14gtsyamggmz9fz74tzagwfzx6660xcsr2cr8kg5p9t0nzctvzfdc9pkkaahgck540krg15mahb1r38mdb6v296pb568a493bxzsnbh4j860fm0jf5t00hfc58n58ehc69n9n36zadpwbva1j93mgpnr9rtc8jmf4q7wpededw41yty2kydadmdqygv4jmyscfeypgyabmwg9zv64natxevfajdjeknxqqdnfev5c7r21gh7d9770ndqcjr9p4ss8x5qeceq%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC4HAoQpepZeedKdC59u8PmJeqmAWQ4YGEXLaoworwAsCNtwEQASAAYJXKhoKYB4IBF2NhLXB1Yi04NzM3NzkzMzg5NjcxNTM1yAEJqQJ_jGMqIjiyPuACAKgDAcgDAqoEgwJP0EQZSy_YxyYeWJe0FvzAOgF9DCM-wvvMcIByxHSDvj57eYTD4yANOmWaZ7CjNBvrdCegGDx910UNaA2OgLtvj8bPhgQsa7qZHYh-7UFjOclPSV162U_3WXDd72JYIU96QVooo35aOoY0yYkSz7DHYrmwrvx6uA02_xbalcflZx29ydNrtNsPgBEiT4Qre0R1JBUC-kXhDWcP0zG_FFx2v97wpWyPC6eGNj26KYVLxkrJFGrUr2jetGmXcofo4-bUVJWxJNNp3DL22jp_9vZ7pRw23y9k9yi4RPsaU8F7GFFoo37POcrwhHKN520scucETRTkXGCDmzgQ77ED_4FbF7i-4AQBgAb8k6yH8smngiugBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYlKCygvDngwP6CwIIAYAMAeINEwifgbOC8OeDAxXQnP0HHZiLClPQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2Voj4mfJ1FTjTsOig2RUYFg9HoZw%2526client%253Dca-pub-8737793389671535%2526adurl%253D&y=1&s=&z=0
Frame ID: 5E8C6B7FA18E0569F4D2E0D11F09FE34
Requests: 14 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=765&b=7QWSqfzf38crHXHgtAtBGMc4S1TQ8Eu2k1j&f=EjgSDfEfgVhzHAHjt6Cq6daKSVTYr3hBgQ5&c=320&d=50&e=&g=9bebf31ccf8e26ddff68d7a51cc1fd13%2F13672119027642775347&i=1676&j=4&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1705613124273&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1j5prascqfywdpt0z48wb5frb6gfk04f4yr821nyb04jdrcjse6k24xa3v4kt6k0jcmkhdn2gd4jvb2y93s6q3q1s8wna9fyere8c9vtgnmfj33s99by27rh0949x4cp8hnhag1cpp5aan8xzdeyyeps3m8ktcb8h44xy4vt1r71hkesf9s1x5h3kh2r40tgfcta40npv0r36dq3fbw1bbv43qnt1t0v0xx5dr9xpda4c50wwtxr3x8ekwtm2e0e0df9bryjnf1wmfsqvav4e625%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCohtDQ5epZeihH8_89u8P472V8AeQ4YGEXLaoworwAsCNtwEQASAAYJXKhoKYB4IBF2NhLXB1Yi04NzM3NzkzMzg5NjcxNTM1yAEJqQJ_jGMqIjiyPuACAKgDAcgDAqoEiQJP0G-PNPT9Fjth6QpbvKN1FDJz39Zp6JKsZMCWIo4SXnv02uFS---wKG7-WXfB9z3CPaF7SxjuJwUV1LFTEamg3_uy7PWbzdZy8VNkwxc99dkuySH3e-wtg0YxU7VlL2UiVonkpl_EULtaHYnnOV1ZSOhl8vXHMJmA2OrUaiIsZX7bcciB-SAvKvE6erHLsrP43phz16ih-ofYBn7M-C1JP3J43NPcwTvmN8y_1y_OadOSCMnY2eLQ4_Qk_w7Ym7qcTSgKxhKBKLTwpbxpF7gGsuCumJ-x5t0hRGXFN8fTEMDUPQrJpDb59d3lYvRuuNBl21B1j0Yfb4gK3yR_71XzD3rDwvicVs0Y4AQBgAbF76qXrOryphygBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYqvnvgfDngwP6CwIIAYAMAeINEwj-wPCB8OeDAxVPvv0HHeNeBX7QFQGAFwE%2526num%253D1%2526sig%253DAOD64_12Y0Xy455BLkZuiWwmasQGap0LiA%2526client%253Dca-pub-8737793389671535%2526adurl%253D&y=1&s=&z=0
Frame ID: DA0178FAD5E9DEEF865971E6BA5F08E1
Requests: 5 HTTP requests in this frame

Frame: https://www.eprimo.de/postview?hp=8000001991&pvid=65a99744141e30d18afb40f5&gdpr=0&gdpr_consent=&gdpr_pd=0
Frame ID: 48ACE93423DADE3E5A30DBFFE42C3035
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

50-Pips a Day Forex Strategy – Forexone Alghtas

Page URL History Show full URLs

https://short-jambo.ink/CFx1GV8K HTTP 302
https://forexone.alghtas.xyz/?cdf_ghjk=CFx1GV8K HTTP 307
https://forexone.alghtas.xyz/50-pips-a-day-forex-strategy/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

DoubleClick Ad Exchange (AdX) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

tpc\.googlesyndication\.com/safeframe

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Revslider (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

/revslider/[/\w-]+/js

Webgains (Affiliate programs) Expand

Overall confidence: 100%
Detected patterns

analytics\.webgains\.io

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

455
Requests

84 %
HTTPS

42 %
IPv6

60
Domains

71
Subdomains

50
IPs

10
Countries

4356 kB
Transfer

12445 kB
Size

60
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://mhma12.tech/
Title: Devloped By Youssef Sayed

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://short-jambo.ink/CFx1GV8K HTTP 302
https://forexone.alghtas.xyz/?cdf_ghjk=CFx1GV8K HTTP 307
https://forexone.alghtas.xyz/50-pips-a-day-forex-strategy/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 23

https://unpkg.com/just-detect-adblock@latest/dist/bundle.umd.js HTTP 302
https://unpkg.com/just-detect-adblock@1.1.0/dist/bundle.umd.js

Request Chain 89

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEGe2z5xjWouKPCbB5_rDwac&google_cver=1&google_push=AXcoOmR4W-dSHPijDPfXSFQK24RcP3OK1Yjx0BtqzKcYuISO7rrH9CTFaHFr1UHPNgpDsBuut5sk7jHFuJWibocxsEYwNrWYXkv9 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmR4W-dSHPijDPfXSFQK24RcP3OK1Yjx0BtqzKcYuISO7rrH9CTFaHFr1UHPNgpDsBuut5sk7jHFuJWibocxsEYwNrWYXkv9&google_hm=OUw8FIbKQUOxbFOJ3GigvoQ

Request Chain 91

https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESELDOLHanQMdEC-Ak-gMsEX0&google_cver=1&google_push=AXcoOmQKtfpejY6hq-YJA0qcffMAbozsLwlDiWbYuq4rYDH_9jMwvGqYasEQ__uPw7lT1mDzwNLEJOLgNLHx8o1TFKRIL8GNwdhk HTTP 302
https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=AXcoOmQKtfpejY6hq-YJA0qcffMAbozsLwlDiWbYuq4rYDH_9jMwvGqYasEQ__uPw7lT1mDzwNLEJOLgNLHx8o1TFKRIL8GNwdhk&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&cb=1705613123093 HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-b602f861-db43-4b8f-ab75-6be300187185-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAXcoOmQKtfpejY6hq-YJA0qcffMAbozsLwlDiWbYuq4rYDH_9jMwvGqYasEQ__uPw7lT1mDzwNLEJOLgNLHx8o1TFKRIL8GNwdhk%26google_hm%3DA7YC-GHbQ0uPq3Vr4wAYcYU HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AXcoOmQKtfpejY6hq-YJA0qcffMAbozsLwlDiWbYuq4rYDH_9jMwvGqYasEQ__uPw7lT1mDzwNLEJOLgNLHx8o1TFKRIL8GNwdhk&google_hm=A7YC-GHbQ0uPq3Vr4wAYcYU

Request Chain 92

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEAbLNg_MflEEffMrwLwCcjk&google_cver=1&google_push=AXcoOmSlURIfs31RaDFDY7zSi8Oi0yEkFmpaSiHqqpwQS6pJUXFqXe4971FRZw4QToVRYDjNrlBgQCUxKW4Qord_tOvIV5Z624Y HTTP 302
https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=AXcoOmSlURIfs31RaDFDY7zSi8Oi0yEkFmpaSiHqqpwQS6pJUXFqXe4971FRZw4QToVRYDjNrlBgQCUxKW4Qord_tOvIV5Z624Y&google_gid=CAESEAbLNg_MflEEffMrwLwCcjk HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NDM4NzM2ODk5NTcwODgwMTI2MTE4Nw%3D%3D&google_push=AXcoOmSlURIfs31RaDFDY7zSi8Oi0yEkFmpaSiHqqpwQS6pJUXFqXe4971FRZw4QToVRYDjNrlBgQCUxKW4Qord_tOvIV5Z624Y

Request Chain 93

https://csync.loopme.me/?pubid=11537&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT_109}&redirect=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dloopme_eb_%26google_hm%3D{viewer_token}&google_gid=CAESENon6fUiWoIVOmAIryvf0kI&google_cver=1&google_push=AXcoOmTWFBh8SEZn4WLttBZpi_DNH3KbDviTbmfrWFXzht-V1mzVCoBM4d13WEJ9_LJiZkv9mjiRD2Ez0yd_UGSYqbUv8FXkN2OIAQ HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=loopme_eb_&google_hm=72985f67-0d94-46b6-93f3-2ef826fd1493&google_cver=1&google_gid=CAESENon6fUiWoIVOmAIryvf0kI&gdpr_consent=${GDPR_CONSENT_109}&google_push=AXcoOmTWFBh8SEZn4WLttBZpi_DNH3KbDviTbmfrWFXzht-V1mzVCoBM4d13WEJ9_LJiZkv9mjiRD2Ez0yd_UGSYqbUv8FXkN2OIAQ&gdpr=${GDPR}

Request Chain 112

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEEuQQkGH5TGJUkWHX3UDTP8&google_cver=1&google_push=AXcoOmR1r4jhZn47gN8O7gKD0RBcZX1HqVlowoC2UmQrhYjux5qHF4We0lMwxwEDahMSUkv_GAgM5uezlGUn4Pzt1XTiOI_LXvvK HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzMyNTU1MjU4MjkyMjUzMzAwOQ%3D%3D&google_push=AXcoOmR1r4jhZn47gN8O7gKD0RBcZX1HqVlowoC2UmQrhYjux5qHF4We0lMwxwEDahMSUkv_GAgM5uezlGUn4Pzt1XTiOI_LXvvK

Request Chain 113

https://d5p.de17a.com/cookies/google?google_gid=CAESEF_1MggCnfVh9mDZOD_n8RQ&google_cver=1&google_push=AXcoOmRuQGq2v3dYUR_6kTT7R4lJ6upWSpERWE6G6n65YyiLeOEqCflVO8yMh5oIW779AfoOUNFPLkPuFyh_N1Z7n-ut_mBGa9s9 HTTP 302
https://d5p.de17a.com/cookies/google;c?google_gid=CAESEF_1MggCnfVh9mDZOD_n8RQ&google_cver=1&google_push=AXcoOmRuQGq2v3dYUR_6kTT7R4lJ6upWSpERWE6G6n65YyiLeOEqCflVO8yMh5oIW779AfoOUNFPLkPuFyh_N1Z7n-ut_mBGa9s9 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmRuQGq2v3dYUR_6kTT7R4lJ6upWSpERWE6G6n65YyiLeOEqCflVO8yMh5oIW779AfoOUNFPLkPuFyh_N1Z7n-ut_mBGa9s9

Request Chain 114

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEPOaCkUWrCTP7Qqh-C2zcuE&google_cver=1&google_push=AXcoOmSJ_AEpDdfnIH6pP9Ud0ZSUGsMAmcip3MZEIid5dZ-VyvXeZiFni8Gp-PerMTMaM4qceOBTbrQwF5vKtOSXSEOAXbM3Upgp HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFJKUTBLUkktMTItTDZEQQ==&google_push=AXcoOmSJ_AEpDdfnIH6pP9Ud0ZSUGsMAmcip3MZEIid5dZ-VyvXeZiFni8Gp-PerMTMaM4qceOBTbrQwF5vKtOSXSEOAXbM3Upgp

Request Chain 115

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESENxJXqfCSbRAUB--9lWnqH0&google_cver=1&google_push=AXcoOmT1xXwoYTJswCE2k4db46tgSZMOPB9K8Vu3GmDb8PeQMxUyEKLo637QkZ8CG81AEg6EOicRvCg7NltGaPHHinIY9OmHAzJB HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESENxJXqfCSbRAUB--9lWnqH0&google_push=AXcoOmT1xXwoYTJswCE2k4db46tgSZMOPB9K8Vu3GmDb8PeQMxUyEKLo637QkZ8CG81AEg6EOicRvCg7NltGaPHHinIY9OmHAzJB&s=184023&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESENxJXqfCSbRAUB--9lWnqH0&google_hm=ZamXQ8kTC2CPqI4ALfC4TQAAFEYAAAAB&google_nid=index&google_push=AXcoOmT1xXwoYTJswCE2k4db46tgSZMOPB9K8Vu3GmDb8PeQMxUyEKLo637QkZ8CG81AEg6EOicRvCg7NltGaPHHinIY9OmHAzJB

Request Chain 116

https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEMiXPWLDI5d8j13SdVuzSLQ&google_cver=1&google_push=AXcoOmR-7ei_NM7vCvgvPH0oLqAUJ-7yelFEi02x2jsLPAljNHDxhclA9nNTVFMd64viO2PZz2godRnd0lF6QzSMZUKqDlz7gQWBXg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmR-7ei_NM7vCvgvPH0oLqAUJ-7yelFEi02x2jsLPAljNHDxhclA9nNTVFMd64viO2PZz2godRnd0lF6QzSMZUKqDlz7gQWBXg HTTP 302
https://onetag-sys.com/match/?int_id=19&google_error=5

Request Chain 167

https://a.tribalfusion.com/i.match?p=b6&u=CAESEDOdZ5X2RKdgbP26YVSHzHQ&google_cver=1&google_push=AXcoOmTIy63-eKtzR6o0V3FfsEUCJpLFdvFZNDsU6MHZtK-5NkFI8slXkZM6w-0CkimiaFk-U0_stE9-cUT0zh26gDyXwSzMxTY3&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmTIy63-eKtzR6o0V3FfsEUCJpLFdvFZNDsU6MHZtK-5NkFI8slXkZM6w-0CkimiaFk-U0_stE9-cUT0zh26gDyXwSzMxTY3%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEDOdZ5X2RKdgbP26YVSHzHQ&google_cver=1&google_push=AXcoOmTIy63-eKtzR6o0V3FfsEUCJpLFdvFZNDsU6MHZtK-5NkFI8slXkZM6w-0CkimiaFk-U0_stE9-cUT0zh26gDyXwSzMxTY3&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmTIy63-eKtzR6o0V3FfsEUCJpLFdvFZNDsU6MHZtK-5NkFI8slXkZM6w-0CkimiaFk-U0_stE9-cUT0zh26gDyXwSzMxTY3%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24

Request Chain 168

https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEAy3By481vb1E-WOTR1BpSQ&google_cver=1&google_push=AXcoOmRxgQw7L2A0ElKdr470CeGafVjWBCvEbjybYx3DvGfoxoY8zHF9_M9Rd_a6e_aBUz-5pQTU-QavtJmlXB4_elI11ZYQX20S HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=blismobile&google_push=AXcoOmRxgQw7L2A0ElKdr470CeGafVjWBCvEbjybYx3DvGfoxoY8zHF9_M9Rd_a6e_aBUz-5pQTU-QavtJmlXB4_elI11ZYQX20S&google_hm=hmWpl0NS2v1X277rKQ&google_redir=https%3A%2F%2Ftr.blismedia.com%2Fv1%2Fredirect%2FAdxPixel%3F%25%25GOOGLE_ERROR_PAIR%25%25%26partner_device_id%3D65A9974352DAFD57DBBEEB29BLIS

Request Chain 169

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEBBtuU_dS5Hx51yzRcE1HE0&google_cver=1&google_push=AXcoOmQe8dKe2mawOy5_8WvhoLjBoM_9tVhIKKH-UY0PR9cBVQqzIRb_JcH8Gwa7IEcVvSepILz77J2_418o4ockKW7ZL5qs1a8s HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzMyNTU1MjU4MjkyMjUzMzAwOQ%3D%3D&google_push=AXcoOmQe8dKe2mawOy5_8WvhoLjBoM_9tVhIKKH-UY0PR9cBVQqzIRb_JcH8Gwa7IEcVvSepILz77J2_418o4ockKW7ZL5qs1a8s

Request Chain 170

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEPzJkiyolE_JIPXf5phvlLw&google_cver=1&google_push=AXcoOmSpTuV93mKssat1T5IkmhDOY4RD_0nVIViyK0_yRZoCpAfrSh4zjYvZ9SzLx5em2flUf5Tvo-XGpz8LzF3pilc7bSl5If-Y HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEPzJkiyolE_JIPXf5phvlLw&google_cver=1&google_push=AXcoOmSpTuV93mKssat1T5IkmhDOY4RD_0nVIViyK0_yRZoCpAfrSh4zjYvZ9SzLx5em2flUf5Tvo-XGpz8LzF3pilc7bSl5If-Y HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTU3NjQ1MzY3ODUwNDMxMzk1NA&google_push=AXcoOmSpTuV93mKssat1T5IkmhDOY4RD_0nVIViyK0_yRZoCpAfrSh4zjYvZ9SzLx5em2flUf5Tvo-XGpz8LzF3pilc7bSl5If-Y

Request Chain 171

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEOOLl4HdO6wk_HBVHDQL7mI&google_cver=1&google_push=AXcoOmTJLmHhO2kIm1ZNkdwezKrzWG47tezQJ-VPqvJS3onLLHaVcuZpTHWgOTOdeiPJw7fm9Xw_YMvP3k7tB6epEoQPOP14I4Q HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFJKUTBLWEctMVctR0Y3VA==&google_push=AXcoOmTJLmHhO2kIm1ZNkdwezKrzWG47tezQJ-VPqvJS3onLLHaVcuZpTHWgOTOdeiPJw7fm9Xw_YMvP3k7tB6epEoQPOP14I4Q

Request Chain 172

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEPX68Qkpa5P05eF1nvVmwFU&google_cver=1&google_push=AXcoOmSv2Gj4fJmzrlTyg1YNWOvT8VKQHoUcVbauY7TPcJpjeHLo3i_eI8oH_8IOhajuGrZzeay37lAvgyEUq9DgwyLYAiqnYtPs HTTP 302
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEPX68Qkpa5P05eF1nvVmwFU&google_hm=ZamXQ8kTC2CPqI4ALfC4TQAAFEYAAAAB&google_nid=index&google_push=AXcoOmSv2Gj4fJmzrlTyg1YNWOvT8VKQHoUcVbauY7TPcJpjeHLo3i_eI8oH_8IOhajuGrZzeay37lAvgyEUq9DgwyLYAiqnYtPs

Request Chain 191

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEERuGjBsDvuRcJkVPRqLHjQ&google_cver=1&google_push=AXcoOmQlPwht8TNEpyk6aQJyRew1_y1-u-ZWQwDgmKlYv1ZQ5d-3f58UUC5ykbxBLrfqqiFUl-8CkHD2mLAluXtQRZvFoj2zvQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmQlPwht8TNEpyk6aQJyRew1_y1-u-ZWQwDgmKlYv1ZQ5d-3f58UUC5ykbxBLrfqqiFUl-8CkHD2mLAluXtQRZvFoj2zvQ&google_hm=OUw8FIbKQUOxbFOJ3GigvoQ

Request Chain 194

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEOOLl4HdO6wk_HBVHDQL7mI&google_cver=1&google_push=AXcoOmTond2HQ0cvAZezObWCDcXGM2p356VoOj0sdc3Bop0wrIR4wfMTsJGstcvpCnBd69s5_tgXnolHtfWKBSi3od41pbydew HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFJKUTBLWVItVS0xS1Fa&google_push=AXcoOmTond2HQ0cvAZezObWCDcXGM2p356VoOj0sdc3Bop0wrIR4wfMTsJGstcvpCnBd69s5_tgXnolHtfWKBSi3od41pbydew

Request Chain 195

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESED2DOWHjVfeI3pmI13jmFC8&google_cver=1&google_push=AXcoOmQS_UUKObczfCJ7_6l9-bIcYtQir0j_3E2yqINl6Funwq28xdGMqHH8ARXtR7ATZPofAaBrRTBooXivb7oxSeBt7cXmF1s HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NDM4NzM2ODk5NTcwODgwMTI2MTE4Nw%3D%3D&google_push=AXcoOmQS_UUKObczfCJ7_6l9-bIcYtQir0j_3E2yqINl6Funwq28xdGMqHH8ARXtR7ATZPofAaBrRTBooXivb7oxSeBt7cXmF1s

Request Chain 196

https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEDClDqMGQj27EjQUuG4aV7E&google_cver=1&google_push=AXcoOmQrbsWIl0ptHZWFLnGJag-niB62S8osr5EOHLwtqcyenMgt10NdOHUcOAnVBJe9PCb5ygyAP81GoEGIrQMoZZmS5xiooTKv HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmQrbsWIl0ptHZWFLnGJag-niB62S8osr5EOHLwtqcyenMgt10NdOHUcOAnVBJe9PCb5ygyAP81GoEGIrQMoZZmS5xiooTKv HTTP 302
https://onetag-sys.com/match/?int_id=19&google_error=5

Request Chain 199

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEButh8ad-OB3_ot5f5TPI2Y&google_cver=1&google_push=AXcoOmSbuAw747GZbDI8-5YBs090Bx9yLeVV3s9tIX6E-iRcktuFx0xG1m06PalciNsJkqIC5xiA7ch1ioiCzz_YeMNZtkY8sVpf HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEButh8ad-OB3_ot5f5TPI2Y&google_push=AXcoOmSbuAw747GZbDI8-5YBs090Bx9yLeVV3s9tIX6E-iRcktuFx0xG1m06PalciNsJkqIC5xiA7ch1ioiCzz_YeMNZtkY8sVpf

Request Chain 200

https://um.simpli.fi/gp_match?google_gid=CAESEM7lxsAL1oSQsAxMklFmW9U&google_cver=1&google_push=AXcoOmQRU2Lqh8F2KqNVucZ2CyCRyHvjHGigRRKmnAQogsb_HYTzSF9vaRrgjyx6RsozHXGudlaVCSjBSbh_5OE90P4_7g-H01Puzw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=F20DEAF8D8DC4AA0B83A8CC34A47602A&google_push=AXcoOmQRU2Lqh8F2KqNVucZ2CyCRyHvjHGigRRKmnAQogsb_HYTzSF9vaRrgjyx6RsozHXGudlaVCSjBSbh_5OE90P4_7g-H01Puzw

Request Chain 202

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEPzJkiyolE_JIPXf5phvlLw&google_cver=1&google_push=AXcoOmQ92uSWt2EAxJf0NhP7eLlh8GAwAF9ESIl_GgoLi3EP9mS6sR82jWgNbrJLEsj-FInKo-lO_iEbNdiRTtkBZUdD3PKx5Jx1Qw HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEPzJkiyolE_JIPXf5phvlLw&google_cver=1&google_push=AXcoOmQ92uSWt2EAxJf0NhP7eLlh8GAwAF9ESIl_GgoLi3EP9mS6sR82jWgNbrJLEsj-FInKo-lO_iEbNdiRTtkBZUdD3PKx5Jx1Qw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDA4NjUzNzg4ODc0MTQ1MjEyOA&google_push=AXcoOmQ92uSWt2EAxJf0NhP7eLlh8GAwAF9ESIl_GgoLi3EP9mS6sR82jWgNbrJLEsj-FInKo-lO_iEbNdiRTtkBZUdD3PKx5Jx1Qw

Request Chain 268

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEM7cFoSR8rL1deY98CQamKA&google_cver=1&google_push=AXcoOmTb1kuHOz3F3KAL7WSqMB5mLuCe7azQPQWX6S2zllS3BQMUq8SIgVXx1hNyaA5-YZH37yvkmjg_lr6pCLjahi81O3ISTx5czg HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEM7cFoSR8rL1deY98CQamKA&google_cver=1&google_push=AXcoOmTb1kuHOz3F3KAL7WSqMB5mLuCe7azQPQWX6S2zllS3BQMUq8SIgVXx1hNyaA5-YZH37yvkmjg_lr6pCLjahi81O3ISTx5czg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=Sk5rc2xKMmQxUnF6VDU1&google_gid=CAESEM7cFoSR8rL1deY98CQamKA&google_cver=1&google_push=AXcoOmTb1kuHOz3F3KAL7WSqMB5mLuCe7azQPQWX6S2zllS3BQMUq8SIgVXx1hNyaA5-YZH37yvkmjg_lr6pCLjahi81O3ISTx5czg

Request Chain 269

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEERuGjBsDvuRcJkVPRqLHjQ&google_cver=1&google_push=AXcoOmRxZ6QTsNv6gZcBTB255sZ3A4NYoozZTbi9aH95AgX9xIfw5R0j2YRRWkzS9gV4HOoDH2NwrDmaXC8YgZm4p9kjVRZYWdhnMQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmRxZ6QTsNv6gZcBTB255sZ3A4NYoozZTbi9aH95AgX9xIfw5R0j2YRRWkzS9gV4HOoDH2NwrDmaXC8YgZm4p9kjVRZYWdhnMQ&google_hm=OUw8FIbKQUOxbFOJ3GigvoQ

Request Chain 271

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEPzJkiyolE_JIPXf5phvlLw&google_cver=1&google_push=AXcoOmRR24mNH9vQirmxzX1ZhIYfJRB1QM3SYVQrqm5k9EWqBIhcbBvlStuBZxYcV2HIWI-vmU0kWPhOHdtgRJ2QZsXDjo1VFMjl HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDA4NjUzNzg4ODc0MTQ1MjEyOA&google_push=AXcoOmRR24mNH9vQirmxzX1ZhIYfJRB1QM3SYVQrqm5k9EWqBIhcbBvlStuBZxYcV2HIWI-vmU0kWPhOHdtgRJ2QZsXDjo1VFMjl

Request Chain 273

https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEB0TfIN8eWoccHj83rnLB6U&google_cver=1&google_push=AXcoOmSUeX1H4Y_tJD2-katopFIt-YUEMxP_oebFksT2I3yCGQJ3jaYN5uFthim2EWlcHbMSpMHDz4JbPJ0utFI-XFR2NZJmhxHy2A HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-b602f861-db43-4b8f-ab75-6be300187185-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAXcoOmSUeX1H4Y_tJD2-katopFIt-YUEMxP_oebFksT2I3yCGQJ3jaYN5uFthim2EWlcHbMSpMHDz4JbPJ0utFI-XFR2NZJmhxHy2A%26google_hm%3DA7YC-GHbQ0uPq3Vr4wAYcYU HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AXcoOmSUeX1H4Y_tJD2-katopFIt-YUEMxP_oebFksT2I3yCGQJ3jaYN5uFthim2EWlcHbMSpMHDz4JbPJ0utFI-XFR2NZJmhxHy2A&google_hm=A7YC-GHbQ0uPq3Vr4wAYcYU

Request Chain 274

https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEDClDqMGQj27EjQUuG4aV7E&google_cver=1&google_push=AXcoOmTIfMjQBTHSJu_h4VSFbenxFnwZouNzAdpFOfro6VyDiTDBXqqLk2XGhQCIz9ecSDf2oOdqXcCyfw3aIIw86XnF7Of2rJ-ALMI HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmTIfMjQBTHSJu_h4VSFbenxFnwZouNzAdpFOfro6VyDiTDBXqqLk2XGhQCIz9ecSDf2oOdqXcCyfw3aIIw86XnF7Of2rJ-ALMI HTTP 302
https://onetag-sys.com/match/?int_id=19&google_error=5

Request Chain 276

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEFj4FlBtx1fMzOpc2BjyNWA&google_cver=1&google_push=AXcoOmTo4H69pI6jdgQ8KYHCWG3yxZPJW5KASwV9aEa0c3z7PS7sJudbCET-QqXRh8ZMdsFV3LdkH-OzcKn-JyxJEkCqizn2Wq9MMA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=ODQ3NjE5NDU5NjU5NzAzNzU0MA==&gdpr=&gdpr_consent= HTTP 302
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEEbNVRoPiJq9ZqSRkUndQ4E&google_cver=1

Request Chain 278

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESECWT-EZbh5wPFGQbKP0VhDw&google_cver=1&google_push=AXcoOmQJTqkY2N2zrzDFotNfja9ctjwhuIn-uMFfBQN5eZKsup998TDC2sFr85dWmF4xQasbSJZHRIJ2kBmpfu-pvlaMkk-lIT-RkA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmQJTqkY2N2zrzDFotNfja9ctjwhuIn-uMFfBQN5eZKsup998TDC2sFr85dWmF4xQasbSJZHRIJ2kBmpfu-pvlaMkk-lIT-RkA&google_hm=eS1tREVzSF90RTJwSGJVSDRrZEp4dHdMT2JaUjYzeXdFSX5B

Request Chain 280

https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEI-SGE3-_nj4hViS3NvAMNk&google_cver=1&google_push=AXcoOmT4jPsrcD0wI0ibJfLtEIZCbYpRyLst-KWvLon7OxZI1y1Ayq0Q-6kXQJVHw0og-C-rf0YXtoiR1l5Me-kdgawzAtoZaLWlBw HTTP 307
https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEI-SGE3-_nj4hViS3NvAMNk&google_cver=1&google_push=AXcoOmT4jPsrcD0wI0ibJfLtEIZCbYpRyLst-KWvLon7OxZI1y1Ayq0Q-6kXQJVHw0og-C-rf0YXtoiR1l5Me-kdgawzAtoZaLWlBw&sovrn_retry=true HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmT4jPsrcD0wI0ibJfLtEIZCbYpRyLst-KWvLon7OxZI1y1Ayq0Q-6kXQJVHw0og-C-rf0YXtoiR1l5Me-kdgawzAtoZaLWlBw&google_hm=IA5FAGZHC1Scwzr8SSeSqMQm

Request Chain 281

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEDClDqMGQj27EjQUuG4aV7E&google_cver=1&google_push=AXcoOmQRsRiQ8sbQuFylqHZ7my_t5YqNtr-3ThbbHFkAszPj-P3PaI1kGbZt65QpwvBRyCEIL0AUAxMtcycZoEYJzIZCvC1IGdyY5g HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmQRsRiQ8sbQuFylqHZ7my_t5YqNtr-3ThbbHFkAszPj-P3PaI1kGbZt65QpwvBRyCEIL0AUAxMtcycZoEYJzIZCvC1IGdyY5g

Request Chain 282

https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEB0TfIN8eWoccHj83rnLB6U&google_cver=1&google_push=AXcoOmQJXaVGmAo4PMJvbaCa6Le4-RVt_0JQ0wETHYfJo-0fOBVEnH-oYp_UybzogGz_lD8_vhaEDTkVqEE5SvFp3InJXlW7xInpAg HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-b602f861-db43-4b8f-ab75-6be300187185-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAXcoOmQJXaVGmAo4PMJvbaCa6Le4-RVt_0JQ0wETHYfJo-0fOBVEnH-oYp_UybzogGz_lD8_vhaEDTkVqEE5SvFp3InJXlW7xInpAg%26google_hm%3DA7YC-GHbQ0uPq3Vr4wAYcYU HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AXcoOmQJXaVGmAo4PMJvbaCa6Le4-RVt_0JQ0wETHYfJo-0fOBVEnH-oYp_UybzogGz_lD8_vhaEDTkVqEE5SvFp3InJXlW7xInpAg&google_hm=A7YC-GHbQ0uPq3Vr4wAYcYU

Request Chain 284

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEFj4FlBtx1fMzOpc2BjyNWA&google_cver=1&google_push=AXcoOmQsuNXC_m7yCyNo8z-ufMk3iEBt5Or2DcJPYcl3XDq7tJVfXOkuh3-2aiKY7VXbQpFNXX4faKLSm5dRQ8QgZWx7BawVaSSp HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=ODU0ODI1MjE5MDYzNDk2NTQ3Ng==&gdpr=&gdpr_consent= HTTP 302
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEEbNVRoPiJq9ZqSRkUndQ4E&google_cver=1

Request Chain 285

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEButh8ad-OB3_ot5f5TPI2Y&google_cver=1&google_push=AXcoOmQ5Q5a6oIRsz1rtYoxcZf5IvVo9iYWp0Wt7k9ztntQ86VX4E07EAy_Dh_GkSJ2ARooTeyzY9yNrStYN2qbx4qoTEliZCKk HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEButh8ad-OB3_ot5f5TPI2Y&google_push=AXcoOmQ5Q5a6oIRsz1rtYoxcZf5IvVo9iYWp0Wt7k9ztntQ86VX4E07EAy_Dh_GkSJ2ARooTeyzY9yNrStYN2qbx4qoTEliZCKk

Request Chain 286

https://um.simpli.fi/gp_match?google_gid=CAESEM7lxsAL1oSQsAxMklFmW9U&google_cver=1&google_push=AXcoOmTpIiOvm0G66qZjcgtgE045-YZo_jWMQtsIG3ifG0vZtJCBc1a5gyvofm_aSNnOKDnVdRyHsvBBdEYE2MW3R_NK1sUpQYg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=F20DEAF8D8DC4AA0B83A8CC34A47602A&google_push=AXcoOmTpIiOvm0G66qZjcgtgE045-YZo_jWMQtsIG3ifG0vZtJCBc1a5gyvofm_aSNnOKDnVdRyHsvBBdEYE2MW3R_NK1sUpQYg

Request Chain 288

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEPzJkiyolE_JIPXf5phvlLw&google_cver=1&google_push=AXcoOmSHbM5MuWviLddUHE-P1RW_VzMXfqrru1su9OsxKkm0M9XVnoJPLAemiqL6xHB-fuSP07lWvGptP9fI8e2bmflWlx2w9QTh HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDA4NjUzNzg4ODc0MTQ1MjEyOA&google_push=AXcoOmSHbM5MuWviLddUHE-P1RW_VzMXfqrru1su9OsxKkm0M9XVnoJPLAemiqL6xHB-fuSP07lWvGptP9fI8e2bmflWlx2w9QTh

Request Chain 290

https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEI-SGE3-_nj4hViS3NvAMNk&google_cver=1&google_push=AXcoOmT6CV70191ALG9joir_JMo7yWWaaZOGSlGrluIQG2m8BrF0EmM4PW9eFIq0tfroC3hCxaZ2N2EvXZvJ9Q1aMoFUg0dS8z2w HTTP 307
https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEI-SGE3-_nj4hViS3NvAMNk&google_cver=1&google_push=AXcoOmT6CV70191ALG9joir_JMo7yWWaaZOGSlGrluIQG2m8BrF0EmM4PW9eFIq0tfroC3hCxaZ2N2EvXZvJ9Q1aMoFUg0dS8z2w&sovrn_retry=true HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmT6CV70191ALG9joir_JMo7yWWaaZOGSlGrluIQG2m8BrF0EmM4PW9eFIq0tfroC3hCxaZ2N2EvXZvJ9Q1aMoFUg0dS8z2w&google_hm=IA5FAGZHC1Scwzr8SSeSqMQm

Request Chain 293

https://a.tribalfusion.com/i.match?p=b6&u=CAESEDOdZ5X2RKdgbP26YVSHzHQ&google_cver=1&google_push=AXcoOmSZN6dPSOEeNqcOjCjFJPtRtFTnz67JKUUIi9n2iGJEbbSBy3tUrZ7RhijTUngu-qZlLOYW3kYZLQ_u8qX4aKEvTYMMj0lj&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmSZN6dPSOEeNqcOjCjFJPtRtFTnz67JKUUIi9n2iGJEbbSBy3tUrZ7RhijTUngu-qZlLOYW3kYZLQ_u8qX4aKEvTYMMj0lj%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEDOdZ5X2RKdgbP26YVSHzHQ&google_cver=1&google_push=AXcoOmSZN6dPSOEeNqcOjCjFJPtRtFTnz67JKUUIi9n2iGJEbbSBy3tUrZ7RhijTUngu-qZlLOYW3kYZLQ_u8qX4aKEvTYMMj0lj&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmSZN6dPSOEeNqcOjCjFJPtRtFTnz67JKUUIi9n2iGJEbbSBy3tUrZ7RhijTUngu-qZlLOYW3kYZLQ_u8qX4aKEvTYMMj0lj%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24

Request Chain 294

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEERuGjBsDvuRcJkVPRqLHjQ&google_cver=1&google_push=AXcoOmRe8KgeuA200K6ctjYNiFeHyQa4MRagFS130MQneLwRLkK82ADcdE7Xv16mSDTpel1I0M8goILnEGE20XfwfQv43r5rUfo HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmRe8KgeuA200K6ctjYNiFeHyQa4MRagFS130MQneLwRLkK82ADcdE7Xv16mSDTpel1I0M8goILnEGE20XfwfQv43r5rUfo&google_hm=OUw8FIbKQUOxbFOJ3GigvoQ

Request Chain 296

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEPX68Qkpa5P05eF1nvVmwFU&google_cver=1&google_push=AXcoOmQCLScv1x8zsKHga19Go2ct9mb8qQNP9ZCdeT8qB2dj-ijoC2CtUWFeFE8tb7cNJ_R9njQymhn0pK2j_nXQqJ0JV9naPw8 HTTP 302
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEPX68Qkpa5P05eF1nvVmwFU&google_hm=ZamXQ8kTC2CPqI4ALfC4TQAAFEYAAAAB&google_nid=index&google_push=AXcoOmQCLScv1x8zsKHga19Go2ct9mb8qQNP9ZCdeT8qB2dj-ijoC2CtUWFeFE8tb7cNJ_R9njQymhn0pK2j_nXQqJ0JV9naPw8

Request Chain 297

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESED2DOWHjVfeI3pmI13jmFC8&google_cver=1&google_push=AXcoOmRnYoqqgQCGh1POR_WDdqiHJ7JK5HgGayIG3CNliX4Lp8Y2Zxs3FqMhhCxFqU0fM52D_uCj9Y-s-JgIfsipfzm1PTrvnlu4 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NDM4NzM2ODk5NTcwODgwMTI2MTE4Nw%3D%3D&google_push=AXcoOmRnYoqqgQCGh1POR_WDdqiHJ7JK5HgGayIG3CNliX4Lp8Y2Zxs3FqMhhCxFqU0fM52D_uCj9Y-s-JgIfsipfzm1PTrvnlu4

Request Chain 306

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEM7cFoSR8rL1deY98CQamKA&google_cver=1&google_push=AXcoOmTiWfb6HdOGOvneS4D6GNw0VVAzDQwFdULpajcINtV1Uq3cfRZ6N9hBzcDIBpwUlqb5UfnS4rIsW_I0M0b6DGS6zji2jE0 HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEM7cFoSR8rL1deY98CQamKA&google_cver=1&google_push=AXcoOmTiWfb6HdOGOvneS4D6GNw0VVAzDQwFdULpajcINtV1Uq3cfRZ6N9hBzcDIBpwUlqb5UfnS4rIsW_I0M0b6DGS6zji2jE0 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=MnluVTVvQ1AxUnF6VDU1&google_gid=CAESEM7cFoSR8rL1deY98CQamKA&google_cver=1&google_push=AXcoOmTiWfb6HdOGOvneS4D6GNw0VVAzDQwFdULpajcINtV1Uq3cfRZ6N9hBzcDIBpwUlqb5UfnS4rIsW_I0M0b6DGS6zji2jE0

Request Chain 309

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEDClDqMGQj27EjQUuG4aV7E&google_cver=1&google_push=AXcoOmRm6QFLHZb1X3Wli_OwkH2epsF-FHR3c_P_sPh6ItPeFD0K0ykFFe4yEub3HJFO-kY3xO1RLps8hm6awn7tK9LYRk3Exg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmRm6QFLHZb1X3Wli_OwkH2epsF-FHR3c_P_sPh6ItPeFD0K0ykFFe4yEub3HJFO-kY3xO1RLps8hm6awn7tK9LYRk3Exg

Request Chain 310

https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEB0TfIN8eWoccHj83rnLB6U&google_cver=1&google_push=AXcoOmSV8ejLA9e5WmzilJLNT0iJgPkeRI3dLUlkbeRJWHsGOp3mtKIMabDxo3PZ8c9vukvF0Ss6MPEgPwnIvAa63XshALhMXMU HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-b602f861-db43-4b8f-ab75-6be300187185-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAXcoOmSV8ejLA9e5WmzilJLNT0iJgPkeRI3dLUlkbeRJWHsGOp3mtKIMabDxo3PZ8c9vukvF0Ss6MPEgPwnIvAa63XshALhMXMU%26google_hm%3DA7YC-GHbQ0uPq3Vr4wAYcYU HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AXcoOmSV8ejLA9e5WmzilJLNT0iJgPkeRI3dLUlkbeRJWHsGOp3mtKIMabDxo3PZ8c9vukvF0Ss6MPEgPwnIvAa63XshALhMXMU&google_hm=A7YC-GHbQ0uPq3Vr4wAYcYU

Request Chain 311

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESED2DOWHjVfeI3pmI13jmFC8&google_cver=1&google_push=AXcoOmQMWxpFlL-ryv_n84iarS-BGnxo70C_oBQxHgvQcvpY_36EzDaFgBtmkwrr6ezpBYO0Bt9pPKfWr4wQbCcigyzFH7YbfA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NDM4NzM2ODk5NTcwODgwMTI2MTE4Nw%3D%3D&google_push=AXcoOmQMWxpFlL-ryv_n84iarS-BGnxo70C_oBQxHgvQcvpY_36EzDaFgBtmkwrr6ezpBYO0Bt9pPKfWr4wQbCcigyzFH7YbfA

Request Chain 318

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEIBe2-tSFeKCqoL_S8mjwrQ&google_cver=1&google_push=AXcoOmS9qiEJPWkrQDZv69DpqRTLykr3t4Zkjd6JHvSycsdpWF0A_EARzqaUVTQksPJEaKyR0_LidCN48u_g48hqAzmh16QjFWc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzMyNTU1MjU4MjkyMjUzMzAwOQ%3D%3D&google_push=AXcoOmS9qiEJPWkrQDZv69DpqRTLykr3t4Zkjd6JHvSycsdpWF0A_EARzqaUVTQksPJEaKyR0_LidCN48u_g48hqAzmh16QjFWc

Request Chain 320

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEGEAYCKuAV3s0r_BIGsldL0&google_cver=1&google_push=AXcoOmQxRuWeNBt-uesL9XhX4Wlr6ZvNcJGiXFEB1prshW0iXt_HnRLXUE0OSAS-6qX-7DwF7iwl2aeww7lql9E4NxslfylOyef9 HTTP 302
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEGEAYCKuAV3s0r_BIGsldL0&google_hm=ZamXQ8kTC2CPqI4ALfC4TQAAFEYAAAAB&google_nid=index&google_push=AXcoOmQxRuWeNBt-uesL9XhX4Wlr6ZvNcJGiXFEB1prshW0iXt_HnRLXUE0OSAS-6qX-7DwF7iwl2aeww7lql9E4NxslfylOyef9

Request Chain 321

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESECu1xQ81CDkXo3cx1j4QrTM&google_cver=1&google_push=AXcoOmRUHkW9GpRAvRLeMvhAkimttajnaKl1N-R4EOnHVLbdw5JtwjBCVv1H1xts6I-5AqqUbKML7zAaz6GHtLFEPsJlai3_Nag6 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmRUHkW9GpRAvRLeMvhAkimttajnaKl1N-R4EOnHVLbdw5JtwjBCVv1H1xts6I-5AqqUbKML7zAaz6GHtLFEPsJlai3_Nag6

Request Chain 381

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEE01uxT7Wx5H7_16gsl_wMI&google_cver=1&google_push=AXcoOmQwFM0n0VFGRCVsUgp8YA_ZlXqgr40husK1-1cuGEL-semGpP2h9gQtZZuwJxeKR8IW2fG-xlul6nu1WXbc23xn74ckGAtvuA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=MnluVTVvQ1AxUnF6VDU1&google_gid=CAESEE01uxT7Wx5H7_16gsl_wMI&google_cver=1&google_push=AXcoOmQwFM0n0VFGRCVsUgp8YA_ZlXqgr40husK1-1cuGEL-semGpP2h9gQtZZuwJxeKR8IW2fG-xlul6nu1WXbc23xn74ckGAtvuA

Request Chain 382

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEDPdXl4vXFN3puGQbIXo9Do&google_cver=1&google_push=AXcoOmR0asWx8MOleqHM_qJQC440acl6LVYJsElDFZ4rHsJMiDAaYs3NRORnQpidwtq1QQx2r4bxK2xB-N3Afj3XTFGMHvsxlQBRnw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmR0asWx8MOleqHM_qJQC440acl6LVYJsElDFZ4rHsJMiDAaYs3NRORnQpidwtq1QQx2r4bxK2xB-N3Afj3XTFGMHvsxlQBRnw&google_hm=eS1tREVzSF90RTJwSGJVSDRrZEp4dHdMT2JaUjYzeXdFSX5B

Request Chain 384

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESENPIOG-jgjzIENIkthbOIKA&google_cver=1&google_push=AXcoOmStr9dF3WiTGm79-YBpI9nC9XVh6bPwkVypOlo0hvkkg3d-Di57_Sx_4S1JJDOMqaZzaTl3j_afRTV9VkumHhYBIl97uzMB HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDA4NjUzNzg4ODc0MTQ1MjEyOA&google_push=AXcoOmStr9dF3WiTGm79-YBpI9nC9XVh6bPwkVypOlo0hvkkg3d-Di57_Sx_4S1JJDOMqaZzaTl3j_afRTV9VkumHhYBIl97uzMB

Request Chain 404

https://www.awin1.com/cshow.php?s=2470185&v=11354&q=377129&r=412871&pv=1&pref3=oneidRx3HgfQfZx7TkHwH3tQtdWgf9SzTYMAhB3zZoneid__suite_Netmix_Reach118_EXTRAPUSH&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://www.conrad.de/ztpv.php?awc=11354_412871_1705613124_1781ff00-b648-11ee-9c4b-223173d2bc6e&insert=AW&&gdpr=0&gdpr_consent=

Request Chain 419

https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=%3Fhttps%3A%2F%2Fwww.awin1.com%2Fcawshow.php%3Fv=11938&s=2542680&q=367022&r=412871&pv=1&pref3=pv_oneidJB7Uzf5f3drKCBH6H7tptrjQtxSgT4EGaP39Woneid__suite_Netmix_Reach118_EXTRAPUSH&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_pre=CI6yloPw54MDFZ2Agwcdi-wOOA;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=%3Fhttps%3A%2F%2Fwww.awin1.com%2Fcawshow.php%3Fv=11938&s=2542680&q=367022&r=412871&pv=1&pref3=pv_oneidJB7Uzf5f3drKCBH6H7tptrjQtxSgT4EGaP39Woneid__suite_Netmix_Reach118_EXTRAPUSH&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://www.awin1.com/cawshow.php?v=11938&s=2542680&q=367022&r=412871&pv=1&pref3=pv_oneidJB7Uzf5f3drKCBH6H7tptrjQtxSgT4EGaP39Woneid__suite_Netmix_Reach118_EXTRAPUSH&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1705613124_178e0cf0-b648-11ee-94b4-2233c304522e

Request Chain 425

https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?https%3A%2F%2Fwww.telefonica-partner.de%2Ftpv.php%3Ft%3D120211V1226132702M%26subid%3DviewoneiddE7HEfkf8x8cEHjHwtEtbbrfeS4T59ATgVmMoneid__suite_Netmix_Reach118_EXTRAPUSH%26gdpr_consent=%26gdpr=0%26gdpr_pd=0 HTTP 302
https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_pre=COisloPw54MDFeLyEQgdv7sFRQ;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?https%3A%2F%2Fwww.telefonica-partner.de%2Ftpv.php%3Ft%3D120211V1226132702M%26subid%3DviewoneiddE7HEfkf8x8cEHjHwtEtbbrfeS4T59ATgVmMoneid__suite_Netmix_Reach118_EXTRAPUSH%26gdpr_consent=%26gdpr=0%26gdpr_pd=0 HTTP 302
https://www.telefonica-partner.de/tpv.php?t=120211V1226132702M&subid=viewoneiddE7HEfkf8x8cEHjHwtEtbbrfeS4T59ATgVmMoneid__suite_Netmix_Reach118_EXTRAPUSH&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://www.lead-alliance.net/tpv.php?t=120211V1226132702M&subid=viewoneiddE7HEfkf8x8cEHjHwtEtbbrfeS4T59ATgVmMoneid__suite_Netmix_Reach118_EXTRAPUSH&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=120211&s_id=2024011822252492476356373X120211V1226132702MSviewoneiddE7HEfkf8x8cEHjHwtEtbbrfeS4T59ATgVmMoneid__suite_Netmix_Reach118_EXTRAPUSH&gdpr_consent=&gdpr=0&cons=0&spid=2024011822252492476356373X120211V1226132702MSviewoneiddE7HEfkf8x8cEHjHwtEtbbrfeS4T59ATgVmMoneid__suite_Netmix_Reach118_EXTRAPUSH&wfid=120211&partnerid=12218

Request Chain 429

https://ad.doubleclick.net/ddm/trackimp/N773418.3163536BLAU_AFFILIATE/B25532621.345088000;dc_trk_aid=536454876;dc_trk_cid=177082088;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?https%3A%2F%2Fwww.telefonica-partner.de%2Ftpv.php%3Ft%3D113752V1225131106M%26subid%3DviewoneidEjgSDfEf8YMUzHAHjt4t44bfKSVTYr3hBgQ5oneid__suite_Netmix_Reach118_EXTRAPUSH%26gdpr_consent=%26gdpr=0%26gdpr_pd=0 HTTP 302
https://ad.doubleclick.net/ddm/trackimp/N773418.3163536BLAU_AFFILIATE/B25532621.345088000;dc_pre=CMKxloPw54MDFbs2VQgdqQsLTQ;dc_trk_aid=536454876;dc_trk_cid=177082088;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?https%3A%2F%2Fwww.telefonica-partner.de%2Ftpv.php%3Ft%3D113752V1225131106M%26subid%3DviewoneidEjgSDfEf8YMUzHAHjt4t44bfKSVTYr3hBgQ5oneid__suite_Netmix_Reach118_EXTRAPUSH%26gdpr_consent=%26gdpr=0%26gdpr_pd=0 HTTP 302
https://www.telefonica-partner.de/tpv.php?t=113752V1225131106M&subid=viewoneidEjgSDfEf8YMUzHAHjt4t44bfKSVTYr3hBgQ5oneid__suite_Netmix_Reach118_EXTRAPUSH&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://www.lead-alliance.net/tpv.php?t=113752V1225131106M&subid=viewoneidEjgSDfEf8YMUzHAHjt4t44bfKSVTYr3hBgQ5oneid__suite_Netmix_Reach118_EXTRAPUSH&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://partner.blau.de/a/?i=pview&client=blau&camp=pview&l=de&nw=lea1&affiliate=113752&s_id=2024011822252492476356367X113752V1225131106MSviewoneidEjgSDfEf8YMUzHAHjt4t44bfKSVTYr3hBgQ5oneid__suite_Netmix_Reach118_EXTRAPUSH&gdpr_consent=&gdpr=0&cons=0

Request Chain 435

https://www.awin1.com/cshow.php?s=2527593&v=14063&q=365261&r=412871&pv=1&pref3=oneidRx3HgfQfGzwYCkHwH3tQt4dYF9SzTYMAhB3zZoneid__suite_Netmix_Reach118_EXTRAPUSH&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://www.guenther.de/htlp?awc=14063_412871_1705613124_1781ff00-b648-11ee-86b5-22356fe9f584

Request Chain 439

https://www.awin1.com/cshow.php?s=2524318&v=11420&q=392147&r=412871&pv=1&pref3=oneidZxqHwfBfMzDtmHDHDt3t6R4T6SXTQRBuY51poneid__suite_Netmix_Reach118_EXTRAPUSH&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://pvx.freenet-mobilfunk.de/?vp_nummer=41006061&subvpid=412871&eventid=11420_412871_1705613124_17835e90-b648-11ee-8694-226555b1c0ac

455 HTTP transactions
17 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
forexone.alghtas.xyz/50-pips-a-day-forex-strategy/
Redirect Chain

https://short-jambo.ink/CFx1GV8K
https://forexone.alghtas.xyz/?cdf_ghjk=CFx1GV8K
https://forexone.alghtas.xyz/50-pips-a-day-forex-strategy/

259 KB
87 KB

459ms
459ms

Document
text/html

2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://forexone.alghtas.xyz/50-pips-a-day-forex-strategy/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 430681306eafa87904d1712cc6f0a0365d5264e929c81c7d34f16c639752fc55

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 8479e8f09db66ae7-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Thu, 18 Jan 2024 21:25:20 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
link: <https://forexone.alghtas.xyz/wp-json/>; rel="https://api.w.org/", <https://forexone.alghtas.xyz/wp-json/wp/v2/posts/19>; rel="alternate"; type="application/json", <https://forexone.alghtas.xyz/?p=19>; rel=shortlink
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lZknjxpCTB3RpnoUnwBgO4FFW6zE54kdrM3Eram%2B6IquiFTxjJbaU1MvhAyqVF%2Bp0Uj1VTzOSLIIzix5LTe06XZaRulHoU2sY%2FIIK9y00tUTKalmivV41HBUWncwyuxjldN0VRJsFHPgx7NIsEYsN9q2sA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare

Redirect headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 8479e8ec99956ae7-FRA
content-type: text/html; charset=UTF-8
date: Thu, 18 Jan 2024 21:25:20 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
link: <https://forexone.alghtas.xyz/wp-json/>; rel="https://api.w.org/"
location: https://forexone.alghtas.xyz/50-pips-a-day-forex-strategy/
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FzDh0fnzMcU7u2PQ5x9860nNSDriGnc%2F8JpSZVBSQs2nByAuM5j%2FfJwvs72xgARNF9wcEIRCNmZyZINY%2B1Hdi2WgcXRdXY11JVgFSMgb272gK3V0gOfFmqKrAv3bY0VFQ0Pm%2B2tNO1BGaa3pQunbY1ZA7Q%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 97 KB
29 KB 183ms
106ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: forexone.alghtas.xyz
URL: https://forexone.alghtas.xyz/50-pips-a-day-forex-strategy/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

69c7c279db33f11857ec10fc2748e965d47d011f7df6ffc9a53d9da7ab25df6f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://forexone.alghtas.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 21:25:20 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29494
x-xss-protection: 0
server: cafe
etag: 330 / 19740 / 31080488 / config-hash: 592410556507893453
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 18 Jan 2024 21:25:20 GMT

GET
H3 200 style.min.css
forexone.alghtas.xyz/wp-includes/css/dist/block-library/ 107 KB
15 KB 656ms
656ms Stylesheet
text/css 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://forexone.alghtas.xyz/wp-includes/css/dist/block-library/style.min.css?ver=6.4.2
Requested by: Host: forexone.alghtas.xyz
URL: https://forexone.alghtas.xyz/50-pips-a-day-forex-strategy/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 698b89c0da3d319754d6a837b5e6d4e6a42dc402d9ffd7559b8c4cb29c644340

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://forexone.alghtas.xyz/50-pips-a-day-forex-strategy/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 21:25:21 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Sun, 05 Nov 2023 19:40:32 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6jziCvfUU7Cy9CM3g3wLfKFPUIVqWJgLp5Bto%2FZoddsosiU63MUZYvIJ%2Bi2MiIwDo57Jxin5cj2g0IIiz9iIDeIfQ%2BOGQVur12xcENyAUzh%2BYYhyM2N5iUWJKq98c1yd5q7g4w2dqc544UKBsrPc3z1wzw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 8479e8f3883df11c-CDG
alt-svc: h3=":443"; ma=86400

GET
BLOB 200
OK 07eadaa6-94d1-4266-9a3e-9a00559bd202
https://forexone.alghtas.xyz/ 1 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://forexone.alghtas.xyz/07eadaa6-94d1-4266-9a3e-9a00559bd202
Requested by: Host: forexone.alghtas.xyz
URL: https://forexone.alghtas.xyz/50-pips-a-day-forex-strategy/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Length: 1245
Content-Type: text/javascript

GET
H2 404 top-toolbar.jpg
lh3.ggpht.com/_beEpWOXwLJE/TIb57Lu4fwI/AAAAAAAABE0/q7niFVRbyNE/ 832 B
1012 B 198ms
124ms Image
image/png 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.ggpht.com/_beEpWOXwLJE/TIb57Lu4fwI/AAAAAAAABE0/q7niFVRbyNE/top-toolbar.jpg

Requested by

Host: forexone.alghtas.xyz
URL: https://forexone.alghtas.xyz/50-pips-a-day-forex-strategy/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

94aa7bf7f0d9660bb348ed4ed7faaa42c63f1a40f591dab32ce5046765df3615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://forexone.alghtas.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 21:25:20 GMT
x-content-type-options: nosniff
server: fife
content-type: image/png
access-control-allow-origin: *
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 832
x-xss-protection: 0

GET
H3 200 masterslider.main.css
forexone.alghtas.xyz/wp-content/plugins/masterslider/public/assets/css/ 77 KB
11 KB 727ms
726ms Stylesheet
text/css 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://forexone.alghtas.xyz/wp-content/plugins/masterslider/public/assets/css/masterslider.main.css?ver=3.5.5
Requested by: Host: forexone.alghtas.xyz
URL: https://forexone.alghtas.xyz/50-pips-a-day-forex-strategy/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 483600dac45a0560e87d8f10fc182b124b03b97a18a0eca2aa0ad0e83a60b9fa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://forexone.alghtas.xyz/50-pips-a-day-forex-strategy/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 21:25:21 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Sun, 04 Jul 2021 14:42:52 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pHlT7LFjAf%2FgdYXmtkOT51cnAIA09uUtVgccwsCVwggHFSRmZphQ4jKRsMtHH%2FTA1RVWmJ2erHVQBig9Rlzv75zTYFK5t5emdU9348vmmjZ%2BSMmhFGyfMqArPWbR3eYPsH5XpNca5lfugeHIzyZly1bSxg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 8479e8f4bad9f11c-CDG
alt-svc: h3=":443"; ma=86400

GET
H3 200 custom.css
forexone.alghtas.xyz/wp-content/uploads/masterslider/ 266 B
571 B 642ms
641ms Stylesheet
text/css 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://forexone.alghtas.xyz/wp-content/uploads/masterslider/custom.css?ver=1.1
Requested by: Host: forexone.alghtas.xyz
URL: https://forexone.alghtas.xyz/50-pips-a-day-forex-strategy/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1b4e2c3b84fe75916b109ac323d0eb39e3881a892f7b7a21970a0cb9e694b3d7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://forexone.alghtas.xyz/50-pips-a-day-forex-strategy/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 21:25:21 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Tue, 02 Jan 2024 08:13:29 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7pj8V6CldOURSmPJBlHxFSnyc8OFqJaiH%2FMGvFahczE5jYyVT93po9e04iSIiS7O5eoivQhZfeGQt%2BwPNZj60mMGz3LbVHiOv4QqVc6%2BrPIFjCqnrAD1ATTwfujSz%2B3laL86wvv0DBzJnOmOPvmfV4Dz3A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 8479e8f4bae5f11c-CDG
alt-svc: h3=":443"; ma=86400

GET
H2 200 css
fonts.googleapis.com/ 18 KB
2 KB 80ms
30ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:400,600%7CRoboto:400,500,400italic&display=swap

Requested by

Host: forexone.alghtas.xyz
URL: https://forexone.alghtas.xyz/50-pips-a-day-forex-strategy/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e43eb209e812b75c5ee9d22299521c3978339abea3a64a269bb608e053db8bc9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://forexone.alghtas.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 18 Jan 2024 21:25:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 18 Jan 2024 21:25:20 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 18 Jan 2024 21:25:20 GMT

GET
H3 200 jquery.min.js Show response
forexone.alghtas.xyz/wp-includes/js/jquery/ 86 KB
31 KB 58ms
57ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://forexone.alghtas.xyz/wp-includes/js/jquery/jquery.min.js?ver=3.7.1
Requested by: Host: forexone.alghtas.xyz
URL: https://forexone.alghtas.xyz/50-pips-a-day-forex-strategy/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://forexone.alghtas.xyz/50-pips-a-day-forex-strategy/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 21:25:20 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 28 Aug 2023 17:14:23 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2410
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7aulYjje35nqNTwcXF7SY3V4jvr0JwW3M%2FwBVX%2Bc1dvadtS29gBa%2BT8dy%2FMDld3RLgHVfzZ22kMhOVz8kSHsZmAR0iNUqL%2FlgI%2FCgG%2BBWl0JgQgjYzh1pAk6m%2FcBPZp9sRrrF1EHCqOAmfoFqsAkEdoUnw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 8479e8f4baeaf11c-CDG
alt-svc: h3=":443"; ma=86400

GET
H3 200 jquery-migrate.min.js Show response
forexone.alghtas.xyz/wp-includes/js/jquery/ 13 KB
5 KB 746ms
745ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://forexone.alghtas.xyz/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1
Requested by: Host: forexone.alghtas.xyz
URL: https://forexone.alghtas.xyz/50-pips-a-day-forex-strategy/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://forexone.alghtas.xyz/50-pips-a-day-forex-strategy/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 21:25:21 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Fri, 09 Jun 2023 05:49:24 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=onOKNxcf7GK43x1kXr6RFqBlN3ju5iRAMcssFvFUztvkansMLYm0%2F83wREpuwTTl%2BoeEHh8tcxa97hANlr3c%2BPLQnQS%2BEWqRHkDXSaeQ0qJUxbAgIryWJ%2FoU3vAjbAVWaOyAiI4LcGQT1N3XLqt1189%2FoQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 8479e8f4baf4f11c-CDG
alt-svc: h3=":443"; ma=86400

GET
H3 200 75d1032c5c7175ebec43ad519592d5fd.css
forexone.alghtas.xyz/wp-content/bs-booster-cache/ 950 KB
121 KB 293ms
292ms Stylesheet
text/css 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://forexone.alghtas.xyz/wp-content/bs-booster-cache/75d1032c5c7175ebec43ad519592d5fd.css
Requested by: Host: forexone.alghtas.xyz
URL: https://forexone.alghtas.xyz/50-pips-a-day-forex-strategy/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f3b100ec03aa4567ac9bba5b48b0d14b29801960b01518f8033d671ccd9d20b2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://forexone.alghtas.xyz/50-pips-a-day-forex-strategy/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 21:25:21 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Tue, 16 Jan 2024 07:37:45 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e8RCpPHcnW8uSItYXv8Zq0JdPry1AmaooJaBkh4Ro6LvNh0hYU9wOLhIEQQISHuN5Ex9z1giczg%2Fry3Mm0aWj0EOdM2OsyZ4wlgGyLqMjU3zD6wzTlGW%2BQUsJ1lwHmDwjANp7LIwG6OZiv%2FHgcjNlH5GtQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 8479e8f4baf7f11c-CDG
alt-svc: h3=":443"; ma=86400

GET
H3 200 86c9c909ac05600d1c9470477263ec34.css
forexone.alghtas.xyz/wp-content/bs-booster-cache/ 45 KB
7 KB 678ms
678ms Stylesheet
text/css 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://forexone.alghtas.xyz/wp-content/bs-booster-cache/86c9c909ac05600d1c9470477263ec34.css
Requested by: Host: forexone.alghtas.xyz
URL: https://forexone.alghtas.xyz/50-pips-a-day-forex-strategy/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 89963638c07564b104ce9c9a6292bb49dfb771440c883aee86f97701dae23c90

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://forexone.alghtas.xyz/50-pips-a-day-forex-strategy/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 21:25:21 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Tue, 02 Jan 2024 09:00:22 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gi98RwUtpCjPmX0sPTaMe5if%2BncNoJcQkANoe9wfxCQoTgN%2BjgFNUXvDTzjqAZ951X%2FJ9gH05eLQ2nPO4olISSebSp7%2BOOl9m13IRNcRRImw99CKieVKecLyxDEFj7n1lAci5PVDehuXBFSnXX%2BREFB92g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 8479e8f4baf9f11c-CDG
alt-svc: h3=":443"; ma=86400

GET
H2 200 bootstrap.min.css
stackpath.bootstrapcdn.com/bootstrap/4.3.1/css/ 152 KB
24 KB 87ms
32ms Stylesheet
text/css 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://stackpath.bootstrapcdn.com/bootstrap/4.3.1/css/bootstrap.min.css

Requested by

Host: forexone.alghtas.xyz
URL: https://forexone.alghtas.xyz/50-pips-a-day-forex-strategy/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

60b19e5da6a9234ff9220668a5ec1125c157a268513256188ee80f2d2c8d8d36

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://forexone.alghtas.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 21:25:20 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 1078
age: 6031364
cdn-cachedat: 01/04/2023 11:35:40
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:08 GMT
cdn-proxyver: 1.03
cdn-requestpullcode: 200
server: cloudflare
etag: W/"a15c2ac3234aa8f6064ef9c1f7383c37"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: c6eaf77136ac05b2e12d5eac40573c47
timing-allow-origin: *
cdn-requestcountrycode: DE
cdn-status: 200
cf-ray: 8479e8f50c408ff5-FRA
cdn-requestpullsuccess: True

GET
H2 200 css
fonts.googleapis.com/ 6 KB
2 KB 79ms
29ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans

Requested by

Host: forexone.alghtas.xyz
URL: https://forexone.alghtas.xyz/50-pips-a-day-forex-strategy/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c3c96cceafde14a4669c2114ee0d10bce6ec0163064151a98824a2575d97eaf7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://forexone.alghtas.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 18 Jan 2024 21:25:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 18 Jan 2024 20:56:36 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 18 Jan 2024 21:25:20 GMT

GET
H2 200 p_2610djab91.png
k.top4top.io/ 144 KB
145 KB 178ms
84ms Image
image/png 65.21.235.194
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://k.top4top.io/p_2610djab91.png
Requested by: Host: forexone.alghtas.xyz
URL: https://forexone.alghtas.xyz/50-pips-a-day-forex-strategy/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 65.21.235.194 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: cdn16.top4top.io
Software: nginx /
Resource Hash: 7c735610034ba963fcf6d8f6eeff2e6ac16c7d610661c7321ffed9c74172b8c3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://forexone.alghtas.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-file-id: x53043970x
date: Thu, 18 Jan 2024 21:25:20 GMT
last-modified: Thu, 23 Feb 2023 15:00:37 GMT
server: nginx
etag: "63f77f95-240e7"
content-type: image/png
cache-control: max-age=7200
content-disposition: inline; filename="Short%20Jambo.png"
accept-ranges: bytes
content-length: 147687
expires: Thu, 18 Jan 2024 23:25:20 GMT

GET
H3 200 4.jpg
forexone.alghtas.xyz/wp-content/uploads/2023/10/ 174 KB
174 KB 95ms
94ms Image
image/jpeg 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://forexone.alghtas.xyz/wp-content/uploads/2023/10/4.jpg
Requested by: Host: forexone.alghtas.xyz
URL: https://forexone.alghtas.xyz/50-pips-a-day-forex-strategy/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: adc779f9d8966bb3812b50257f14100924bd44c463b41eb43e8eb8a2195fb335

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://forexone.alghtas.xyz/50-pips-a-day-forex-strategy/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 21:25:20 GMT
cf-cache-status: HIT
last-modified: Tue, 02 Jan 2024 08:36:01 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 4
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t2jQFmgQSLDcC1BDK4micjzGjEbsoa9Xh4xjOG8O1UD3k2GoT1WudBdBz%2FPB6Mhid1WD6HAOb3m%2Bx5rtg3euFWjFGiP%2FCC%2F4OPzeJo6s8Kuo2VGivHPQM8VQn49dckHItGxP0niRmW%2FfQpWlPZIVsSdsSw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8479e8f4bafdf11c-CDG
alt-svc: h3=":443"; ma=86400
content-length: 177986

GET
H3 200 4-1024x682.jpg
forexone.alghtas.xyz/wp-content/uploads/2023/10/ 70 KB
70 KB 211ms
210ms Image
image/jpeg 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://forexone.alghtas.xyz/wp-content/uploads/2023/10/4-1024x682.jpg
Requested by: Host: forexone.alghtas.xyz
URL: https://forexone.alghtas.xyz/50-pips-a-day-forex-strategy/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7f53f1095aaab8368e4f9ab56be883a5c706dee5d734fd384884c8e3fa6c69ee

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://forexone.alghtas.xyz/50-pips-a-day-forex-strategy/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 21:25:20 GMT
cf-cache-status: HIT
last-modified: Tue, 02 Jan 2024 08:36:01 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1476
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kQwk%2FRkXUvHh7KZx3OUt%2B%2Fdgm3hAfDI6reXSWhVwM8wbi8KkhypiyMGpatyCd0DIYDaD6XVBfelS%2BSIwgTSENVBoyCPTk5eA6oYXJlmzItiV1tlXodNX89Hwh5cTHveF8lZh800aL7EWdtUvTqcu0FVmYA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8479e8f4bb01f11c-CDG
alt-svc: h3=":443"; ma=86400
content-length: 71211

GET
H3 200 7-1024x682.jpg
forexone.alghtas.xyz/wp-content/uploads/2023/10/ 58 KB
58 KB 214ms
213ms Image
image/jpeg 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://forexone.alghtas.xyz/wp-content/uploads/2023/10/7-1024x682.jpg
Requested by: Host: forexone.alghtas.xyz
URL: https://forexone.alghtas.xyz/50-pips-a-day-forex-strategy/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 41b7634da95f59f9dc2d90f9c88296919cfe305be283d069a526dd5abe86234e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://forexone.alghtas.xyz/50-pips-a-day-forex-strategy/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 21:25:20 GMT
cf-cache-status: HIT
last-modified: Tue, 02 Jan 2024 08:36:04 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 5362
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HWzDEMESpBtRoV0qu%2BGymn1Hzo8EVwHgechVK9svnQmEi28RcpzuDUpgDKAv4fvVP3Dk64l6oNr%2Fgs6tmmfLi87R6adbYcrZFZJWu94y0OJjiDCfpGk33l9pgCE%2F353qjzlun1fDhtgBBKC%2B1AI0W%2F6v3Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8479e8f4bb04f11c-CDG
alt-svc: h3=":443"; ma=86400
content-length: 59143

GET
H3 200 6-682x1024.jpg
forexone.alghtas.xyz/wp-content/uploads/2023/10/ 88 KB
89 KB 223ms
222ms Image
image/jpeg 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://forexone.alghtas.xyz/wp-content/uploads/2023/10/6-682x1024.jpg
Requested by: Host: forexone.alghtas.xyz
URL: https://forexone.alghtas.xyz/50-pips-a-day-forex-strategy/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 68b2587e73b69f13ea9ba495d677fb30d13d1e856e397362214bdcb3e784c750

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://forexone.alghtas.xyz/50-pips-a-day-forex-strategy/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 21:25:20 GMT
cf-cache-status: HIT
last-modified: Tue, 02 Jan 2024 08:36:03 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 56
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B4wu5rPjx%2B%2Bl2yjLX%2FWMMEPvdhBQz%2FK6%2Ff3MGtNhLVMyverubzVs51dNAW%2BD6kal%2F4SubJCH39iE01YilrXjNUly0acKrJJVUjCR%2Fs3DkphogwLWP1zJihUCFcHOLahp3ELAwOfbIl7IzGTtF%2B6SoOBJ0w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8479e8f4bb07f11c-CDG
alt-svc: h3=":443"; ma=86400
content-length: 90505

GET
H3 200 3-1024x682.jpg
forexone.alghtas.xyz/wp-content/uploads/2023/10/ 51 KB
52 KB 250ms
249ms Image
image/jpeg 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://forexone.alghtas.xyz/wp-content/uploads/2023/10/3-1024x682.jpg
Requested by: Host: forexone.alghtas.xyz
URL: https://forexone.alghtas.xyz/50-pips-a-day-forex-strategy/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f6f7ad1d4aeb7ade3d0da90e6dfa419b365be9ad3827b069df4d0c8ca88f4a54

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://forexone.alghtas.xyz/50-pips-a-day-forex-strategy/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 21:25:20 GMT
cf-cache-status: HIT
last-modified: Tue, 02 Jan 2024 08:36:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1770
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N28ZZbxS519MH%2B%2FOL2utyMK4LwMSyKSNxI9m4VVS4T%2BAq2EzLWUaVcHPJKgh4SdKjL6P%2Bh7uGhLrCobyOYJJ6rVIuf81UupuJKvPQlh0BOuxTxWDRvLmnoyJsyQ2zHE7hOnN5ItgdBnQ8EGzr2gWndlyHQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8479e8f4bb08f11c-CDG
alt-svc: h3=":443"; ma=86400
content-length: 52286

GET
H3 200 8-1024x767.jpg
forexone.alghtas.xyz/wp-content/uploads/2023/10/ 87 KB
87 KB 251ms
250ms Image
image/jpeg 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://forexone.alghtas.xyz/wp-content/uploads/2023/10/8-1024x767.jpg
Requested by: Host: forexone.alghtas.xyz
URL: https://forexone.alghtas.xyz/50-pips-a-day-forex-strategy/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 256b1f1fccbf05b1e87fc637ace69ff9e3e5e840bd03c9e0068e93fdb2525edc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://forexone.alghtas.xyz/50-pips-a-day-forex-strategy/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 21:25:20 GMT
cf-cache-status: HIT
last-modified: Tue, 02 Jan 2024 08:36:05 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1476
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uC%2FNo7UP0XFXw81toYECXOHcDRyiGZu2pPCjdFUcKjYE63ZiHDQlw5Ugga2n9jQNt9OA05FgeVQQnVcn9Hiw6T2uzD8%2BmRA9w3ZZJTSAIkDKeBXSJot3Q0TKGcBafjLwVj3gNTCAHcDw26iOJvYnOgulCA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8479e8f4bb09f11c-CDG
alt-svc: h3=":443"; ma=86400
content-length: 88844

GET
H3 200 1-1024x685.jpg
forexone.alghtas.xyz/wp-content/uploads/2023/10/ 103 KB
103 KB 254ms
253ms Image
image/jpeg 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://forexone.alghtas.xyz/wp-content/uploads/2023/10/1-1024x685.jpg
Requested by: Host: forexone.alghtas.xyz
URL: https://forexone.alghtas.xyz/50-pips-a-day-forex-strategy/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6104d0783c071235a2a03ca73bf6ec082544b8fb8a6bbff401526185903d2a70

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://forexone.alghtas.xyz/50-pips-a-day-forex-strategy/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 21:25:20 GMT
cf-cache-status: HIT
last-modified: Tue, 02 Jan 2024 08:35:59 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 48
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Whuf%2FIxsCYWYv79snK5qh02rdf7wEmt96QR5ggthkA15kai3HI51YWmvXz2o03pFU%2FyJKX%2Fo9yrFsINlm32kCiO9v35FDm9xnQQ5uI%2B4Lkd1iWXwIyOKOTJyrZkaJA1bdByuIxulKxe4VoragkwAD50VZA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8479e8f4bb0cf11c-CDG
alt-svc: h3=":443"; ma=86400
content-length: 105324

GET
H2 200 all.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.3/css/ 58 KB
11 KB 68ms
25ms Stylesheet
text/css 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.3/css/all.min.css

Requested by

Host: forexone.alghtas.xyz
URL: https://forexone.alghtas.xyz/50-pips-a-day-forex-strategy/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d87ddf917b7a1449ab45e2b8e3c98354629bdd65b6659c37e6023bbea1ce1386

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://forexone.alghtas.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 21:25:20 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 4290329
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 10482
last-modified: Tue, 01 Aug 2023 16:35:36 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "64c93458-28f2"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E%2BUnQa8yRqQDqwOFQat1WWQ%2FP5vKUFyAAdQ4mMHauboNKEDk96egTdLIb%2FF5cgCzlmE7M2o9Vb2LKoUmsRLlmVB%2BwfwJZH6NQUlcuEQsLvQJ3NBufbPhMfo1vralnG5330APyycaPXrAydsWAUOO2sON"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8479e8f4f94f9290-FRA
expires: Tue, 07 Jan 2025 21:25:20 GMT

GET
H2 200 jquery-3.6.0.min.js Show response
code.jquery.com/ 87 KB
30 KB 69ms
19ms Script
application/javascript 2a04:4e42:200::649
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.6.0.min.js
Requested by: Host: forexone.alghtas.xyz
URL: https://forexone.alghtas.xyz/50-pips-a-day-forex-strategy/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:200::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://forexone.alghtas.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 21:25:20 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
age: 5010504
x-cache: HIT, HIT
content-length: 30875
x-served-by: cache-lga21931-LGA, cache-fra-etou8220076-FRA
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
server: nginx
x-timer: S1705613121.801434,VS0,VE0
etag: W/"28feccc0-15d9d"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=604800
accept-ranges: bytes
x-cache-hits: 4, 657247

GET
H2

200

bundle.umd.js Show response
unpkg.com/just-detect-adblock@1.1.0/dist/
Redirect Chain

https://unpkg.com/just-detect-adblock@latest/dist/bundle.umd.js
https://unpkg.com/just-detect-adblock@1.1.0/dist/bundle.umd.js

3 KB
1 KB

38ms
38ms

Script
application/javascript

2606:4700::6810:7daf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/just-detect-adblock@1.1.0/dist/bundle.umd.js

Requested by

Host: forexone.alghtas.xyz
URL: https://forexone.alghtas.xyz/50-pips-a-day-forex-strategy/

Protocol

Server

2606:4700::6810:7daf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6ea0709e076a8dd6569a1d148aabce6669d3bb30087be54fd8368ac1293bd771

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://forexone.alghtas.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 21:25:20 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 5777158
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id: 01HF31WQDHQ75PXW74J5KAG4TK-fra
server: cloudflare
etag: W/"a14-6ARSzm7mCxD47dLBNNtlZu/70Os"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 8479e8f548a45d4d-FRA

Redirect headers

date: Thu, 18 Jan 2024 21:25:20 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
fly-request-id: 01HMF6VY85B4A8SKS7Z6G29CS8-fra
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 580
vary: Accept, Accept-Encoding
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
location: /just-detect-adblock@1.1.0/dist/bundle.umd.js
cache-control: public, s-maxage=600, max-age=60
cf-ray: 8479e8f5085e5d4d-FRA

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401160101/ 430 KB
135 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401160101/pubads_impl.js?cb=31080488

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1d13cfeb68d1dd40526d00e29dfa3eaf1c163ad2ac341fe4dc61a3b01c5b1311

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://forexone.alghtas.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 19:37:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6487
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 138162
x-xss-protection: 0
server: cafe
etag: 1666572220375911148
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Fri, 17 Jan 2025 19:37:13 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 1 KB
707 B 661ms
661ms Fetch
text/plain 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2304534828216141&correlator=4461925529216914&eid=31079958%2C31080488%2C31079724%2C44782500%2C31080115&output=ldjh&gdfp_req=1&vrg=202401160101&ptt=17&impl=fifs&iu_parts=22809522745%2Cforexone.alghtas.xyz_interstitial&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=1&sfv=1-0-40&ists=1&fas=8&eri=5&sc=1&cookie_enabled=1&cdm=forexone.alghtas.xyz&abxe=1&dt=1705613120873&adxs=-9&adys=-9&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fforexone.alghtas.xyz%2F&loc=https%3A%2F%2Fforexone.alghtas.xyz%2F50-pips-a-day-forex-strategy%2F&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=830842240.1705613121&ga_sid=1705613121&ga_hid=1246565398&ga_fc=false&dlt=1705613120548&idt=304&adks=1489458004&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401160101/pubads_impl.js?cb=31080488

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4b1199f6a41bb0360e68313cdf311db55f1b991ed990ccc6948f0b36cb319944

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://forexone.alghtas.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 21:25:21 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 676
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://forexone.alghtas.xyz
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 635 B
316 B 393ms
392ms Fetch
text/plain 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2304534828216141&correlator=4461925529216914&eid=31079958%2C31080488%2C31079724%2C44782500%2C31080115&output=ldjh&gdfp_req=1&vrg=202401160101&ptt=17&impl=fifs&iu_parts=22809522745%2Cforexone.alghtas.xyz_sticky1&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90%7C320x50%7C300x75%7C216x54%7C970x90%7C300x100%7C120x30%7C300x50%7C320x100&ifi=2&sfv=1-0-40&eri=4&sc=1&cookie_enabled=1&cdm=forexone.alghtas.xyz&abxe=1&dt=1705613120877&adxs=436&adys=0&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fforexone.alghtas.xyz%2F&loc=https%3A%2F%2Fforexone.alghtas.xyz%2F50-pips-a-day-forex-strategy%2F&vis=1&psz=728x-1&msz=728x-1&fws=512&ohw=0&ga_vid=830842240.1705613121&ga_sid=1705613121&ga_hid=1246565398&ga_fc=false&dlt=1705613120548&idt=304&adks=952610916&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401160101/pubads_impl.js?cb=31080488

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fa0a218b0597543ce5a78b7cbbd35b81570c1561ca15e57db9270ee08ab0d49a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://forexone.alghtas.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 21:25:21 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 285
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://forexone.alghtas.xyz
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 635 B
313 B 1134ms
1134ms Fetch
text/plain 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2304534828216141&correlator=4461925529216914&eid=31079958%2C31080488%2C31079724%2C44782500%2C31080115&output=ldjh&gdfp_req=1&vrg=202401160101&ptt=17&impl=fifs&iu_parts=22809522745%2Cforexone.alghtas.xyz_sticky2&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90%7C300x50%7C320x100%7C300x100%7C216x54%7C120x30%7C300x75%7C320x50%7C970x90&ifi=3&sfv=1-0-40&eri=4&sc=1&cookie_enabled=1&cdm=forexone.alghtas.xyz&abxe=1&dt=1705613120879&adxs=436&adys=1170&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fforexone.alghtas.xyz%2F&loc=https%3A%2F%2Fforexone.alghtas.xyz%2F50-pips-a-day-forex-strategy%2F&vis=1&psz=728x-1&msz=728x-1&fws=512&ohw=0&ga_vid=830842240.1705613121&ga_sid=1705613121&ga_hid=1246565398&ga_fc=false&dlt=1705613120548&idt=304&adks=528138116&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401160101/pubads_impl.js?cb=31080488

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2f00e84069daffb35ce96c52c2d1e01863755b0428f5f292a5e63ba33d5868a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://forexone.alghtas.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 21:25:22 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 282
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://forexone.alghtas.xyz
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 640 B
320 B 1311ms
1311ms Fetch
text/plain 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2304534828216141&correlator=4461925529216914&eid=31079958%2C31080488%2C31079724%2C44782500%2C31080115&output=ldjh&gdfp_req=1&vrg=202401160101&ptt=17&impl=fifs&iu_parts=22809522745%2Cforexone.alghtas.xyz_push&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x100%7C320x50%7C300x75%7C120x20%7C320x75%7C120x60%7C300x100%7C120x30%7C300x50&ifi=4&sfv=1-0-40&eri=4&sc=1&cookie_enabled=1&cdm=forexone.alghtas.xyz&abxe=1&dt=1705613120880&adxs=1280&adys=80&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fforexone.alghtas.xyz%2F&loc=https%3A%2F%2Fforexone.alghtas.xyz%2F50-pips-a-day-forex-strategy%2F&vis=1&psz=300x-1&msz=300x-1&fws=512&ohw=0&ga_vid=830842240.1705613121&ga_sid=1705613121&ga_hid=1246565398&ga_fc=false&dlt=1705613120548&idt=304&adks=798339477&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401160101/pubads_impl.js?cb=31080488

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

178cd4cb75c3eee317ae35456a36896c4e25895f8dceb64ec25548bba04b6d81

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://forexone.alghtas.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 21:25:22 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 289
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://forexone.alghtas.xyz
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 630 B
310 B 949ms
949ms Fetch
text/plain 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2304534828216141&correlator=4461925529216914&eid=31079958%2C31080488%2C31079724%2C44782500%2C31080115&output=ldjh&gdfp_req=1&vrg=202401160101&ptt=17&impl=fifs&iu_parts=22809522745%2Cforexone.alghtas.xyz_x&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&ifi=5&sfv=1-0-40&eri=4&sc=1&cookie_enabled=1&cdm=forexone.alghtas.xyz&abxe=1&dt=1705613120881&adxs=14&adys=794&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fforexone.alghtas.xyz%2F&loc=https%3A%2F%2Fforexone.alghtas.xyz%2F50-pips-a-day-forex-strategy%2F&vis=1&psz=362x-1&msz=350x-1&fws=512&ohw=0&ga_vid=830842240.1705613121&ga_sid=1705613121&ga_hid=1246565398&ga_fc=false&dlt=1705613120548&idt=304&adks=2989853341&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401160101/pubads_impl.js?cb=31080488

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2754a78255bc79d5254c2d7ace586e215c20635a72992e7cdf75556c2c565c81

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://forexone.alghtas.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 21:25:21 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 279
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://forexone.alghtas.xyz
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 63 KB
15 KB 1697ms
1697ms Fetch
text/plain 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2304534828216141&correlator=4461925529216914&eid=31079958%2C31080488%2C31079724%2C44782500%2C31080115&output=ldjh&gdfp_req=1&vrg=202401160101&ptt=17&impl=fifs&iu_parts=22809522745%2Cforexone.alghtas.xyz_close&enc_prev_ius=%2F0%2F1&prev_iu_szs=120x90%7C300x250%7C300x600%7C120x60%7C250x250%7C120x600%7C250x360&ifi=6&sfv=1-0-40&eri=4&sc=1&cookie_enabled=1&cdm=forexone.alghtas.xyz&abxe=1&dt=1705613120882&adxs=740&adys=564&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=6&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fforexone.alghtas.xyz%2F&loc=https%3A%2F%2Fforexone.alghtas.xyz%2F50-pips-a-day-forex-strategy%2F&vis=1&psz=120x-1&msz=120x-1&fws=516&ohw=180&ga_vid=830842240.1705613121&ga_sid=1705613121&ga_hid=1246565398&ga_fc=false&dlt=1705613120548&idt=304&adks=311943161&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401160101/pubads_impl.js?cb=31080488

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ebe9efa390e2f7209615be555c6b9284ec76bd57815bc18079cc91dd4909afa8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://forexone.alghtas.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 21:25:22 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14956
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://forexone.alghtas.xyz
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 7819 6 KB
3 KB 749ms
147ms Document
text/html 142.250.184.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401160101/pubads_impl.js?cb=31080488

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f1.1e100.net

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://forexone.alghtas.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 18 Jan 2024 21:25:21 GMT
expires: Fri, 17 Jan 2025 21:25:21 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 pubads_impl_page_level_ads.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401160101/ 40 KB
14 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401160101/pubads_impl_page_level_ads.js?cb=31080488

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401160101/pubads_impl.js?cb=31080488

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8eb063dd5efc39b1b3492ea35f77a7fa157fbdbd8ef1dcbeb885d9349066f3c4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://forexone.alghtas.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 19:37:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6441
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13863
x-xss-protection: 0
server: cafe
etag: 12572411096080002997
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Fri, 17 Jan 2025 19:37:59 GMT

GET
H3 200 rs6.css
forexone.alghtas.xyz/wp-content/plugins/revslider/public/assets/css/ 58 KB
13 KB 58ms
57ms Stylesheet
text/css 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://forexone.alghtas.xyz/wp-content/plugins/revslider/public/assets/css/rs6.css?ver=6.5.5
Requested by: Host: forexone.alghtas.xyz
URL: https://forexone.alghtas.xyz/50-pips-a-day-forex-strategy/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6abe94c8db415593d42b093301152b1e9c727364c2b5ed05b5ca2f163d8aa747

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://forexone.alghtas.xyz/50-pips-a-day-forex-strategy/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 21:25:21 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 21 Jul 2021 13:48:30 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 50
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BMbs805tdy7MNSYL6tn6y%2FTgqwrRppCmSFoGKuHY682mh9R%2BCIaYmhTaJqdBUrP%2BQ6Ca9n06THaxOyNv37VOlPH6%2BWN%2BaITm58pCDWRcVlGlWX1hxe4lrM5qs06cQ5q07iO8jYlE6Kst029r95rCEzdgAw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 8479e8f72f7bf11c-CDG
alt-svc: h3=":443"; ma=86400

GET
H3 200 rbtools.min.js Show response
forexone.alghtas.xyz/wp-content/plugins/revslider/public/assets/js/ 121 KB
48 KB 55ms
55ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://forexone.alghtas.xyz/wp-content/plugins/revslider/public/assets/js/rbtools.min.js?ver=6.5.5
Requested by: Host: forexone.alghtas.xyz
URL: https://forexone.alghtas.xyz/50-pips-a-day-forex-strategy/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 87664d848161d3a5bf83a511f4f483dc05e8472d06aedd5111488d267af298bb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://forexone.alghtas.xyz/50-pips-a-day-forex-strategy/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 21:25:21 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 21 Jul 2021 13:48:30 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 45
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9Bt%2F5%2F9r43bOjX7FDJ%2FL7DByYwQRyKcwOqut0qmzlnGw4yYHKdeEDD8BOtswNT55tYnDusY%2FBh0M%2BBD92ama8oV41cdb8P9lsDF37Mb1U%2F5aTlYpfu0m2KBus2zQxOCno1wHHQq57BXNCMG5dONwUQl%2FYA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 8479e8f72f7ff11c-CDG
alt-svc: h3=":443"; ma=86400

GET
H3 200 rs6.min.js Show response
forexone.alghtas.xyz/wp-content/plugins/revslider/public/assets/js/ 367 KB
97 KB 67ms
66ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://forexone.alghtas.xyz/wp-content/plugins/revslider/public/assets/js/rs6.min.js?ver=6.5.5
Requested by: Host: forexone.alghtas.xyz
URL: https://forexone.alghtas.xyz/50-pips-a-day-forex-strategy/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e4efcd6ec7d1fc476d9d3f43480ec9fb2b37ebcca255edefd2cfad8d2a96c27a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://forexone.alghtas.xyz/50-pips-a-day-forex-strategy/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 21:25:21 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 21 Jul 2021 13:48:30 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 45
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=q4drpLlDq5%2FAzQyqvJOCqNBqRfEvVZTHkMFTAJ0nI7jYXfBPlNmvkKFYC3o8YrgyUPWd6p73CX2RqW55KKqObb27BGsoQ%2BB0LZd5E9osx%2BYwNr6XA%2FaSX6g9s86KZYQeqWQP2zK2P2EBi3THvPE97OejPg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 8479e8f72f81f11c-CDG
alt-svc: h3=":443"; ma=86400

GET
H3 200 comment-reply.min.js Show response
forexone.alghtas.xyz/wp-includes/js/ 3 KB
2 KB 51ms
50ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://forexone.alghtas.xyz/wp-includes/js/comment-reply.min.js?ver=6.4.2
Requested by: Host: forexone.alghtas.xyz
URL: https://forexone.alghtas.xyz/50-pips-a-day-forex-strategy/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e174a58a503ab84b3d1b9de12fd3895788204485170f1289e445f7b5b98ec789

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://forexone.alghtas.xyz/50-pips-a-day-forex-strategy/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 21:25:21 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 08 Apr 2022 20:07:18 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 45
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QzlegUmwyV8k7PRoCkb19CK5VbqgC%2BV0NBJ%2FZBIYu%2FN%2FA99YnY8aiCBgz1X8wTM99J4ExE4IyQuUNywnvO0%2Bo2BRYKWzQUr8QK8T7TtSUjLZMbIQWP0fByul7PKnOZwj1%2B9xQF3K9aVm09iIaTVckh4q9w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 8479e8f72f84f11c-CDG
alt-svc: h3=":443"; ma=86400

GET
H3 200 advertising.min.js Show response
forexone.alghtas.xyz/wp-content/plugins/better-adsmanager/js/ 29 B
485 B 52ms
52ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://forexone.alghtas.xyz/wp-content/plugins/better-adsmanager/js/advertising.min.js?ver=1.21.0
Requested by: Host: forexone.alghtas.xyz
URL: https://forexone.alghtas.xyz/50-pips-a-day-forex-strategy/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c7e76d44c88e8c172f66eb413a359494fdc7569ebac417ac2de0c2a232152dd8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://forexone.alghtas.xyz/50-pips-a-day-forex-strategy/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 21:25:21 GMT
cf-cache-status: HIT
last-modified: Thu, 29 Jul 2021 12:17:34 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 50
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2T1c5g%2BAArssfb%2FzzECqZAUw6ZtiWoZBkgKaO9oL5Fmb6tzSdRBQC5jPlR4K0gkGmi7rSZuLoSBRN1lHM7HsSA3OQjHMnbNYbm2mctyvicyMj5n%2BfhsoFvdUFC7rLpLHDe3RT%2FL5I3hJlphwGnhLCMPdWQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8479e8f72f86f11c-CDG
alt-svc: h3=":443"; ma=86400
content-length: 29

GET
H3 200 52640a6dd9d9b7478865c8bffa2cd9ab.js Show response
forexone.alghtas.xyz/wp-content/bs-booster-cache/ 335 KB
99 KB 62ms
62ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://forexone.alghtas.xyz/wp-content/bs-booster-cache/52640a6dd9d9b7478865c8bffa2cd9ab.js?ver=6.4.2
Requested by: Host: forexone.alghtas.xyz
URL: https://forexone.alghtas.xyz/50-pips-a-day-forex-strategy/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d450ff9965bc91994f26a82ea0b7da511502480b1e7e655985396afeaac8aefb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://forexone.alghtas.xyz/50-pips-a-day-forex-strategy/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 21:25:21 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 16 Jan 2024 07:37:45 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 45
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X32k0p120nLqDEBm2B0yN3th0HQxMSxvc2%2BTBQMlMoCaXabujpaSI7sAgR0ga8KSGdkMMJGQaae28HK4YU1iZT4J0ZIV2IYSP1bKEk8yZeEbNqRUjhS0YGg4W8GC94OvT4qypj87AbtBTT9ktK1n8XXPzA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 8479e8f72f88f11c-CDG
alt-svc: h3=":443"; ma=86400

GET
H2 404 top-toolbar.jpg
lh3.ggpht.com/_beEpWOXwLJE/TIb57Lu4fwI/AAAAAAAABE0/q7niFVRbyNE/ 832 B
0 198ms
124ms Image
image/png 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://lh3.ggpht.com/_beEpWOXwLJE/TIb57Lu4fwI/AAAAAAAABE0/q7niFVRbyNE/top-toolbar.jpg

Requested by

Host: forexone.alghtas.xyz
URL: https://forexone.alghtas.xyz/50-pips-a-day-forex-strategy/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer

Response headers

date: Thu, 18 Jan 2024 21:25:20 GMT
x-content-type-options: nosniff
server: fife
content-type: image/png
access-control-allow-origin: *
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 832
x-xss-protection: 0

GET
H2 200 memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B5OaVIGxA.woff2
fonts.gstatic.com/s/opensans/v40/ 10 KB
10 KB 70ms
23ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v40/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B5OaVIGxA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

37c813e5c95a107d3992c300f1b03a488e70570166eb45687fedab8d1f3b6c7b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://forexone.alghtas.xyz
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 06:01:42 GMT
x-content-type-options: nosniff
age: 55419
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10180
x-xss-protection: 0
last-modified: Thu, 14 Dec 2023 02:49:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 17 Jan 2025 06:01:42 GMT

GET
H2 404 top-toolbar.jpg
lh3.ggpht.com/_beEpWOXwLJE/TIb57Lu4fwI/AAAAAAAABE0/q7niFVRbyNE/ 832 B
0 198ms
124ms Image
image/png 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://lh3.ggpht.com/_beEpWOXwLJE/TIb57Lu4fwI/AAAAAAAABE0/q7niFVRbyNE/top-toolbar.jpg

Requested by

Host: forexone.alghtas.xyz
URL: https://forexone.alghtas.xyz/50-pips-a-day-forex-strategy/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer

Response headers

date: Thu, 18 Jan 2024 21:25:20 GMT
x-content-type-options: nosniff
server: fife
content-type: image/png
access-control-allow-origin: *
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 832
x-xss-protection: 0

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/ 47 KB
47 KB 74ms
26ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,600%7CRoboto:400,500,400italic&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://forexone.alghtas.xyz
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 11:02:10 GMT
x-content-type-options: nosniff
age: 123791
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48236
x-xss-protection: 0
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 16 Jan 2025 11:02:10 GMT

GET
H2 200 memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2
fonts.gstatic.com/s/opensans/v40/ 18 KB
18 KB 101ms
54ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v40/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e7af9d60d875eb1c1b1037bbbfdec41fcb096d0ebcf98a48717ad8b07906ced6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://forexone.alghtas.xyz
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 02:24:24 GMT
x-content-type-options: nosniff
age: 154857
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18668
x-xss-protection: 0
last-modified: Thu, 14 Dec 2023 02:00:39 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 16 Jan 2025 02:24:24 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 39 KB
16 KB 1330ms
1330ms Fetch
text/plain 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2304534828216141&correlator=4461925529216914&eid=31079958%2C31080488%2C31079724%2C44782500%2C31080115&output=ldjh&gdfp_req=1&vrg=202401160101&ptt=17&impl=fifs&iu_parts=22809522745%2Cforexone.alghtas.xyz_bn1&enc_prev_ius=%2F0%2F1&prev_iu_szs=250x250%7C320x480%7C480x320%7C250x360%7C320x50&ifi=7&sfv=1-0-40&eri=4&sc=1&cookie=ID%3D26758ba64eccc905%3AT%3D1705613120%3ART%3D1705613120%3AS%3DALNI_MYT9N8fqV-C9WNWNtwbram_JsimZw&cdm=forexone.alghtas.xyz&gpic=UID%3D00000d43e38a5c32%3AT%3D1705613120%3ART%3D1705613120%3AS%3DALNI_MYCZ55p6aSKbYejF0xJlYZBzEsy_Q&abxe=1&dt=1705613121508&adxs=400&adys=139&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=7&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fforexone.alghtas.xyz%2F&loc=https%3A%2F%2Fforexone.alghtas.xyz%2F50-pips-a-day-forex-strategy%2F&vis=1&psz=800x21&msz=800x0&fws=4&ohw=1600&psts=AOrYGslXqzWxZnMwa10HhsoG5C0a&ga_vid=830842240.1705613121&ga_sid=1705613121&ga_hid=1246565398&ga_fc=false&dlt=1705613120548&idt=304&adks=4176891793&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401160101/pubads_impl.js?cb=31080488

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cfafc84f4234da01095679999f4d9d76c22815a0f377c581cdc8873df2847a1c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://forexone.alghtas.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 21:25:22 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16411
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://forexone.alghtas.xyz
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 39 KB
16 KB 1583ms
1583ms Fetch
text/plain 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2304534828216141&correlator=4461925529216914&eid=31079958%2C31080488%2C31079724%2C44782500%2C31080115&output=ldjh&gdfp_req=1&vrg=202401160101&ptt=17&impl=fifs&iu_parts=22809522745%2Cforexone.alghtas.xyz_bn2&enc_prev_ius=%2F0%2F1&prev_iu_szs=250x250%7C320x50%7C480x320%7C250x360%7C320x480&ifi=8&sfv=1-0-40&eri=4&sc=1&cookie=ID%3D26758ba64eccc905%3AT%3D1705613120%3ART%3D1705613120%3AS%3DALNI_MYT9N8fqV-C9WNWNtwbram_JsimZw&cdm=forexone.alghtas.xyz&gpic=UID%3D00000d43e38a5c32%3AT%3D1705613120%3ART%3D1705613120%3AS%3DALNI_MYCZ55p6aSKbYejF0xJlYZBzEsy_Q&abxe=1&dt=1705613121514&adxs=675&adys=357&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=8&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fforexone.alghtas.xyz%2F&loc=https%3A%2F%2Fforexone.alghtas.xyz%2F50-pips-a-day-forex-strategy%2F&vis=1&psz=800x210&msz=800x0&fws=4&ohw=1600&psts=AOrYGslXqzWxZnMwa10HhsoG5C0a&ga_vid=830842240.1705613121&ga_sid=1705613121&ga_hid=1246565398&ga_fc=false&dlt=1705613120548&idt=304&adks=4165396585&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401160101/pubads_impl.js?cb=31080488

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5ac7aebda51f2557584ca302719b79e692445bf8a19e4941403e4f50c51d2e9e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://forexone.alghtas.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 21:25:23 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16058
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://forexone.alghtas.xyz
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 39 KB
16 KB 1817ms
1817ms Fetch
text/plain 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2304534828216141&correlator=4461925529216914&eid=31079958%2C31080488%2C31079724%2C44782500%2C31080115&output=ldjh&gdfp_req=1&vrg=202401160101&ptt=17&impl=fifs&iu_parts=22809522745%2Cforexone.alghtas.xyz_bn3&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C320x480%7C480x320%7C250x360%7C250x250&ifi=9&sfv=1-0-40&eri=4&sc=1&cookie=ID%3D26758ba64eccc905%3AT%3D1705613120%3ART%3D1705613120%3AS%3DALNI_MYT9N8fqV-C9WNWNtwbram_JsimZw&cdm=forexone.alghtas.xyz&gpic=UID%3D00000d43e38a5c32%3AT%3D1705613120%3ART%3D1705613120%3AS%3DALNI_MYCZ55p6aSKbYejF0xJlYZBzEsy_Q&abxe=1&dt=1705613121517&adxs=640&adys=476&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=9&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fforexone.alghtas.xyz%2F&loc=https%3A%2F%2Fforexone.alghtas.xyz%2F50-pips-a-day-forex-strategy%2F&vis=1&psz=800x330&msz=800x0&fws=4&ohw=1600&psts=AOrYGslXqzWxZnMwa10HhsoG5C0a&ga_vid=830842240.1705613121&ga_sid=1705613121&ga_hid=1246565398&ga_fc=false&dlt=1705613120548&idt=304&adks=3309457587&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401160101/pubads_impl.js?cb=31080488

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9480d3a99e72b762ee44a42e38dc37cd13b48e3551827e7b07140aa076be8761

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://forexone.alghtas.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 21:25:23 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16202
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://forexone.alghtas.xyz
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 39 KB
16 KB 2011ms
2011ms Fetch
text/plain 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2304534828216141&correlator=4461925529216914&eid=31079958%2C31080488%2C31079724%2C44782500%2C31080115&output=ldjh&gdfp_req=1&vrg=202401160101&ptt=17&impl=fifs&iu_parts=22809522745%2Cforexone.alghtas.xyz_bn4&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C250x250%7C250x360%7C480x320%7C320x480&ifi=10&sfv=1-0-40&eri=4&sc=1&cookie=ID%3D26758ba64eccc905%3AT%3D1705613120%3ART%3D1705613120%3AS%3DALNI_MYT9N8fqV-C9WNWNtwbram_JsimZw&cdm=forexone.alghtas.xyz&gpic=UID%3D00000d43e38a5c32%3AT%3D1705613120%3ART%3D1705613120%3AS%3DALNI_MYCZ55p6aSKbYejF0xJlYZBzEsy_Q&abxe=1&dt=1705613121523&adxs=640&adys=1607&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=a&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fforexone.alghtas.xyz%2F&loc=https%3A%2F%2Fforexone.alghtas.xyz%2F50-pips-a-day-forex-strategy%2F&vis=1&psz=800x24&msz=800x0&fws=4&ohw=1600&psts=AOrYGslXqzWxZnMwa10HhsoG5C0a&ga_vid=830842240.1705613121&ga_sid=1705613121&ga_hid=1246565398&ga_fc=false&dlt=1705613120548&idt=304&adks=3131544665&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401160101/pubads_impl.js?cb=31080488

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ff5706156b937966c47a52d5873c07cf075bc1776be002f5d1ed8a176776a286

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://forexone.alghtas.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 21:25:23 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16502
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://forexone.alghtas.xyz
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 39 KB
16 KB 2289ms
2289ms Fetch
text/plain 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2304534828216141&correlator=4461925529216914&eid=31079958%2C31080488%2C31079724%2C44782500%2C31080115&output=ldjh&gdfp_req=1&vrg=202401160101&ptt=17&impl=fifs&iu_parts=22809522745%2Cforexone.alghtas.xyz_bn5&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x480%7C480x320%7C320x50%7C250x250%7C250x360&ifi=11&sfv=1-0-40&eri=4&sc=1&cookie=ID%3D26758ba64eccc905%3AT%3D1705613120%3ART%3D1705613120%3AS%3DALNI_MYT9N8fqV-C9WNWNtwbram_JsimZw&cdm=forexone.alghtas.xyz&gpic=UID%3D00000d43e38a5c32%3AT%3D1705613120%3ART%3D1705613120%3AS%3DALNI_MYCZ55p6aSKbYejF0xJlYZBzEsy_Q&abxe=1&dt=1705613121530&adxs=640&adys=1662&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=2&ucis=b&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fforexone.alghtas.xyz%2F&loc=https%3A%2F%2Fforexone.alghtas.xyz%2F50-pips-a-day-forex-strategy%2F&vis=1&psz=800x74&msz=800x0&fws=4&ohw=1600&psts=AOrYGslXqzWxZnMwa10HhsoG5C0a&ga_vid=830842240.1705613121&ga_sid=1705613121&ga_hid=1246565398&ga_fc=false&dlt=1705613120548&idt=304&adks=624631471&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401160101/pubads_impl.js?cb=31080488

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

61014388004a3cc2e5629a70f509ede40cd31850c7939d7d7c27aa6776d4e944

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://forexone.alghtas.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 21:25:23 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16340
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://forexone.alghtas.xyz
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 404 top-toolbar.jpg
lh3.ggpht.com/_beEpWOXwLJE/TIb57Lu4fwI/AAAAAAAABE0/q7niFVRbyNE/ 832 B
0 198ms
124ms Image
image/png 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://lh3.ggpht.com/_beEpWOXwLJE/TIb57Lu4fwI/AAAAAAAABE0/q7niFVRbyNE/top-toolbar.jpg

Requested by

Host: forexone.alghtas.xyz
URL: https://forexone.alghtas.xyz/50-pips-a-day-forex-strategy/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer

Response headers

date: Thu, 18 Jan 2024 21:25:20 GMT
x-content-type-options: nosniff
server: fife
content-type: image/png
access-control-allow-origin: *
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 832
x-xss-protection: 0

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTUGmu1aB.woff2
fonts.gstatic.com/s/opensans/v40/ 24 KB
25 KB 29ms
28ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTUGmu1aB.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,600%7CRoboto:400,500,400italic&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7e510e61c497d334da21eccda06df5d3a428c9ea94d6903b6138e7c7255aba0f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://forexone.alghtas.xyz
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 10:54:38 GMT
x-content-type-options: nosniff
age: 124243
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24984
x-xss-protection: 0
last-modified: Thu, 14 Dec 2023 02:04:54 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 16 Jan 2025 10:54:38 GMT

GET
H2 404 top-toolbar.jpg
lh3.ggpht.com/_beEpWOXwLJE/TIb57Lu4fwI/AAAAAAAABE0/q7niFVRbyNE/ 832 B
0 198ms
124ms Image
image/png 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://lh3.ggpht.com/_beEpWOXwLJE/TIb57Lu4fwI/AAAAAAAABE0/q7niFVRbyNE/top-toolbar.jpg

Requested by

Host: forexone.alghtas.xyz
URL: https://forexone.alghtas.xyz/50-pips-a-day-forex-strategy/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer

Response headers

date: Thu, 18 Jan 2024 21:25:20 GMT
x-content-type-options: nosniff
server: fife
content-type: image/png
access-control-allow-origin: *
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 832
x-xss-protection: 0

GET
H3 200 wp-emoji-release.min.js Show response
forexone.alghtas.xyz/wp-includes/js/ 18 KB
5 KB 52ms
51ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://forexone.alghtas.xyz/wp-includes/js/wp-emoji-release.min.js?ver=6.4.2
Requested by: Host: forexone.alghtas.xyz
URL: https://forexone.alghtas.xyz/50-pips-a-day-forex-strategy/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://forexone.alghtas.xyz/50-pips-a-day-forex-strategy/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 21:25:21 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 02 Feb 2023 00:53:25 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 6140
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=52Q7OPeZUqGwifl0lyE8Y%2BaisTTz8v4p08UTy1mQ4vLxPJ%2FrZEdjjkWbTfQEnCAIk8Y%2Bq4%2BLYyrKXkK0mHFAcLcqbVB0XKRrSI3UIVYR5CXZ6JMDnOynpxEGY%2B3ImDS5gDgntt19MG%2FMJ3NYm1Q3JoNqKw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 8479e8fa1cd7f11c-CDG
alt-svc: h3=":443"; ma=86400

GET
DATA 200
OK truncated
/ 42 B
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c90cff659645a312a28804965f3dbc34061338f7234ff5d6ddb2c57e9eadec15

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/webp

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 111ms
65ms XHR
application/json 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202401160101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401160101/pubads_impl.js?cb=31080488

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

961b940c831253cc6e4f3fb7d3f3e005529914982dbbe93d4d7597ba6e34205b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://forexone.alghtas.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 21:25:21 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12140
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 104ms
41ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401160101/pubads_impl.js?cb=31080488

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://forexone.alghtas.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 21:25:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 18 Jan 2024 21:25:21 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 519C 13 KB
5 KB 22ms
21ms Document
text/html 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://forexone.alghtas.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 23243
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 18 Jan 2024 14:57:58 GMT
expires: Fri, 17 Jan 2025 14:57:58 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 4912 829 B
1 KB 79ms
30ms Document
text/html 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

ff7ed3172bf6f2983b2bf16cfae48c6967d821d9732df677ccad185dfc6a399c

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-YY3Z75RBJEfnLCCo8X3GCA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://forexone.alghtas.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-YY3Z75RBJEfnLCCo8X3GCA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 18 Jan 2024 21:25:21 GMT
expires: Thu, 18 Jan 2024 21:25:21 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js Show response
pagead2.googlesyndication.com/bg/ Frame 519C 39 KB
15 KB 60ms
20ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2074a344a2a3deaff53edddcdac1961e6502cbf070e67e7284a87d096c994b0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 18:59:45 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8736
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15219
x-xss-protection: 0
last-modified: Mon, 15 Jan 2024 09:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 17 Jan 2025 18:59:45 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 4912 0
0 50ms
49ms Image
text/html 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202401160101&jk=2304534828216141&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 519C 0
10 B 19ms
19ms Image
text/plain 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?ppy7TA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 21:25:22 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 55ms
54ms Image
text/html 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202401160101&jk=2304534828216141&bg=!AAOlA0zNAAa8BdJLnAU7ADQBe5WfOCEqXHS3sfFhIVPp-td-yTkocMClSICjutbES4_W94TsmfeY-jiPlJIqD708JSrfAgAAACpSAAAAAmgBB5kCt4EKAPfZsLnXXHci3n_S4zTZ3sKNK_trMJjud2Tk8OS33XDfcYMmExDjAJ_xxrL7n0SmBihzZ1EBPB8x67UV3yQCpOxpv2qCcX0SxxzcgNQkcnWXCiVR4PfV_lDQu_R6g6MBoKDNAyYOpVHUHGr7Hp8ZAcaBfxDCE2AwInCfyQeAHlIsX9GkVm1HCLJlxw3VMJQ2IwuEJehQgWuzOFwk_nvcZi6LBVYY7Yz8vFg-vvnrxtmLEeENAX6KV1G1vU-CxMvsTdN4Q_-sqXRaENQb7oNLpIiEkHy0mBENOb3Px0HZgciZI6S34hHemj9SiRVxgfYT7yHxbbhjn3O7Ewdr0PYOk2vS-FPf4JpJiygH_THBPm70J0leI8lweAWFExkxAXlA3M-X-u0HAFveir8ithP4lN043jkJ3Jyi-w7nOtGtM5Chb6da98orAf2QxF3i8d4s7MMc-yL5AqFVImJwwg5ju6vwbcRoC1gryUSXqQSqo13cdf8o7TVk03D2UvtsMIfIVF-UfG3i8Et3ipc2ICkKxpTdN2fEP0y493Jp_yg2ymhtLQ2Ci1Ya5xUvBnwnJPUNWP4nQJPxrvB0zxDx9ucxj5pJZWL2fivFCmCC6AQirU2GPn6WrjCj-GjSrrF8mupx6ewo3VzQ97d3FXL0fnCcOXcZLsBpd1EWjo2RorzzjeCwr9wQB3ht_dSpG_swhJ0EJg2ClMLafF7ySRv64Er_yi6hPPHFlxE-MPtdD9JuBkSDNVibQoOKxhzhCJXZyVI7OeM-KGGdtlp4rifNcXVCVWQK7_lR1DzUc-Jo1e9wHYDH2nm38_Tel4M28nPWC1FCW4Gxm3HbVaQtyxroN_TItjZClCJqLGV7EKIZEWoTpPAcl8uQ65ukgcKoWLJgzUFevne9ZcJf3pk5_dm24srXun_dn_b-
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://forexone.alghtas.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012312191621000/ Frame 4995 196 KB
56 KB 97ms
21ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012312191621000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401160101/pubads_impl.js?cb=31080488

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d5ef37381138e5c82aba1b09a5e9cb76a193c998e80f09e9ec9cdb8c0eac8e17

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://forexone.alghtas.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 17 Jan 2024 20:11:52 GMT
age: 90810
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56099
x-xss-protection: 0
server: sffe
etag: "b4f73150f1481343"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 16 Jan 2025 20:11:52 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012312191621000/v0/ Frame 4995 15 KB
5 KB 133ms
57ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012312191621000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401160101/pubads_impl.js?cb=31080488

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

291ad59350731069a43cb924ae03eba4174c9157dbb1434679298877141e1fbb

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://forexone.alghtas.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 17 Jan 2024 20:11:52 GMT
age: 90810
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5228
x-xss-protection: 0
server: sffe
etag: "1615cf8c9658662f"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 16 Jan 2025 20:11:52 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012312191621000/v0/ Frame 4995 95 KB
28 KB 140ms
64ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012312191621000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401160101/pubads_impl.js?cb=31080488

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c57e30f3e3440754bfd9c14304db0781d0d1226d5a3b093a4ed015f5007d5c62

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://forexone.alghtas.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 17 Jan 2024 20:11:52 GMT
age: 90810
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29030
x-xss-protection: 0
server: sffe
etag: "4993b3249a87fa76"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 16 Jan 2025 20:11:52 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012312191621000/v0/ Frame 4995 5 KB
2 KB 138ms
63ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012312191621000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401160101/pubads_impl.js?cb=31080488

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ca848bb459064d2d0a527bd0840ec4cbdea5545ab07b8dc7ebb61c8d0cb1a954

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://forexone.alghtas.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 17 Jan 2024 20:11:52 GMT
age: 90810
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1930
x-xss-protection: 0
server: sffe
etag: "09131eec19261354"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 16 Jan 2025 20:11:52 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012312191621000/v0/ Frame 4995 40 KB
13 KB 135ms
59ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012312191621000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401160101/pubads_impl.js?cb=31080488

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

febaf4a1ace567d9e1c2a64b9721eaa47cb418db39c8869b38ecd480bdfde322

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://forexone.alghtas.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 17 Jan 2024 20:11:52 GMT
age: 90810
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12961
x-xss-protection: 0
server: sffe
etag: "b1091b2fa725aeb2"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 16 Jan 2025 20:11:52 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 4995 6 KB
802 B 32ms
32ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401160101/pubads_impl.js?cb=31080488

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9a4eb2c9445287c34cb0a9ed5cc673460362483f0855bc91f8230dfa46a955e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://forexone.alghtas.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 18 Jan 2024 21:25:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 18 Jan 2024 21:03:01 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 18 Jan 2024 21:25:22 GMT

GET
H3 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 4995 2 KB
2 KB 20ms
20ms Image
image/png 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: forexone.alghtas.xyz
URL: https://forexone.alghtas.xyz/50-pips-a-day-forex-strategy/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://forexone.alghtas.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 11:48:31 GMT
x-content-type-options: nosniff
server: cafe
age: 34611
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2502
x-xss-protection: 0
expires: Fri, 19 Jan 2024 11:48:31 GMT

GET
H3 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 4995 295 B
319 B 21ms
21ms Image
image/png 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: forexone.alghtas.xyz
URL: https://forexone.alghtas.xyz/50-pips-a-day-forex-strategy/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://forexone.alghtas.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 18:29:52 GMT
x-content-type-options: nosniff
server: cafe
age: 10530
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Fri, 19 Jan 2024 18:29:52 GMT

GET
H3 200 2076313506083323656
tpc.googlesyndication.com/simgad/5291538849493751616/ Frame 4995 51 KB
51 KB 22ms
22ms Image
image/jpeg 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/5291538849493751616/2076313506083323656

Requested by

Host: forexone.alghtas.xyz
URL: https://forexone.alghtas.xyz/50-pips-a-day-forex-strategy/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9c75069ef64946c381aaf8e3c28175a55e6fb860c5250fe53f6010cbbfe3be58

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://forexone.alghtas.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires: Wed, 15 Jan 2025 08:33:24 GMT
date: Tue, 16 Jan 2024 08:33:24 GMT
x-content-type-options: nosniff
age: 219118
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52462
x-xss-protection: 0
last-modified: Wed, 15 Feb 2023 16:22:13 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 14763004658117789537
tpc.googlesyndication.com/simgad/4993217691887194574/ Frame 4995 10 KB
10 KB 21ms
21ms Image
image/png 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/4993217691887194574/14763004658117789537?w=100&h=100&tw=1&q=75

Requested by

Host: forexone.alghtas.xyz
URL: https://forexone.alghtas.xyz/50-pips-a-day-forex-strategy/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8709e26d61bab50cdc652883fa5428c94fd2a23b41deed8901c12902da97355a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://forexone.alghtas.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires: Tue, 14 Jan 2025 15:41:39 GMT
date: Mon, 15 Jan 2024 15:41:39 GMT
x-content-type-options: nosniff
age: 279823
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10418
x-xss-protection: 0
last-modified: Thu, 16 Feb 2023 23:21:47 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
DATA 200
OK truncated
/ Frame 4995 221 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 613603afe8c5203c59d7f9df1cbac87109df7ffdf245fd20becfa6bd95b92155

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 4995 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ebe7e3fa4af0973deaed13873a8c9949bfb7483d7ee021876f20168a7655ac33

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 412 KB
50 KB 798ms
797ms Fetch
text/plain 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2304534828216141&correlator=2085329660516928&eid=31079958%2C31080488%2C31079724%2C44782500%2C31080115&output=ldjh&gdfp_req=1&vrg=202401160101&ptt=17&impl=fifs&iu_parts=22809522745%2Cforexone.alghtas.xyz_sticky1%2Cforexone.alghtas.xyz_sticky2%2Cforexone.alghtas.xyz_push%2Cforexone.alghtas.xyz_x%2Cforexone.alghtas.xyz_close%2Cforexone.alghtas.xyz_bn1%2Cforexone.alghtas.xyz_bn2%2Cforexone.alghtas.xyz_bn3%2Cforexone.alghtas.xyz_bn4%2Cforexone.alghtas.xyz_bn5&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4%2C%2F0%2F5%2C%2F0%2F6%2C%2F0%2F7%2C%2F0%2F8%2C%2F0%2F9%2C%2F0%2F10&prev_iu_szs=728x90%7C320x50%7C300x75%7C216x54%7C970x90%7C300x100%7C120x30%7C300x50%7C320x100%2C728x90%7C300x50%7C320x100%7C300x100%7C216x54%7C120x30%7C300x75%7C320x50%7C970x90%2C320x100%7C320x50%7C300x75%7C120x20%7C320x75%7C120x60%7C300x100%7C120x30%7C300x50%2C300x250%2C120x90%7C300x250%7C300x600%7C120x60%7C250x250%7C120x600%7C250x360%2C250x250%7C320x480%7C480x320%7C250x360%7C320x50%2C250x250%7C320x50%7C480x320%7C250x360%7C320x480%2C320x50%7C320x480%7C480x320%7C250x360%7C250x250%2C320x50%7C250x250%7C250x360%7C480x320%7C320x480%2C320x480%7C480x320%7C320x50%7C250x250%7C250x360&ifi=12&sfv=1-0-40&rcs=1%2C1%2C1%2C1%2C1%2C1%2C1%2C1%2C1%2C1&eri=5&sc=1&cookie=ID%3Db45d9001de90f8b4%3AT%3D1705613120%3ART%3D1705613120%3AS%3DALNI_MYeFOqUxruCno3-6epyE3vOLaeiFg&cdm=forexone.alghtas.xyz&gpic=UID%3D00000d43e45f9dde%3AT%3D1705613120%3ART%3D1705613120%3AS%3DALNI_MZdvOxFKp-nh0SF3jdilxtedqnb0Q&abxe=1&dt=1705613122614&adxs=436%2C436%2C1280%2C6%2C650%2C400%2C675%2C640%2C640%2C640&adys=0%2C1170%2C80%2C804%2C261%2C139%2C357%2C476%2C1653%2C1709&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7C3%7C4&ucis=2%7C3%7C4%7C5%7C6%7C7%7C8%7C9%7Ca%7Cb&oid=2&tos=~~~~~~~~~&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fforexone.alghtas.xyz%2F&loc=https%3A%2F%2Fforexone.alghtas.xyz%2F50-pips-a-day-forex-strategy%2F&vis=1&psz=728x-1%7C728x-1%7C300x-1%7C350x-1%7C300x-1%7C800x5521%7C800x357%7C800x357%7C800x4005%7C800x4005&msz=728x-1%7C728x-1%7C300x-1%7C338x-1%7C300x-1%7C800x0%7C800x0%7C800x0%7C800x0%7C800x0&fws=516%2C516%2C516%2C516%2C516%2C4%2C4%2C4%2C4%2C4&ohw=1600%2C1600%2C1600%2C1600%2C360%2C1600%2C1600%2C1600%2C1600%2C1600&psts=AOrYGsnQ0x6W8PlLWvqfIZmqT_GDqzS8JVXjP6Ue4tns6zxY&ga_vid=830842240.1705613121&ga_sid=1705613121&ga_hid=1246565398&ga_fc=false&dlt=1705613120548&idt=304&adks=952610916%2C528138116%2C798339477%2C2989853341%2C311943161%2C4176891793%2C4165396585%2C3309457587%2C3131544665%2C624631471&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401160101/pubads_impl.js?cb=31080488

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d68009b85b0825d61312d677ad178f16343111eeaf768aac7ad3293540ee0438

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://forexone.alghtas.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 21:25:23 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50733
x-xss-protection: 0
google-lineitem-id: -1,-1,-1,-1,-1,-1,-1,-1,-1,-1
pragma: no-cache
server: cafe
google-creative-id: -1,-1,-1,-1,-1,-1,-1,-1,-1,-1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://forexone.alghtas.xyz
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 4995 15 KB
16 KB 20ms
20ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://forexone.alghtas.xyz
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 14:18:08 GMT
x-content-type-options: nosniff
age: 112034
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 16 Jan 2025 14:18:08 GMT

GET
H3 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 4995 15 KB
15 KB 22ms
22ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://forexone.alghtas.xyz
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 09:30:09 GMT
x-content-type-options: nosniff
age: 129313
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15740
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 16 Jan 2025 09:30:09 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 4995 0
0 64ms
63ms Image
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CaagzQpepZdj1CqvY9u8PqMKgsAGT-_GJdbC576n6EdnZHhABIN7BgJsBYJXKhoKYB6AB84_7qSnIAQmpAn-MYyoiOLI-4AIAqAMByAMKqgSTAk_QouvHw5710UzN0F3plp1bz2DmrOG-_6uKXKw9NfzofZXvP60WOsiWxjPzf6wxDCGKkuvMqbk40pkF10Wbpqovi31IzznKQO73cd1NS9KNN9KTANXrDMt3wm72U9M_Pl69bOiWYsa4AbsXjMLn7PoigBa53s3Wlf8vmzEp_hOJdibvDiXhpw-e2bcleUle_zBQmANldHddy-HKSu2Jk8VJzl-wV4F8DjbyePuOOP4A7CdNjWtYJ3SA84JcAfJ37J1C8gA5SIPpDotv8nafHibTO_LCfwWFhJYnAiDMf4egdcJ_aCDnHPvNqSvJWiHTb9qzy-gh5bM2pm1WJkY4wUemKymody79ukHVsPQiFdNYS-C2wAT3hKD_wwTgBAGIBdbRs4tMkgUECAQYAZIFBAgFGASgBi6AB_PHy4kEqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhvYBwDyBwQQgOcH0ggfCIDhgBAQARgdMgKqAjoCgEBIvf3BOljyrsiB8OeDA5oJ4wFodHRwczovL3VzLnNob2Zhc3QuY29tL2Rzcj9xPW1hbmFnZWQlMjBjeWJlciUyMHNlY3VyaXR5JTIwc2VydmljZSZhc2lkPXptd19jaDQyNyZkZT1jJnNjbGlkPTAtMjQwMTUtcGxjX2ZvcmV4b25lLmFsZ2h0YXMueHl6JmdjbGlkPXtnY2xpZH0mcmFjPUFydGljbGVzJTIwYW5kJTIwaW5mbyUyMGZvciUyMG1hbmFnZWQlMjBjeWJlciUyMHNlY3VyaXR5JTIwc2VydmljZSZudz1kJmxvY2FsZT1lbl9VU4AKA8gLAeINEwjx0siB8OeDAxUrrP0HHSghCBa4E-QD2BMMiBQB0BUBmBYBgBcBshcfCh0IABIUcHViLTc3ODA3NTg1Mzk3NTEyNDMYoKiLAQ&sigh=NNWbf98RaD8&uach_m=%5B%5D&ase=2&nis=5&cid=CAQSTwAvHhf_-0xwAxBPx95Mzr12xAipeEKZpRALZuFVmd85Mi-oQMawT2nY3EHrsEXi7H1-A21Qj-hl1ivtfe9YRl_ODWXKSqWRMT1af_M3KLwYAQ&template_id=484&cbvp=2
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://forexone.alghtas.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

GET
H2 200 container.html Show response
e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame CC3C 6 KB
3 KB 113ms
112ms Document
text/html 142.250.184.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401160101/pubads_impl.js?cb=31080488

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f1.1e100.net

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://forexone.alghtas.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 18 Jan 2024 21:25:21 GMT
expires: Fri, 17 Jan 2025 21:25:21 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 dr Show response
as.ad4m.at/ad/ Frame 18BC 2 KB
3 KB 99ms
48ms Document
text/html 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/dr?ed=1hwtedvhwjb37v5gen2bgpff0swcsfyk8r7hg9hp5dfnjekpf6gd8ten8j1yp699x3h963ng27rngjfvf8ytwzrhncbbhawbd1fn4brfm0kk8rhvrpkyty8vft3wk5wn5ajvs5shk3zma1sskg2qx2hwppsqx7dvg77qa7mtq8dh8gft8qcnzbp3dqjc66ahkp62nazmqaffgdh3at151mf7gv8p16ttyfjs2j6zf2jmdarrjvd4h0jgtbyzv33yaqd21tw017x6kac29xgcg23hafvx7tnmx8q3fz82tbq9jttjdqgm3jfea1g2tf9cesrqae53mn8g0qms22wd3enhpcbsz0n6ej3cbjc0kg8nygcacsgjh7zvmfrg1f0p312ap8x6w30k0tw8wzhvs82qwyt2t9t59w2754dfctsfs829qh56ran96dk163kx8sray4t3&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCAU1VQpepZeecIf6g9u8P4eGvwAOQ4YGEXLaoworwAsCNtwEQASAAYJXKhoKYB4IBF2NhLXB1Yi04NzM3NzkzMzg5NjcxNTM1yAEJqQJ_jGMqIjiyPuACAKgDAcgDAqoEgwJP0M3ksRVfrDFlyhRQPIjJr-Dt-NitIhgY_hN6QDIH0lQTkWL4JvrrP_6vZ684YWjXTvN1JpSu9bctJCp8CJoWaMOuz6clFv3vs1q5JGQ3UYYEpyUEmtJraiOeeejXFhF7hDSmDARPwTIZhWMc0SvqVn3v5vhzUsJoBeOlEryV1-Ht2S2DA5jBolM5imNTPjaVlo_G0sw9S_fmqHu08CLWXW2FAMneeXAbIyeQhwfkFQ75jk7i5AgYyRNf6tcDXYK5cdUHxNDAizQefyjhpPHy8FHH-DsP0FRmWLqErL3PpkPCDncKjKQ0o6x6YuNcrt_VtTbi_bG1cAXrGIQAmDc7eo2K4AQBgAbF76qXrOryphygBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYhafugfDngwP6CwIIAYAMAeINEwjD0O6B8OeDAxV-kP0HHeHwCzjQFQGAFwE%26num%3D1%26sig%3DAOD64_2OF7bTznGEyNTsiwMm1LBv9imYFg%26client%3Dca-pub-8737793389671535%26adurl%3D

Requested by

Host: e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com
URL: https://e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b3d1b1603ea0679f35d5e1007a9b2dd2aea06f71a7a693f4d75e446bbfb703b6

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src ;connect-src https:;default-src 'self';font-src ;form-action 'none';frame-src ;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src 'unsafe-inline'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 8479e902fb589bc2-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src *;connect-src https:;default-src 'self';font-src *;form-action 'none';frame-src *;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Thu, 18 Jan 2024 21:25:23 GMT
expires: 0
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
permissions-policy: accelerometer=(),autoplay=(self),camera=(),display-capture=(),encrypted-media=(self),fullscreen=(),gamepad=(),geolocation=(),gyroscope=(),hid=(),identity-credentials-get=(),idle-detection=*,local-fonts=*,magnetometer=(),microphone=(),midi=(),otp-credentials=(),payment=(),picture-in-picture=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=(),web-share=*,xr-spatial-tracking=()
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240117/r20110914/client/ Frame CC3C 3 KB
1 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240117/r20110914/client/window_focus_fy2021.js

Requested by

Host: e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com
URL: https://e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 14:56:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 23339
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 01 Feb 2024 14:56:23 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 4E20 1 KB
643 B 21ms
21ms Document
text/html 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com
URL: https://e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 15278
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 18 Jan 2024 17:10:44 GMT
etag: 48472445140208031
expires: Fri, 19 Jan 2024 17:10:44 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240117/r20110914/client/ Frame CC3C 20 KB
8 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240117/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com
URL: https://e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 16:28:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 17839
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8492
x-xss-protection: 0
server: cafe
etag: 9878124937798820110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 01 Feb 2024 16:28:03 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame CC3C 0
0 30ms
28ms Image
text/html 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaR5BBp_tvswRHqRwDmmalH5ZRQc99ZVtdZx9mpb9-xZoERC0xK42eB0qcd4TR8-Zth3qzME2qUjw9DmovrhzDCUPYo73g
Requested by: Host: e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com
URL: https://e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame CC3C 24 KB
6 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com
URL: https://e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 01:04:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 159647
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 16 Jan 2025 01:04:35 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame CC3C 206 KB
66 KB 136ms
75ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com
URL: https://e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

69c32d8650b1e5f0bcb76d787972b68a1ba327ea5bd8da7ab8ca1a04336735c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 21:25:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66453
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1705495733332172"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 18 Jan 2024 21:25:23 GMT

GET
DATA 200
OK truncated
/ Frame CC3C 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8607174d3d088f052b51d21b06563c07c25228386b8b8a9e3cd8bcc2bd3a959b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 204 current
dclk-match.dotomi.com/match/bounce/ Frame 4E20 0
104 B 260ms
127ms Image
text/plain 2a02:fa8:8806:13::1400
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESELMnszUrqfqnrUvpQ0qp3fY&google_cver=1&google_push=AXcoOmTJJ-JJxuRqNGWMm1uQsmlXk9wF0SFvUBNHMJKb5WIGx8UHcFxPFa7SE941YS-XhHft5i9ZsGqJfM6Nvr58OVCSsiw3in4-
Requested by: Host: e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com
URL: https://e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:13::1400 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 18 Jan 2024 21:25:23 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H2 200 google
match.adsrvr.org/track/cmf/ Frame 4E20 70 B
149 B 153ms
47ms Image
image/gif 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/google?google_gid=CAESEMLr8Ae5PwByx9GUhL603ns&google_cver=1&google_push=AXcoOmSSsfvTKtB24Ce_0ivyx_Cn7xXqVDgAWoLpMqF0CKGDue3_ksZHTZZJTza6uWqROZIXSH7xOYfYVc8vOUfuqeFpivNs0fY
Requested by: Host: e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com
URL: https://e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 21:25:23 GMT
server: Kestrel
content-length: 70
content-type: image/gif

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 4E20
Redirect Chain

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEGe2z5xjWouKPCbB5_rDwac&google_cver=1&google_push=AXcoOmR4W-dSHPijDPfXSFQK24RcP3OK1Yjx0BtqzKcYuISO7rrH9CTFaHFr1UHPNgpDsBuut5sk7jHFuJW...
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmR4W-dSHPijDPfXSFQK24RcP3OK1Yjx0BtqzKcYuISO7rrH9CTFaHFr1UHPNgpDsBuut5sk7jHFuJWibocxsEYwNrWYXkv9&google_hm=OUw8FIbKQUOxbFOJ3GigvoQ

170 B
329 B

33ms
32ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmR4W-dSHPijDPfXSFQK24RcP3OK1Yjx0BtqzKcYuISO7rrH9CTFaHFr1UHPNgpDsBuut5sk7jHFuJWibocxsEYwNrWYXkv9&google_hm=OUw8FIbKQUOxbFOJ3GigvoQ

Requested by

Host: e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com
URL: https://e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 18 Jan 2024 21:25:23 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 18 Jan 2024 21:25:22 GMT
via: 1.1 google
server: Apache-Coyote/1.1
p3p: CP="NOI DSP COR NID CUR OUR NOR"
status: 302
location: https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmR4W-dSHPijDPfXSFQK24RcP3OK1Yjx0BtqzKcYuISO7rrH9CTFaHFr1UHPNgpDsBuut5sk7jHFuJWibocxsEYwNrWYXkv9&google_hm=OUw8FIbKQUOxbFOJ3GigvoQ
content-type: text/html;charset=UTF-8
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dds
rtb.openx.net/sync/ Frame 4E20 43 B
236 B 80ms
30ms Image
image/gif 35.186.253.211
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESEBJrHPzf0knN2DVB7ybS-6Y&google_cver=1&google_push=AXcoOmRpmK47uP42wIdhWnm4pymLEm4_vYfNP5XF4OPHHS3x0-eXppE940Zx1rQGt4wFLdIKLMU3fxivHxFNfiAjAldjaYBC5lk
Requested by: Host: e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com
URL: https://e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 211.253.186.35.bc.googleusercontent.com
Software: /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 18 Jan 2024 21:25:23 GMT
via: 1.1 google
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 4E20
Redirect Chain

https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEL...
https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=AXcoOmQKtfpejY6hq-YJA0qcffMAbozsLwlDiWbYuq4rYDH_9jMwvGqYasEQ__uPw7lT1mDzwNLEJOLgNLHx8o1TFKRIL8GNwdhk&redir=https%3A%2F%2Fcm.g.doubl...
https://sync.targeting.unrulymedia.com/csync/RX-b602f861-db43-4b8f-ab75-6be300187185-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAXcoOmQKtfpejY6hq-YJA0qcf...
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AXcoOmQKtfpejY6hq-YJA0qcffMAbozsLwlDiWbYuq4rYDH_9jMwvGqYasEQ__uPw7lT1mDzwNLEJOLgNLHx8o1TFKRIL8GNwdhk&google_hm=A7YC-GHbQ0uPq3Vr4wAYcYU

170 B
188 B

33ms
33ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AXcoOmQKtfpejY6hq-YJA0qcffMAbozsLwlDiWbYuq4rYDH_9jMwvGqYasEQ__uPw7lT1mDzwNLEJOLgNLHx8o1TFKRIL8GNwdhk&google_hm=A7YC-GHbQ0uPq3Vr4wAYcYU

Requested by

Host: e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com
URL: https://e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 18 Jan 2024 21:25:23 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AXcoOmQKtfpejY6hq-YJA0qcffMAbozsLwlDiWbYuq4rYDH_9jMwvGqYasEQ__uPw7lT1mDzwNLEJOLgNLHx8o1TFKRIL8GNwdhk&google_hm=A7YC-GHbQ0uPq3Vr4wAYcYU
date: Thu, 18 Jan 2024 21:25:23 GMT
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag: RXb602f861db434b8fab756be300187185003
content-type: text/html

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 4E20
Redirect Chain

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEAbLNg_MflEEffMrwLwCcjk&google_cver=1&google_push=AXcoOmSlURIfs31RaDFDY7zSi8Oi0yEkFmpaSiHqqpwQS6pJUXFqXe4971FRZw4QToVRYDjNrlBgQCUxKW4Qord_tOvIV5Z624Y
https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=AXcoOmSlURIfs31RaDFDY7zSi8Oi0yEkFmpaSiHqqpwQS6pJUXFqXe4971FRZw4QToVRYDjNrlBgQCUxKW4Qord_tOvIV5Z624Y...
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NDM4NzM2ODk5NTcwODgwMTI2MTE4Nw%3D%3D&google_push=AXcoOmSlURIfs31RaDFDY7zSi8Oi0yEkFmpaSiHqqpwQS6pJUXFqXe49...

170 B
232 B

33ms
32ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NDM4NzM2ODk5NTcwODgwMTI2MTE4Nw%3D%3D&google_push=AXcoOmSlURIfs31RaDFDY7zSi8Oi0yEkFmpaSiHqqpwQS6pJUXFqXe4971FRZw4QToVRYDjNrlBgQCUxKW4Qord_tOvIV5Z624Y

Requested by

Host: e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com
URL: https://e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 18 Jan 2024 21:25:23 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NDM4NzM2ODk5NTcwODgwMTI2MTE4Nw%3D%3D&google_push=AXcoOmSlURIfs31RaDFDY7zSi8Oi0yEkFmpaSiHqqpwQS6pJUXFqXe4971FRZw4QToVRYDjNrlBgQCUxKW4Qord_tOvIV5Z624Y
date: Thu, 18 Jan 2024 21:25:23 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 4E20
Redirect Chain

https://csync.loopme.me/?pubid=11537&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT_109}&redirect=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dloopme_eb_%26google_hm%3D{viewer_token}&google_...
https://cm.g.doubleclick.net/pixel?google_nid=loopme_eb_&google_hm=72985f67-0d94-46b6-93f3-2ef826fd1493&google_cver=1&google_gid=CAESENon6fUiWoIVOmAIryvf0kI&gdpr_consent=${GDPR_CONSENT_109}&google_...

170 B
232 B

33ms
33ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=loopme_eb_&google_hm=72985f67-0d94-46b6-93f3-2ef826fd1493&google_cver=1&google_gid=CAESENon6fUiWoIVOmAIryvf0kI&gdpr_consent=${GDPR_CONSENT_109}&google_push=AXcoOmTWFBh8SEZn4WLttBZpi_DNH3KbDviTbmfrWFXzht-V1mzVCoBM4d13WEJ9_LJiZkv9mjiRD2Ez0yd_UGSYqbUv8FXkN2OIAQ&gdpr=${GDPR}

Requested by

Host: e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com
URL: https://e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 18 Jan 2024 21:25:23 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=loopme_eb_&google_hm=72985f67-0d94-46b6-93f3-2ef826fd1493&google_cver=1&google_gid=CAESENon6fUiWoIVOmAIryvf0kI&gdpr_consent=${GDPR_CONSENT_109}&google_push=AXcoOmTWFBh8SEZn4WLttBZpi_DNH3KbDviTbmfrWFXzht-V1mzVCoBM4d13WEJ9_LJiZkv9mjiRD2Ez0yd_UGSYqbUv8FXkN2OIAQ&gdpr=${GDPR}
date: Thu, 18 Jan 2024 21:25:23 GMT
server: _
content-length: 0

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 4E20 0
139 B 110ms
30ms Image
text/html 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KjxL3gA0dT3uBtI26_oU5dXJrqTC5YqEn53GxjNGpJeL1t-Qa7_SxGxzATvJKZQqadPjFtHA

Requested by

Host: e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com
URL: https://e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 21:25:23 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 default.css
as.ad4m.at/ad/style/0.1.50/one-ad/ Frame 18BC 115 KB
14 KB 32ms
32ms Stylesheet
text/css 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.50/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1hwtedvhwjb37v5gen2bgpff0swcsfyk8r7hg9hp5dfnjekpf6gd8ten8j1yp699x3h963ng27rngjfvf8ytwzrhncbbhawbd1fn4brfm0kk8rhvrpkyty8vft3wk5wn5ajvs5shk3zma1sskg2qx2hwppsqx7dvg77qa7mtq8dh8gft8qcnzbp3dqjc66ahkp62nazmqaffgdh3at151mf7gv8p16ttyfjs2j6zf2jmdarrjvd4h0jgtbyzv33yaqd21tw017x6kac29xgcg23hafvx7tnmx8q3fz82tbq9jttjdqgm3jfea1g2tf9cesrqae53mn8g0qms22wd3enhpcbsz0n6ej3cbjc0kg8nygcacsgjh7zvmfrg1f0p312ap8x6w30k0tw8wzhvs82qwyt2t9t59w2754dfctsfs829qh56ran96dk163kx8sray4t3&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCAU1VQpepZeecIf6g9u8P4eGvwAOQ4YGEXLaoworwAsCNtwEQASAAYJXKhoKYB4IBF2NhLXB1Yi04NzM3NzkzMzg5NjcxNTM1yAEJqQJ_jGMqIjiyPuACAKgDAcgDAqoEgwJP0M3ksRVfrDFlyhRQPIjJr-Dt-NitIhgY_hN6QDIH0lQTkWL4JvrrP_6vZ684YWjXTvN1JpSu9bctJCp8CJoWaMOuz6clFv3vs1q5JGQ3UYYEpyUEmtJraiOeeejXFhF7hDSmDARPwTIZhWMc0SvqVn3v5vhzUsJoBeOlEryV1-Ht2S2DA5jBolM5imNTPjaVlo_G0sw9S_fmqHu08CLWXW2FAMneeXAbIyeQhwfkFQ75jk7i5AgYyRNf6tcDXYK5cdUHxNDAizQefyjhpPHy8FHH-DsP0FRmWLqErL3PpkPCDncKjKQ0o6x6YuNcrt_VtTbi_bG1cAXrGIQAmDc7eo2K4AQBgAbF76qXrOryphygBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYhafugfDngwP6CwIIAYAMAeINEwjD0O6B8OeDAxV-kP0HHeHwCzjQFQGAFwE%26num%3D1%26sig%3DAOD64_2OF7bTznGEyNTsiwMm1LBv9imYFg%26client%3Dca-pub-8737793389671535%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5f5a0db09b2c7d59fce00d749f6b857d80edafcca6897c038c5b77fb942f1393

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/dr?ed=1hwtedvhwjb37v5gen2bgpff0swcsfyk8r7hg9hp5dfnjekpf6gd8ten8j1yp699x3h963ng27rngjfvf8ytwzrhncbbhawbd1fn4brfm0kk8rhvrpkyty8vft3wk5wn5ajvs5shk3zma1sskg2qx2hwppsqx7dvg77qa7mtq8dh8gft8qcnzbp3dqjc66ahkp62nazmqaffgdh3at151mf7gv8p16ttyfjs2j6zf2jmdarrjvd4h0jgtbyzv33yaqd21tw017x6kac29xgcg23hafvx7tnmx8q3fz82tbq9jttjdqgm3jfea1g2tf9cesrqae53mn8g0qms22wd3enhpcbsz0n6ej3cbjc0kg8nygcacsgjh7zvmfrg1f0p312ap8x6w30k0tw8wzhvs82qwyt2t9t59w2754dfctsfs829qh56ran96dk163kx8sray4t3&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCAU1VQpepZeecIf6g9u8P4eGvwAOQ4YGEXLaoworwAsCNtwEQASAAYJXKhoKYB4IBF2NhLXB1Yi04NzM3NzkzMzg5NjcxNTM1yAEJqQJ_jGMqIjiyPuACAKgDAcgDAqoEgwJP0M3ksRVfrDFlyhRQPIjJr-Dt-NitIhgY_hN6QDIH0lQTkWL4JvrrP_6vZ684YWjXTvN1JpSu9bctJCp8CJoWaMOuz6clFv3vs1q5JGQ3UYYEpyUEmtJraiOeeejXFhF7hDSmDARPwTIZhWMc0SvqVn3v5vhzUsJoBeOlEryV1-Ht2S2DA5jBolM5imNTPjaVlo_G0sw9S_fmqHu08CLWXW2FAMneeXAbIyeQhwfkFQ75jk7i5AgYyRNf6tcDXYK5cdUHxNDAizQefyjhpPHy8FHH-DsP0FRmWLqErL3PpkPCDncKjKQ0o6x6YuNcrt_VtTbi_bG1cAXrGIQAmDc7eo2K4AQBgAbF76qXrOryphygBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYhafugfDngwP6CwIIAYAMAeINEwjD0O6B8OeDAxV-kP0HHeHwCzjQFQGAFwE%26num%3D1%26sig%3DAOD64_2OF7bTznGEyNTsiwMm1LBv9imYFg%26client%3Dca-pub-8737793389671535%26adurl%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 21:25:23 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 232883
cf-polished: origSize=118430
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 02 Nov 2023 10:26:17 GMT
server: cloudflare
etag: W/"486507ccce9ac587d11c0ef3f32a109a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2paWSegv2u%2F8XThRQMOmVIrrdMgvNW9ewd5hd2cTXMIJi897lmfi%2FG8T2cVNFJrMg3cMX7nw4rkI8VHYjOg%2Ft5b3MzZVaPk%2FLuWb%2F7791UpHwSC4xTkdf0bolLqP7KRgViMQQPWKCf4%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=86400
cf-ray: 8479e9034bcb9bc2-FRA
expires: Fri, 19 Jan 2024 21:25:23 GMT

GET
H2 200 r62eglto.js Show response
ad4m.at/ Frame 18BC 24 KB
10 KB 47ms
36ms Script
application/javascript 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/r62eglto.js
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1hwtedvhwjb37v5gen2bgpff0swcsfyk8r7hg9hp5dfnjekpf6gd8ten8j1yp699x3h963ng27rngjfvf8ytwzrhncbbhawbd1fn4brfm0kk8rhvrpkyty8vft3wk5wn5ajvs5shk3zma1sskg2qx2hwppsqx7dvg77qa7mtq8dh8gft8qcnzbp3dqjc66ahkp62nazmqaffgdh3at151mf7gv8p16ttyfjs2j6zf2jmdarrjvd4h0jgtbyzv33yaqd21tw017x6kac29xgcg23hafvx7tnmx8q3fz82tbq9jttjdqgm3jfea1g2tf9cesrqae53mn8g0qms22wd3enhpcbsz0n6ej3cbjc0kg8nygcacsgjh7zvmfrg1f0p312ap8x6w30k0tw8wzhvs82qwyt2t9t59w2754dfctsfs829qh56ran96dk163kx8sray4t3&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCAU1VQpepZeecIf6g9u8P4eGvwAOQ4YGEXLaoworwAsCNtwEQASAAYJXKhoKYB4IBF2NhLXB1Yi04NzM3NzkzMzg5NjcxNTM1yAEJqQJ_jGMqIjiyPuACAKgDAcgDAqoEgwJP0M3ksRVfrDFlyhRQPIjJr-Dt-NitIhgY_hN6QDIH0lQTkWL4JvrrP_6vZ684YWjXTvN1JpSu9bctJCp8CJoWaMOuz6clFv3vs1q5JGQ3UYYEpyUEmtJraiOeeejXFhF7hDSmDARPwTIZhWMc0SvqVn3v5vhzUsJoBeOlEryV1-Ht2S2DA5jBolM5imNTPjaVlo_G0sw9S_fmqHu08CLWXW2FAMneeXAbIyeQhwfkFQ75jk7i5AgYyRNf6tcDXYK5cdUHxNDAizQefyjhpPHy8FHH-DsP0FRmWLqErL3PpkPCDncKjKQ0o6x6YuNcrt_VtTbi_bG1cAXrGIQAmDc7eo2K4AQBgAbF76qXrOryphygBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYhafugfDngwP6CwIIAYAMAeINEwjD0O6B8OeDAxV-kP0HHeHwCzjQFQGAFwE%26num%3D1%26sig%3DAOD64_2OF7bTznGEyNTsiwMm1LBv9imYFg%26client%3Dca-pub-8737793389671535%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 098e6dc516d5b171a1bf126adf3b8e8510746bac17f477f73a6310587e4ab9e8

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 21:25:23 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 09 Jan 2024 06:20:40 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 227066
etag: W/"ea6b8b5621410c697cbfca30307bc4ca"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=z2%2FC8hGDdMmg7J%2F0%2BZUijWcMJfDhMvvZKfc9IhxXqi7dI9m7RD61CRNmcIBwh7LCsa5yckGGpzG8%2FjTty8xSkyrSr9%2Ba3Jj40DmxDciDsOS%2BTm9tIlhO3%2FI2NLa2%2BhNIlUXEatQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray: 8479e9035bea9bc2-FRA
alt-svc: h3=":443"; ma=86400
expires: Tue, 16 Jan 2024 06:20:57 GMT

GET
H2 200 container.html Show response
e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame E2F1 6 KB
3 KB 103ms
103ms Document
text/html 142.250.184.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401160101/pubads_impl.js?cb=31080488

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f1.1e100.net

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://forexone.alghtas.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 18 Jan 2024 21:25:21 GMT
expires: Fri, 17 Jan 2025 21:25:21 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame 18BC 350 B
913 B 85ms
34ms Image
image/png 2606:4700:20::ac43:444e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/style/0.1.50/one-ad/default.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:444e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d41dc07aed30cb54de661289691254b1288a52bcf4d121cec3acb89d4aa872a8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 21:25:23 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4204359
alt-svc: h3=":443"; ma=86400
content-length: 350
last-modified: Mon, 20 Nov 2023 11:04:04 GMT
server: cloudflare
etag: "e7fc49b61cae983db8c3a1dccf923b93"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vidLLrRs%2F2I6tSZyJeJfEoJaU%2Bntwx6mBLpE4sNsVsqYBWypQW%2Bd2SXWhkqTAIQQNcQJmyPE4cI1%2BMC6R4g23Ulia2rk8bmOHhHShbFSS3BGAAXqlMqRh%2BoWnVyzqYiU41NdLLrH1GXcIbqxfwT8iL%2FB"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 8479e903e90c4dc0-FRA
expires: Sat, 30 Nov 2024 05:32:44 GMT

GET
H3 200 cookie-frame.html Show response
ad4m.at/ Frame 2994 2 KB
2 KB 36ms
36ms Document
text/html 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/cookie-frame.html
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0db16c25165bfd35ea9114187f3e97d7084a33135cb56fe276f6cdd2ab675647

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 64508
alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=86400, stale-if-error=86400
cf-cache-status: HIT
cf-ray: 8479e90399ce30d8-FRA
content-encoding: br
content-language: en
content-type: text/html
date: Thu, 18 Jan 2024 21:25:23 GMT
expires: Sat, 30 Dec 2023 10:37:00 GMT
last-modified: Tue, 28 Nov 2023 11:49:55 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OzlH1FFgaPxlLVwnCjEBGrt1eWKutTmD3aVK2Pp5wkhKluRUtgpoxhETWXA1ccUljVzsyr42ExfJcRVI%2By2C67%2BkOLdV2oTZ5S3p2vD1F7afyi2Siv2gU3EZ9VgpsZKvGdI%2FF88%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

POST
H3 200 rs Show response
ad4m.at/ Frame 18BC 1 KB
2 KB 49ms
48ms XHR
text/plain 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 28d80556a8acc2a4e451869185dbb67d7fb9f5cb5604b53c97570f408d749b18

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 18 Jan 2024 21:25:23 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cUFg5MnFqr8SexPWwZXZUQznHoGENnefKsLZ5unZnauwJjycEQVc1Xf%2FnnjIPyr%2F%2F%2BwmxSniJlYG67bjtytJK4EeDd1gcD7zNbRBiCmjNUqnIUWwwd5pFiwNzOMZGAcLWSxmHtg%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain
access-control-allow-origin: https://as.ad4m.at
access-control-allow-credentials: true
cf-ray: 8479e9047d3a9193-FRA
x-backend-server: aa-reachservice-group-europe-west1-rvhs
alt-svc: h3=":443"; ma=86400

OPTIONS
H3 200 rs
ad4m.at/ Frame 0
0 66ms
45ms Preflight
text/plain 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://as.ad4m.at
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin: https://as.ad4m.at
access-control-max-age: 1800
allow: HEAD,POST,GET,OPTIONS
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8479e9042ced9193-FRA
content-length: 24
content-type: text/plain
date: Thu, 18 Jan 2024 21:25:23 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ho0pI88qKej2s6yblE5fHAketfEGT8Fj6XM4xgy5qeEqmlVGlEFNGHQ%2BJIFTVaFqc6K0w8h6C8UhHJM%2BI1EIU9%2FyXb03pL1zj3VHvOoOb2FQjn5JPOWwvmLesT8dFp%2FJgTDmGuQ%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
via: 1.1 google
x-backend-server: aa-reachservice-group-europe-west1-rvhs

GET
H3 200 dr Show response
as.ad4m.at/ad/ Frame F95F 2 KB
3 KB 54ms
53ms Document
text/html 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/dr?ed=1kp702xd79zs2wrtz10ktqzqm3bzypag6z7texs7fh76y0h1swh285vnzdv9jmjn8vsyhn7pnz0yg81aa0dw8ndxbxrtv2dqy00tbs5234hma9kkjb93sc0nemdacyrsf4e1s8by11r2e87vrt8vqsxv8xzwqvv1trsp0q282w5j6jterpx1bjzb84p8jy3haqqwtkvhm06zge3cvjpqegbvm87qn1g524vwzh40zgh0xh8qjbb3da81wchjchxqn9j79wn5fqmax1vf1ykzvw1hb6cq3226q1kx82qw4gpz09sban9rzpc32cj6fkdvn9s1et97vbnp7vz7tt7y1gbz4rermemm6530jzw23kgzmqdbm43nt1hpa28wzjqzazskd7an842bpkdrwfean97fdcfdt7v0gjjht9yj8hfjpkxd1fvvbd3p1b19x9e6p4en9376&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC5ItnQpepZb71Mb3F7_UPydaGuAuQ4YGEXLaoworwAsCNtwEQASAAYJXKhoKYB4IBF2NhLXB1Yi04NzM3NzkzMzg5NjcxNTM1yAEJqQJ_jGMqIjiyPuACAKgDAcgDAqoEgwJP0ALvUIyq_GFmBBUL_R6YKjEvnQleVbPxQBlopM8NwfnKXn8NCQxSotij4RdF728Atmek4KQ1OwGzePAhkFFZHG38NeK6Kr68QqvGqt71v9dwULTOLruHW7wT2za76vT778vytbQ0gL2Ys8DBbc-Fq4eyJIiK_2UHXC1uVeDmYnCJnOcGSLfqSOfRF-YsN241XNswuewL_TpO_5rxSrEspxovqcnVlFy5O49Feisjs9B-Gaw0ANO0Aexw-IaaV2qT5eaUwxoJQcwl9K3e-ov5TWgbE28epfs2RiatwtKvkJGCQEzYDBC7midRq80xshM1FI9INiXS8z9T7l9x9F1wevdj4AQBgAa30KrL2bTPoU2gBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYyezugfDngwP6CwIIAYAMAeINEwiknu-B8OeDAxW94rsIHUmrAbfQFQGAFwE%26num%3D1%26sig%3DAOD64_3zvmJ20m22VGwXjhjsrSNU6xmBgQ%26client%3Dca-pub-8737793389671535%26adurl%3D

Requested by

Host: e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com
URL: https://e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e36351759989c37551782cb35d881b6a420c5599c0131fce8a6865b165a68ca9

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src ;connect-src https:;default-src 'self';font-src ;form-action 'none';frame-src ;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src 'unsafe-inline'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 8479e9042a5430d8-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src *;connect-src https:;default-src 'self';font-src *;form-action 'none';frame-src *;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Thu, 18 Jan 2024 21:25:23 GMT
expires: 0
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
permissions-policy: accelerometer=(),autoplay=(self),camera=(),display-capture=(),encrypted-media=(self),fullscreen=(),gamepad=(),geolocation=(),gyroscope=(),hid=(),identity-credentials-get=(),idle-detection=*,local-fonts=*,magnetometer=(),microphone=(),midi=(),otp-credentials=(),payment=(),picture-in-picture=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=(),web-share=*,xr-spatial-tracking=()
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240117/r20110914/client/ Frame E2F1 3 KB
1 KB 19ms
19ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240117/r20110914/client/window_focus_fy2021.js

Requested by

Host: e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com
URL: https://e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 14:56:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 23340
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 01 Feb 2024 14:56:23 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame EC45 1 KB
643 B 20ms
19ms Document
text/html 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com
URL: https://e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 15279
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 18 Jan 2024 17:10:44 GMT
etag: 48472445140208031
expires: Fri, 19 Jan 2024 17:10:44 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240117/r20110914/client/ Frame E2F1 20 KB
8 KB 21ms
19ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240117/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com
URL: https://e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 16:28:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 17840
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8492
x-xss-protection: 0
server: cafe
etag: 9878124937798820110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 01 Feb 2024 16:28:03 GMT

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame E2F1 24 KB
6 KB 23ms
21ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com
URL: https://e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 01:04:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 159648
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 16 Jan 2025 01:04:35 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame E2F1 206 KB
65 KB 61ms
59ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com
URL: https://e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

69c32d8650b1e5f0bcb76d787972b68a1ba327ea5bd8da7ab8ca1a04336735c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 21:25:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66453
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1705495733332172"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 18 Jan 2024 21:25:23 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame CC3C 0
0 62ms
61ms Image
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CFc-bQpepZeecIf6g9u8P4eGvwAOQ4YGEXLaoworwAsCNtwEQASAAYJXKhoKYB4IBF2NhLXB1Yi04NzM3NzkzMzg5NjcxNTM1yAEJqQJ_jGMqIjiyPuACAKgDAcgDAqoEgAJP0M3ksRVfrDFlyhRQPIjJr-Dt-NitIhgY_hN6QDIH0lQTkWL4JvrrP_6vZ684YWjXTvN1JpSu9bctJCp8CJoWaMOuz6clFv3vs1q5JGQ3UYYEpyUEmtJraiOeeejXFhF7hDSmDARPwTIZhWMc0SvqVn3v5vhzUsJoBeOlEryV1-Ht2S2DA5jBolM5imNTPjaVlo_G0sw9S_fmqHu08CLWXW2FAMneeXAbIyeQhwfkFQ75jk7i5AgYyRNf6tcDXYK5cdUHxNDAizQefyjhpPHy8FHH-DsP0FRmWPiGjS8YX8SCxvBCGn59MV5DdunxpPHNaLYgtCNN5BvHAFHcB3fz4AQBgAbF76qXrOryphygBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYhafugfDngwOACgP6CwIIAYAMAeINEwjD0O6B8OeDAxV-kP0HHeHwCzjQFQGAFwGyFx0KGxIUcHViLTg3Mzc3OTMzODk2NzE1MzUYoKiLAQ&sigh=3BqvNL299xc&uach_m=%5BUACH%5D&cid=CAQSOwAvHhf_xAo0QcpRSTGV1TjtBzFsW2vhASm1Lpr3OB2fJsAz9RnauIfM2jbZiRkvIgoXREJTM6q5kOItGAE&cbvp=2&vis=1
Requested by: Host: e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com
URL: https://e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

GET
H2 204 winResponse
prod-rtb.ad4mat.net/ Frame CC3C 0
103 B 86ms
32ms Image
image/gif 2600:1901:0:76b9::
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://prod-rtb.ad4mat.net/winResponse?a=1jxrhvasgh545mv77f9ef4re2qyyqww3ncqegjgtz4b45rsy8g5p7zqsmpew1vywk4jweacrtre98tahd4sf55yy23wstqtnz94faynpjvsvzyffq9rqpv6yt7zaedj64d6da5789hw8wd3j73hy4xjrjwhak0wj3s4mhgnrczznc8z2d34rq3b414a2wwhzzzrztpnpg9qsbewfmvpmc29y1ytm73z35zf8ef5hyxp6n5z6nnfp5cws9f3k204emv33rmw4stf4aj27stxweb7ydaj76v8cybvdn097w1j0hdh4e3vrh4q4jnq28c7sgf85bskbqffcrzxmg58sc14xzvg4apnsy6kvaakcn8zy2scfx1tr9yav7d3nr19p0tyevb0y7hs12z0&b=ZamXQgAITmcH_ZB-AAvw4dgCzE5Y2X-b28AyCQ&cbvp=2
Requested by: Host: e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com
URL: https://e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 18 Jan 2024 21:25:23 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: image/gif

GET
H2 200 google
match.adsrvr.org/track/cmf/ Frame EC45 70 B
148 B 49ms
47ms Image
image/gif 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/google?google_gid=CAESEEI--oV0hGT9HfZKppI3fSs&google_cver=1&google_push=AXcoOmRoD7k9Rq3uhJcuLySJMgsYyYLkDk3eVQbsH7SAKVFpSHg6MDPln0gNnxrmXs2KBNzbEuveg1hAsNR5QvPk2dVZkXtmFk4O
Requested by: Host: e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com
URL: https://e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 21:25:23 GMT
server: Kestrel
content-length: 70
content-type: image/gif

GET
H2 204 AdxPixel
tr.blismedia.com/v1/api/sync/ Frame EC45 0
174 B 76ms
29ms Image
text/plain 34.96.105.8
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESENc8TEDLzUdemrFRAtWXGso&google_cver=1&google_push=AXcoOmRfl1cHUZhTLqlSfOTK5UoQvPikDzywJSibEvN0xbzrhCU_L4o8rbzSaMsPLLptCfSI7z7vGfMv4cTJ4iTb2UCk4g3hZNsW
Requested by: Host: e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com
URL: https://e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.105.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 8.105.96.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 21:25:23 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame EC45
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEEuQQkGH5TGJUkWHX3UDTP8&google_cver=1&google_push=AXcoOmR1r4jhZn47gN8O7gKD0RBcZX1HqVlowoC2UmQrhYjux5qHF4We0lMwxwEDahMSUkv_GAgM5uezlGUn4P...
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzMyNTU1MjU4MjkyMjUzMzAwOQ%3D%3D&google_push=AXcoOmR1r4jhZn47gN8O7gKD0RBcZX1HqVlowoC2UmQrhYjux5qHF4We0lMwxwEDahMSUkv_GAgM5uezlGUn4Pzt1X...

170 B
188 B

33ms
33ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzMyNTU1MjU4MjkyMjUzMzAwOQ%3D%3D&google_push=AXcoOmR1r4jhZn47gN8O7gKD0RBcZX1HqVlowoC2UmQrhYjux5qHF4We0lMwxwEDahMSUkv_GAgM5uezlGUn4Pzt1XTiOI_LXvvK

Requested by

Host: e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com
URL: https://e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 18 Jan 2024 21:25:23 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzMyNTU1MjU4MjkyMjUzMzAwOQ%3D%3D&google_push=AXcoOmR1r4jhZn47gN8O7gKD0RBcZX1HqVlowoC2UmQrhYjux5qHF4We0lMwxwEDahMSUkv_GAgM5uezlGUn4Pzt1XTiOI_LXvvK
Date: Thu, 18 Jan 2024 21:25:23 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET

pixel
cm.g.doubleclick.net/ Frame EC45
Redirect Chain

https://d5p.de17a.com/cookies/google?google_gid=CAESEF_1MggCnfVh9mDZOD_n8RQ&google_cver=1&google_push=AXcoOmRuQGq2v3dYUR_6kTT7R4lJ6upWSpERWE6G6n65YyiLeOEqCflVO8yMh5oIW779AfoOUNFPLkPuFyh_N1Z7n-ut_mB...
https://d5p.de17a.com/cookies/google;c?google_gid=CAESEF_1MggCnfVh9mDZOD_n8RQ&google_cver=1&google_push=AXcoOmRuQGq2v3dYUR_6kTT7R4lJ6upWSpERWE6G6n65YyiLeOEqCflVO8yMh5oIW779AfoOUNFPLkPuFyh_N1Z7n-ut_...
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmRuQGq2v3dYUR_6kTT7R4lJ6upWSpERWE6G6n65YyiLeOEqCflVO8yMh5oIW779AfoOUNFPLkPuFyh_N1Z7n-ut_mBGa9s9

0
0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame EC45
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEPOaCkUWrCTP7Qqh-C2zcuE&google_cver=1&google_push=AXcoOmSJ_AEpDdfnIH6pP9Ud0ZSUGsMAmcip3MZEIid5dZ-VyvXeZiFni8Gp-PerMTMaM4qceOB...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFJKUTBLUkktMTItTDZEQQ==&google_push=AXcoOmSJ_AEpDdfnIH6pP9Ud0ZSUGsMAmcip3MZEIid5dZ-VyvXeZiFni8Gp-PerMTMaM4qceOBTbrQwF5vKtOSXSEOAXbM3Upgp

170 B
188 B

34ms
33ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFJKUTBLUkktMTItTDZEQQ==&google_push=AXcoOmSJ_AEpDdfnIH6pP9Ud0ZSUGsMAmcip3MZEIid5dZ-VyvXeZiFni8Gp-PerMTMaM4qceOBTbrQwF5vKtOSXSEOAXbM3Upgp

Requested by

Host: e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com
URL: https://e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 18 Jan 2024 21:25:23 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFJKUTBLUkktMTItTDZEQQ==&google_push=AXcoOmSJ_AEpDdfnIH6pP9Ud0ZSUGsMAmcip3MZEIid5dZ-VyvXeZiFni8Gp-PerMTMaM4qceOBTbrQwF5vKtOSXSEOAXbM3Upgp
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 4cdacfaa68e4ab216fffbcc107c5b898
Expires: 0

GET

pixel
cm.g.doubleclick.net/ Frame EC45
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESENxJXqfCSbRAUB--9lWnqH0&google_cver=1&googl...
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESENxJXqfCSbRAUB--9lWnqH0&google_push=AX...
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESENxJXqfCSbRAUB--9lWnqH0&google_hm=ZamXQ8kTC2CPqI4ALfC4TQAAFEYAAAAB&google_nid=index&google_push=AXcoOmT1xXwoYTJswCE2k4db46tgSZMOPB9K8...

0
0

GET
H2

200

/
onetag-sys.com/match/ Frame EC45
Redirect Chain

https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEMiXPWLDI5d8j13SdVuzSLQ&google_cver=1&google_push=AXcoOmR-7ei_NM7vCvgvPH0oLqAUJ-7yelFEi02x2jsLPAljNHDxhclA9nNTVFMd64viO2PZz2godRnd0lF...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmR-7ei_NM7vCvgvPH0oLqAUJ-7yelFEi02x2jsLPAljNHDxhclA9nNTVFMd64viO2PZz2godRnd0lF6QzSMZUKqDlz7gQWBXg
https://onetag-sys.com/match/?int_id=19&google_error=5

0
200 B

21ms
21ms

Image
text/plain

51.75.86.98
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=19&google_error=5

Requested by

Host: e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com
URL: https://e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

51.75.86.98 , France, ASN16276 (OVH, FR),

Reverse DNS

ip98.ip-51-75-86.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma: no-cache
date: Thu, 18 Jan 2024 21:25:23 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://onetag-sys.com/match/?int_id=19&google_error=5
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 255
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame EC45 0
12 B 31ms
30ms Image
text/html 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IHawD9_Dk8dt_T5k1mKBdXLLU4POJ_uFWu4CYqrGmEYl63LJ6iOOLVekSB8MB0Oapwk4WMsg

Requested by

Host: e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com
URL: https://e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 21:25:23 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
DATA 200
OK truncated
/ Frame E2F1 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bbacc461bccfcae3096c7ece3b43a0c0ff67bf64d6b244da0df6dd9e4c49c606

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.50/one-ad/ Frame F95F 115 KB
14 KB 37ms
37ms Stylesheet
text/css 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.50/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1kp702xd79zs2wrtz10ktqzqm3bzypag6z7texs7fh76y0h1swh285vnzdv9jmjn8vsyhn7pnz0yg81aa0dw8ndxbxrtv2dqy00tbs5234hma9kkjb93sc0nemdacyrsf4e1s8by11r2e87vrt8vqsxv8xzwqvv1trsp0q282w5j6jterpx1bjzb84p8jy3haqqwtkvhm06zge3cvjpqegbvm87qn1g524vwzh40zgh0xh8qjbb3da81wchjchxqn9j79wn5fqmax1vf1ykzvw1hb6cq3226q1kx82qw4gpz09sban9rzpc32cj6fkdvn9s1et97vbnp7vz7tt7y1gbz4rermemm6530jzw23kgzmqdbm43nt1hpa28wzjqzazskd7an842bpkdrwfean97fdcfdt7v0gjjht9yj8hfjpkxd1fvvbd3p1b19x9e6p4en9376&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC5ItnQpepZb71Mb3F7_UPydaGuAuQ4YGEXLaoworwAsCNtwEQASAAYJXKhoKYB4IBF2NhLXB1Yi04NzM3NzkzMzg5NjcxNTM1yAEJqQJ_jGMqIjiyPuACAKgDAcgDAqoEgwJP0ALvUIyq_GFmBBUL_R6YKjEvnQleVbPxQBlopM8NwfnKXn8NCQxSotij4RdF728Atmek4KQ1OwGzePAhkFFZHG38NeK6Kr68QqvGqt71v9dwULTOLruHW7wT2za76vT778vytbQ0gL2Ys8DBbc-Fq4eyJIiK_2UHXC1uVeDmYnCJnOcGSLfqSOfRF-YsN241XNswuewL_TpO_5rxSrEspxovqcnVlFy5O49Feisjs9B-Gaw0ANO0Aexw-IaaV2qT5eaUwxoJQcwl9K3e-ov5TWgbE28epfs2RiatwtKvkJGCQEzYDBC7midRq80xshM1FI9INiXS8z9T7l9x9F1wevdj4AQBgAa30KrL2bTPoU2gBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYyezugfDngwP6CwIIAYAMAeINEwiknu-B8OeDAxW94rsIHUmrAbfQFQGAFwE%26num%3D1%26sig%3DAOD64_3zvmJ20m22VGwXjhjsrSNU6xmBgQ%26client%3Dca-pub-8737793389671535%26adurl%3D
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5f5a0db09b2c7d59fce00d749f6b857d80edafcca6897c038c5b77fb942f1393

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/dr?ed=1kp702xd79zs2wrtz10ktqzqm3bzypag6z7texs7fh76y0h1swh285vnzdv9jmjn8vsyhn7pnz0yg81aa0dw8ndxbxrtv2dqy00tbs5234hma9kkjb93sc0nemdacyrsf4e1s8by11r2e87vrt8vqsxv8xzwqvv1trsp0q282w5j6jterpx1bjzb84p8jy3haqqwtkvhm06zge3cvjpqegbvm87qn1g524vwzh40zgh0xh8qjbb3da81wchjchxqn9j79wn5fqmax1vf1ykzvw1hb6cq3226q1kx82qw4gpz09sban9rzpc32cj6fkdvn9s1et97vbnp7vz7tt7y1gbz4rermemm6530jzw23kgzmqdbm43nt1hpa28wzjqzazskd7an842bpkdrwfean97fdcfdt7v0gjjht9yj8hfjpkxd1fvvbd3p1b19x9e6p4en9376&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC5ItnQpepZb71Mb3F7_UPydaGuAuQ4YGEXLaoworwAsCNtwEQASAAYJXKhoKYB4IBF2NhLXB1Yi04NzM3NzkzMzg5NjcxNTM1yAEJqQJ_jGMqIjiyPuACAKgDAcgDAqoEgwJP0ALvUIyq_GFmBBUL_R6YKjEvnQleVbPxQBlopM8NwfnKXn8NCQxSotij4RdF728Atmek4KQ1OwGzePAhkFFZHG38NeK6Kr68QqvGqt71v9dwULTOLruHW7wT2za76vT778vytbQ0gL2Ys8DBbc-Fq4eyJIiK_2UHXC1uVeDmYnCJnOcGSLfqSOfRF-YsN241XNswuewL_TpO_5rxSrEspxovqcnVlFy5O49Feisjs9B-Gaw0ANO0Aexw-IaaV2qT5eaUwxoJQcwl9K3e-ov5TWgbE28epfs2RiatwtKvkJGCQEzYDBC7midRq80xshM1FI9INiXS8z9T7l9x9F1wevdj4AQBgAa30KrL2bTPoU2gBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYyezugfDngwP6CwIIAYAMAeINEwiknu-B8OeDAxW94rsIHUmrAbfQFQGAFwE%26num%3D1%26sig%3DAOD64_3zvmJ20m22VGwXjhjsrSNU6xmBgQ%26client%3Dca-pub-8737793389671535%26adurl%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 21:25:23 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 500447
cf-polished: origSize=118430
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 02 Nov 2023 10:26:17 GMT
server: cloudflare
etag: W/"486507ccce9ac587d11c0ef3f32a109a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Lw0MAUNlXuY3CIOrOYeTh3EdQe5EG9WwCIzYLZkNI3rO0YykA50Lw4nqg%2Bbuc7csC67suq%2BFiYYJJbVu2SzXMRBceZhKbkduRsAl9HwnKIGwGZqeXBMYwrVZjSzrOnle%2BeL8QSkGzmk%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=86400
cf-ray: 8479e9047b2030d8-FRA
expires: Fri, 19 Jan 2024 21:25:23 GMT

GET
H3 200 r62eglto.js Show response
ad4m.at/ Frame F95F 24 KB
10 KB 33ms
33ms Script
application/javascript 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/r62eglto.js
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1kp702xd79zs2wrtz10ktqzqm3bzypag6z7texs7fh76y0h1swh285vnzdv9jmjn8vsyhn7pnz0yg81aa0dw8ndxbxrtv2dqy00tbs5234hma9kkjb93sc0nemdacyrsf4e1s8by11r2e87vrt8vqsxv8xzwqvv1trsp0q282w5j6jterpx1bjzb84p8jy3haqqwtkvhm06zge3cvjpqegbvm87qn1g524vwzh40zgh0xh8qjbb3da81wchjchxqn9j79wn5fqmax1vf1ykzvw1hb6cq3226q1kx82qw4gpz09sban9rzpc32cj6fkdvn9s1et97vbnp7vz7tt7y1gbz4rermemm6530jzw23kgzmqdbm43nt1hpa28wzjqzazskd7an842bpkdrwfean97fdcfdt7v0gjjht9yj8hfjpkxd1fvvbd3p1b19x9e6p4en9376&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC5ItnQpepZb71Mb3F7_UPydaGuAuQ4YGEXLaoworwAsCNtwEQASAAYJXKhoKYB4IBF2NhLXB1Yi04NzM3NzkzMzg5NjcxNTM1yAEJqQJ_jGMqIjiyPuACAKgDAcgDAqoEgwJP0ALvUIyq_GFmBBUL_R6YKjEvnQleVbPxQBlopM8NwfnKXn8NCQxSotij4RdF728Atmek4KQ1OwGzePAhkFFZHG38NeK6Kr68QqvGqt71v9dwULTOLruHW7wT2za76vT778vytbQ0gL2Ys8DBbc-Fq4eyJIiK_2UHXC1uVeDmYnCJnOcGSLfqSOfRF-YsN241XNswuewL_TpO_5rxSrEspxovqcnVlFy5O49Feisjs9B-Gaw0ANO0Aexw-IaaV2qT5eaUwxoJQcwl9K3e-ov5TWgbE28epfs2RiatwtKvkJGCQEzYDBC7midRq80xshM1FI9INiXS8z9T7l9x9F1wevdj4AQBgAa30KrL2bTPoU2gBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYyezugfDngwP6CwIIAYAMAeINEwiknu-B8OeDAxW94rsIHUmrAbfQFQGAFwE%26num%3D1%26sig%3DAOD64_3zvmJ20m22VGwXjhjsrSNU6xmBgQ%26client%3Dca-pub-8737793389671535%26adurl%3D
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 098e6dc516d5b171a1bf126adf3b8e8510746bac17f477f73a6310587e4ab9e8

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 21:25:23 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 09 Jan 2024 06:20:40 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 227066
etag: W/"ea6b8b5621410c697cbfca30307bc4ca"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2mbNDBviGC0atjXLUDp4UBkb5j%2BRcGet9NitgSzoVZjT2TGR%2BBnvCP87uegvzh0tzM7YIHyP6GcWlE6Lhmf5Zdqy330xSIL%2FYSdAZByUUXo%2Bxdls%2Frj%2BPapKashkLBgOXJv8AnM%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray: 8479e9047b2330d8-FRA
alt-svc: h3=":443"; ma=86400
expires: Tue, 16 Jan 2024 06:20:57 GMT

GET
H3 200 rar Show response
as.ad4m.at/ad/ Frame DCC7 5 KB
3 KB 48ms
48ms Document
text/html 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/rar?a=197862&b=Rx3HgfQfGPqeUkHwH3tQtw2A7u9SzTYMAhB3zZ&f=QxWH4fjfP93YUxH5HYt9CbqrpT6S4TGD4HEzJ5&c=320&d=50&e=&g=e7a727aff73b219c9cd180f3bb00b24a%2F15260885504098327350&i=71725&j=21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1705613123267&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1h5pvsm9pr7f9rry6pp87qgw0f976mrxjx7mha3newndrhcz012740vygsdfhh520xy2dr8x2yn08d0wzqdd5fpvsgp298f6dk8mndr520bz3jc465nxqskt8vey2xp8ybwm6wr1xd4x5t772a22vddedts6mbqztqb10assdn8ct2jefcas7xknbsbyz8swwj5e4186v4pc66ytzz4dmakc66eecxnjchhpbw4hgaj9n6dbhka6aczx9xe399dmnw7bsshwq9xq0966rkxyj6f2%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCAU1VQpepZeecIf6g9u8P4eGvwAOQ4YGEXLaoworwAsCNtwEQASAAYJXKhoKYB4IBF2NhLXB1Yi04NzM3NzkzMzg5NjcxNTM1yAEJqQJ_jGMqIjiyPuACAKgDAcgDAqoEgwJP0M3ksRVfrDFlyhRQPIjJr-Dt-NitIhgY_hN6QDIH0lQTkWL4JvrrP_6vZ684YWjXTvN1JpSu9bctJCp8CJoWaMOuz6clFv3vs1q5JGQ3UYYEpyUEmtJraiOeeejXFhF7hDSmDARPwTIZhWMc0SvqVn3v5vhzUsJoBeOlEryV1-Ht2S2DA5jBolM5imNTPjaVlo_G0sw9S_fmqHu08CLWXW2FAMneeXAbIyeQhwfkFQ75jk7i5AgYyRNf6tcDXYK5cdUHxNDAizQefyjhpPHy8FHH-DsP0FRmWLqErL3PpkPCDncKjKQ0o6x6YuNcrt_VtTbi_bG1cAXrGIQAmDc7eo2K4AQBgAbF76qXrOryphygBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYhafugfDngwP6CwIIAYAMAeINEwjD0O6B8OeDAxV-kP0HHeHwCzjQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2OF7bTznGEyNTsiwMm1LBv9imYFg%2526client%253Dca-pub-8737793389671535%2526adurl%253D&y=1&s=&z=0

Requested by

Host: ad4m.at
URL: https://ad4m.at/r62eglto.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7bf41835f02697343889bbdf639c3332105a1fcaf064fd55025d16ac1f64efb1

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src ;connect-src https:;default-src 'self';font-src ;form-action 'none';frame-src ;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src 'unsafe-inline'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://as.ad4m.at/ad/dr?ed=1hwtedvhwjb37v5gen2bgpff0swcsfyk8r7hg9hp5dfnjekpf6gd8ten8j1yp699x3h963ng27rngjfvf8ytwzrhncbbhawbd1fn4brfm0kk8rhvrpkyty8vft3wk5wn5ajvs5shk3zma1sskg2qx2hwppsqx7dvg77qa7mtq8dh8gft8qcnzbp3dqjc66ahkp62nazmqaffgdh3at151mf7gv8p16ttyfjs2j6zf2jmdarrjvd4h0jgtbyzv33yaqd21tw017x6kac29xgcg23hafvx7tnmx8q3fz82tbq9jttjdqgm3jfea1g2tf9cesrqae53mn8g0qms22wd3enhpcbsz0n6ej3cbjc0kg8nygcacsgjh7zvmfrg1f0p312ap8x6w30k0tw8wzhvs82qwyt2t9t59w2754dfctsfs829qh56ran96dk163kx8sray4t3&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCAU1VQpepZeecIf6g9u8P4eGvwAOQ4YGEXLaoworwAsCNtwEQASAAYJXKhoKYB4IBF2NhLXB1Yi04NzM3NzkzMzg5NjcxNTM1yAEJqQJ_jGMqIjiyPuACAKgDAcgDAqoEgwJP0M3ksRVfrDFlyhRQPIjJr-Dt-NitIhgY_hN6QDIH0lQTkWL4JvrrP_6vZ684YWjXTvN1JpSu9bctJCp8CJoWaMOuz6clFv3vs1q5JGQ3UYYEpyUEmtJraiOeeejXFhF7hDSmDARPwTIZhWMc0SvqVn3v5vhzUsJoBeOlEryV1-Ht2S2DA5jBolM5imNTPjaVlo_G0sw9S_fmqHu08CLWXW2FAMneeXAbIyeQhwfkFQ75jk7i5AgYyRNf6tcDXYK5cdUHxNDAizQefyjhpPHy8FHH-DsP0FRmWLqErL3PpkPCDncKjKQ0o6x6YuNcrt_VtTbi_bG1cAXrGIQAmDc7eo2K4AQBgAbF76qXrOryphygBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYhafugfDngwP6CwIIAYAMAeINEwjD0O6B8OeDAxV-kP0HHeHwCzjQFQGAFwE%26num%3D1%26sig%3DAOD64_2OF7bTznGEyNTsiwMm1LBv9imYFg%26client%3Dca-pub-8737793389671535%26adurl%3D
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 8479e9050ba730d8-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src *;connect-src https:;default-src 'self';font-src *;form-action 'none';frame-src *;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Thu, 18 Jan 2024 21:25:23 GMT
expires: 0
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
permissions-policy: accelerometer=(),autoplay=(self),camera=(),display-capture=(),encrypted-media=(self),fullscreen=(),gamepad=(),geolocation=(),gyroscope=(),hid=(),identity-credentials-get=(),idle-detection=*,local-fonts=*,magnetometer=(),microphone=(),midi=(),otp-credentials=(),payment=(),picture-in-picture=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=(),web-share=*,xr-spatial-tracking=()
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET container.html
e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame CE2E 0
0

GET
H2 200 adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame F95F 350 B
635 B 31ms
30ms Image
image/png 2606:4700:20::ac43:444e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/style/0.1.50/one-ad/default.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:444e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d41dc07aed30cb54de661289691254b1288a52bcf4d121cec3acb89d4aa872a8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 21:25:23 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4204359
alt-svc: h3=":443"; ma=86400
content-length: 350
last-modified: Mon, 20 Nov 2023 11:04:04 GMT
server: cloudflare
etag: "e7fc49b61cae983db8c3a1dccf923b93"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8TNkAGZO0idJIXfMA9BmQ5lzbo5UK8dNXh5jYUAL1Ts3pWm1%2BkR2OF6OuTPkcLt4gKjplm4ccYH%2BLqJaiuMOL4kfJXm8GHfKardozD9b2MjLvt3sqPQqCBTTZ5xJjfyfnH3oOKnPjpbFNIrSDB2NvwHw"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 8479e9052a7b4dc0-FRA
expires: Sat, 30 Nov 2024 05:32:44 GMT

GET
H3 200 cookie-frame.html Show response
ad4m.at/ Frame 4A95 2 KB
1 KB 31ms
31ms Document
text/html 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/cookie-frame.html
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0db16c25165bfd35ea9114187f3e97d7084a33135cb56fe276f6cdd2ab675647

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 64508
alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=86400, stale-if-error=86400
cf-cache-status: HIT
cf-ray: 8479e9053bca30d8-FRA
content-encoding: br
content-language: en
content-type: text/html
date: Thu, 18 Jan 2024 21:25:23 GMT
expires: Sat, 30 Dec 2023 10:37:00 GMT
last-modified: Tue, 28 Nov 2023 11:49:55 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FwYk4HkXZyf24kGCsUGmJnAQeKd%2BfzLrod0Dy3tqk%2BHMOTzEdyeTl6pEPeFWQg67sjknfyUUmrNu1AS64jI3ra7GYb4QlrqHuNKckpwAcHz4Ov2B8c2oQzUqHUrqtQ9KDFdpne0%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET default.css
as.ad4m.at/ad/style/0.1.50/one-ad/ Frame DCC7 0
0

GET AC50ED06D6B01579BBF8202CAC1E2BC99A8C4EFC03AE0DB29DFC1BDB2F82E09188D30122E09EB7D91DC8B3182DA9DB4A5BED06E4BC2B9D6F0CA2AC61EC267111
assets.ad4m.at/logo/ Frame DCC7 0
0

GET A36DAD0D440985CF6ABFA23492945CE5BC6D94350A66B19418CB771AFE823AD9B48ADE8E2F007546F0A50A710172EEFC2CAC1468E38852CE2028C22592AAFB75
assets.ad4m.at/product_image/ Frame DCC7 0
0

GET
H2 200 container.html Show response
e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 17CA 6 KB
3 KB 103ms
103ms Document
text/html 142.250.184.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401160101/pubads_impl.js?cb=31080488

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f1.1e100.net

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://forexone.alghtas.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 18 Jan 2024 21:25:21 GMT
expires: Fri, 17 Jan 2025 21:25:21 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 container.html Show response
e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame EBBD 6 KB
3 KB 138ms
137ms Document
text/html 142.250.184.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401160101/pubads_impl.js?cb=31080488

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f1.1e100.net

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://forexone.alghtas.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 18 Jan 2024 21:25:21 GMT
expires: Fri, 17 Jan 2025 21:25:21 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 container.html Show response
e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame B111 6 KB
3 KB 135ms
135ms Document
text/html 142.250.184.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401160101/pubads_impl.js?cb=31080488

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f1.1e100.net

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://forexone.alghtas.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 18 Jan 2024 21:25:21 GMT
expires: Fri, 17 Jan 2025 21:25:21 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET adview
securepubads.g.doubleclick.net/pagead/ Frame E2F1 0
0

GET winResponse
prod-rtb.ad4mat.net/ Frame E2F1 0
0

GET activeview
pagead2.googlesyndication.com/pcs/ Frame CC3C 0
0

GET activeview
pagead2.googlesyndication.com/pcs/ Frame E2F1 0
0

GET
H2 200 container.html Show response
e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame EAA6 6 KB
3 KB 158ms
158ms Document
text/html 142.250.184.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401160101/pubads_impl.js?cb=31080488

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f1.1e100.net

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://forexone.alghtas.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 18 Jan 2024 21:25:21 GMT
expires: Fri, 17 Jan 2025 21:25:21 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012312191621000/ Frame 37B3 196 KB
55 KB 22ms
20ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012312191621000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401160101/pubads_impl.js?cb=31080488

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d5ef37381138e5c82aba1b09a5e9cb76a193c998e80f09e9ec9cdb8c0eac8e17

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://forexone.alghtas.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 17 Jan 2024 20:11:52 GMT
age: 90811
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56099
x-xss-protection: 0
server: sffe
etag: "b4f73150f1481343"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 16 Jan 2025 20:11:52 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012312191621000/v0/ Frame 37B3 15 KB
5 KB 27ms
26ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012312191621000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401160101/pubads_impl.js?cb=31080488

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

291ad59350731069a43cb924ae03eba4174c9157dbb1434679298877141e1fbb

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://forexone.alghtas.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 17 Jan 2024 20:11:52 GMT
age: 90811
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5228
x-xss-protection: 0
server: sffe
etag: "1615cf8c9658662f"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 16 Jan 2025 20:11:52 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012312191621000/v0/ Frame 37B3 95 KB
28 KB 29ms
27ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012312191621000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401160101/pubads_impl.js?cb=31080488

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c57e30f3e3440754bfd9c14304db0781d0d1226d5a3b093a4ed015f5007d5c62

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://forexone.alghtas.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 17 Jan 2024 20:11:52 GMT
age: 90811
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29030
x-xss-protection: 0
server: sffe
etag: "4993b3249a87fa76"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 16 Jan 2025 20:11:52 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012312191621000/v0/ Frame 37B3 5 KB
2 KB 32ms
30ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012312191621000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401160101/pubads_impl.js?cb=31080488

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ca848bb459064d2d0a527bd0840ec4cbdea5545ab07b8dc7ebb61c8d0cb1a954

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://forexone.alghtas.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 17 Jan 2024 20:11:52 GMT
age: 90811
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1930
x-xss-protection: 0
server: sffe
etag: "09131eec19261354"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 16 Jan 2025 20:11:52 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012312191621000/v0/ Frame 37B3 40 KB
13 KB 33ms
32ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012312191621000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401160101/pubads_impl.js?cb=31080488

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

febaf4a1ace567d9e1c2a64b9721eaa47cb418db39c8869b38ecd480bdfde322

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://forexone.alghtas.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 17 Jan 2024 20:11:52 GMT
age: 90811
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12961
x-xss-protection: 0
server: sffe
etag: "b1091b2fa725aeb2"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 16 Jan 2025 20:11:52 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 37B3 6 KB
706 B 34ms
33ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401160101/pubads_impl.js?cb=31080488

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9a4eb2c9445287c34cb0a9ed5cc673460362483f0855bc91f8230dfa46a955e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://forexone.alghtas.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 18 Jan 2024 21:25:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 18 Jan 2024 21:06:24 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 18 Jan 2024 21:25:23 GMT

GET
H3 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 37B3 2 KB
2 KB 20ms
19ms Image
image/png 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401160101/pubads_impl.js?cb=31080488

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://forexone.alghtas.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 11:48:31 GMT
x-content-type-options: nosniff
server: cafe
age: 34612
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2502
x-xss-protection: 0
expires: Fri, 19 Jan 2024 11:48:31 GMT

GET
H3 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 37B3 295 B
319 B 22ms
21ms Image
image/png 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401160101/pubads_impl.js?cb=31080488

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://forexone.alghtas.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 18:29:52 GMT
x-content-type-options: nosniff
server: cafe
age: 10531
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Fri, 19 Jan 2024 18:29:52 GMT

GET
H2 200 container.html Show response
e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 31B4 6 KB
3 KB 151ms
151ms Document
text/html 142.250.184.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401160101/pubads_impl.js?cb=31080488

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f1.1e100.net

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://forexone.alghtas.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 18 Jan 2024 21:25:21 GMT
expires: Fri, 17 Jan 2025 21:25:21 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 container.html Show response
e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 87BE 6 KB
3 KB 152ms
151ms Document
text/html 142.250.184.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401160101/pubads_impl.js?cb=31080488

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f1.1e100.net

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://forexone.alghtas.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 18 Jan 2024 21:25:21 GMT
expires: Fri, 17 Jan 2025 21:25:21 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 container.html Show response
e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 1959 6 KB
3 KB 149ms
148ms Document
text/html 142.250.184.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401160101/pubads_impl.js?cb=31080488

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f1.1e100.net

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://forexone.alghtas.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 18 Jan 2024 21:25:21 GMT
expires: Fri, 17 Jan 2025 21:25:21 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET container.html
e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 3A1A 0
0

GET
H3 204 l
www.google.com/ads/measurement/ Frame 37B3 0
0 29ms
29ms Image
text/html 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSTptnVipd7YZIxyTeEZg5IVmbmq0OXuEQaSKptRqvTCMH8iwzAo2UtWIZ_yRkyMYnX54p0A2iVfsEsKR6rePAafIT1dw
Requested by: Host: forexone.alghtas.xyz
URL: https://forexone.alghtas.xyz/50-pips-a-day-forex-strategy/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://forexone.alghtas.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

GET
H2 200 container.html Show response
e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame D921 6 KB
3 KB 145ms
145ms Document
text/html 142.250.184.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401160101/pubads_impl.js?cb=31080488

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f1.1e100.net

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://forexone.alghtas.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 18 Jan 2024 21:25:21 GMT
expires: Fri, 17 Jan 2025 21:25:21 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 2076313506083323656
tpc.googlesyndication.com/simgad/5291538849493751616/ Frame 37B3 51 KB
51 KB 22ms
20ms Image
image/jpeg 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/5291538849493751616/2076313506083323656

Requested by

Host: forexone.alghtas.xyz
URL: https://forexone.alghtas.xyz/50-pips-a-day-forex-strategy/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9c75069ef64946c381aaf8e3c28175a55e6fb860c5250fe53f6010cbbfe3be58

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://forexone.alghtas.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires: Wed, 15 Jan 2025 08:33:24 GMT
date: Tue, 16 Jan 2024 08:33:24 GMT
x-content-type-options: nosniff
age: 219119
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52462
x-xss-protection: 0
last-modified: Wed, 15 Feb 2023 16:22:13 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 4704087868683261172
tpc.googlesyndication.com/simgad/10749118717480748463/ Frame 37B3 10 KB
10 KB 28ms
27ms Image
image/png 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/10749118717480748463/4704087868683261172?w=100&h=100&tw=1&q=75

Requested by

Host: forexone.alghtas.xyz
URL: https://forexone.alghtas.xyz/50-pips-a-day-forex-strategy/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

62b8ebbefeed3d193f39cd2923b9ae9f5c1371f660962acc238dfba43ffafe55

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://forexone.alghtas.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires: Wed, 15 Jan 2025 14:59:14 GMT
date: Tue, 16 Jan 2024 14:59:14 GMT
x-content-type-options: nosniff
age: 195969
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9910
x-xss-protection: 0
last-modified: Sun, 03 Dec 2023 07:50:46 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
DATA 200
OK truncated
/ Frame 37B3 221 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 613603afe8c5203c59d7f9df1cbac87109df7ffdf245fd20becfa6bd95b92155

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 37B3 208 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d65c87fba6ed88b60faae41c5eb5cba21bece1bdc39956222630500b964c6621

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 37B3 15 KB
16 KB 20ms
19ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://forexone.alghtas.xyz
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 14:18:08 GMT
x-content-type-options: nosniff
age: 112035
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 16 Jan 2025 14:18:08 GMT

GET
H3 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 37B3 15 KB
15 KB 22ms
21ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://forexone.alghtas.xyz
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 09:30:09 GMT
x-content-type-options: nosniff
age: 129314
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15740
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 16 Jan 2025 09:30:09 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 37B3 0
0 62ms
61ms Image
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CH1yCQpepZeSdKdC59u8PmJeqmAWT-_GJdbC576n6EdnZHhABIN7BgJsBYJXKhoKYB6AB84_7qSnIAQmpAn-MYyoiOLI-4AIAqAMByAMKqgSWAk_QO4Dmt32QWC2y0AUKtE2jsBfFygRqBZbMYUvwwCQPoid_8lWT_F5DjROuC5bPpj-sHhpTUWyuvxlRm5JOpQqJUi8hYG3lq2sl6Y1OFoWLkmCDGGcoW_sd3lM1-EOtVtiS7C_MbGOTSK2aVNw2RJ9Fvwk0rNqgNVzYlbhEwD3oHYG474vBNAFYGPZxYULyUO3KwUyHNEfLNVw2suQrHau5Lc0yGwpr3VZMUawWphWObc_xPj4r8tU9fRRhmj9tkWxqyu_KeFaLf1zEX8siduQbs6-EynyKGR2FXHwKqnqIhuHFfUy3D0V0jqkGDnWBF_ckzVFJ1FYxJ9DTbzHYu8BQwMFNf0Z7hL4fFmWmwKxG_CW0NIJVwAT3hKD_wwTgBAGIBdbRs4tMkgUECAQYAZIFBAgFGASgBi6AB_PHy4kEqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhvYBwDyBwQQndAG0ggfCIDhgBAQARgdMgKqAjoCgEBIvf3BOliUoLKC8OeDA5oJ4wFodHRwczovL3VzLnNob2Zhc3QuY29tL2Rzcj9xPW1hbmFnZWQlMjBjeWJlciUyMHNlY3VyaXR5JTIwc2VydmljZSZhc2lkPXptd19jaDQyNyZkZT1jJnNjbGlkPTAtMjQwMTUtcGxjX2ZvcmV4b25lLmFsZ2h0YXMueHl6JmdjbGlkPXtnY2xpZH0mcmFjPUFydGljbGVzJTIwYW5kJTIwaW5mbyUyMGZvciUyMG1hbmFnZWQlMjBjeWJlciUyMHNlY3VyaXR5JTIwc2VydmljZSZudz1kJmxvY2FsZT1lbl9VU4AKA8gLAaIMCCoGCgSsurEC4g0TCJyBs4Lw54MDFdCc_QcdmIsKU7gT5APYEwyIFAHQFQGYFgGAFwGyFx8KHQgAEhRwdWItNzc4MDc1ODUzOTc1MTI0MxigqIsB&sigh=J6GjJv_efR0&uach_m=%5B%5D&ase=2&nis=5&cid=CAQSPAAvHhf_G1vfO-F86pyobZVNATehLXQk9N1eDKUNtN8dNp-kIQhRjXWLGeLpB18KMtDXGoZYr0-LqbKx0hgB&template_id=484&cbvp=2
Requested by: Host: forexone.alghtas.xyz
URL: https://forexone.alghtas.xyz/50-pips-a-day-forex-strategy/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://forexone.alghtas.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

GET
H3 200 dr Show response
as.ad4m.at/ad/ Frame 746D 2 KB
3 KB 46ms
46ms Document
text/html 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/dr?ed=1k82fwaa71m9y1h8a1jzq5kdmv4t8ykfrfnxzfh6n4yjxrp63rfh96nj2h9aq9awdk26znkgx5y2jgt0xhf64wzayrgmtfx67qcqwypnpp4hpqzztdp2sbmqcy7qgf2a2s4bwc4c406w61pge3a8qkhvnvnjj3raxka4de3kqkpk6npdt266p1dekqyqhsrj9h8ck478mzgdvjjpzkqj7drznc55mxengzwgfy24r6q2ag3zwhgdyz6k8sdrhg7stkspfgjk1np73r4vsq0dcay0tg9ncgq8xtnnaz67c3xgza1d0g4x4qjvsacgaccedfbmfwj131xfegqtq85tzxqvwm6yp2x3mvkdqj8yznv2j7ck453c7pp84avq046eytx2rzwx5czd1wgm7p43vjzazm7ftgdq7dzgabe6t0p3ngwhfnbw63v9xcyb16gnxvvyynr2&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC4FAHQpepZeCdKdC59u8PmJeqmAWQ4YGEXLaoworwAsCNtwEQASAAYJXKhoKYB4IBF2NhLXB1Yi04NzM3NzkzMzg5NjcxNTM1yAEJqQJ_jGMqIjiyPuACAKgDAcgDAqoEhgJP0Ett7skyQfoYRRPKpiX9WgXdPcMNWDJ4nTInIxpolEr0y8H6tIF5ELWg7Ag17pMRJia3KvOSoNO1ajzSG8PsVP9zZy3FhZQ4uimw5zyxlN8J1--hLUiEekCruKRdCxGi4MkvWRtZh7P9qNNjeAat8OccFiw6td_zEBnZ6WWduKUhl58QMqgVRnSB3K16UBNaQiuZxTdKV74fmjY94UqCcFT34_P_cXlnIJJwKlJ69EyiJzmH3fMxiz8qukSXXXuFWhxarZNAD156hIEAp45_FpkvBUbBFWYms-5quea3K93K54OUq6F2f04ujZ6evrJLSK3dGDz5yQbbMTbBOSmNsz6wzmlG4AQBgAbF76qXrOryphygBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYlKCygvDngwP6CwIIAYAMAeINEwiYgbOC8OeDAxXQnP0HHZiLClPQFQGAFwE%26num%3D1%26sig%3DAOD64_1_n6-vsi77KJFloNhNiGuHizwxOQ%26client%3Dca-pub-8737793389671535%26adurl%3D

Requested by

Host: e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com
URL: https://e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9ae3783ba2167285a8cf896a541a47627ae4a0d79df8557c39ad9e2d1fd4c0d2

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src ;connect-src https:;default-src 'self';font-src ;form-action 'none';frame-src ;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src 'unsafe-inline'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 8479e9062ca630d8-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src *;connect-src https:;default-src 'self';font-src *;form-action 'none';frame-src *;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Thu, 18 Jan 2024 21:25:23 GMT
expires: 0
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
permissions-policy: accelerometer=(),autoplay=(self),camera=(),display-capture=(),encrypted-media=(self),fullscreen=(),gamepad=(),geolocation=(),gyroscope=(),hid=(),identity-credentials-get=(),idle-detection=*,local-fonts=*,magnetometer=(),microphone=(),midi=(),otp-credentials=(),payment=(),picture-in-picture=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=(),web-share=*,xr-spatial-tracking=()
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240117/r20110914/client/ Frame 17CA 3 KB
1 KB 19ms
19ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240117/r20110914/client/window_focus_fy2021.js

Requested by

Host: e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com
URL: https://e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 14:56:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 23340
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 01 Feb 2024 14:56:23 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 2397 1 KB
643 B 21ms
21ms Document
text/html 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com
URL: https://e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 15279
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 18 Jan 2024 17:10:44 GMT
etag: 48472445140208031
expires: Fri, 19 Jan 2024 17:10:44 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240117/r20110914/client/ Frame 17CA 20 KB
8 KB 20ms
19ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240117/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com
URL: https://e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 16:28:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 17840
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8492
x-xss-protection: 0
server: cafe
etag: 9878124937798820110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 01 Feb 2024 16:28:03 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 17CA 0
0 30ms
30ms Image
text/html 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTMw82Ey7BsS0LFZn9L44dJkgA0LN8avS3KGKCrdORjNqKIuVMYklWm-fT7GICBxGz_51xZeswLYRLsGfK31Fy9a7HTtw
Requested by: Host: e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com
URL: https://e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 17CA 24 KB
6 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com
URL: https://e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 01:04:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 159648
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 16 Jan 2025 01:04:35 GMT

GET
H3 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 17CA 206 KB
65 KB 60ms
60ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com
URL: https://e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

69c32d8650b1e5f0bcb76d787972b68a1ba327ea5bd8da7ab8ca1a04336735c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 21:25:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66453
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1705495733332172"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 18 Jan 2024 21:25:23 GMT

GET
H2 200 container.html Show response
e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 8C20 6 KB
3 KB 102ms
102ms Document
text/html 142.250.184.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401160101/pubads_impl.js?cb=31080488

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f1.1e100.net

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://forexone.alghtas.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 18 Jan 2024 21:25:21 GMT
expires: Fri, 17 Jan 2025 21:25:21 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 17CA 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: dc689ad2e054fda57bdeeb437a437964bc6617d91160a9c80d9de443c8519007

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 204 current
dclk-match.dotomi.com/match/bounce/ Frame 2397 0
103 B 45ms
43ms Image
text/plain 2a02:fa8:8806:13::1400
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEIw4FbUSyExvLOkzCEizCvw&google_cver=1&google_push=AXcoOmTfbc2l3ACy6J7GErAPsE-GA6aSWVGbQvlxTmJBGqWLWry2ByterSFXy3I7nyMzt5CFTl2y3wf3I4D0QBXspZjh0iKYXABx
Requested by: Host: e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com
URL: https://e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:13::1400 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 18 Jan 2024 21:25:23 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H2

200

i.match
s.tribalfusion.com/z/ Frame 2397
Redirect Chain

https://a.tribalfusion.com/i.match?p=b6&u=CAESEDOdZ5X2RKdgbP26YVSHzHQ&google_cver=1&google_push=AXcoOmTIy63-eKtzR6o0V3FfsEUCJpLFdvFZNDsU6MHZtK-5NkFI8slXkZM6w-0CkimiaFk-U0_stE9-cUT0zh26gDyXwSzMxTY3&...
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEDOdZ5X2RKdgbP26YVSHzHQ&google_cver=1&google_push=AXcoOmTIy63-eKtzR6o0V3FfsEUCJpLFdvFZNDsU6MHZtK-5NkFI8slXkZM6w-0CkimiaFk-U0_stE9-cUT0zh26gDyXwSzMxTY...

43 B
446 B

208ms
184ms

Image
image/gif

2606:4700::6812:19ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEDOdZ5X2RKdgbP26YVSHzHQ&google_cver=1&google_push=AXcoOmTIy63-eKtzR6o0V3FfsEUCJpLFdvFZNDsU6MHZtK-5NkFI8slXkZM6w-0CkimiaFk-U0_stE9-cUT0zh26gDyXwSzMxTY3&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmTIy63-eKtzR6o0V3FfsEUCJpLFdvFZNDsU6MHZtK-5NkFI8slXkZM6w-0CkimiaFk-U0_stE9-cUT0zh26gDyXwSzMxTY3%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by: Host: e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com
URL: https://e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Server: 2606:4700::6812:19ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 18 Jan 2024 21:25:24 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
content-type: image/gif; charset=utf-8
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 8479e9080894bb9d-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 18 Jan 2024 21:25:23 GMT
cf-cache-status: DYNAMIC
x-function: 206
server: cloudflare
x-reuse-index: 42
content-type: text/html
location: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEDOdZ5X2RKdgbP26YVSHzHQ&google_cver=1&google_push=AXcoOmTIy63-eKtzR6o0V3FfsEUCJpLFdvFZNDsU6MHZtK-5NkFI8slXkZM6w-0CkimiaFk-U0_stE9-cUT0zh26gDyXwSzMxTY3&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmTIy63-eKtzR6o0V3FfsEUCJpLFdvFZNDsU6MHZtK-5NkFI8slXkZM6w-0CkimiaFk-U0_stE9-cUT0zh26gDyXwSzMxTY3%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 8479e906aecebb9d-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 2397
Redirect Chain

https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEAy3By481vb1E-WOTR1BpSQ&google_cver=1&google_push=AXcoOmRxgQw7L2A0ElKdr470CeGafVjWBCvEbjybYx3DvGfoxoY8zHF9_M9Rd_a6e_aBUz-5pQTU-QavtJmlXB...
https://cm.g.doubleclick.net/pixel?google_nid=blismobile&google_push=AXcoOmRxgQw7L2A0ElKdr470CeGafVjWBCvEbjybYx3DvGfoxoY8zHF9_M9Rd_a6e_aBUz-5pQTU-QavtJmlXB4_elI11ZYQX20S&google_hm=hmWpl0NS2v1X277rK...

170 B
188 B

36ms
33ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=blismobile&google_push=AXcoOmRxgQw7L2A0ElKdr470CeGafVjWBCvEbjybYx3DvGfoxoY8zHF9_M9Rd_a6e_aBUz-5pQTU-QavtJmlXB4_elI11ZYQX20S&google_hm=hmWpl0NS2v1X277rKQ&google_redir=https%3A%2F%2Ftr.blismedia.com%2Fv1%2Fredirect%2FAdxPixel%3F%25%25GOOGLE_ERROR_PAIR%25%25%26partner_device_id%3D65A9974352DAFD57DBBEEB29BLIS

Requested by

Host: e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com
URL: https://e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 18 Jan 2024 21:25:23 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=blismobile&google_push=AXcoOmRxgQw7L2A0ElKdr470CeGafVjWBCvEbjybYx3DvGfoxoY8zHF9_M9Rd_a6e_aBUz-5pQTU-QavtJmlXB4_elI11ZYQX20S&google_hm=hmWpl0NS2v1X277rKQ&google_redir=https%3A%2F%2Ftr.blismedia.com%2Fv1%2Fredirect%2FAdxPixel%3F%25%25GOOGLE_ERROR_PAIR%25%25%26partner_device_id%3D65A9974352DAFD57DBBEEB29BLIS
date: Thu, 18 Jan 2024 21:25:23 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 2397
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEBBtuU_dS5Hx51yzRcE1HE0&google_cver=1&google_push=AXcoOmQe8dKe2mawOy5_8WvhoLjBoM_9tVhIKKH-UY0PR9cBVQqzIRb_JcH8Gwa7IEcVvSepILz77J2_418o4o...
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzMyNTU1MjU4MjkyMjUzMzAwOQ%3D%3D&google_push=AXcoOmQe8dKe2mawOy5_8WvhoLjBoM_9tVhIKKH-UY0PR9cBVQqzIRb_JcH8Gwa7IEcVvSepILz77J2_418o4ockKW...

170 B
188 B

43ms
42ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzMyNTU1MjU4MjkyMjUzMzAwOQ%3D%3D&google_push=AXcoOmQe8dKe2mawOy5_8WvhoLjBoM_9tVhIKKH-UY0PR9cBVQqzIRb_JcH8Gwa7IEcVvSepILz77J2_418o4ockKW7ZL5qs1a8s

Requested by

Host: e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com
URL: https://e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 18 Jan 2024 21:25:23 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzMyNTU1MjU4MjkyMjUzMzAwOQ%3D%3D&google_push=AXcoOmQe8dKe2mawOy5_8WvhoLjBoM_9tVhIKKH-UY0PR9cBVQqzIRb_JcH8Gwa7IEcVvSepILz77J2_418o4ockKW7ZL5qs1a8s
Date: Thu, 18 Jan 2024 21:25:23 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 2397
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEPzJkiyolE_JIPXf5phvlLw&google_cver=1&google_push=AXcoOmSpTuV93mKssat1T5IkmhDOY4RD_0nVIViyK0_yRZoCpAfrSh4zjYvZ9SzLx5em2flUf5Tvo-XG...
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEPzJkiyolE_JIPXf5phvlLw&google_cver=1&google_push=AXcoOmSpTuV93mKssat1T5IkmhDOY4RD_0nVIViyK0_yRZoCpAfrSh4zjYvZ9SzLx5em2flUf5T...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTU3NjQ1MzY3ODUwNDMxMzk1NA&google_push=AXcoOmSpTuV93mKssat1T5IkmhDOY4RD_0nVIViyK0_yRZoCpAfrSh4zjYvZ9SzLx5em2flUf5Tvo-...

170 B
188 B

32ms
32ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTU3NjQ1MzY3ODUwNDMxMzk1NA&google_push=AXcoOmSpTuV93mKssat1T5IkmhDOY4RD_0nVIViyK0_yRZoCpAfrSh4zjYvZ9SzLx5em2flUf5Tvo-XGpz8LzF3pilc7bSl5If-Y

Requested by

Host: e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com
URL: https://e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 18 Jan 2024 21:25:23 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 18 Jan 2024 21:25:23 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTU3NjQ1MzY3ODUwNDMxMzk1NA&google_push=AXcoOmSpTuV93mKssat1T5IkmhDOY4RD_0nVIViyK0_yRZoCpAfrSh4zjYvZ9SzLx5em2flUf5Tvo-XGpz8LzF3pilc7bSl5If-Y
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 2397
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEOOLl4HdO6wk_HBVHDQL7mI&google_cver=1&google_push=AXcoOmTJLmHhO2kIm1ZNkdwezKrzWG47tezQJ-VPqvJS3onLLHaVcuZpTHWgOTOdeiPJw7fm9Xw...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFJKUTBLWEctMVctR0Y3VA==&google_push=AXcoOmTJLmHhO2kIm1ZNkdwezKrzWG47tezQJ-VPqvJS3onLLHaVcuZpTHWgOTOdeiPJw7fm9Xw_YMvP3k7tB6epEoQPOP14I4Q

170 B
188 B

32ms
32ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFJKUTBLWEctMVctR0Y3VA==&google_push=AXcoOmTJLmHhO2kIm1ZNkdwezKrzWG47tezQJ-VPqvJS3onLLHaVcuZpTHWgOTOdeiPJw7fm9Xw_YMvP3k7tB6epEoQPOP14I4Q

Requested by

Host: e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com
URL: https://e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 18 Jan 2024 21:25:23 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFJKUTBLWEctMVctR0Y3VA==&google_push=AXcoOmTJLmHhO2kIm1ZNkdwezKrzWG47tezQJ-VPqvJS3onLLHaVcuZpTHWgOTOdeiPJw7fm9Xw_YMvP3k7tB6epEoQPOP14I4Q
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 4cdacfaa68e4ab216fffbcc107c5b898
Expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 2397
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEPX68Qkpa5P05eF1nvVmwFU&google_cver=1&googl...
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEPX68Qkpa5P05eF1nvVmwFU&google_hm=ZamXQ8kTC2CPqI4ALfC4TQAAFEYAAAAB&google_nid=index&google_push=AXcoOmSv2Gj4fJmzrlTyg1YNWOvT8VKQHoUcV...

170 B
188 B

35ms
33ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEPX68Qkpa5P05eF1nvVmwFU&google_hm=ZamXQ8kTC2CPqI4ALfC4TQAAFEYAAAAB&google_nid=index&google_push=AXcoOmSv2Gj4fJmzrlTyg1YNWOvT8VKQHoUcVbauY7TPcJpjeHLo3i_eI8oH_8IOhajuGrZzeay37lAvgyEUq9DgwyLYAiqnYtPs

Requested by

Host: e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com
URL: https://e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 18 Jan 2024 21:25:23 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 18 Jan 2024 21:25:23 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=i7DeNAhy2h8w6L9LNJVOtxUzZk5OI%2Bua5ujJRQFsKj5cl9LeGArUy74Es5a%2BPhTkxsoSRg5Ev4WaA8JxYwhb%2FXT%2Fe5IOZDiWsqxdpoNTislK7a%2BqCnv5pNMdZwr9AzPGRsMtwSdgOIzm6A%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEPX68Qkpa5P05eF1nvVmwFU&google_hm=ZamXQ8kTC2CPqI4ALfC4TQAAFEYAAAAB&google_nid=index&google_push=AXcoOmSv2Gj4fJmzrlTyg1YNWOvT8VKQHoUcVbauY7TPcJpjeHLo3i_eI8oH_8IOhajuGrZzeay37lAvgyEUq9DgwyLYAiqnYtPs
cache-control: no-cache
cf-ray: 8479e9066a5d5019-WAW
alt-svc: h3=":443"; ma=86400
content-length: 0
expires: 0

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 2397 0
12 B 30ms
30ms Image
text/html 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KhfdgoQouELZ8HCx3Y_8J8SYYQlslAU2VpyNlw5JZ4rDdZXkgBiCAEUL8mvMHE47XAZts0

Requested by

Host: e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com
URL: https://e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 21:25:23 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 dr Show response
as.ad4m.at/ad/ Frame A6B7 2 KB
3 KB 60ms
59ms Document
text/html 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/dr?ed=1je340jfd228zvnf0q95ga1ft02vnq4z8fq0ykmcwnj0mbxgxe3kysqeszd6exnb87ysqky0z8fzdskeq84ecve03k57ffd57zd65q08ebm5vfg4jkgbq421enfwaz2kvq5n5yjw7dk1wja8cmewa6f7knpveqz3kvsfwfrmmdg1mg688nffz0ecbrn699jb76w4fhanf7sbp6km6dfk2jtrdf1cqgns948cp3b3shgfej0528aq2pqejtmsb5cyetjt280gf8ryd72tavfdmft3wb28ep35p5et7npbypmtx6ytb0caqt20kt83s4bbrn4w7vs45ee0y3jgq7ra0r39gpxz33qbwb6aw4ye36afk9fdtrdhydgs84y58ysjqpxvdz4nz5njrg3f08xmnq39qdwyj58zfdppf0f80vbwa7wpnp3k0sqmzt30x2hrneczbdyj&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCm0PWQpepZeGdKdC59u8PmJeqmAWQ4YGEXLaoworwAsCNtwEQASAAYJXKhoKYB4IBF2NhLXB1Yi04NzM3NzkzMzg5NjcxNTM1yAEJqQJ_jGMqIjiyPuACAKgDAcgDAqoEjAJP0EvPm_--F40JGJsXkGL709w-3Xb-hK9O0aQlWNW8eXKrS9niy86RMKIKVQNRDXkD1A1YVfmNcM3lD-KNIA9kIAoglKNPVJGH0h7vLcdeQjjwHAyd4b4N72NXS049xNP_7ljfI_glR5Cb6K837op1zPidyHMJ31GTKLBcU0K6gLyMTEpTdicrZfztCco4kCoBZ11vH7aeidML0FfBSVYelhoPi34Za9IRw_eWyMQ68jiQOn1IfEr0z4bQn8s12N0MmcbWGTDwWhDKdMYws5Ej1xJ01NWkgbVxc1MkSNEqPib9e4P3lA2mUErQGzXPKz3xVf_68srB3EXX2p-A9RWziFVYDHESVjdo-RQ34AQBgAbF76qXrOryphygBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYlKCygvDngwP6CwIIAYAMAeINEwiZgbOC8OeDAxXQnP0HHZiLClPQFQGAFwE%26num%3D1%26sig%3DAOD64_2VhP59kPk0szm7BFx6c0fKMWvzLA%26client%3Dca-pub-8737793389671535%26adurl%3D

Requested by

Host: e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com
URL: https://e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

161dbcdd15428f53d15f17708d5e44c86fc992b02f41d8d521672cf2128e3d10

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src ;connect-src https:;default-src 'self';font-src ;form-action 'none';frame-src ;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src 'unsafe-inline'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 8479e9066cec30d8-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src *;connect-src https:;default-src 'self';font-src *;form-action 'none';frame-src *;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Thu, 18 Jan 2024 21:25:23 GMT
expires: 0
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
permissions-policy: accelerometer=(),autoplay=(self),camera=(),display-capture=(),encrypted-media=(self),fullscreen=(),gamepad=(),geolocation=(),gyroscope=(),hid=(),identity-credentials-get=(),idle-detection=*,local-fonts=*,magnetometer=(),microphone=(),midi=(),otp-credentials=(),payment=(),picture-in-picture=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=(),web-share=*,xr-spatial-tracking=()
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240117/r20110914/client/ Frame EBBD 3 KB
1 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240117/r20110914/client/window_focus_fy2021.js

Requested by

Host: e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com
URL: https://e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 14:56:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 23340
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 01 Feb 2024 14:56:23 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 3E6D 1 KB
643 B 22ms
22ms Document
text/html 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com
URL: https://e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 15279
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 18 Jan 2024 17:10:44 GMT
etag: 48472445140208031
expires: Fri, 19 Jan 2024 17:10:44 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240117/r20110914/client/ Frame EBBD 20 KB
8 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240117/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com
URL: https://e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 16:28:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 17840
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8492
x-xss-protection: 0
server: cafe
etag: 9878124937798820110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 01 Feb 2024 16:28:03 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame EBBD 0
0 36ms
35ms Image
text/html 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSqs6EKQr5-kqgzbZI2JBGzeR4bMeFRqFCaLztniKcJGWPTLwffwNSGmXUt-1tde7G82Ih8_tPmdPOaVDqN5Qa5xEKtbg
Requested by: Host: e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com
URL: https://e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame EBBD 24 KB
6 KB 24ms
23ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com
URL: https://e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 01:04:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 159648
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 16 Jan 2025 01:04:35 GMT

GET
H3 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame EBBD 206 KB
65 KB 62ms
62ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com
URL: https://e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

69c32d8650b1e5f0bcb76d787972b68a1ba327ea5bd8da7ab8ca1a04336735c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 21:25:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66453
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1705495733332172"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 18 Jan 2024 21:25:23 GMT

GET
H3 200 dr Show response
as.ad4m.at/ad/ Frame 2773 2 KB
3 KB 59ms
59ms Document
text/html 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/dr?ed=1jsqdqm9ee35ee3gz890c88g4qt219rmksvyhd7skyt4x5vwc7v6kcst7psk0hj8q17awpfcxbgvamxptdtcce5h9be70bh9dq0zc5s6xbwyy73dfea3d8ge91vn49f8efcfyenmksksevha0nh8qwgwk84b39qngy58dq0nbnckfeznkcsx9d92pfsrassqx5d84y9v5j030d13retra42xcnsgb963akq3j590ad3a08vzmy0zqh0px55vp0ey61g28a6svf2kz40rab5yynvtdtdx8h6s9c00eagcb30njjnbp4s0pndrcye7t849gdepb2r1hnnzse08rdftrx7x92zj9k7pv34xbrn1e1gbjv5kafs01paeykvc4k7q4jymb6vyfevhm48ak7dxqpah4q17v8c3hjkx003mgtseczxj4yk1spqz2pw36r48sm2pwk41&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCtPB9QpepZeKdKdC59u8PmJeqmAWQ4YGEXLaoworwAsCNtwEQASAAYJXKhoKYB4IBF2NhLXB1Yi04NzM3NzkzMzg5NjcxNTM1yAEJqQJ_jGMqIjiyPuACAKgDAcgDAqoEhAJP0OtZ1_I-FReEEu1b1XYJN7Bo-IPb6lpnjj4x4oVcoW0j6giPr7UZA9-tRlOAX5guRohYqP3Y67j0ZLS2vaEhFPxgP-QuS2J6usst6MR8vgRRpgcfHmqd4WA-5igH-y379aEJN6Wj6335NyEFWWN6_H-C8AjC63TyqNiL44QRKZ71dhPVJIR-RjkXfTFmYQB3qJfF7xaplm4s8-3WQRiM-IjXI0R1Nl8cokKwjrOU78ncOPTNLxX_9hvte2YWSqXkRFtA0VU8elAiyTV4rOKgxheNd0dlZrlpX78DkaNGYxmeoME7Mi1-kCy92hIZ9Ye6C75r7c9hohJIHtGXknpbBYkM4uAEAYAGt9Cqy9m0z6FNoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WJSgsoLw54MD-gsCCAGADAHiDRMImoGzgvDngwMV0Jz9Bx2YiwpT0BUBgBcB%26num%3D1%26sig%3DAOD64_1zwwti0WAFL0ikk2qmZuL9tYhPIQ%26client%3Dca-pub-8737793389671535%26adurl%3D

Requested by

Host: e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com
URL: https://e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3a035c080974644fa259d9445e1af9dbcd44985aa1021a7363ff950dd9042597

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src ;connect-src https:;default-src 'self';font-src ;form-action 'none';frame-src ;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src 'unsafe-inline'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 8479e9066cee30d8-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src *;connect-src https:;default-src 'self';font-src *;form-action 'none';frame-src *;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Thu, 18 Jan 2024 21:25:23 GMT
expires: 0
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
permissions-policy: accelerometer=(),autoplay=(self),camera=(),display-capture=(),encrypted-media=(self),fullscreen=(),gamepad=(),geolocation=(),gyroscope=(),hid=(),identity-credentials-get=(),idle-detection=*,local-fonts=*,magnetometer=(),microphone=(),midi=(),otp-credentials=(),payment=(),picture-in-picture=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=(),web-share=*,xr-spatial-tracking=()
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240117/r20110914/client/ Frame B111 3 KB
1 KB 23ms
23ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240117/r20110914/client/window_focus_fy2021.js

Requested by

Host: e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com
URL: https://e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 14:56:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 23340
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 01 Feb 2024 14:56:23 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame CF5D 1 KB
643 B 23ms
23ms Document
text/html 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com
URL: https://e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 15279
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 18 Jan 2024 17:10:44 GMT
etag: 48472445140208031
expires: Fri, 19 Jan 2024 17:10:44 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240117/r20110914/client/ Frame B111 20 KB
8 KB 25ms
25ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240117/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com
URL: https://e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 16:28:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 17840
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8492
x-xss-protection: 0
server: cafe
etag: 9878124937798820110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 01 Feb 2024 16:28:03 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame B111 0
0 34ms
34ms Image
text/html 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaR5ZJnpoqjNw0GC7HhdJtEOUUMGpHzZgaMCEyEzZycC9qhR2AZ81ViIQE0HsEPo4jEUYU6XLGkysg7uyTKN05FzLmuRWQ
Requested by: Host: e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com
URL: https://e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame B111 24 KB
6 KB 27ms
27ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com
URL: https://e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 01:04:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 159648
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 16 Jan 2025 01:04:35 GMT

GET
H3 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame B111 206 KB
65 KB 114ms
114ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com
URL: https://e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

69c32d8650b1e5f0bcb76d787972b68a1ba327ea5bd8da7ab8ca1a04336735c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 21:25:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66453
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1705495733332172"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 18 Jan 2024 21:25:23 GMT

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.50/one-ad/ Frame 746D 115 KB
14 KB 32ms
32ms Stylesheet
text/css 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.50/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1k82fwaa71m9y1h8a1jzq5kdmv4t8ykfrfnxzfh6n4yjxrp63rfh96nj2h9aq9awdk26znkgx5y2jgt0xhf64wzayrgmtfx67qcqwypnpp4hpqzztdp2sbmqcy7qgf2a2s4bwc4c406w61pge3a8qkhvnvnjj3raxka4de3kqkpk6npdt266p1dekqyqhsrj9h8ck478mzgdvjjpzkqj7drznc55mxengzwgfy24r6q2ag3zwhgdyz6k8sdrhg7stkspfgjk1np73r4vsq0dcay0tg9ncgq8xtnnaz67c3xgza1d0g4x4qjvsacgaccedfbmfwj131xfegqtq85tzxqvwm6yp2x3mvkdqj8yznv2j7ck453c7pp84avq046eytx2rzwx5czd1wgm7p43vjzazm7ftgdq7dzgabe6t0p3ngwhfnbw63v9xcyb16gnxvvyynr2&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC4FAHQpepZeCdKdC59u8PmJeqmAWQ4YGEXLaoworwAsCNtwEQASAAYJXKhoKYB4IBF2NhLXB1Yi04NzM3NzkzMzg5NjcxNTM1yAEJqQJ_jGMqIjiyPuACAKgDAcgDAqoEhgJP0Ett7skyQfoYRRPKpiX9WgXdPcMNWDJ4nTInIxpolEr0y8H6tIF5ELWg7Ag17pMRJia3KvOSoNO1ajzSG8PsVP9zZy3FhZQ4uimw5zyxlN8J1--hLUiEekCruKRdCxGi4MkvWRtZh7P9qNNjeAat8OccFiw6td_zEBnZ6WWduKUhl58QMqgVRnSB3K16UBNaQiuZxTdKV74fmjY94UqCcFT34_P_cXlnIJJwKlJ69EyiJzmH3fMxiz8qukSXXXuFWhxarZNAD156hIEAp45_FpkvBUbBFWYms-5quea3K93K54OUq6F2f04ujZ6evrJLSK3dGDz5yQbbMTbBOSmNsz6wzmlG4AQBgAbF76qXrOryphygBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYlKCygvDngwP6CwIIAYAMAeINEwiYgbOC8OeDAxXQnP0HHZiLClPQFQGAFwE%26num%3D1%26sig%3DAOD64_1_n6-vsi77KJFloNhNiGuHizwxOQ%26client%3Dca-pub-8737793389671535%26adurl%3D
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5f5a0db09b2c7d59fce00d749f6b857d80edafcca6897c038c5b77fb942f1393

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/dr?ed=1k82fwaa71m9y1h8a1jzq5kdmv4t8ykfrfnxzfh6n4yjxrp63rfh96nj2h9aq9awdk26znkgx5y2jgt0xhf64wzayrgmtfx67qcqwypnpp4hpqzztdp2sbmqcy7qgf2a2s4bwc4c406w61pge3a8qkhvnvnjj3raxka4de3kqkpk6npdt266p1dekqyqhsrj9h8ck478mzgdvjjpzkqj7drznc55mxengzwgfy24r6q2ag3zwhgdyz6k8sdrhg7stkspfgjk1np73r4vsq0dcay0tg9ncgq8xtnnaz67c3xgza1d0g4x4qjvsacgaccedfbmfwj131xfegqtq85tzxqvwm6yp2x3mvkdqj8yznv2j7ck453c7pp84avq046eytx2rzwx5czd1wgm7p43vjzazm7ftgdq7dzgabe6t0p3ngwhfnbw63v9xcyb16gnxvvyynr2&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC4FAHQpepZeCdKdC59u8PmJeqmAWQ4YGEXLaoworwAsCNtwEQASAAYJXKhoKYB4IBF2NhLXB1Yi04NzM3NzkzMzg5NjcxNTM1yAEJqQJ_jGMqIjiyPuACAKgDAcgDAqoEhgJP0Ett7skyQfoYRRPKpiX9WgXdPcMNWDJ4nTInIxpolEr0y8H6tIF5ELWg7Ag17pMRJia3KvOSoNO1ajzSG8PsVP9zZy3FhZQ4uimw5zyxlN8J1--hLUiEekCruKRdCxGi4MkvWRtZh7P9qNNjeAat8OccFiw6td_zEBnZ6WWduKUhl58QMqgVRnSB3K16UBNaQiuZxTdKV74fmjY94UqCcFT34_P_cXlnIJJwKlJ69EyiJzmH3fMxiz8qukSXXXuFWhxarZNAD156hIEAp45_FpkvBUbBFWYms-5quea3K93K54OUq6F2f04ujZ6evrJLSK3dGDz5yQbbMTbBOSmNsz6wzmlG4AQBgAbF76qXrOryphygBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYlKCygvDngwP6CwIIAYAMAeINEwiYgbOC8OeDAxXQnP0HHZiLClPQFQGAFwE%26num%3D1%26sig%3DAOD64_1_n6-vsi77KJFloNhNiGuHizwxOQ%26client%3Dca-pub-8737793389671535%26adurl%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 21:25:23 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 500447
cf-polished: origSize=118430
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 02 Nov 2023 10:26:17 GMT
server: cloudflare
etag: W/"486507ccce9ac587d11c0ef3f32a109a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zAUipAbcMb71y9mL1ATIGQlqiNd%2F391yJsH9TJYD7LW9eK5XnNOiiGyq1l4XJVJxI23T2bBCFuLCOifFkdkKg1Lb%2B1CVA3Q7YA9yfwlcJpvsR0qXfomwjJKj4pLdh9x9DqqgozAzA6g%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=86400
cf-ray: 8479e9066cf630d8-FRA
expires: Fri, 19 Jan 2024 21:25:23 GMT

GET
H3 200 r62eglto.js Show response
ad4m.at/ Frame 746D 24 KB
10 KB 35ms
35ms Script
application/javascript 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/r62eglto.js
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1k82fwaa71m9y1h8a1jzq5kdmv4t8ykfrfnxzfh6n4yjxrp63rfh96nj2h9aq9awdk26znkgx5y2jgt0xhf64wzayrgmtfx67qcqwypnpp4hpqzztdp2sbmqcy7qgf2a2s4bwc4c406w61pge3a8qkhvnvnjj3raxka4de3kqkpk6npdt266p1dekqyqhsrj9h8ck478mzgdvjjpzkqj7drznc55mxengzwgfy24r6q2ag3zwhgdyz6k8sdrhg7stkspfgjk1np73r4vsq0dcay0tg9ncgq8xtnnaz67c3xgza1d0g4x4qjvsacgaccedfbmfwj131xfegqtq85tzxqvwm6yp2x3mvkdqj8yznv2j7ck453c7pp84avq046eytx2rzwx5czd1wgm7p43vjzazm7ftgdq7dzgabe6t0p3ngwhfnbw63v9xcyb16gnxvvyynr2&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC4FAHQpepZeCdKdC59u8PmJeqmAWQ4YGEXLaoworwAsCNtwEQASAAYJXKhoKYB4IBF2NhLXB1Yi04NzM3NzkzMzg5NjcxNTM1yAEJqQJ_jGMqIjiyPuACAKgDAcgDAqoEhgJP0Ett7skyQfoYRRPKpiX9WgXdPcMNWDJ4nTInIxpolEr0y8H6tIF5ELWg7Ag17pMRJia3KvOSoNO1ajzSG8PsVP9zZy3FhZQ4uimw5zyxlN8J1--hLUiEekCruKRdCxGi4MkvWRtZh7P9qNNjeAat8OccFiw6td_zEBnZ6WWduKUhl58QMqgVRnSB3K16UBNaQiuZxTdKV74fmjY94UqCcFT34_P_cXlnIJJwKlJ69EyiJzmH3fMxiz8qukSXXXuFWhxarZNAD156hIEAp45_FpkvBUbBFWYms-5quea3K93K54OUq6F2f04ujZ6evrJLSK3dGDz5yQbbMTbBOSmNsz6wzmlG4AQBgAbF76qXrOryphygBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYlKCygvDngwP6CwIIAYAMAeINEwiYgbOC8OeDAxXQnP0HHZiLClPQFQGAFwE%26num%3D1%26sig%3DAOD64_1_n6-vsi77KJFloNhNiGuHizwxOQ%26client%3Dca-pub-8737793389671535%26adurl%3D
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 098e6dc516d5b171a1bf126adf3b8e8510746bac17f477f73a6310587e4ab9e8

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 21:25:23 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 09 Jan 2024 06:20:40 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 227066
etag: W/"ea6b8b5621410c697cbfca30307bc4ca"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4BGgxE916kpCWYUIL%2BiJ12p9fKxD3TIRffR8S0hQfPkyBF5DfXQCISH9W%2Fr5f5HrtsidSTDzqml4AOBXJ1jG%2BmLp2%2FAjk5f7jaYRzNyLvLnQCKSiJrKAVTp9s8ZfdAYiTiT1E%2Fw%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray: 8479e9066cf830d8-FRA
alt-svc: h3=":443"; ma=86400
expires: Tue, 16 Jan 2024 06:20:57 GMT

GET
H2 204 current
dclk-match.dotomi.com/match/bounce/ Frame 3E6D 0
103 B 50ms
43ms Image
text/plain 2a02:fa8:8806:13::1400
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEIw4FbUSyExvLOkzCEizCvw&google_cver=1&google_push=AXcoOmQNpe7NQY_IwfQafgjoV1niDSEBOydTLCuMRZsnwbMizZZ8fE0YZBRU-T3OqzFi762yXxmuSJuynvB0oAgKKAtK2yebhso
Requested by: Host: e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com
URL: https://e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:13::1400 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 18 Jan 2024 21:25:23 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 3E6D
Redirect Chain

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEERuGjBsDvuRcJkVPRqLHjQ&google_cver=1&google_push=AXcoOmQlPwht8TNEpyk6aQJyRew1_y1-u-ZWQwDgmKlYv1ZQ5d-3f58UUC5ykbxBLrfqqiFUl-8CkHD2mLA...
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmQlPwht8TNEpyk6aQJyRew1_y1-u-ZWQwDgmKlYv1ZQ5d-3f58UUC5ykbxBLrfqqiFUl-8CkHD2mLAluXtQRZvFoj2zvQ&google_hm=OUw8FIbKQUOxbFOJ3GigvoQ

170 B
188 B

35ms
34ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmQlPwht8TNEpyk6aQJyRew1_y1-u-ZWQwDgmKlYv1ZQ5d-3f58UUC5ykbxBLrfqqiFUl-8CkHD2mLAluXtQRZvFoj2zvQ&google_hm=OUw8FIbKQUOxbFOJ3GigvoQ

Requested by

Host: e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com
URL: https://e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 18 Jan 2024 21:25:23 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 18 Jan 2024 21:25:23 GMT
via: 1.1 google
server: Apache-Coyote/1.1
p3p: CP="NOI DSP COR NID CUR OUR NOR"
status: 302
location: https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmQlPwht8TNEpyk6aQJyRew1_y1-u-ZWQwDgmKlYv1ZQ5d-3f58UUC5ykbxBLrfqqiFUl-8CkHD2mLAluXtQRZvFoj2zvQ&google_hm=OUw8FIbKQUOxbFOJ3GigvoQ
content-type: text/html;charset=UTF-8
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 usersync.aspx
dis.criteo.com/dis/ Frame 3E6D 43 B
363 B 119ms
28ms Image
image/gif 178.250.1.9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmTl1B2d1TaxlNSKJ_dpilNEaxuSLY1qMVh6uhuMHB_kSIgnIhZxyzFV6K59u3eQzGc7_0_9RUdQQgD-oe14n4cybkqzZ1M&google_gid=CAESEJ4iSSQoaJHHN0xavaiyTjc&google_cver=1

Requested by

Host: e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com
URL: https://e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 18 Jan 2024 21:25:22 GMT
x-errorlevel: 0
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 223910
expires: Thu, 18 Jan 2024 00:00:00 GMT

GET
H2 200 dds
rtb.openx.net/sync/ Frame 3E6D 43 B
94 B 37ms
31ms Image
image/gif 35.186.253.211
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESEHNUSGq_UZhD0j96QJLbP3s&google_cver=1&google_push=AXcoOmTFz6ncJ5qrtm630RcxSzk-ohVpy4WyOmETOMBdPzXQ5c0hJUzLgdt_UyyCv9m8R7qCEDDFrUc7maEF-b0qZ-MMFa66g50
Requested by: Host: e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com
URL: https://e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 211.253.186.35.bc.googleusercontent.com
Software: /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 18 Jan 2024 21:25:23 GMT
via: 1.1 google
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 3E6D
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEOOLl4HdO6wk_HBVHDQL7mI&google_cver=1&google_push=AXcoOmTond2HQ0cvAZezObWCDcXGM2p356VoOj0sdc3Bop0wrIR4wfMTsJGstcvpCnBd69s5_tg...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFJKUTBLWVItVS0xS1Fa&google_push=AXcoOmTond2HQ0cvAZezObWCDcXGM2p356VoOj0sdc3Bop0wrIR4wfMTsJGstcvpCnBd69s5_tgXnolHtfWKBSi3od41pbydew

170 B
188 B

39ms
37ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFJKUTBLWVItVS0xS1Fa&google_push=AXcoOmTond2HQ0cvAZezObWCDcXGM2p356VoOj0sdc3Bop0wrIR4wfMTsJGstcvpCnBd69s5_tgXnolHtfWKBSi3od41pbydew

Requested by

Host: e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com
URL: https://e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 18 Jan 2024 21:25:23 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFJKUTBLWVItVS0xS1Fa&google_push=AXcoOmTond2HQ0cvAZezObWCDcXGM2p356VoOj0sdc3Bop0wrIR4wfMTsJGstcvpCnBd69s5_tgXnolHtfWKBSi3od41pbydew
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 4cdacfaa68e4ab216fffbcc107c5b898
Expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 3E6D
Redirect Chain

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESED2DOWHjVfeI3pmI13jmFC8&google_cver=1&google_push=AXcoOmQS_UUKObczfCJ7_6l9-bIcYtQir0j_3E2yqINl6Funwq28xdGMqHH8ARXtR7ATZPofAaBrRTBooXivb7oxSeBt7cXmF1s
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NDM4NzM2ODk5NTcwODgwMTI2MTE4Nw%3D%3D&google_push=AXcoOmQS_UUKObczfCJ7_6l9-bIcYtQir0j_3E2yqINl6Funwq28xdGM...

170 B
188 B

37ms
36ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NDM4NzM2ODk5NTcwODgwMTI2MTE4Nw%3D%3D&google_push=AXcoOmQS_UUKObczfCJ7_6l9-bIcYtQir0j_3E2yqINl6Funwq28xdGMqHH8ARXtR7ATZPofAaBrRTBooXivb7oxSeBt7cXmF1s

Requested by

Host: e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com
URL: https://e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 18 Jan 2024 21:25:23 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NDM4NzM2ODk5NTcwODgwMTI2MTE4Nw%3D%3D&google_push=AXcoOmQS_UUKObczfCJ7_6l9-bIcYtQir0j_3E2yqINl6Funwq28xdGMqHH8ARXtR7ATZPofAaBrRTBooXivb7oxSeBt7cXmF1s
date: Thu, 18 Jan 2024 21:25:23 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2

200

/
onetag-sys.com/match/ Frame 3E6D
Redirect Chain

https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEDClDqMGQj27EjQUuG4aV7E&google_cver=1&google_push=AXcoOmQrbsWIl0ptHZWFLnGJag-niB62S8osr5EOHLwtqcyenMgt10NdOHUcOAnVBJe9PCb5ygyAP81GoEG...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmQrbsWIl0ptHZWFLnGJag-niB62S8osr5EOHLwtqcyenMgt10NdOHUcOAnVBJe9PCb5ygyAP81GoEGIrQMoZZmS5xiooTKv
https://onetag-sys.com/match/?int_id=19&google_error=5

0
200 B

23ms
21ms

Image
text/plain

51.75.86.98
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=19&google_error=5

Requested by

Host: e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com
URL: https://e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

51.75.86.98 , France, ASN16276 (OVH, FR),

Reverse DNS

ip98.ip-51-75-86.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma: no-cache
date: Thu, 18 Jan 2024 21:25:23 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://onetag-sys.com/match/?int_id=19&google_error=5
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 255
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 3E6D 0
12 B 35ms
31ms Image
text/html 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LrIogQoRrCZi9RAzoY2BQYUkpWyNCkqKz6zZpt0PZVufmP2zeWWuHA3BGbuLURi4gXzU-6Nw

Requested by

Host: e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com
URL: https://e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 21:25:23 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 dpixel
cms.quantserve.com/ Frame CF5D 35 B
463 B 109ms
39ms Image
image/gif 2620:116:800d:21:de2e:c7b3:55c0:d5a0
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESENFXm5tS3ln_HdDWkebrn_c&google_cver=1&google_push=AXcoOmTCptDURiAslC4LiSB7R4jC5EE28-OTsvwTAlyKl3sFXqQFYVKMzYpGJPEgxkZrYh45l3ZsWfdK2_E7-BNCMmvp9chH1rl8iA

Requested by

Host: e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com
URL: https://e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:de2e:c7b3:55c0:d5a0 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 18 Jan 2024 21:25:23 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame CF5D
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEButh8ad-OB3_ot5f5TPI2Y&google_push=AXcoOmSbuAw747GZbDI8-5YBs090Bx9yLeVV3s9tIX6E-iRcktuFx0xG1m...

170 B
188 B

35ms
35ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEButh8ad-OB3_ot5f5TPI2Y&google_push=AXcoOmSbuAw747GZbDI8-5YBs090Bx9yLeVV3s9tIX6E-iRcktuFx0xG1m06PalciNsJkqIC5xiA7ch1ioiCzz_YeMNZtkY8sVpf

Requested by

Host: e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com
URL: https://e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 18 Jan 2024 21:25:23 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by: cache-fra-etou8220028-FRA
pragma: no-cache
date: Thu, 18 Jan 2024 21:25:23 GMT
via: 1.1 varnish
server: Jetty(9.4.35.v20201120)
x-timer: S1705613124.695454,VS0,VE95
x-cache: MISS
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin: *
location: https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEButh8ad-OB3_ot5f5TPI2Y&google_push=AXcoOmSbuAw747GZbDI8-5YBs090Bx9yLeVV3s9tIX6E-iRcktuFx0xG1m06PalciNsJkqIC5xiA7ch1ioiCzz_YeMNZtkY8sVpf
cache-control: no-cache
accept-ranges: bytes
content-length: 0
x-cache-hits: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame CF5D
Redirect Chain

https://um.simpli.fi/gp_match?google_gid=CAESEM7lxsAL1oSQsAxMklFmW9U&google_cver=1&google_push=AXcoOmQRU2Lqh8F2KqNVucZ2CyCRyHvjHGigRRKmnAQogsb_HYTzSF9vaRrgjyx6RsozHXGudlaVCSjBSbh_5OE90P4_7g-H01Puzw
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=F20DEAF8D8DC4AA0B83A8CC34A47602A&google_push=AXcoOmQRU2Lqh8F2KqNVucZ2CyCRyHvjHGigRRKmnAQogsb_HYTzSF9vaRrgjyx6RsozHXGudlaVCSjBSbh_5OE...

170 B
188 B

33ms
32ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=F20DEAF8D8DC4AA0B83A8CC34A47602A&google_push=AXcoOmQRU2Lqh8F2KqNVucZ2CyCRyHvjHGigRRKmnAQogsb_HYTzSF9vaRrgjyx6RsozHXGudlaVCSjBSbh_5OE90P4_7g-H01Puzw

Requested by

Host: e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com
URL: https://e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 18 Jan 2024 21:25:23 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Thu, 18 Jan 2024 21:25:23 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=F20DEAF8D8DC4AA0B83A8CC34A47602A&google_push=AXcoOmQRU2Lqh8F2KqNVucZ2CyCRyHvjHGigRRKmnAQogsb_HYTzSF9vaRrgjyx6RsozHXGudlaVCSjBSbh_5OE90P4_7g-H01Puzw
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Wed, 17 Jan 2024 21:25:23 GMT

GET
H2 200 google
match.adsrvr.org/track/cmf/ Frame CF5D 70 B
148 B 49ms
48ms Image
image/gif 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/google?google_gid=CAESEPvYppI56wPxmhVAj9o35os&google_cver=1&google_push=AXcoOmS8vX2m7Pm7RFVWietNSS_hIQy8bMlxQxjpRV5wKLZTDFMXeuw8Ako1li4-VkoGbGTD4RZ7te29Q37JcVC-ophao3wH41qQ
Requested by: Host: e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com
URL: https://e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 21:25:23 GMT
server: Kestrel
content-length: 70
content-type: image/gif

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame CF5D
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEPzJkiyolE_JIPXf5phvlLw&google_cver=1&google_push=AXcoOmQ92uSWt2EAxJf0NhP7eLlh8GAwAF9ESIl_GgoLi3EP9mS6sR82jWgNbrJLEsj-FInKo-lO_iEb...
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEPzJkiyolE_JIPXf5phvlLw&google_cver=1&google_push=AXcoOmQ92uSWt2EAxJf0NhP7eLlh8GAwAF9ESIl_GgoLi3EP9mS6sR82jWgNbrJLEsj-FInKo-l...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDA4NjUzNzg4ODc0MTQ1MjEyOA&google_push=AXcoOmQ92uSWt2EAxJf0NhP7eLlh8GAwAF9ESIl_GgoLi3EP9mS6sR82jWgNbrJLEsj-FInKo-lO_i...

170 B
188 B

33ms
33ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDA4NjUzNzg4ODc0MTQ1MjEyOA&google_push=AXcoOmQ92uSWt2EAxJf0NhP7eLlh8GAwAF9ESIl_GgoLi3EP9mS6sR82jWgNbrJLEsj-FInKo-lO_iEbNdiRTtkBZUdD3PKx5Jx1Qw

Requested by

Host: e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com
URL: https://e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 18 Jan 2024 21:25:23 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 18 Jan 2024 21:25:23 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDA4NjUzNzg4ODc0MTQ1MjEyOA&google_push=AXcoOmQ92uSWt2EAxJf0NhP7eLlh8GAwAF9ESIl_GgoLi3EP9mS6sR82jWgNbrJLEsj-FInKo-lO_iEbNdiRTtkBZUdD3PKx5Jx1Qw
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2 204 -
s.ad.smaato.net/c/n/// Frame CF5D 0
236 B 120ms
50ms Image
text/plain 2600:9000:224a:3600:1b:5138:8a40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEOSHm8XpEjK9VlPkJSEYpTU&google_cver=1&google_push=AXcoOmSUCbk7PcWXhWjS0al6s2FY28Iyb5JRW21GYbU2wTgGE-Ci5T8CXoszXh9Q__79stKE8AJA-F7jS56-UEl2DwC8OiNBw_V8qQ
Requested by: Host: e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com
URL: https://e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:224a:3600:1b:5138:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 21:25:23 GMT
cache-control: no-cache, must-revalidate
via: 1.1 6ee47dd27ca379a812104b559e9a5a22.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: DUS51-P1
x-amz-cf-id: yPKNA92oNcQTD9_AznwW4YfxVnCuf-Ps_YkEnLy3nQEcsm6xRaqhiw==
x-cache: Miss from cloudfront

GET
H2 200 ebda
match.360yield.com/match/ Frame CF5D 43 B
199 B 184ms
43ms Image
image/gif 34.249.157.147
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.360yield.com/match/ebda?google_gid=CAESECHsTrxqAAXN3ypskPAKrAE&google_cver=1&google_push=AXcoOmTiBYrWvqAs-06WqwhEqKagAW7vpnUIz_7ibGiap6CxPF725iT3XV_36EsdIzIMqcq6sZ8_8w3YeHQjS0W767jrRyOYBeuCTw
Requested by: Host: e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com
URL: https://e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.249.157.147 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-249-157-147.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 18 Jan 2024 21:25:23 GMT
content-type: image/gif
content-length: 43
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame CF5D 0
12 B 32ms
32ms Image
text/html 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Ku9j3QfgQbfFaz7yU4yaP-RN49jQyntV9eZfB94xXpk4-QP_PHWEdq-4BsKEnkmbJnNvJh

Requested by

Host: e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com
URL: https://e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 21:25:23 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 dr Show response
as.ad4m.at/ad/ Frame A25F 2 KB
3 KB 48ms
48ms Document
text/html 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/dr?ed=1h8pnxxp0v725nf0drkjesfq2hypgddh1pmjm6m6a132xmb962sa9ecnqfmhandkwe4br4mwvdb53mhvxcvrh4t7szymapg7bgdy40w7dffcm6mkn13fendbzxhdy64g0j7nfg8mfpttxr1zha3zcwew9dy84zcfqx46swyf6qa0vxn1jrd1sf0f55n06mfsx7chyb61d6a8g0akxqdkv26r0vnd5bjh8vk48b3weawa0sxfcm8z5dak713w9tef9eb99fekpw8rraevyh8jzq9e41dqnp8930eavan5813qjjpeg47dfp9mzmg5eypsz9c9h21jbfz2tkjhgjwjb2s0jsaqfk1670tph22c3ffk6v2ty7nawgfx0q7wapxe6073xpxyrk87d0t7t09bkaatc8523a1qr6tpepncw177xqfh64daw1w0prgn0kyzee8jzhz1dm&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCNNT0QpepZeOdKdC59u8PmJeqmAWQ4YGEXLaoworwAsCNtwEQASAAYJXKhoKYB4IBF2NhLXB1Yi04NzM3NzkzMzg5NjcxNTM1yAEJqQJ_jGMqIjiyPuACAKgDAcgDAqoEhAJP0MwmwCg5YxAqi76R6vO-0wsn070VASjPs9c2OiFixa5HPA8Xs_2cOeog2ZfIRA948PGaJPhymlUdINExB7iuKMK_Y92kcHFIYod5hfSX4m2CSkrdThoktXTdQWyPCw_pTe2MlY4b_qUBVyUCP4Wmch4jg65jFQZmEx5WYxVM9VC6DeVfushzEVvQ-1Jz-Nc6m5JZa3HUOjBcaCmqG-sEUcW7ORfj37GfFA4lgCGr0Y7GTemDey7pckoFZn44qD0AyszTyfc6Vz0miE4SvaBbk1x3A_JuKky9OJQNvkBqq4Uhw8qghSn1CbL8UGMwkUUxi5ZlW4z9I7fkx-I-LpZAJAsTKuAEAYAG_JOsh_LJp4IroAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WJSgsoLw54MD-gsCCAGADAHiDRMIm4GzgvDngwMV0Jz9Bx2YiwpT0BUBgBcB%26num%3D1%26sig%3DAOD64_0ZmvmF0SkpxWZukQSu8WKxJoJ3sw%26client%3Dca-pub-8737793389671535%26adurl%3D

Requested by

Host: e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com
URL: https://e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6cafb0d1bfff644a5a128db7c816c597d42ef730b0f5a30af6d0e4bed4dd5ec3

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src ;connect-src https:;default-src 'self';font-src ;form-action 'none';frame-src ;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src 'unsafe-inline'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 8479e906bd6030d8-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src *;connect-src https:;default-src 'self';font-src *;form-action 'none';frame-src *;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Thu, 18 Jan 2024 21:25:23 GMT
expires: 0
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
permissions-policy: accelerometer=(),autoplay=(self),camera=(),display-capture=(),encrypted-media=(self),fullscreen=(),gamepad=(),geolocation=(),gyroscope=(),hid=(),identity-credentials-get=(),idle-detection=*,local-fonts=*,magnetometer=(),microphone=(),midi=(),otp-credentials=(),payment=(),picture-in-picture=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=(),web-share=*,xr-spatial-tracking=()
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240117/r20110914/client/ Frame EAA6 3 KB
1 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240117/r20110914/client/window_focus_fy2021.js

Requested by

Host: e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com
URL: https://e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 14:56:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 23340
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 01 Feb 2024 14:56:23 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 4BD3 1 KB
643 B 22ms
20ms Document
text/html 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com
URL: https://e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 15279
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 18 Jan 2024 17:10:44 GMT
etag: 48472445140208031
expires: Fri, 19 Jan 2024 17:10:44 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240117/r20110914/client/ Frame EAA6 20 KB
8 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240117/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com
URL: https://e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 16:28:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 17840
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8492
x-xss-protection: 0
server: cafe
etag: 9878124937798820110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 01 Feb 2024 16:28:03 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame EAA6 0
0 32ms
31ms Image
text/html 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRj8HARG2hJgbQzoLkJah52sEx6SIjzqSILs_122I2QO4U_KSGLvSHFb-OnYKm2PC6fGEOs0d5LJd9PrSwENQYzkKScqg
Requested by: Host: e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com
URL: https://e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame EAA6 24 KB
6 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com
URL: https://e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 01:04:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 159648
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 16 Jan 2025 01:04:35 GMT

GET
H3 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame EAA6 206 KB
65 KB 67ms
65ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com
URL: https://e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

69c32d8650b1e5f0bcb76d787972b68a1ba327ea5bd8da7ab8ca1a04336735c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 21:25:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66453
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1705495733332172"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 18 Jan 2024 21:25:23 GMT

GET
H3 200 dr Show response
as.ad4m.at/ad/ Frame 2FED 2 KB
3 KB 56ms
54ms Document
text/html 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/dr?ed=1ke86mf6dm70xvm7jqqxnb8nmcajh1x2pq7reyze8yr34stwmm2xznwm633q7tz3xq6qgnt6rdt4mk8vxz70jcxvt7qxbq199h8gbcv49rv0azyzcarfa4vn27z43h5398gw0pmq4t6z6p89m4ts487rteyepkhmr5x80n2y9sdameck9qm8phh3ssz858rehnzcqq01czaqd68te1v23s4tnzea2nhv9x72sp5gpy78w3pa3kcdf9e4h1y0zrr18p8r3etsdgh8wbwppe5v3d3t3h6v1cs4tjms1gf54qqw1336wyv1v493wttzc0d7q7z5fhpvq6c02ybjp9wn8fg7f8025pt40rprfgp22c9mnqdpesvwfnsyfbkqde20rk8s71xc9w38fzhsp8vpxk2ezjb7gesyh90x6rznb17j8272kz3a0qxegeasqjgpmqn615r0&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC3AQhQpepZeWdKdC59u8PmJeqmAWQ4YGEXLaoworwAsCNtwEQASAAYJXKhoKYB4IBF2NhLXB1Yi04NzM3NzkzMzg5NjcxNTM1yAEJqQJ_jGMqIjiyPuACAKgDAcgDAqoEgwJP0JhaGKntI5dxd7BZXGlZL0O9C3HOc7JjESywKmgWftaAzpJzP-Hn35jCzG8cH_tdqDJQRV0nFwNWdTfwgpVR2WPvaUSXTu6NPBng83BgIHPfHG92PQddGg61ILVNfH-7bXW61okQt1FVFUhY0bSEddHqe8NpnUhUk9G92i34hLXj8Qmm--KPrFE_4rQFE2l3Ygm0PGiwkoqaF91X_DPEbYpYVo88pFSsqMNXy3d6ACrRkQHgC7tzaV8H58OEY3CDtZewRlvu1-SImh56lsKIwIesI21zl4a8JpYFVLQJ2s4GiBWhWuUADgqA6di9tEPn295qaPGoshRHIbqKIDeNko7Y4AQBgAa30KrL2bTPoU2gBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYlKCygvDngwP6CwIIAYAMAeINEwidgbOC8OeDAxXQnP0HHZiLClPQFQGAFwE%26num%3D1%26sig%3DAOD64_178tbH9G9URzUp7AZay1k0biEWrw%26client%3Dca-pub-8737793389671535%26adurl%3D

Requested by

Host: e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com
URL: https://e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a8be01a70682675269c526a5567af7e03adf127ae3e7a8ce81c04dac2f7c77e5

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src ;connect-src https:;default-src 'self';font-src ;form-action 'none';frame-src ;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src 'unsafe-inline'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 8479e906cd6830d8-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src *;connect-src https:;default-src 'self';font-src *;form-action 'none';frame-src *;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Thu, 18 Jan 2024 21:25:23 GMT
expires: 0
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
permissions-policy: accelerometer=(),autoplay=(self),camera=(),display-capture=(),encrypted-media=(self),fullscreen=(),gamepad=(),geolocation=(),gyroscope=(),hid=(),identity-credentials-get=(),idle-detection=*,local-fonts=*,magnetometer=(),microphone=(),midi=(),otp-credentials=(),payment=(),picture-in-picture=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=(),web-share=*,xr-spatial-tracking=()
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240117/r20110914/client/ Frame 31B4 3 KB
1 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240117/r20110914/client/window_focus_fy2021.js

Requested by

Host: e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com
URL: https://e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 14:56:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 23340
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 01 Feb 2024 14:56:23 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 0781 1 KB
643 B 21ms
19ms Document
text/html 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com
URL: https://e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 15279
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 18 Jan 2024 17:10:44 GMT
etag: 48472445140208031
expires: Fri, 19 Jan 2024 17:10:44 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240117/r20110914/client/ Frame 31B4 20 KB
8 KB 23ms
22ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240117/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com
URL: https://e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 16:28:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 17840
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8492
x-xss-protection: 0
server: cafe
etag: 9878124937798820110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 01 Feb 2024 16:28:03 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 31B4 0
0 33ms
32ms Image
text/html 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQ5rUcBauzIFBliQhVGdbkvU5c45tqR_Qg7EnZM1VRGC2oceWYFvn3Ibp0OD-0DSH2ongd7L8cT5Y4atm4YhWLKxdCkSQ
Requested by: Host: e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com
URL: https://e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 31B4 24 KB
6 KB 23ms
22ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com
URL: https://e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 01:04:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 159648
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 16 Jan 2025 01:04:35 GMT

GET
H3 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 31B4 206 KB
65 KB 122ms
121ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com
URL: https://e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

69c32d8650b1e5f0bcb76d787972b68a1ba327ea5bd8da7ab8ca1a04336735c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 21:25:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66453
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1705495733332172"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 18 Jan 2024 21:25:23 GMT

GET
H3 200 dr Show response
as.ad4m.at/ad/ Frame B9DD 2 KB
3 KB 44ms
44ms Document
text/html 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/dr?ed=1gc66tg9cfq6j4pfazv716h1m5e0gdarh678z4qb88nrypsdndqfvgn5nh09kta5bgyjhpwn3mfvyq2p9fz33kf8axbv5b6k8q33y85ffgv4qnh6v4jcg7mgydq6wr70zdpq92sgqbtjmpbb60a03rb38915b5rcyv0ckms29ftsqvn2khhvtpb3gf5cnscdb7sfmws2zhvw0mrjds6x7dvh49qjgjy22t7evqfdmtnj0z4dws20kd68abwzjxe44yj0s4yn7et8pabq535wvs0d7wbz19hx119276vgxp3q3vf4d9086reqy8nd037jy1s3dcsc0h3fx7p5hf683v8kc5ezn5jfxkzzdmtreqbk3aapdp6r36bv7pp2edk98hwdbdb0w9fdybd71yhkq9ybrz5te6kaqpsd20pc53f0nqg8ayqqz3yk6hyg9eghka97pe1c&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DChPcsQpepZeadKdC59u8PmJeqmAWQ4YGEXLaoworwAsCNtwEQASAAYJXKhoKYB4IBF2NhLXB1Yi04NzM3NzkzMzg5NjcxNTM1yAEJqQJ_jGMqIjiyPuACAKgDAcgDAqoEgwJP0ETFi-D7ciiTFDJYeBCBditdVJ4a9sKhVtl9jwMfXkwI5DNsKWLd3Z1ocT5AG2UufrWAYt9mMud9y5pQXKkxx0c-HPLFoshxX2OmwVXNDAKna8hTgoCBdRyZj7wSLI0HzsS9Y5MY1R7ZcYRq4JEGLxHx4eCKsDjsniqSa09nhArmy0_t2fMRIIhARQK7DndYCDK2b6coX-P_jltr-70fXlGLZ3ktiNuyQBDK2PRsKjUeahB_JMgGsgKcslN7P42VfdMSC0fztYQKsLLXpKIwsZnOGTi96tKq82vwjPB2Po-7wV_NKhAnXSfi9olNlm_1A1QzYq2a7x0bjaXLq4iSTZbr4AQBgAa30KrL2bTPoU2gBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYlKCygvDngwP6CwIIAYAMAeINEwiegbOC8OeDAxXQnP0HHZiLClPQFQGAFwE%26num%3D1%26sig%3DAOD64_0gYVPiK-bFPhR6od-6LJWulx-5lQ%26client%3Dca-pub-8737793389671535%26adurl%3D

Requested by

Host: e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com
URL: https://e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4655a18b5bf12b5b4a64385faa037b6505df07961fa44457c99f00789e58a3d0

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src ;connect-src https:;default-src 'self';font-src ;form-action 'none';frame-src ;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src 'unsafe-inline'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 8479e906cd6e30d8-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src *;connect-src https:;default-src 'self';font-src *;form-action 'none';frame-src *;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Thu, 18 Jan 2024 21:25:23 GMT
expires: 0
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
permissions-policy: accelerometer=(),autoplay=(self),camera=(),display-capture=(),encrypted-media=(self),fullscreen=(),gamepad=(),geolocation=(),gyroscope=(),hid=(),identity-credentials-get=(),idle-detection=*,local-fonts=*,magnetometer=(),microphone=(),midi=(),otp-credentials=(),payment=(),picture-in-picture=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=(),web-share=*,xr-spatial-tracking=()
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240117/r20110914/client/ Frame 87BE 3 KB
1 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240117/r20110914/client/window_focus_fy2021.js

Requested by

Host: e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com
URL: https://e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 14:56:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 23340
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 01 Feb 2024 14:56:23 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 5CE1 1 KB
643 B 23ms
22ms Document
text/html 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com
URL: https://e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 15279
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 18 Jan 2024 17:10:44 GMT
etag: 48472445140208031
expires: Fri, 19 Jan 2024 17:10:44 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240117/r20110914/client/ Frame 87BE 20 KB
8 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240117/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com
URL: https://e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 16:28:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 17840
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8492
x-xss-protection: 0
server: cafe
etag: 9878124937798820110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 01 Feb 2024 16:28:03 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 87BE 0
0 32ms
32ms Image
text/html 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTKKX1YWemH8AJ4bzvGPL-NmOOtWRYK7jhut_YLoR7OgnweoI-N6-hysfmh-xObj4hZlOZT2HOKSvMzhHhEoP0QPmSA8g
Requested by: Host: e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com
URL: https://e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 87BE 24 KB
6 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com
URL: https://e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 01:04:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 159648
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 16 Jan 2025 01:04:35 GMT

GET
H3 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 87BE 206 KB
65 KB 120ms
119ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com
URL: https://e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

69c32d8650b1e5f0bcb76d787972b68a1ba327ea5bd8da7ab8ca1a04336735c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 21:25:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66453
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1705495733332172"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 18 Jan 2024 21:25:23 GMT

GET
H3 200 dr Show response
as.ad4m.at/ad/ Frame C61A 2 KB
3 KB 48ms
48ms Document
text/html 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/dr?ed=1j9jdgmc8n4040a457g2269cm40z3aaexatkn8s5ms7fdkbf4a48x700tdv39gcrf9hpbyxwk1pe7e6qpezq953f9vp9yxdwj2dxxekfrsmbjkx9jqxx79xasfbyxx9g6qjmv87fgmbyw5ra924kzrjx1fbagesysmqqm3h7b5h7dtzq10362jw7rx082es7y208842gc9dhd75e1racn5x5k024h52zn0rkvtyw8bwhcntpde70esx3bdsw9y4v8bge4jvvz4ehdt6t7zz6q2rc4wjs1pxm4rs6qtd1vkr0tvya0beqq615h04p0jgwky8c7xyrk83veqwre3k3jebebds3az63dxq3pbfjfke1fnwh9d080efgesjkwsmqgk3n5ew4ybzc5mwc7c4xv4856w1jyt6gkxmnjtcwd85cfym729t9et70ekhrd5g68wyvw2yrkg&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC4HAoQpepZeedKdC59u8PmJeqmAWQ4YGEXLaoworwAsCNtwEQASAAYJXKhoKYB4IBF2NhLXB1Yi04NzM3NzkzMzg5NjcxNTM1yAEJqQJ_jGMqIjiyPuACAKgDAcgDAqoEgwJP0EQZSy_YxyYeWJe0FvzAOgF9DCM-wvvMcIByxHSDvj57eYTD4yANOmWaZ7CjNBvrdCegGDx910UNaA2OgLtvj8bPhgQsa7qZHYh-7UFjOclPSV162U_3WXDd72JYIU96QVooo35aOoY0yYkSz7DHYrmwrvx6uA02_xbalcflZx29ydNrtNsPgBEiT4Qre0R1JBUC-kXhDWcP0zG_FFx2v97wpWyPC6eGNj26KYVLxkrJFGrUr2jetGmXcofo4-bUVJWxJNNp3DL22jp_9vZ7pRw23y9k9yi4RPsaU8F7GFFoo37POcrwhHKN520scucETRTkXGCDmzgQ77ED_4FbF7i-4AQBgAb8k6yH8smngiugBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYlKCygvDngwP6CwIIAYAMAeINEwifgbOC8OeDAxXQnP0HHZiLClPQFQGAFwE%26num%3D1%26sig%3DAOD64_2Voj4mfJ1FTjTsOig2RUYFg9HoZw%26client%3Dca-pub-8737793389671535%26adurl%3D

Requested by

Host: e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com
URL: https://e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

91f0d9d88416091ea5abea9e8b75e2de54f565a9e72a080b4265de8f5d2549b7

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src ;connect-src https:;default-src 'self';font-src ;form-action 'none';frame-src ;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src 'unsafe-inline'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 8479e906dd7630d8-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src *;connect-src https:;default-src 'self';font-src *;form-action 'none';frame-src *;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Thu, 18 Jan 2024 21:25:23 GMT
expires: 0
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
permissions-policy: accelerometer=(),autoplay=(self),camera=(),display-capture=(),encrypted-media=(self),fullscreen=(),gamepad=(),geolocation=(),gyroscope=(),hid=(),identity-credentials-get=(),idle-detection=*,local-fonts=*,magnetometer=(),microphone=(),midi=(),otp-credentials=(),payment=(),picture-in-picture=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=(),web-share=*,xr-spatial-tracking=()
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240117/r20110914/client/ Frame 1959 3 KB
1 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240117/r20110914/client/window_focus_fy2021.js

Requested by

Host: e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com
URL: https://e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 14:56:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 23340
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 01 Feb 2024 14:56:23 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 6563 1 KB
643 B 25ms
23ms Document
text/html 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com
URL: https://e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 15279
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 18 Jan 2024 17:10:44 GMT
etag: 48472445140208031
expires: Fri, 19 Jan 2024 17:10:44 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240117/r20110914/client/ Frame 1959 20 KB
8 KB 23ms
23ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240117/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com
URL: https://e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 16:28:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 17840
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8492
x-xss-protection: 0
server: cafe
etag: 9878124937798820110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 01 Feb 2024 16:28:03 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 1959 0
0 33ms
31ms Image
text/html 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQntyuZGjXXXCqhjnLvcT1ndJct6tm0fVYQisfmPBghsaWHobwexFF_DWTpzeQH42Rd0teDR7ZAUyC6qbLKyotiNiFHHA
Requested by: Host: e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com
URL: https://e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 1959 24 KB
6 KB 24ms
23ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com
URL: https://e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 01:04:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 159648
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 16 Jan 2025 01:04:35 GMT

GET
H3 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 1959 206 KB
65 KB 113ms
112ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com
URL: https://e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

69c32d8650b1e5f0bcb76d787972b68a1ba327ea5bd8da7ab8ca1a04336735c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 21:25:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66453
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1705495733332172"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 18 Jan 2024 21:25:23 GMT

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.50/one-ad/ Frame A6B7 115 KB
14 KB 38ms
35ms Stylesheet
text/css 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.50/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1je340jfd228zvnf0q95ga1ft02vnq4z8fq0ykmcwnj0mbxgxe3kysqeszd6exnb87ysqky0z8fzdskeq84ecve03k57ffd57zd65q08ebm5vfg4jkgbq421enfwaz2kvq5n5yjw7dk1wja8cmewa6f7knpveqz3kvsfwfrmmdg1mg688nffz0ecbrn699jb76w4fhanf7sbp6km6dfk2jtrdf1cqgns948cp3b3shgfej0528aq2pqejtmsb5cyetjt280gf8ryd72tavfdmft3wb28ep35p5et7npbypmtx6ytb0caqt20kt83s4bbrn4w7vs45ee0y3jgq7ra0r39gpxz33qbwb6aw4ye36afk9fdtrdhydgs84y58ysjqpxvdz4nz5njrg3f08xmnq39qdwyj58zfdppf0f80vbwa7wpnp3k0sqmzt30x2hrneczbdyj&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCm0PWQpepZeGdKdC59u8PmJeqmAWQ4YGEXLaoworwAsCNtwEQASAAYJXKhoKYB4IBF2NhLXB1Yi04NzM3NzkzMzg5NjcxNTM1yAEJqQJ_jGMqIjiyPuACAKgDAcgDAqoEjAJP0EvPm_--F40JGJsXkGL709w-3Xb-hK9O0aQlWNW8eXKrS9niy86RMKIKVQNRDXkD1A1YVfmNcM3lD-KNIA9kIAoglKNPVJGH0h7vLcdeQjjwHAyd4b4N72NXS049xNP_7ljfI_glR5Cb6K837op1zPidyHMJ31GTKLBcU0K6gLyMTEpTdicrZfztCco4kCoBZ11vH7aeidML0FfBSVYelhoPi34Za9IRw_eWyMQ68jiQOn1IfEr0z4bQn8s12N0MmcbWGTDwWhDKdMYws5Ej1xJ01NWkgbVxc1MkSNEqPib9e4P3lA2mUErQGzXPKz3xVf_68srB3EXX2p-A9RWziFVYDHESVjdo-RQ34AQBgAbF76qXrOryphygBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYlKCygvDngwP6CwIIAYAMAeINEwiZgbOC8OeDAxXQnP0HHZiLClPQFQGAFwE%26num%3D1%26sig%3DAOD64_2VhP59kPk0szm7BFx6c0fKMWvzLA%26client%3Dca-pub-8737793389671535%26adurl%3D
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5f5a0db09b2c7d59fce00d749f6b857d80edafcca6897c038c5b77fb942f1393

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/dr?ed=1je340jfd228zvnf0q95ga1ft02vnq4z8fq0ykmcwnj0mbxgxe3kysqeszd6exnb87ysqky0z8fzdskeq84ecve03k57ffd57zd65q08ebm5vfg4jkgbq421enfwaz2kvq5n5yjw7dk1wja8cmewa6f7knpveqz3kvsfwfrmmdg1mg688nffz0ecbrn699jb76w4fhanf7sbp6km6dfk2jtrdf1cqgns948cp3b3shgfej0528aq2pqejtmsb5cyetjt280gf8ryd72tavfdmft3wb28ep35p5et7npbypmtx6ytb0caqt20kt83s4bbrn4w7vs45ee0y3jgq7ra0r39gpxz33qbwb6aw4ye36afk9fdtrdhydgs84y58ysjqpxvdz4nz5njrg3f08xmnq39qdwyj58zfdppf0f80vbwa7wpnp3k0sqmzt30x2hrneczbdyj&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCm0PWQpepZeGdKdC59u8PmJeqmAWQ4YGEXLaoworwAsCNtwEQASAAYJXKhoKYB4IBF2NhLXB1Yi04NzM3NzkzMzg5NjcxNTM1yAEJqQJ_jGMqIjiyPuACAKgDAcgDAqoEjAJP0EvPm_--F40JGJsXkGL709w-3Xb-hK9O0aQlWNW8eXKrS9niy86RMKIKVQNRDXkD1A1YVfmNcM3lD-KNIA9kIAoglKNPVJGH0h7vLcdeQjjwHAyd4b4N72NXS049xNP_7ljfI_glR5Cb6K837op1zPidyHMJ31GTKLBcU0K6gLyMTEpTdicrZfztCco4kCoBZ11vH7aeidML0FfBSVYelhoPi34Za9IRw_eWyMQ68jiQOn1IfEr0z4bQn8s12N0MmcbWGTDwWhDKdMYws5Ej1xJ01NWkgbVxc1MkSNEqPib9e4P3lA2mUErQGzXPKz3xVf_68srB3EXX2p-A9RWziFVYDHESVjdo-RQ34AQBgAbF76qXrOryphygBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYlKCygvDngwP6CwIIAYAMAeINEwiZgbOC8OeDAxXQnP0HHZiLClPQFQGAFwE%26num%3D1%26sig%3DAOD64_2VhP59kPk0szm7BFx6c0fKMWvzLA%26client%3Dca-pub-8737793389671535%26adurl%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 21:25:23 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 500447
cf-polished: origSize=118430
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 02 Nov 2023 10:26:17 GMT
server: cloudflare
etag: W/"486507ccce9ac587d11c0ef3f32a109a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l3ukk%2FNCkmDJVIYHWSUFXZcXfjlW0iT2ATQlfLy8tFw6r9D%2FpKOiM0ZoQfC%2B%2BZWEkWCrZ0%2BqLQrnrRFvLS7Mz9fZMSefwu9z5S50jBxyqLQC%2BNPe6EAbdVx%2BRew4UgVR8rlaWE1H%2Bd4%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=86400
cf-ray: 8479e906fd8c30d8-FRA
expires: Fri, 19 Jan 2024 21:25:23 GMT

GET
H3 200 r62eglto.js Show response
ad4m.at/ Frame A6B7 24 KB
10 KB 40ms
37ms Script
application/javascript 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/r62eglto.js
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1je340jfd228zvnf0q95ga1ft02vnq4z8fq0ykmcwnj0mbxgxe3kysqeszd6exnb87ysqky0z8fzdskeq84ecve03k57ffd57zd65q08ebm5vfg4jkgbq421enfwaz2kvq5n5yjw7dk1wja8cmewa6f7knpveqz3kvsfwfrmmdg1mg688nffz0ecbrn699jb76w4fhanf7sbp6km6dfk2jtrdf1cqgns948cp3b3shgfej0528aq2pqejtmsb5cyetjt280gf8ryd72tavfdmft3wb28ep35p5et7npbypmtx6ytb0caqt20kt83s4bbrn4w7vs45ee0y3jgq7ra0r39gpxz33qbwb6aw4ye36afk9fdtrdhydgs84y58ysjqpxvdz4nz5njrg3f08xmnq39qdwyj58zfdppf0f80vbwa7wpnp3k0sqmzt30x2hrneczbdyj&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCm0PWQpepZeGdKdC59u8PmJeqmAWQ4YGEXLaoworwAsCNtwEQASAAYJXKhoKYB4IBF2NhLXB1Yi04NzM3NzkzMzg5NjcxNTM1yAEJqQJ_jGMqIjiyPuACAKgDAcgDAqoEjAJP0EvPm_--F40JGJsXkGL709w-3Xb-hK9O0aQlWNW8eXKrS9niy86RMKIKVQNRDXkD1A1YVfmNcM3lD-KNIA9kIAoglKNPVJGH0h7vLcdeQjjwHAyd4b4N72NXS049xNP_7ljfI_glR5Cb6K837op1zPidyHMJ31GTKLBcU0K6gLyMTEpTdicrZfztCco4kCoBZ11vH7aeidML0FfBSVYelhoPi34Za9IRw_eWyMQ68jiQOn1IfEr0z4bQn8s12N0MmcbWGTDwWhDKdMYws5Ej1xJ01NWkgbVxc1MkSNEqPib9e4P3lA2mUErQGzXPKz3xVf_68srB3EXX2p-A9RWziFVYDHESVjdo-RQ34AQBgAbF76qXrOryphygBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYlKCygvDngwP6CwIIAYAMAeINEwiZgbOC8OeDAxXQnP0HHZiLClPQFQGAFwE%26num%3D1%26sig%3DAOD64_2VhP59kPk0szm7BFx6c0fKMWvzLA%26client%3Dca-pub-8737793389671535%26adurl%3D
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 098e6dc516d5b171a1bf126adf3b8e8510746bac17f477f73a6310587e4ab9e8

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 21:25:23 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 09 Jan 2024 06:20:40 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 227066
etag: W/"ea6b8b5621410c697cbfca30307bc4ca"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P67QyMMjciYX0PIe1jCorktvQ6NtJ%2BFuqmkmEDts6257JBtdrDyJNh77%2BZPTyHqK0KwapMsjgFGThRgYNdgPyLWBpQFTiYNDkTL32HVNgJosKKG8PFqPyFABHnf%2F%2BAw4CdXLGAg%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray: 8479e906fd8d30d8-FRA
alt-svc: h3=":443"; ma=86400
expires: Tue, 16 Jan 2024 06:20:57 GMT

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.50/one-ad/ Frame 2773 115 KB
14 KB 46ms
43ms Stylesheet
text/css 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.50/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1jsqdqm9ee35ee3gz890c88g4qt219rmksvyhd7skyt4x5vwc7v6kcst7psk0hj8q17awpfcxbgvamxptdtcce5h9be70bh9dq0zc5s6xbwyy73dfea3d8ge91vn49f8efcfyenmksksevha0nh8qwgwk84b39qngy58dq0nbnckfeznkcsx9d92pfsrassqx5d84y9v5j030d13retra42xcnsgb963akq3j590ad3a08vzmy0zqh0px55vp0ey61g28a6svf2kz40rab5yynvtdtdx8h6s9c00eagcb30njjnbp4s0pndrcye7t849gdepb2r1hnnzse08rdftrx7x92zj9k7pv34xbrn1e1gbjv5kafs01paeykvc4k7q4jymb6vyfevhm48ak7dxqpah4q17v8c3hjkx003mgtseczxj4yk1spqz2pw36r48sm2pwk41&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCtPB9QpepZeKdKdC59u8PmJeqmAWQ4YGEXLaoworwAsCNtwEQASAAYJXKhoKYB4IBF2NhLXB1Yi04NzM3NzkzMzg5NjcxNTM1yAEJqQJ_jGMqIjiyPuACAKgDAcgDAqoEhAJP0OtZ1_I-FReEEu1b1XYJN7Bo-IPb6lpnjj4x4oVcoW0j6giPr7UZA9-tRlOAX5guRohYqP3Y67j0ZLS2vaEhFPxgP-QuS2J6usst6MR8vgRRpgcfHmqd4WA-5igH-y379aEJN6Wj6335NyEFWWN6_H-C8AjC63TyqNiL44QRKZ71dhPVJIR-RjkXfTFmYQB3qJfF7xaplm4s8-3WQRiM-IjXI0R1Nl8cokKwjrOU78ncOPTNLxX_9hvte2YWSqXkRFtA0VU8elAiyTV4rOKgxheNd0dlZrlpX78DkaNGYxmeoME7Mi1-kCy92hIZ9Ye6C75r7c9hohJIHtGXknpbBYkM4uAEAYAGt9Cqy9m0z6FNoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WJSgsoLw54MD-gsCCAGADAHiDRMImoGzgvDngwMV0Jz9Bx2YiwpT0BUBgBcB%26num%3D1%26sig%3DAOD64_1zwwti0WAFL0ikk2qmZuL9tYhPIQ%26client%3Dca-pub-8737793389671535%26adurl%3D
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5f5a0db09b2c7d59fce00d749f6b857d80edafcca6897c038c5b77fb942f1393

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/dr?ed=1jsqdqm9ee35ee3gz890c88g4qt219rmksvyhd7skyt4x5vwc7v6kcst7psk0hj8q17awpfcxbgvamxptdtcce5h9be70bh9dq0zc5s6xbwyy73dfea3d8ge91vn49f8efcfyenmksksevha0nh8qwgwk84b39qngy58dq0nbnckfeznkcsx9d92pfsrassqx5d84y9v5j030d13retra42xcnsgb963akq3j590ad3a08vzmy0zqh0px55vp0ey61g28a6svf2kz40rab5yynvtdtdx8h6s9c00eagcb30njjnbp4s0pndrcye7t849gdepb2r1hnnzse08rdftrx7x92zj9k7pv34xbrn1e1gbjv5kafs01paeykvc4k7q4jymb6vyfevhm48ak7dxqpah4q17v8c3hjkx003mgtseczxj4yk1spqz2pw36r48sm2pwk41&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCtPB9QpepZeKdKdC59u8PmJeqmAWQ4YGEXLaoworwAsCNtwEQASAAYJXKhoKYB4IBF2NhLXB1Yi04NzM3NzkzMzg5NjcxNTM1yAEJqQJ_jGMqIjiyPuACAKgDAcgDAqoEhAJP0OtZ1_I-FReEEu1b1XYJN7Bo-IPb6lpnjj4x4oVcoW0j6giPr7UZA9-tRlOAX5guRohYqP3Y67j0ZLS2vaEhFPxgP-QuS2J6usst6MR8vgRRpgcfHmqd4WA-5igH-y379aEJN6Wj6335NyEFWWN6_H-C8AjC63TyqNiL44QRKZ71dhPVJIR-RjkXfTFmYQB3qJfF7xaplm4s8-3WQRiM-IjXI0R1Nl8cokKwjrOU78ncOPTNLxX_9hvte2YWSqXkRFtA0VU8elAiyTV4rOKgxheNd0dlZrlpX78DkaNGYxmeoME7Mi1-kCy92hIZ9Ye6C75r7c9hohJIHtGXknpbBYkM4uAEAYAGt9Cqy9m0z6FNoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WJSgsoLw54MD-gsCCAGADAHiDRMImoGzgvDngwMV0Jz9Bx2YiwpT0BUBgBcB%26num%3D1%26sig%3DAOD64_1zwwti0WAFL0ikk2qmZuL9tYhPIQ%26client%3Dca-pub-8737793389671535%26adurl%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 21:25:23 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 500447
cf-polished: origSize=118430
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 02 Nov 2023 10:26:17 GMT
server: cloudflare
etag: W/"486507ccce9ac587d11c0ef3f32a109a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TJknXL2Yk6cmO7Q8M4DKRD3QnCQN9ld2sGjJlepNFct2VypRFtdPiIGGbauK2vniGj3rPslS0hJRRKrTJSV6NjP1t%2Bs%2BHAKwHlXfzm4y3%2B9WKYsTx0Wt0cVI1dX4w2zs5KwNkgpvAxc%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=86400
cf-ray: 8479e906fd8f30d8-FRA
expires: Fri, 19 Jan 2024 21:25:23 GMT

GET
H3 200 r62eglto.js Show response
ad4m.at/ Frame 2773 24 KB
10 KB 38ms
34ms Script
application/javascript 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/r62eglto.js
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1jsqdqm9ee35ee3gz890c88g4qt219rmksvyhd7skyt4x5vwc7v6kcst7psk0hj8q17awpfcxbgvamxptdtcce5h9be70bh9dq0zc5s6xbwyy73dfea3d8ge91vn49f8efcfyenmksksevha0nh8qwgwk84b39qngy58dq0nbnckfeznkcsx9d92pfsrassqx5d84y9v5j030d13retra42xcnsgb963akq3j590ad3a08vzmy0zqh0px55vp0ey61g28a6svf2kz40rab5yynvtdtdx8h6s9c00eagcb30njjnbp4s0pndrcye7t849gdepb2r1hnnzse08rdftrx7x92zj9k7pv34xbrn1e1gbjv5kafs01paeykvc4k7q4jymb6vyfevhm48ak7dxqpah4q17v8c3hjkx003mgtseczxj4yk1spqz2pw36r48sm2pwk41&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCtPB9QpepZeKdKdC59u8PmJeqmAWQ4YGEXLaoworwAsCNtwEQASAAYJXKhoKYB4IBF2NhLXB1Yi04NzM3NzkzMzg5NjcxNTM1yAEJqQJ_jGMqIjiyPuACAKgDAcgDAqoEhAJP0OtZ1_I-FReEEu1b1XYJN7Bo-IPb6lpnjj4x4oVcoW0j6giPr7UZA9-tRlOAX5guRohYqP3Y67j0ZLS2vaEhFPxgP-QuS2J6usst6MR8vgRRpgcfHmqd4WA-5igH-y379aEJN6Wj6335NyEFWWN6_H-C8AjC63TyqNiL44QRKZ71dhPVJIR-RjkXfTFmYQB3qJfF7xaplm4s8-3WQRiM-IjXI0R1Nl8cokKwjrOU78ncOPTNLxX_9hvte2YWSqXkRFtA0VU8elAiyTV4rOKgxheNd0dlZrlpX78DkaNGYxmeoME7Mi1-kCy92hIZ9Ye6C75r7c9hohJIHtGXknpbBYkM4uAEAYAGt9Cqy9m0z6FNoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WJSgsoLw54MD-gsCCAGADAHiDRMImoGzgvDngwMV0Jz9Bx2YiwpT0BUBgBcB%26num%3D1%26sig%3DAOD64_1zwwti0WAFL0ikk2qmZuL9tYhPIQ%26client%3Dca-pub-8737793389671535%26adurl%3D
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 098e6dc516d5b171a1bf126adf3b8e8510746bac17f477f73a6310587e4ab9e8

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 21:25:23 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 09 Jan 2024 06:20:40 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 227066
etag: W/"ea6b8b5621410c697cbfca30307bc4ca"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rQ33UM%2BoqSNqydgrxl%2BeYYN0m87zRqo%2B8LpWIrNOYWP037lQ1TqiOB%2Fa7FoEDgfm28Lz6AWehRlDCs0Q3WqI5dAYZXC0PXhDXNtEw7Q0fv6RZHvqBOaEicYTrKNlgBJj%2BgTnUBo%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray: 8479e906fd9030d8-FRA
alt-svc: h3=":443"; ma=86400
expires: Tue, 16 Jan 2024 06:20:57 GMT

GET
H3 200 dr Show response
as.ad4m.at/ad/ Frame B11B 2 KB
3 KB 50ms
47ms Document
text/html 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/dr?ed=1k58n4ke2fskstdqka0wk8f3stts72mdzqgywxgrvhcvmvh0jkv44e88a49x6k4dy6mmfsg761m1btcppj33tmq92kr6qqh0gsm5mt4vpjz7g9sxvyb4krtvf083gpzpbm4zp1t3dpg9nmxhmb97mp8ekfyhv8r9qrt1x78kmdk0q07tf186jx5aemcft45mstdy0xbrk63qwzrjszzh5kec8qg66hwmpgtgxt22maaqs4c52hax0w0q0jw6z7ez2wewjf4ek9vnznhg2hnbdxk4y3p19520ffajz5h0exvxxagd2aqjythhw33d6jqxytasqc3rjygrw9qaqf7a38pxa41pr6m7zsvftsz3dgnbnwt9smnkf59qw4p9evp70vk4megm4yav69m0t0q0t4gfgdaktdhjdshxkx2r7msw04rn0aartjsh326bb4akwedbp4455m&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCNLq2QpepZemdKdC59u8PmJeqmAWQ4YGEXLaoworwAsCNtwEQASAAYJXKhoKYB4IBF2NhLXB1Yi04NzM3NzkzMzg5NjcxNTM1yAEJqQJ_jGMqIjiyPuACAKgDAcgDAqoEiQJP0ILqF87FdOOwwc69UoYwi65WIrwMt9Ev5dBLeK149nf7xaqemVLoSZNnuyWyKK5VEyH8-I9wFMaU62ApUnrVyz1ENo7QqSLuu0pn7rarSKmMTsdaokQK670W92Qb_g7NvAR-HLFFkOCvBChey65h50s7nKwaW4vffnxczSywO3B1XzoWp_GKpGAiv9kW7CooZaT4EQ8QrrAs6s0Ef0w-Bl7iCEEEocA81t5BaCTH8gzGsmIQ6CMoCRVmJzbYyjJfuTaoDDnvqZi0mpLOtuCp9J8CPkWEGuoD13JIdAJxnfpIOv8AxtMPor_nmXp-jEvwPe-0noGhMVPJGHB6QGSIv_mjTOuzkMzr4AQBgAb8k6yH8smngiugBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYlKCygvDngwP6CwIIAYAMAeINEwihgbOC8OeDAxXQnP0HHZiLClPQFQGAFwE%26num%3D1%26sig%3DAOD64_0f5NF168n8YAsfziiNEpoRfW7vHw%26client%3Dca-pub-8737793389671535%26adurl%3D

Requested by

Host: e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com
URL: https://e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dd0e2d6e571ef909917095b234a8983e8314a4bd86d3cd49fd9cff813edc4641

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src ;connect-src https:;default-src 'self';font-src ;form-action 'none';frame-src ;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src 'unsafe-inline'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 8479e906fd9330d8-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src *;connect-src https:;default-src 'self';font-src *;form-action 'none';frame-src *;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Thu, 18 Jan 2024 21:25:23 GMT
expires: 0
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
permissions-policy: accelerometer=(),autoplay=(self),camera=(),display-capture=(),encrypted-media=(self),fullscreen=(),gamepad=(),geolocation=(),gyroscope=(),hid=(),identity-credentials-get=(),idle-detection=*,local-fonts=*,magnetometer=(),microphone=(),midi=(),otp-credentials=(),payment=(),picture-in-picture=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=(),web-share=*,xr-spatial-tracking=()
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240117/r20110914/client/ Frame D921 3 KB
1 KB 21ms
19ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240117/r20110914/client/window_focus_fy2021.js

Requested by

Host: e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com
URL: https://e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 14:56:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 23340
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 01 Feb 2024 14:56:23 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 1F26 1 KB
643 B 25ms
22ms Document
text/html 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com
URL: https://e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 15279
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 18 Jan 2024 17:10:44 GMT
etag: 48472445140208031
expires: Fri, 19 Jan 2024 17:10:44 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240117/r20110914/client/ Frame D921 20 KB
8 KB 22ms
19ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240117/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com
URL: https://e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 16:28:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 17840
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8492
x-xss-protection: 0
server: cafe
etag: 9878124937798820110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 01 Feb 2024 16:28:03 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame D921 0
0 31ms
28ms Image
text/html 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRQUIn2ZpdHmXCx8AKbr3OZfNzxrxdiGTep7-R7YfVqi3tpYUNIuc2pnVx3QC2HUS2prkHdQAaB6ZjnK_9y0jwc0WypIw
Requested by: Host: e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com
URL: https://e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame D921 24 KB
6 KB 23ms
21ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com
URL: https://e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 01:04:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 159648
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 16 Jan 2025 01:04:35 GMT

GET
H3 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame D921 206 KB
65 KB 98ms
96ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com
URL: https://e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

69c32d8650b1e5f0bcb76d787972b68a1ba327ea5bd8da7ab8ca1a04336735c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 21:25:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66453
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1705495733332172"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 18 Jan 2024 21:25:23 GMT

GET
DATA 200
OK truncated
/ Frame EBBD 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c05c54aa15d874022336a592693c3e3cc6aea79a86a50bd03193ec4aaf1f9e93

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame B111 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f07cc098907fa64c4d6fd736ed406668edf93905ff6b038470cdd544f675bc29

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 dr Show response
as.ad4m.at/ad/ Frame 87EA 2 KB
3 KB 51ms
49ms Document
text/html 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/dr?ed=1jcc5hcpqznnv7mjsj4mx01wzdn22jes4x30x28ddwtrvrjhaxadamy9c3n4pxnx4yfyw9f05q6n65xzmjqveyrckfcbyrzd5xnwp6fehd6127cyzqbx4m7rspmxctgnx0x2phzmvwcqq7qqj35kv21d602fm8t7h6hd1xmjq0bzm2bejhnrpp4rtyxes123grtfktnaybnfwtm5681vbek44wck9ykb618jd4y4dp14ctzx68pgf677bmde26p7shdnxandbcpzaw1hsz90p1jtykkt4cjqp6cm5vgj9fecmf15kmhfnm0t22g9g1e3p4jd9msk53xcch7rwm93p7ejqqa2jbhan3h6p8w8rsvb3swh0f9bg8xwv7q3gey65q6tn03btedyv0zreye6cqcfnmsp0et1f4k07rsw2a21gncqtd3zaj205mhaqshvvd7xedfd&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCTpZ8Q5epZbObE4zG7_UP9Kq4uAWQ4YGEXLaoworwAsCNtwEQASAAYJXKhoKYB4IBF2NhLXB1Yi04NzM3NzkzMzg5NjcxNTM1yAEJqQJ_jGMqIjiyPuACAKgDAcgDAqoEiQJP0OkgxITHVZOI1453C2XKum5n-Q4SxwuH2zSO_5ruY-lT8D1wqSULVmBfMP1jmJTQo-MCB_gnXAFGNNI4iFKa4KTNP866Rh2yciNJeY_SQftNFLguL_c3vp35eILbhMvguRyNAIKiYE4u8Dqj3PiUynR6omSY8TaGlmXo66ysgjy_QewFSDLs_N7bFYRjlBbFBkfWjxhVBwy-VrwlgKCBmW6lA9jxELDTZJfjFgpEhiWHV7tloHUw3roDIXYWgN5t5EkbTtDY_1o-XrCsd3YTleNwKe2vVSRGMts0Q4XSyCUGlpDejkSLUtR9k8cV-jeOhxD7qbDQ2B0BYP8Jnjff4q_ZgF00p3my4AQBgAa30KrL2bTPoU2gBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYn7DvgfDngwP6CwIIAYAMAeINEwjr3O-B8OeDAxUM47sIHXQVDlfQFQGAFwE%26num%3D1%26sig%3DAOD64_3MnQzipmEEKofrvyluvTpnUjWdXQ%26client%3Dca-pub-8737793389671535%26adurl%3D

Requested by

Host: e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com
URL: https://e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

550bd676776eb6066ff0e70ceef5deadd10a64646530a69eaa475d623755044a

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src ;connect-src https:;default-src 'self';font-src ;form-action 'none';frame-src ;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src 'unsafe-inline'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 8479e9072dbf30d8-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src *;connect-src https:;default-src 'self';font-src *;form-action 'none';frame-src *;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Thu, 18 Jan 2024 21:25:23 GMT
expires: 0
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
permissions-policy: accelerometer=(),autoplay=(self),camera=(),display-capture=(),encrypted-media=(self),fullscreen=(),gamepad=(),geolocation=(),gyroscope=(),hid=(),identity-credentials-get=(),idle-detection=*,local-fonts=*,magnetometer=(),microphone=(),midi=(),otp-credentials=(),payment=(),picture-in-picture=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=(),web-share=*,xr-spatial-tracking=()
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240117/r20110914/client/ Frame 8C20 3 KB
1 KB 21ms
19ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240117/r20110914/client/window_focus_fy2021.js

Requested by

Host: e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com
URL: https://e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 14:56:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 23340
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 01 Feb 2024 14:56:23 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame A904 1 KB
643 B 20ms
19ms Document
text/html 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com
URL: https://e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 15279
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 18 Jan 2024 17:10:44 GMT
etag: 48472445140208031
expires: Fri, 19 Jan 2024 17:10:44 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240117/r20110914/client/ Frame 8C20 20 KB
8 KB 21ms
19ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240117/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com
URL: https://e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 16:28:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 17840
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8492
x-xss-protection: 0
server: cafe
etag: 9878124937798820110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 01 Feb 2024 16:28:03 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 8C20 0
0 31ms
29ms Image
text/html 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTDc9X_aNkZtUCNpSdHpqtkJFeOoKXlbzAtzRbETVw6ZfC8tzEPnha_ZOuvcU0ADBc5GHeORq65nGfqW1RJ1x-EdwGgQw
Requested by: Host: e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com
URL: https://e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 8C20 24 KB
6 KB 23ms
21ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com
URL: https://e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 01:04:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 159648
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 16 Jan 2025 01:04:35 GMT

GET
H3 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 8C20 206 KB
65 KB 86ms
86ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com
URL: https://e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

69c32d8650b1e5f0bcb76d787972b68a1ba327ea5bd8da7ab8ca1a04336735c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 21:25:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66453
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1705495733332172"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 18 Jan 2024 21:25:23 GMT

GET
H3 200 adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame 746D 350 B
914 B 34ms
34ms Image
image/png 2606:4700:20::ac43:444e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/style/0.1.50/one-ad/default.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:444e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d41dc07aed30cb54de661289691254b1288a52bcf4d121cec3acb89d4aa872a8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 21:25:23 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5130370
alt-svc: h3=":443"; ma=86400
content-length: 350
last-modified: Mon, 20 Nov 2023 11:04:04 GMT
server: cloudflare
etag: "e7fc49b61cae983db8c3a1dccf923b93"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3EYLwFdLDbyugK101e%2BvjTOeF2aqbjMMS1GY2KNvtBdFOBaE%2FGCdcdszrNscjlMKARGLKkFwovbRaeGVZAug1NNXDm3lEIeRqCDb9XbxfycqeFlhpo4wNVjFamb%2FsYS8nZNu%2BwAa%2Fl3chxsafeDDW0yI"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 8479e90749403610-FRA
expires: Tue, 19 Nov 2024 11:23:05 GMT

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.50/one-ad/ Frame A25F 115 KB
14 KB 34ms
33ms Stylesheet
text/css 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.50/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1h8pnxxp0v725nf0drkjesfq2hypgddh1pmjm6m6a132xmb962sa9ecnqfmhandkwe4br4mwvdb53mhvxcvrh4t7szymapg7bgdy40w7dffcm6mkn13fendbzxhdy64g0j7nfg8mfpttxr1zha3zcwew9dy84zcfqx46swyf6qa0vxn1jrd1sf0f55n06mfsx7chyb61d6a8g0akxqdkv26r0vnd5bjh8vk48b3weawa0sxfcm8z5dak713w9tef9eb99fekpw8rraevyh8jzq9e41dqnp8930eavan5813qjjpeg47dfp9mzmg5eypsz9c9h21jbfz2tkjhgjwjb2s0jsaqfk1670tph22c3ffk6v2ty7nawgfx0q7wapxe6073xpxyrk87d0t7t09bkaatc8523a1qr6tpepncw177xqfh64daw1w0prgn0kyzee8jzhz1dm&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCNNT0QpepZeOdKdC59u8PmJeqmAWQ4YGEXLaoworwAsCNtwEQASAAYJXKhoKYB4IBF2NhLXB1Yi04NzM3NzkzMzg5NjcxNTM1yAEJqQJ_jGMqIjiyPuACAKgDAcgDAqoEhAJP0MwmwCg5YxAqi76R6vO-0wsn070VASjPs9c2OiFixa5HPA8Xs_2cOeog2ZfIRA948PGaJPhymlUdINExB7iuKMK_Y92kcHFIYod5hfSX4m2CSkrdThoktXTdQWyPCw_pTe2MlY4b_qUBVyUCP4Wmch4jg65jFQZmEx5WYxVM9VC6DeVfushzEVvQ-1Jz-Nc6m5JZa3HUOjBcaCmqG-sEUcW7ORfj37GfFA4lgCGr0Y7GTemDey7pckoFZn44qD0AyszTyfc6Vz0miE4SvaBbk1x3A_JuKky9OJQNvkBqq4Uhw8qghSn1CbL8UGMwkUUxi5ZlW4z9I7fkx-I-LpZAJAsTKuAEAYAG_JOsh_LJp4IroAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WJSgsoLw54MD-gsCCAGADAHiDRMIm4GzgvDngwMV0Jz9Bx2YiwpT0BUBgBcB%26num%3D1%26sig%3DAOD64_0ZmvmF0SkpxWZukQSu8WKxJoJ3sw%26client%3Dca-pub-8737793389671535%26adurl%3D
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5f5a0db09b2c7d59fce00d749f6b857d80edafcca6897c038c5b77fb942f1393

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/dr?ed=1h8pnxxp0v725nf0drkjesfq2hypgddh1pmjm6m6a132xmb962sa9ecnqfmhandkwe4br4mwvdb53mhvxcvrh4t7szymapg7bgdy40w7dffcm6mkn13fendbzxhdy64g0j7nfg8mfpttxr1zha3zcwew9dy84zcfqx46swyf6qa0vxn1jrd1sf0f55n06mfsx7chyb61d6a8g0akxqdkv26r0vnd5bjh8vk48b3weawa0sxfcm8z5dak713w9tef9eb99fekpw8rraevyh8jzq9e41dqnp8930eavan5813qjjpeg47dfp9mzmg5eypsz9c9h21jbfz2tkjhgjwjb2s0jsaqfk1670tph22c3ffk6v2ty7nawgfx0q7wapxe6073xpxyrk87d0t7t09bkaatc8523a1qr6tpepncw177xqfh64daw1w0prgn0kyzee8jzhz1dm&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCNNT0QpepZeOdKdC59u8PmJeqmAWQ4YGEXLaoworwAsCNtwEQASAAYJXKhoKYB4IBF2NhLXB1Yi04NzM3NzkzMzg5NjcxNTM1yAEJqQJ_jGMqIjiyPuACAKgDAcgDAqoEhAJP0MwmwCg5YxAqi76R6vO-0wsn070VASjPs9c2OiFixa5HPA8Xs_2cOeog2ZfIRA948PGaJPhymlUdINExB7iuKMK_Y92kcHFIYod5hfSX4m2CSkrdThoktXTdQWyPCw_pTe2MlY4b_qUBVyUCP4Wmch4jg65jFQZmEx5WYxVM9VC6DeVfushzEVvQ-1Jz-Nc6m5JZa3HUOjBcaCmqG-sEUcW7ORfj37GfFA4lgCGr0Y7GTemDey7pckoFZn44qD0AyszTyfc6Vz0miE4SvaBbk1x3A_JuKky9OJQNvkBqq4Uhw8qghSn1CbL8UGMwkUUxi5ZlW4z9I7fkx-I-LpZAJAsTKuAEAYAG_JOsh_LJp4IroAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WJSgsoLw54MD-gsCCAGADAHiDRMIm4GzgvDngwMV0Jz9Bx2YiwpT0BUBgBcB%26num%3D1%26sig%3DAOD64_0ZmvmF0SkpxWZukQSu8WKxJoJ3sw%26client%3Dca-pub-8737793389671535%26adurl%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 21:25:23 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 500447
cf-polished: origSize=118430
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 02 Nov 2023 10:26:17 GMT
server: cloudflare
etag: W/"486507ccce9ac587d11c0ef3f32a109a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F3zh3BtHhRZdViUyD4zASeUX92FkVEIBkxkmQi1eNlUIX7UsngTQ4328pkOz3i7gMltldvRUwYk%2FzlUfM8834Nq%2BzG2QCg9q%2FOZsuBcCXK0p4QiuwEo%2Fz9H1ncR5qGtiuyHdVd7LELs%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=86400
cf-ray: 8479e9074dd130d8-FRA
expires: Fri, 19 Jan 2024 21:25:23 GMT

GET
H3 200 r62eglto.js Show response
ad4m.at/ Frame A25F 24 KB
10 KB 39ms
39ms Script
application/javascript 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/r62eglto.js
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1h8pnxxp0v725nf0drkjesfq2hypgddh1pmjm6m6a132xmb962sa9ecnqfmhandkwe4br4mwvdb53mhvxcvrh4t7szymapg7bgdy40w7dffcm6mkn13fendbzxhdy64g0j7nfg8mfpttxr1zha3zcwew9dy84zcfqx46swyf6qa0vxn1jrd1sf0f55n06mfsx7chyb61d6a8g0akxqdkv26r0vnd5bjh8vk48b3weawa0sxfcm8z5dak713w9tef9eb99fekpw8rraevyh8jzq9e41dqnp8930eavan5813qjjpeg47dfp9mzmg5eypsz9c9h21jbfz2tkjhgjwjb2s0jsaqfk1670tph22c3ffk6v2ty7nawgfx0q7wapxe6073xpxyrk87d0t7t09bkaatc8523a1qr6tpepncw177xqfh64daw1w0prgn0kyzee8jzhz1dm&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCNNT0QpepZeOdKdC59u8PmJeqmAWQ4YGEXLaoworwAsCNtwEQASAAYJXKhoKYB4IBF2NhLXB1Yi04NzM3NzkzMzg5NjcxNTM1yAEJqQJ_jGMqIjiyPuACAKgDAcgDAqoEhAJP0MwmwCg5YxAqi76R6vO-0wsn070VASjPs9c2OiFixa5HPA8Xs_2cOeog2ZfIRA948PGaJPhymlUdINExB7iuKMK_Y92kcHFIYod5hfSX4m2CSkrdThoktXTdQWyPCw_pTe2MlY4b_qUBVyUCP4Wmch4jg65jFQZmEx5WYxVM9VC6DeVfushzEVvQ-1Jz-Nc6m5JZa3HUOjBcaCmqG-sEUcW7ORfj37GfFA4lgCGr0Y7GTemDey7pckoFZn44qD0AyszTyfc6Vz0miE4SvaBbk1x3A_JuKky9OJQNvkBqq4Uhw8qghSn1CbL8UGMwkUUxi5ZlW4z9I7fkx-I-LpZAJAsTKuAEAYAG_JOsh_LJp4IroAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WJSgsoLw54MD-gsCCAGADAHiDRMIm4GzgvDngwMV0Jz9Bx2YiwpT0BUBgBcB%26num%3D1%26sig%3DAOD64_0ZmvmF0SkpxWZukQSu8WKxJoJ3sw%26client%3Dca-pub-8737793389671535%26adurl%3D
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 098e6dc516d5b171a1bf126adf3b8e8510746bac17f477f73a6310587e4ab9e8

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 21:25:23 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 09 Jan 2024 06:20:40 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 227066
etag: W/"ea6b8b5621410c697cbfca30307bc4ca"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WEwK7MwUY1YMAQTk6%2BjQZJKFQ6cszmAqWWfBkCHDyzi%2FiwOdqAMfDVaYAuAm0dIbzfTZTWn61R5nazASym%2FiqrcrOVPyUt0GkGj1PpLy3JTnZLGbx6WE%2BKBFKWJMclO2GYXF2T0%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray: 8479e9074dd230d8-FRA
alt-svc: h3=":443"; ma=86400
expires: Tue, 16 Jan 2024 06:20:57 GMT

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.50/one-ad/ Frame B9DD 115 KB
14 KB 39ms
39ms Stylesheet
text/css 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.50/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1gc66tg9cfq6j4pfazv716h1m5e0gdarh678z4qb88nrypsdndqfvgn5nh09kta5bgyjhpwn3mfvyq2p9fz33kf8axbv5b6k8q33y85ffgv4qnh6v4jcg7mgydq6wr70zdpq92sgqbtjmpbb60a03rb38915b5rcyv0ckms29ftsqvn2khhvtpb3gf5cnscdb7sfmws2zhvw0mrjds6x7dvh49qjgjy22t7evqfdmtnj0z4dws20kd68abwzjxe44yj0s4yn7et8pabq535wvs0d7wbz19hx119276vgxp3q3vf4d9086reqy8nd037jy1s3dcsc0h3fx7p5hf683v8kc5ezn5jfxkzzdmtreqbk3aapdp6r36bv7pp2edk98hwdbdb0w9fdybd71yhkq9ybrz5te6kaqpsd20pc53f0nqg8ayqqz3yk6hyg9eghka97pe1c&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DChPcsQpepZeadKdC59u8PmJeqmAWQ4YGEXLaoworwAsCNtwEQASAAYJXKhoKYB4IBF2NhLXB1Yi04NzM3NzkzMzg5NjcxNTM1yAEJqQJ_jGMqIjiyPuACAKgDAcgDAqoEgwJP0ETFi-D7ciiTFDJYeBCBditdVJ4a9sKhVtl9jwMfXkwI5DNsKWLd3Z1ocT5AG2UufrWAYt9mMud9y5pQXKkxx0c-HPLFoshxX2OmwVXNDAKna8hTgoCBdRyZj7wSLI0HzsS9Y5MY1R7ZcYRq4JEGLxHx4eCKsDjsniqSa09nhArmy0_t2fMRIIhARQK7DndYCDK2b6coX-P_jltr-70fXlGLZ3ktiNuyQBDK2PRsKjUeahB_JMgGsgKcslN7P42VfdMSC0fztYQKsLLXpKIwsZnOGTi96tKq82vwjPB2Po-7wV_NKhAnXSfi9olNlm_1A1QzYq2a7x0bjaXLq4iSTZbr4AQBgAa30KrL2bTPoU2gBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYlKCygvDngwP6CwIIAYAMAeINEwiegbOC8OeDAxXQnP0HHZiLClPQFQGAFwE%26num%3D1%26sig%3DAOD64_0gYVPiK-bFPhR6od-6LJWulx-5lQ%26client%3Dca-pub-8737793389671535%26adurl%3D
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5f5a0db09b2c7d59fce00d749f6b857d80edafcca6897c038c5b77fb942f1393

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/dr?ed=1gc66tg9cfq6j4pfazv716h1m5e0gdarh678z4qb88nrypsdndqfvgn5nh09kta5bgyjhpwn3mfvyq2p9fz33kf8axbv5b6k8q33y85ffgv4qnh6v4jcg7mgydq6wr70zdpq92sgqbtjmpbb60a03rb38915b5rcyv0ckms29ftsqvn2khhvtpb3gf5cnscdb7sfmws2zhvw0mrjds6x7dvh49qjgjy22t7evqfdmtnj0z4dws20kd68abwzjxe44yj0s4yn7et8pabq535wvs0d7wbz19hx119276vgxp3q3vf4d9086reqy8nd037jy1s3dcsc0h3fx7p5hf683v8kc5ezn5jfxkzzdmtreqbk3aapdp6r36bv7pp2edk98hwdbdb0w9fdybd71yhkq9ybrz5te6kaqpsd20pc53f0nqg8ayqqz3yk6hyg9eghka97pe1c&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DChPcsQpepZeadKdC59u8PmJeqmAWQ4YGEXLaoworwAsCNtwEQASAAYJXKhoKYB4IBF2NhLXB1Yi04NzM3NzkzMzg5NjcxNTM1yAEJqQJ_jGMqIjiyPuACAKgDAcgDAqoEgwJP0ETFi-D7ciiTFDJYeBCBditdVJ4a9sKhVtl9jwMfXkwI5DNsKWLd3Z1ocT5AG2UufrWAYt9mMud9y5pQXKkxx0c-HPLFoshxX2OmwVXNDAKna8hTgoCBdRyZj7wSLI0HzsS9Y5MY1R7ZcYRq4JEGLxHx4eCKsDjsniqSa09nhArmy0_t2fMRIIhARQK7DndYCDK2b6coX-P_jltr-70fXlGLZ3ktiNuyQBDK2PRsKjUeahB_JMgGsgKcslN7P42VfdMSC0fztYQKsLLXpKIwsZnOGTi96tKq82vwjPB2Po-7wV_NKhAnXSfi9olNlm_1A1QzYq2a7x0bjaXLq4iSTZbr4AQBgAa30KrL2bTPoU2gBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYlKCygvDngwP6CwIIAYAMAeINEwiegbOC8OeDAxXQnP0HHZiLClPQFQGAFwE%26num%3D1%26sig%3DAOD64_0gYVPiK-bFPhR6od-6LJWulx-5lQ%26client%3Dca-pub-8737793389671535%26adurl%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 21:25:23 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 500447
cf-polished: origSize=118430
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 02 Nov 2023 10:26:17 GMT
server: cloudflare
etag: W/"486507ccce9ac587d11c0ef3f32a109a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=946gDwGfloamtmjvQc6o030n9xtZ%2B%2FIVsbIOc3hT8Eo4NDIPlP%2B5j%2FyANa%2FjFYoR6wRgSxMf%2Bh0bY7KqxeUHd77TQXvJEBLsdjiLfFuCwJLlAx2th3xRWF%2BUxrjjqtRMvy%2F9WEXBgxs%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=86400
cf-ray: 8479e9075dd830d8-FRA
expires: Fri, 19 Jan 2024 21:25:23 GMT

GET
H3 200 r62eglto.js Show response
ad4m.at/ Frame B9DD 24 KB
10 KB 34ms
34ms Script
application/javascript 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/r62eglto.js
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1gc66tg9cfq6j4pfazv716h1m5e0gdarh678z4qb88nrypsdndqfvgn5nh09kta5bgyjhpwn3mfvyq2p9fz33kf8axbv5b6k8q33y85ffgv4qnh6v4jcg7mgydq6wr70zdpq92sgqbtjmpbb60a03rb38915b5rcyv0ckms29ftsqvn2khhvtpb3gf5cnscdb7sfmws2zhvw0mrjds6x7dvh49qjgjy22t7evqfdmtnj0z4dws20kd68abwzjxe44yj0s4yn7et8pabq535wvs0d7wbz19hx119276vgxp3q3vf4d9086reqy8nd037jy1s3dcsc0h3fx7p5hf683v8kc5ezn5jfxkzzdmtreqbk3aapdp6r36bv7pp2edk98hwdbdb0w9fdybd71yhkq9ybrz5te6kaqpsd20pc53f0nqg8ayqqz3yk6hyg9eghka97pe1c&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DChPcsQpepZeadKdC59u8PmJeqmAWQ4YGEXLaoworwAsCNtwEQASAAYJXKhoKYB4IBF2NhLXB1Yi04NzM3NzkzMzg5NjcxNTM1yAEJqQJ_jGMqIjiyPuACAKgDAcgDAqoEgwJP0ETFi-D7ciiTFDJYeBCBditdVJ4a9sKhVtl9jwMfXkwI5DNsKWLd3Z1ocT5AG2UufrWAYt9mMud9y5pQXKkxx0c-HPLFoshxX2OmwVXNDAKna8hTgoCBdRyZj7wSLI0HzsS9Y5MY1R7ZcYRq4JEGLxHx4eCKsDjsniqSa09nhArmy0_t2fMRIIhARQK7DndYCDK2b6coX-P_jltr-70fXlGLZ3ktiNuyQBDK2PRsKjUeahB_JMgGsgKcslN7P42VfdMSC0fztYQKsLLXpKIwsZnOGTi96tKq82vwjPB2Po-7wV_NKhAnXSfi9olNlm_1A1QzYq2a7x0bjaXLq4iSTZbr4AQBgAa30KrL2bTPoU2gBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYlKCygvDngwP6CwIIAYAMAeINEwiegbOC8OeDAxXQnP0HHZiLClPQFQGAFwE%26num%3D1%26sig%3DAOD64_0gYVPiK-bFPhR6od-6LJWulx-5lQ%26client%3Dca-pub-8737793389671535%26adurl%3D
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 098e6dc516d5b171a1bf126adf3b8e8510746bac17f477f73a6310587e4ab9e8

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 21:25:23 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 09 Jan 2024 06:20:40 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 227066
etag: W/"ea6b8b5621410c697cbfca30307bc4ca"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4G8zMoMVoiH1kFdQyD9lsZZydQQ6aRkGj%2FWXeFiGmAjX03Mjf1wzTomArzs5YQnjz5idEFdH0o38kW9cRo4Aetmhc7lS8chSmPL%2Byhg9zN1DVQmclEwReUz%2FKuMN6cuGj6v%2FOIQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray: 8479e9075dda30d8-FRA
alt-svc: h3=":443"; ma=86400
expires: Tue, 16 Jan 2024 06:20:57 GMT

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.50/one-ad/ Frame 2FED 115 KB
14 KB 37ms
37ms Stylesheet
text/css 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.50/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1ke86mf6dm70xvm7jqqxnb8nmcajh1x2pq7reyze8yr34stwmm2xznwm633q7tz3xq6qgnt6rdt4mk8vxz70jcxvt7qxbq199h8gbcv49rv0azyzcarfa4vn27z43h5398gw0pmq4t6z6p89m4ts487rteyepkhmr5x80n2y9sdameck9qm8phh3ssz858rehnzcqq01czaqd68te1v23s4tnzea2nhv9x72sp5gpy78w3pa3kcdf9e4h1y0zrr18p8r3etsdgh8wbwppe5v3d3t3h6v1cs4tjms1gf54qqw1336wyv1v493wttzc0d7q7z5fhpvq6c02ybjp9wn8fg7f8025pt40rprfgp22c9mnqdpesvwfnsyfbkqde20rk8s71xc9w38fzhsp8vpxk2ezjb7gesyh90x6rznb17j8272kz3a0qxegeasqjgpmqn615r0&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC3AQhQpepZeWdKdC59u8PmJeqmAWQ4YGEXLaoworwAsCNtwEQASAAYJXKhoKYB4IBF2NhLXB1Yi04NzM3NzkzMzg5NjcxNTM1yAEJqQJ_jGMqIjiyPuACAKgDAcgDAqoEgwJP0JhaGKntI5dxd7BZXGlZL0O9C3HOc7JjESywKmgWftaAzpJzP-Hn35jCzG8cH_tdqDJQRV0nFwNWdTfwgpVR2WPvaUSXTu6NPBng83BgIHPfHG92PQddGg61ILVNfH-7bXW61okQt1FVFUhY0bSEddHqe8NpnUhUk9G92i34hLXj8Qmm--KPrFE_4rQFE2l3Ygm0PGiwkoqaF91X_DPEbYpYVo88pFSsqMNXy3d6ACrRkQHgC7tzaV8H58OEY3CDtZewRlvu1-SImh56lsKIwIesI21zl4a8JpYFVLQJ2s4GiBWhWuUADgqA6di9tEPn295qaPGoshRHIbqKIDeNko7Y4AQBgAa30KrL2bTPoU2gBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYlKCygvDngwP6CwIIAYAMAeINEwidgbOC8OeDAxXQnP0HHZiLClPQFQGAFwE%26num%3D1%26sig%3DAOD64_178tbH9G9URzUp7AZay1k0biEWrw%26client%3Dca-pub-8737793389671535%26adurl%3D
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5f5a0db09b2c7d59fce00d749f6b857d80edafcca6897c038c5b77fb942f1393

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/dr?ed=1ke86mf6dm70xvm7jqqxnb8nmcajh1x2pq7reyze8yr34stwmm2xznwm633q7tz3xq6qgnt6rdt4mk8vxz70jcxvt7qxbq199h8gbcv49rv0azyzcarfa4vn27z43h5398gw0pmq4t6z6p89m4ts487rteyepkhmr5x80n2y9sdameck9qm8phh3ssz858rehnzcqq01czaqd68te1v23s4tnzea2nhv9x72sp5gpy78w3pa3kcdf9e4h1y0zrr18p8r3etsdgh8wbwppe5v3d3t3h6v1cs4tjms1gf54qqw1336wyv1v493wttzc0d7q7z5fhpvq6c02ybjp9wn8fg7f8025pt40rprfgp22c9mnqdpesvwfnsyfbkqde20rk8s71xc9w38fzhsp8vpxk2ezjb7gesyh90x6rznb17j8272kz3a0qxegeasqjgpmqn615r0&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC3AQhQpepZeWdKdC59u8PmJeqmAWQ4YGEXLaoworwAsCNtwEQASAAYJXKhoKYB4IBF2NhLXB1Yi04NzM3NzkzMzg5NjcxNTM1yAEJqQJ_jGMqIjiyPuACAKgDAcgDAqoEgwJP0JhaGKntI5dxd7BZXGlZL0O9C3HOc7JjESywKmgWftaAzpJzP-Hn35jCzG8cH_tdqDJQRV0nFwNWdTfwgpVR2WPvaUSXTu6NPBng83BgIHPfHG92PQddGg61ILVNfH-7bXW61okQt1FVFUhY0bSEddHqe8NpnUhUk9G92i34hLXj8Qmm--KPrFE_4rQFE2l3Ygm0PGiwkoqaF91X_DPEbYpYVo88pFSsqMNXy3d6ACrRkQHgC7tzaV8H58OEY3CDtZewRlvu1-SImh56lsKIwIesI21zl4a8JpYFVLQJ2s4GiBWhWuUADgqA6di9tEPn295qaPGoshRHIbqKIDeNko7Y4AQBgAa30KrL2bTPoU2gBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYlKCygvDngwP6CwIIAYAMAeINEwidgbOC8OeDAxXQnP0HHZiLClPQFQGAFwE%26num%3D1%26sig%3DAOD64_178tbH9G9URzUp7AZay1k0biEWrw%26client%3Dca-pub-8737793389671535%26adurl%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 21:25:23 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 500447
cf-polished: origSize=118430
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 02 Nov 2023 10:26:17 GMT
server: cloudflare
etag: W/"486507ccce9ac587d11c0ef3f32a109a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sE%2FUJz3dqIprWW8GZOezD6pVFRkZ9%2B2M50TvjP2EgIJb2yYVr5sJgZR%2Frhu89Ss1Ib53cgYi4DgTS1Z%2FX8RQAQ%2B8ZZNlWcwY1S2Eol1bMNcTYJ0qL4fp3pIUMqjGnCHX0M5vMLW%2BIYY%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=86400
cf-ray: 8479e9075de030d8-FRA
expires: Fri, 19 Jan 2024 21:25:23 GMT

GET
H3 200 r62eglto.js Show response
ad4m.at/ Frame 2FED 24 KB
10 KB 44ms
44ms Script
application/javascript 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/r62eglto.js
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1ke86mf6dm70xvm7jqqxnb8nmcajh1x2pq7reyze8yr34stwmm2xznwm633q7tz3xq6qgnt6rdt4mk8vxz70jcxvt7qxbq199h8gbcv49rv0azyzcarfa4vn27z43h5398gw0pmq4t6z6p89m4ts487rteyepkhmr5x80n2y9sdameck9qm8phh3ssz858rehnzcqq01czaqd68te1v23s4tnzea2nhv9x72sp5gpy78w3pa3kcdf9e4h1y0zrr18p8r3etsdgh8wbwppe5v3d3t3h6v1cs4tjms1gf54qqw1336wyv1v493wttzc0d7q7z5fhpvq6c02ybjp9wn8fg7f8025pt40rprfgp22c9mnqdpesvwfnsyfbkqde20rk8s71xc9w38fzhsp8vpxk2ezjb7gesyh90x6rznb17j8272kz3a0qxegeasqjgpmqn615r0&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC3AQhQpepZeWdKdC59u8PmJeqmAWQ4YGEXLaoworwAsCNtwEQASAAYJXKhoKYB4IBF2NhLXB1Yi04NzM3NzkzMzg5NjcxNTM1yAEJqQJ_jGMqIjiyPuACAKgDAcgDAqoEgwJP0JhaGKntI5dxd7BZXGlZL0O9C3HOc7JjESywKmgWftaAzpJzP-Hn35jCzG8cH_tdqDJQRV0nFwNWdTfwgpVR2WPvaUSXTu6NPBng83BgIHPfHG92PQddGg61ILVNfH-7bXW61okQt1FVFUhY0bSEddHqe8NpnUhUk9G92i34hLXj8Qmm--KPrFE_4rQFE2l3Ygm0PGiwkoqaF91X_DPEbYpYVo88pFSsqMNXy3d6ACrRkQHgC7tzaV8H58OEY3CDtZewRlvu1-SImh56lsKIwIesI21zl4a8JpYFVLQJ2s4GiBWhWuUADgqA6di9tEPn295qaPGoshRHIbqKIDeNko7Y4AQBgAa30KrL2bTPoU2gBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYlKCygvDngwP6CwIIAYAMAeINEwidgbOC8OeDAxXQnP0HHZiLClPQFQGAFwE%26num%3D1%26sig%3DAOD64_178tbH9G9URzUp7AZay1k0biEWrw%26client%3Dca-pub-8737793389671535%26adurl%3D
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 098e6dc516d5b171a1bf126adf3b8e8510746bac17f477f73a6310587e4ab9e8

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 21:25:23 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 09 Jan 2024 06:20:40 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 227066
etag: W/"ea6b8b5621410c697cbfca30307bc4ca"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MfN4BbXrTvpreMWbMFlmBVHlONBHV93JLky0IORqPrxykOtDA3WbnJ64FTQP1Kcd%2Bjb8QCpLpYJqpajct0YEwauxgghAbPnjhd0D%2BFZqk%2F%2FHrC6UJdN5RlhdU3Endd9qJpI7Xwg%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray: 8479e9075de130d8-FRA
alt-svc: h3=":443"; ma=86400
expires: Tue, 16 Jan 2024 06:20:57 GMT

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.50/one-ad/ Frame C61A 115 KB
14 KB 40ms
40ms Stylesheet
text/css 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.50/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1j9jdgmc8n4040a457g2269cm40z3aaexatkn8s5ms7fdkbf4a48x700tdv39gcrf9hpbyxwk1pe7e6qpezq953f9vp9yxdwj2dxxekfrsmbjkx9jqxx79xasfbyxx9g6qjmv87fgmbyw5ra924kzrjx1fbagesysmqqm3h7b5h7dtzq10362jw7rx082es7y208842gc9dhd75e1racn5x5k024h52zn0rkvtyw8bwhcntpde70esx3bdsw9y4v8bge4jvvz4ehdt6t7zz6q2rc4wjs1pxm4rs6qtd1vkr0tvya0beqq615h04p0jgwky8c7xyrk83veqwre3k3jebebds3az63dxq3pbfjfke1fnwh9d080efgesjkwsmqgk3n5ew4ybzc5mwc7c4xv4856w1jyt6gkxmnjtcwd85cfym729t9et70ekhrd5g68wyvw2yrkg&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC4HAoQpepZeedKdC59u8PmJeqmAWQ4YGEXLaoworwAsCNtwEQASAAYJXKhoKYB4IBF2NhLXB1Yi04NzM3NzkzMzg5NjcxNTM1yAEJqQJ_jGMqIjiyPuACAKgDAcgDAqoEgwJP0EQZSy_YxyYeWJe0FvzAOgF9DCM-wvvMcIByxHSDvj57eYTD4yANOmWaZ7CjNBvrdCegGDx910UNaA2OgLtvj8bPhgQsa7qZHYh-7UFjOclPSV162U_3WXDd72JYIU96QVooo35aOoY0yYkSz7DHYrmwrvx6uA02_xbalcflZx29ydNrtNsPgBEiT4Qre0R1JBUC-kXhDWcP0zG_FFx2v97wpWyPC6eGNj26KYVLxkrJFGrUr2jetGmXcofo4-bUVJWxJNNp3DL22jp_9vZ7pRw23y9k9yi4RPsaU8F7GFFoo37POcrwhHKN520scucETRTkXGCDmzgQ77ED_4FbF7i-4AQBgAb8k6yH8smngiugBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYlKCygvDngwP6CwIIAYAMAeINEwifgbOC8OeDAxXQnP0HHZiLClPQFQGAFwE%26num%3D1%26sig%3DAOD64_2Voj4mfJ1FTjTsOig2RUYFg9HoZw%26client%3Dca-pub-8737793389671535%26adurl%3D
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5f5a0db09b2c7d59fce00d749f6b857d80edafcca6897c038c5b77fb942f1393

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/dr?ed=1j9jdgmc8n4040a457g2269cm40z3aaexatkn8s5ms7fdkbf4a48x700tdv39gcrf9hpbyxwk1pe7e6qpezq953f9vp9yxdwj2dxxekfrsmbjkx9jqxx79xasfbyxx9g6qjmv87fgmbyw5ra924kzrjx1fbagesysmqqm3h7b5h7dtzq10362jw7rx082es7y208842gc9dhd75e1racn5x5k024h52zn0rkvtyw8bwhcntpde70esx3bdsw9y4v8bge4jvvz4ehdt6t7zz6q2rc4wjs1pxm4rs6qtd1vkr0tvya0beqq615h04p0jgwky8c7xyrk83veqwre3k3jebebds3az63dxq3pbfjfke1fnwh9d080efgesjkwsmqgk3n5ew4ybzc5mwc7c4xv4856w1jyt6gkxmnjtcwd85cfym729t9et70ekhrd5g68wyvw2yrkg&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC4HAoQpepZeedKdC59u8PmJeqmAWQ4YGEXLaoworwAsCNtwEQASAAYJXKhoKYB4IBF2NhLXB1Yi04NzM3NzkzMzg5NjcxNTM1yAEJqQJ_jGMqIjiyPuACAKgDAcgDAqoEgwJP0EQZSy_YxyYeWJe0FvzAOgF9DCM-wvvMcIByxHSDvj57eYTD4yANOmWaZ7CjNBvrdCegGDx910UNaA2OgLtvj8bPhgQsa7qZHYh-7UFjOclPSV162U_3WXDd72JYIU96QVooo35aOoY0yYkSz7DHYrmwrvx6uA02_xbalcflZx29ydNrtNsPgBEiT4Qre0R1JBUC-kXhDWcP0zG_FFx2v97wpWyPC6eGNj26KYVLxkrJFGrUr2jetGmXcofo4-bUVJWxJNNp3DL22jp_9vZ7pRw23y9k9yi4RPsaU8F7GFFoo37POcrwhHKN520scucETRTkXGCDmzgQ77ED_4FbF7i-4AQBgAb8k6yH8smngiugBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYlKCygvDngwP6CwIIAYAMAeINEwifgbOC8OeDAxXQnP0HHZiLClPQFQGAFwE%26num%3D1%26sig%3DAOD64_2Voj4mfJ1FTjTsOig2RUYFg9HoZw%26client%3Dca-pub-8737793389671535%26adurl%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 21:25:23 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 500447
cf-polished: origSize=118430
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 02 Nov 2023 10:26:17 GMT
server: cloudflare
etag: W/"486507ccce9ac587d11c0ef3f32a109a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YFus75ojgJCiry%2BDVetUWedWXukBow6cDz1oMCTqnUKJZKyIjjfb%2FCUKS1plmcMmuPv6JKQk4nr2ZPv59SIli8T2r%2FdIsTjITataz%2BBwAwQonJnkEHQDmyOVF4BTE9kbZ9rNhIt9U2o%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=86400
cf-ray: 8479e9076deb30d8-FRA
expires: Fri, 19 Jan 2024 21:25:23 GMT

GET
H3 200 r62eglto.js Show response
ad4m.at/ Frame C61A 24 KB
10 KB 42ms
41ms Script
application/javascript 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/r62eglto.js
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1j9jdgmc8n4040a457g2269cm40z3aaexatkn8s5ms7fdkbf4a48x700tdv39gcrf9hpbyxwk1pe7e6qpezq953f9vp9yxdwj2dxxekfrsmbjkx9jqxx79xasfbyxx9g6qjmv87fgmbyw5ra924kzrjx1fbagesysmqqm3h7b5h7dtzq10362jw7rx082es7y208842gc9dhd75e1racn5x5k024h52zn0rkvtyw8bwhcntpde70esx3bdsw9y4v8bge4jvvz4ehdt6t7zz6q2rc4wjs1pxm4rs6qtd1vkr0tvya0beqq615h04p0jgwky8c7xyrk83veqwre3k3jebebds3az63dxq3pbfjfke1fnwh9d080efgesjkwsmqgk3n5ew4ybzc5mwc7c4xv4856w1jyt6gkxmnjtcwd85cfym729t9et70ekhrd5g68wyvw2yrkg&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC4HAoQpepZeedKdC59u8PmJeqmAWQ4YGEXLaoworwAsCNtwEQASAAYJXKhoKYB4IBF2NhLXB1Yi04NzM3NzkzMzg5NjcxNTM1yAEJqQJ_jGMqIjiyPuACAKgDAcgDAqoEgwJP0EQZSy_YxyYeWJe0FvzAOgF9DCM-wvvMcIByxHSDvj57eYTD4yANOmWaZ7CjNBvrdCegGDx910UNaA2OgLtvj8bPhgQsa7qZHYh-7UFjOclPSV162U_3WXDd72JYIU96QVooo35aOoY0yYkSz7DHYrmwrvx6uA02_xbalcflZx29ydNrtNsPgBEiT4Qre0R1JBUC-kXhDWcP0zG_FFx2v97wpWyPC6eGNj26KYVLxkrJFGrUr2jetGmXcofo4-bUVJWxJNNp3DL22jp_9vZ7pRw23y9k9yi4RPsaU8F7GFFoo37POcrwhHKN520scucETRTkXGCDmzgQ77ED_4FbF7i-4AQBgAb8k6yH8smngiugBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYlKCygvDngwP6CwIIAYAMAeINEwifgbOC8OeDAxXQnP0HHZiLClPQFQGAFwE%26num%3D1%26sig%3DAOD64_2Voj4mfJ1FTjTsOig2RUYFg9HoZw%26client%3Dca-pub-8737793389671535%26adurl%3D
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 098e6dc516d5b171a1bf126adf3b8e8510746bac17f477f73a6310587e4ab9e8

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 21:25:23 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 09 Jan 2024 06:20:40 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 227066
etag: W/"ea6b8b5621410c697cbfca30307bc4ca"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JkkeDs5e3E%2Fp%2FWgVDgwe33j4K7q4bdf%2Fj%2F0%2F17XMNJ%2BJ6ivCFFn0KrwFt4UuZQHGwApU2VPpS9AJrZcDzuCazrZlSpPuGfDq9YDCg4jYUtivniv9y9MOfISDlmqIa3CRhATyNvE%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray: 8479e9076dec30d8-FRA
alt-svc: h3=":443"; ma=86400
expires: Tue, 16 Jan 2024 06:20:57 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 17CA 0
0 61ms
61ms Image
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=ClzJBQpepZeCdKdC59u8PmJeqmAWQ4YGEXLaoworwAsCNtwEQASAAYJXKhoKYB4IBF2NhLXB1Yi04NzM3NzkzMzg5NjcxNTM1yAEJqQJ_jGMqIjiyPuACAKgDAcgDAqoEgwJP0Ett7skyQfoYRRPKpiX9WgXdPcMNWDJ4nTInIxpolEr0y8H6tIF5ELWg7Ag17pMRJia3KvOSoNO1ajzSG8PsVP9zZy3FhZQ4uimw5zyxlN8J1--hLUiEekCruKRdCxGi4MkvWRtZh7P9qNNjeAat8OccFiw6td_zEBnZ6WWduKUhl58QMqgVRnSB3K16UBNaQiuZxTdKV74fmjY94UqCcFT34_P_cXlnIJJwKlJ69EyiJzmH3fMxiz8qukSXXXuFWhxarZNAD156hIEAp45_FpkvBUbBFWYms-5quaS1Ck8dHgTUYyY-6ZRnH2ynqrjmQoPFxbw7gJQjpSjtIfxRLH544AQBgAbF76qXrOryphygBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYlKCygvDngwOACgP6CwIIAYAMAeINEwiYgbOC8OeDAxXQnP0HHZiLClPQFQGAFwGyFx0KGxIUcHViLTg3Mzc3OTMzODk2NzE1MzUYoKiLAQ&sigh=F23pAPGbTnE&uach_m=%5BUACH%5D&cid=CAQSPAAvHhf_G1vfO-F86pyobZVNATehLXQk9N1eDKUNtN8dNp-kIQhRjXWLGeLpB18KMtDXGoZYr0-LqbKx0hgB&cbvp=2&vis=1
Requested by: Host: e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com
URL: https://e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

GET
H3 204 winResponse
prod-rtb.ad4mat.net/ Frame 17CA 0
11 B 33ms
33ms Image
image/gif 2600:1901:0:76b9::
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://prod-rtb.ad4mat.net/winResponse?a=1kj0f6sy5158nnh3c343c94fm68a3ykzsfrgchzhd3r5gaafvehmxq2ct6s88g4mq9894kj8q93704eyzqaem5famx4vjdxgzbn1m8jq8z6nae9p41kjc78sxg75cvgvqezhfdj2spmrqvsb7bf47cffy6qktc56t30229aemeynrw2660jqyt96q9mgr949dppv94719hza9hxgfgtvn9qjy6mgzef28hw2q0a0dsvgcnr045818272xvd8bbq8hxnchwh8hhzw3wqt1h6gp2ecm25f3xm2z9129eq87q974zn5e819nsk4ag2kx69ptt29jm303hg5482cnxhckfzjy0qwcdnpbnatw49e6z97em757v13b1kkmqt6sytvmxg75q14vv0p0v8&b=ZamXQgAKTuAH_ZzQAAqLmDKNqd-lErMKpMb9dA&cbvp=2
Requested by: Host: e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com
URL: https://e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 18 Jan 2024 21:25:23 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: image/gif

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.50/one-ad/ Frame B11B 115 KB
14 KB 35ms
35ms Stylesheet
text/css 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.50/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1k58n4ke2fskstdqka0wk8f3stts72mdzqgywxgrvhcvmvh0jkv44e88a49x6k4dy6mmfsg761m1btcppj33tmq92kr6qqh0gsm5mt4vpjz7g9sxvyb4krtvf083gpzpbm4zp1t3dpg9nmxhmb97mp8ekfyhv8r9qrt1x78kmdk0q07tf186jx5aemcft45mstdy0xbrk63qwzrjszzh5kec8qg66hwmpgtgxt22maaqs4c52hax0w0q0jw6z7ez2wewjf4ek9vnznhg2hnbdxk4y3p19520ffajz5h0exvxxagd2aqjythhw33d6jqxytasqc3rjygrw9qaqf7a38pxa41pr6m7zsvftsz3dgnbnwt9smnkf59qw4p9evp70vk4megm4yav69m0t0q0t4gfgdaktdhjdshxkx2r7msw04rn0aartjsh326bb4akwedbp4455m&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCNLq2QpepZemdKdC59u8PmJeqmAWQ4YGEXLaoworwAsCNtwEQASAAYJXKhoKYB4IBF2NhLXB1Yi04NzM3NzkzMzg5NjcxNTM1yAEJqQJ_jGMqIjiyPuACAKgDAcgDAqoEiQJP0ILqF87FdOOwwc69UoYwi65WIrwMt9Ev5dBLeK149nf7xaqemVLoSZNnuyWyKK5VEyH8-I9wFMaU62ApUnrVyz1ENo7QqSLuu0pn7rarSKmMTsdaokQK670W92Qb_g7NvAR-HLFFkOCvBChey65h50s7nKwaW4vffnxczSywO3B1XzoWp_GKpGAiv9kW7CooZaT4EQ8QrrAs6s0Ef0w-Bl7iCEEEocA81t5BaCTH8gzGsmIQ6CMoCRVmJzbYyjJfuTaoDDnvqZi0mpLOtuCp9J8CPkWEGuoD13JIdAJxnfpIOv8AxtMPor_nmXp-jEvwPe-0noGhMVPJGHB6QGSIv_mjTOuzkMzr4AQBgAb8k6yH8smngiugBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYlKCygvDngwP6CwIIAYAMAeINEwihgbOC8OeDAxXQnP0HHZiLClPQFQGAFwE%26num%3D1%26sig%3DAOD64_0f5NF168n8YAsfziiNEpoRfW7vHw%26client%3Dca-pub-8737793389671535%26adurl%3D
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5f5a0db09b2c7d59fce00d749f6b857d80edafcca6897c038c5b77fb942f1393

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/dr?ed=1k58n4ke2fskstdqka0wk8f3stts72mdzqgywxgrvhcvmvh0jkv44e88a49x6k4dy6mmfsg761m1btcppj33tmq92kr6qqh0gsm5mt4vpjz7g9sxvyb4krtvf083gpzpbm4zp1t3dpg9nmxhmb97mp8ekfyhv8r9qrt1x78kmdk0q07tf186jx5aemcft45mstdy0xbrk63qwzrjszzh5kec8qg66hwmpgtgxt22maaqs4c52hax0w0q0jw6z7ez2wewjf4ek9vnznhg2hnbdxk4y3p19520ffajz5h0exvxxagd2aqjythhw33d6jqxytasqc3rjygrw9qaqf7a38pxa41pr6m7zsvftsz3dgnbnwt9smnkf59qw4p9evp70vk4megm4yav69m0t0q0t4gfgdaktdhjdshxkx2r7msw04rn0aartjsh326bb4akwedbp4455m&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCNLq2QpepZemdKdC59u8PmJeqmAWQ4YGEXLaoworwAsCNtwEQASAAYJXKhoKYB4IBF2NhLXB1Yi04NzM3NzkzMzg5NjcxNTM1yAEJqQJ_jGMqIjiyPuACAKgDAcgDAqoEiQJP0ILqF87FdOOwwc69UoYwi65WIrwMt9Ev5dBLeK149nf7xaqemVLoSZNnuyWyKK5VEyH8-I9wFMaU62ApUnrVyz1ENo7QqSLuu0pn7rarSKmMTsdaokQK670W92Qb_g7NvAR-HLFFkOCvBChey65h50s7nKwaW4vffnxczSywO3B1XzoWp_GKpGAiv9kW7CooZaT4EQ8QrrAs6s0Ef0w-Bl7iCEEEocA81t5BaCTH8gzGsmIQ6CMoCRVmJzbYyjJfuTaoDDnvqZi0mpLOtuCp9J8CPkWEGuoD13JIdAJxnfpIOv8AxtMPor_nmXp-jEvwPe-0noGhMVPJGHB6QGSIv_mjTOuzkMzr4AQBgAb8k6yH8smngiugBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYlKCygvDngwP6CwIIAYAMAeINEwihgbOC8OeDAxXQnP0HHZiLClPQFQGAFwE%26num%3D1%26sig%3DAOD64_0f5NF168n8YAsfziiNEpoRfW7vHw%26client%3Dca-pub-8737793389671535%26adurl%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 21:25:23 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 500447
cf-polished: origSize=118430
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 02 Nov 2023 10:26:17 GMT
server: cloudflare
etag: W/"486507ccce9ac587d11c0ef3f32a109a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AXQcQCAVHeJNpOfhZ6XEgS%2Fad0G91v%2FjMopve%2FrW3sRcGVILX%2FaZyXqFRAG8DLlD4EZcK9yZW3zHyXPuQYVpMeD%2FS4KhJijdjsLYa5xGO%2BZoENQKzkMBUP%2B2O2Sykn%2FidRNts5HXf90%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=86400
cf-ray: 8479e9078dfe30d8-FRA
expires: Fri, 19 Jan 2024 21:25:23 GMT

GET
H3 200 r62eglto.js Show response
ad4m.at/ Frame B11B 24 KB
10 KB 33ms
33ms Script
application/javascript 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/r62eglto.js
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1k58n4ke2fskstdqka0wk8f3stts72mdzqgywxgrvhcvmvh0jkv44e88a49x6k4dy6mmfsg761m1btcppj33tmq92kr6qqh0gsm5mt4vpjz7g9sxvyb4krtvf083gpzpbm4zp1t3dpg9nmxhmb97mp8ekfyhv8r9qrt1x78kmdk0q07tf186jx5aemcft45mstdy0xbrk63qwzrjszzh5kec8qg66hwmpgtgxt22maaqs4c52hax0w0q0jw6z7ez2wewjf4ek9vnznhg2hnbdxk4y3p19520ffajz5h0exvxxagd2aqjythhw33d6jqxytasqc3rjygrw9qaqf7a38pxa41pr6m7zsvftsz3dgnbnwt9smnkf59qw4p9evp70vk4megm4yav69m0t0q0t4gfgdaktdhjdshxkx2r7msw04rn0aartjsh326bb4akwedbp4455m&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCNLq2QpepZemdKdC59u8PmJeqmAWQ4YGEXLaoworwAsCNtwEQASAAYJXKhoKYB4IBF2NhLXB1Yi04NzM3NzkzMzg5NjcxNTM1yAEJqQJ_jGMqIjiyPuACAKgDAcgDAqoEiQJP0ILqF87FdOOwwc69UoYwi65WIrwMt9Ev5dBLeK149nf7xaqemVLoSZNnuyWyKK5VEyH8-I9wFMaU62ApUnrVyz1ENo7QqSLuu0pn7rarSKmMTsdaokQK670W92Qb_g7NvAR-HLFFkOCvBChey65h50s7nKwaW4vffnxczSywO3B1XzoWp_GKpGAiv9kW7CooZaT4EQ8QrrAs6s0Ef0w-Bl7iCEEEocA81t5BaCTH8gzGsmIQ6CMoCRVmJzbYyjJfuTaoDDnvqZi0mpLOtuCp9J8CPkWEGuoD13JIdAJxnfpIOv8AxtMPor_nmXp-jEvwPe-0noGhMVPJGHB6QGSIv_mjTOuzkMzr4AQBgAb8k6yH8smngiugBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYlKCygvDngwP6CwIIAYAMAeINEwihgbOC8OeDAxXQnP0HHZiLClPQFQGAFwE%26num%3D1%26sig%3DAOD64_0f5NF168n8YAsfziiNEpoRfW7vHw%26client%3Dca-pub-8737793389671535%26adurl%3D
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 098e6dc516d5b171a1bf126adf3b8e8510746bac17f477f73a6310587e4ab9e8

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 21:25:23 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 09 Jan 2024 06:20:40 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 227066
etag: W/"ea6b8b5621410c697cbfca30307bc4ca"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qIMy2Vn%2BYDu2EPQTsmJDmM8eyDkfHDC5Lb7wPwVSAxP5AH7mxOa9yVIClRN24V2%2FX9%2FatjO2J2JjbaSUhgzeqgehQp%2Bo26%2BiRuuPWBh%2BmtYtc8xxm8HtwSw1bAPTxEMW3rN71JE%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray: 8479e9078e0030d8-FRA
alt-svc: h3=":443"; ma=86400
expires: Tue, 16 Jan 2024 06:20:57 GMT

GET
DATA 200
OK truncated
/ Frame EAA6 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f1065ec598bc710a1f1207875c7ca55fc36320df50754bdf3b5c10a1fbf23560

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 4BD3
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEM7cFoSR8rL1deY98CQamKA&google_cve...
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEM7cFoSR8rL1deY98CQamKA&goog...
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=Sk5rc2xKMmQxUnF6VDU1&google_gid=CAESEM7cFoSR8rL1deY98CQamKA&google_cver=1&google_push=AXcoOmTb1kuHOz3F3KAL7WSqMB5mLuCe7azQPQWX6S2zllS...

170 B
188 B

32ms
32ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=Sk5rc2xKMmQxUnF6VDU1&google_gid=CAESEM7cFoSR8rL1deY98CQamKA&google_cver=1&google_push=AXcoOmTb1kuHOz3F3KAL7WSqMB5mLuCe7azQPQWX6S2zllS3BQMUq8SIgVXx1hNyaA5-YZH37yvkmjg_lr6pCLjahi81O3ISTx5czg

Requested by

Host: e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com
URL: https://e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 18 Jan 2024 21:25:23 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 18 Jan 2024 21:25:23 GMT
Strict-Transport-Security: max-age=2592000; includeSubDomains
Server: PingMatch/v2.0.30-795-gb641a57#rel-ec2-master i-091a6d662d9a132c7@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Location: https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=Sk5rc2xKMmQxUnF6VDU1&google_gid=CAESEM7cFoSR8rL1deY98CQamKA&google_cver=1&google_push=AXcoOmTb1kuHOz3F3KAL7WSqMB5mLuCe7azQPQWX6S2zllS3BQMUq8SIgVXx1hNyaA5-YZH37yvkmjg_lr6pCLjahi81O3ISTx5czg
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 4BD3
Redirect Chain

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEERuGjBsDvuRcJkVPRqLHjQ&google_cver=1&google_push=AXcoOmRxZ6QTsNv6gZcBTB255sZ3A4NYoozZTbi9aH95AgX9xIfw5R0j2YRRWkzS9gV4HOoDH2NwrDmaXC8...
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmRxZ6QTsNv6gZcBTB255sZ3A4NYoozZTbi9aH95AgX9xIfw5R0j2YRRWkzS9gV4HOoDH2NwrDmaXC8YgZm4p9kjVRZYWdhnMQ&google_hm=OUw8FIbKQUOxbFOJ3G...

170 B
188 B

32ms
32ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmRxZ6QTsNv6gZcBTB255sZ3A4NYoozZTbi9aH95AgX9xIfw5R0j2YRRWkzS9gV4HOoDH2NwrDmaXC8YgZm4p9kjVRZYWdhnMQ&google_hm=OUw8FIbKQUOxbFOJ3GigvoQ

Requested by

Host: e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com
URL: https://e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 18 Jan 2024 21:25:23 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 18 Jan 2024 21:25:23 GMT
via: 1.1 google
server: Apache-Coyote/1.1
p3p: CP="NOI DSP COR NID CUR OUR NOR"
status: 302
location: https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmRxZ6QTsNv6gZcBTB255sZ3A4NYoozZTbi9aH95AgX9xIfw5R0j2YRRWkzS9gV4HOoDH2NwrDmaXC8YgZm4p9kjVRZYWdhnMQ&google_hm=OUw8FIbKQUOxbFOJ3GigvoQ
content-type: text/html;charset=UTF-8
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 usersync.aspx
dis.criteo.com/dis/ Frame 4BD3 43 B
362 B 32ms
28ms Image
image/gif 178.250.1.9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmQ-nlrxhkuybiF4VaUoqoWT9HdzNR0IHKasXlb7mz5IpkRmVAERNdAM0mFvuJN5LFeUf6yUjkpwOlIIexKlmwRWtSxESc4l&google_gid=CAESEJ4iSSQoaJHHN0xavaiyTjc&google_cver=1

Requested by

Host: e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com
URL: https://e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 18 Jan 2024 21:25:22 GMT
x-errorlevel: 0
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 247186
expires: Thu, 18 Jan 2024 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 4BD3
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEPzJkiyolE_JIPXf5phvlLw&google_cver=1&google_push=AXcoOmRR24mNH9vQirmxzX1ZhIYfJRB1QM3SYVQrqm5k9EWqBIhcbBvlStuBZxYcV2HIWI-vmU0kWPhO...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDA4NjUzNzg4ODc0MTQ1MjEyOA&google_push=AXcoOmRR24mNH9vQirmxzX1ZhIYfJRB1QM3SYVQrqm5k9EWqBIhcbBvlStuBZxYcV2HIWI-vmU0kWP...

170 B
188 B

33ms
33ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDA4NjUzNzg4ODc0MTQ1MjEyOA&google_push=AXcoOmRR24mNH9vQirmxzX1ZhIYfJRB1QM3SYVQrqm5k9EWqBIhcbBvlStuBZxYcV2HIWI-vmU0kWPhOHdtgRJ2QZsXDjo1VFMjl

Requested by

Host: e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com
URL: https://e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 18 Jan 2024 21:25:23 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 18 Jan 2024 21:25:23 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDA4NjUzNzg4ODc0MTQ1MjEyOA&google_push=AXcoOmRR24mNH9vQirmxzX1ZhIYfJRB1QM3SYVQrqm5k9EWqBIhcbBvlStuBZxYcV2HIWI-vmU0kWPhOHdtgRJ2QZsXDjo1VFMjl
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2 204 -
s.ad.smaato.net/c/n/// Frame 4BD3 0
235 B 33ms
28ms Image
text/plain 2600:9000:224a:3600:1b:5138:8a40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEOSHm8XpEjK9VlPkJSEYpTU&google_cver=1&google_push=AXcoOmSAqrEACh8cbu2CkvX1OwnHLFi9-ra_H1IfeEV2ddqrbMVCqWoTkIV413R-VcE0HqL0VRq0G3Ln2oHNDN64-7XXRSAIsJOKHA
Requested by: Host: e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com
URL: https://e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:224a:3600:1b:5138:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 21:25:23 GMT
cache-control: no-cache, must-revalidate
via: 1.1 6ee47dd27ca379a812104b559e9a5a22.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: DUS51-P1
x-amz-cf-id: qx6JFL3D9O4SYCdE8E1RapY3VSy10NUDfT671cy0XzEOQ-kmzyiHZA==
x-cache: Hit from cloudfront

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 4BD3
Redirect Chain

https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEB...
https://sync.targeting.unrulymedia.com/csync/RX-b602f861-db43-4b8f-ab75-6be300187185-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAXcoOmSUeX1H4Y_tJD2-katop...
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AXcoOmSUeX1H4Y_tJD2-katopFIt-YUEMxP_oebFksT2I3yCGQJ3jaYN5uFthim2EWlcHbMSpMHDz4JbPJ0utFI-XFR2NZJmhxHy2A&google_hm=A7YC-GHbQ0uPq3Vr4wAYcYU

170 B
188 B

32ms
32ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AXcoOmSUeX1H4Y_tJD2-katopFIt-YUEMxP_oebFksT2I3yCGQJ3jaYN5uFthim2EWlcHbMSpMHDz4JbPJ0utFI-XFR2NZJmhxHy2A&google_hm=A7YC-GHbQ0uPq3Vr4wAYcYU

Requested by

Host: e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com
URL: https://e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 18 Jan 2024 21:25:23 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AXcoOmSUeX1H4Y_tJD2-katopFIt-YUEMxP_oebFksT2I3yCGQJ3jaYN5uFthim2EWlcHbMSpMHDz4JbPJ0utFI-XFR2NZJmhxHy2A&google_hm=A7YC-GHbQ0uPq3Vr4wAYcYU
date: Thu, 18 Jan 2024 21:25:23 GMT
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag: RXb602f861db434b8fab756be300187185003
content-type: text/html

GET
H2

200

/
onetag-sys.com/match/ Frame 4BD3
Redirect Chain

https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEDClDqMGQj27EjQUuG4aV7E&google_cver=1&google_push=AXcoOmTIfMjQBTHSJu_h4VSFbenxFnwZouNzAdpFOfro6VyDiTDBXqqLk2XGhQCIz9ecSDf2oOdqXcCyfw3...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmTIfMjQBTHSJu_h4VSFbenxFnwZouNzAdpFOfro6VyDiTDBXqqLk2XGhQCIz9ecSDf2oOdqXcCyfw3aIIw86XnF7Of2rJ-ALMI
https://onetag-sys.com/match/?int_id=19&google_error=5

0
200 B

22ms
22ms

Image
text/plain

51.75.86.98
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=19&google_error=5

Requested by

Host: e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com
URL: https://e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

51.75.86.98 , France, ASN16276 (OVH, FR),

Reverse DNS

ip98.ip-51-75-86.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma: no-cache
date: Thu, 18 Jan 2024 21:25:23 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://onetag-sys.com/match/?int_id=19&google_error=5
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 255
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 4BD3 0
12 B 33ms
32ms Image
text/html 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JItj7kc_5MwitbFyqPJnxODc2Dmmg2GwcWrz6MopcPmDOdU3-LCr4a-xc4sUUE2X9Wyl8qgg

Requested by

Host: e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com
URL: https://e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 21:25:23 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2

200

/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame 0781
Redirect Chain

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEFj4FlBtx1fMzOpc2BjyNWA&google_cver=1&google_push=AXcoOmTo4H69pI6jdgQ8KYHCWG3yxZPJW5KASwV9aEa0c3z7PS7sJudbCET-QqXRh8ZMdsFV3LdkH-OzcKn-JyxJEkCqizn2Wq9MMA
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=ODQ3NjE5NDU5NjU5NzAzNzU0MA==&gdpr=&gdpr_consent=
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEEbNVRoPiJq9ZqSRkUndQ4E&google_cver=1

43 B
398 B

27ms
26ms

Image
image/gif

2001:678:cb4:bbbb::11
AMOBEE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEEbNVRoPiJq9ZqSRkUndQ4E&google_cver=1
Protocol: H2
Server: 2001:678:cb4:bbbb::11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software: /
Resource Hash: 48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Thu, 18 Jan 2024 21:25:23 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 43
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma: no-cache
date: Thu, 18 Jan 2024 21:25:24 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEEbNVRoPiJq9ZqSRkUndQ4E&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sync
x.bidswitch.net/ Frame 0781 43 B
146 B 125ms
22ms Image
image/gif 18.192.16.65
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?ssp=google&google_gid=CAESECgdelg0osKCI5BOYwbf0_Y&google_cver=1&google_push=AXcoOmQAWNqhxx3mi4wXAD3yoHyE9bSw0QeA3X6Nk-6ajg4az1IOowYHxHpf_UM6K1foDHvYhLBMlLmVOcO_XgW5MmGmtz620M2fYQ
Requested by: Host: e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com
URL: https://e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.192.16.65 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-192-16-65.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 21:25:23 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 0781
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESECWT-EZbh5wPFGQbKP0VhDw&google_cver=1&google_push=AXcoOmQJTqkY2N2zrzDFotNfja9ctjwhuIn-uMFfBQN5eZKsup998TDC2sFr85dWmF4xQasbSJZHRIJ2kBmpfu-pvlaMkk-...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmQJTqkY2N2zrzDFotNfja9ctjwhuIn-uMFfBQN5eZKsup998TDC2sFr85dWmF4xQasbSJZHRIJ2kBmpfu-pvlaMkk-lIT-RkA&google_hm=eS1tREVzSF90RTJwSGJV...

170 B
188 B

33ms
33ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmQJTqkY2N2zrzDFotNfja9ctjwhuIn-uMFfBQN5eZKsup998TDC2sFr85dWmF4xQasbSJZHRIJ2kBmpfu-pvlaMkk-lIT-RkA&google_hm=eS1tREVzSF90RTJwSGJVSDRrZEp4dHdMT2JaUjYzeXdFSX5B

Requested by

Host: e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com
URL: https://e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 18 Jan 2024 21:25:23 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Thu, 18 Jan 2024 21:25:23 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmQJTqkY2N2zrzDFotNfja9ctjwhuIn-uMFfBQN5eZKsup998TDC2sFr85dWmF4xQasbSJZHRIJ2kBmpfu-pvlaMkk-lIT-RkA&google_hm=eS1tREVzSF90RTJwSGJVSDRrZEp4dHdMT2JaUjYzeXdFSX5B
content-length: 0

GET
H3 200 dds
rtb.openx.net/sync/ Frame 0781 43 B
58 B 32ms
29ms Image
image/gif 35.186.253.211
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESEHNUSGq_UZhD0j96QJLbP3s&google_cver=1&google_push=AXcoOmQ8gpoujEjvrITWGijjK64Aa_ItlaTrGGog4DabI7LQaEN3QYHD5bT6vASXwXE_9l9Jul-eN2Z4fUmZxrlY6tpHzMh5EiyR
Requested by: Host: e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com
URL: https://e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 211.253.186.35.bc.googleusercontent.com
Software: /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 18 Jan 2024 21:25:23 GMT
via: 1.1 google
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 0781
Redirect Chain

https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEI-SGE3-_nj4hViS3NvAMNk&google_cver=1&google_push=AXcoOmT4jPsrcD0wI0ibJfLtEIZCbYpRyLst-KWvLon7OxZI1y1Ayq0Q-6kXQJVHw0og-C-rf0YXtoiR1l5Me-kdg...
https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEI-SGE3-_nj4hViS3NvAMNk&google_cver=1&google_push=AXcoOmT4jPsrcD0wI0ibJfLtEIZCbYpRyLst-KWvLon7OxZI1y1Ayq0Q-6kXQJVHw0og-C-rf0YXtoiR1l5Me-kdg...
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmT4jPsrcD0wI0ibJfLtEIZCbYpRyLst-KWvLon7OxZI1y1Ayq0Q-6kXQJVHw0og-C-rf0YXtoiR1l5Me-kdgawzAtoZaLWlBw&google_hm=IA5FAGZHC1Scwzr8SSeS...

170 B
188 B

32ms
32ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmT4jPsrcD0wI0ibJfLtEIZCbYpRyLst-KWvLon7OxZI1y1Ayq0Q-6kXQJVHw0og-C-rf0YXtoiR1l5Me-kdgawzAtoZaLWlBw&google_hm=IA5FAGZHC1Scwzr8SSeSqMQm

Protocol

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 18 Jan 2024 21:25:24 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmT4jPsrcD0wI0ibJfLtEIZCbYpRyLst-KWvLon7OxZI1y1Ayq0Q-6kXQJVHw0og-C-rf0YXtoiR1l5Me-kdgawzAtoZaLWlBw&google_hm=IA5FAGZHC1Scwzr8SSeSqMQm
access-control-allow-origin: *
date: Thu, 18 Jan 2024 21:25:24 GMT
access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With, Content-Type
content-length: 0
access-control-allow-methods: GET, POST, DELETE, PUT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 0781
Redirect Chain

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEDClDqMGQj27EjQUuG4aV7E&google_cver=1&google_push=AXcoOmQRsRiQ8sbQuFylqHZ7my_t5YqNtr-3ThbbHFkAszPj-P3PaI1kGbZt65QpwvBRyCEIL0AUAxMtcycZ...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmQRsRiQ8sbQuFylqHZ7my_t5YqNtr-3ThbbHFkAszPj-P3PaI1kGbZt65QpwvBRyCEIL0AUAxMtcycZoEYJzIZCvC1IGdyY5g

170 B
188 B

32ms
31ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmQRsRiQ8sbQuFylqHZ7my_t5YqNtr-3ThbbHFkAszPj-P3PaI1kGbZt65QpwvBRyCEIL0AUAxMtcycZoEYJzIZCvC1IGdyY5g

Requested by

Host: e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com
URL: https://e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 18 Jan 2024 21:25:23 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmQRsRiQ8sbQuFylqHZ7my_t5YqNtr-3ThbbHFkAszPj-P3PaI1kGbZt65QpwvBRyCEIL0AUAxMtcycZoEYJzIZCvC1IGdyY5g
strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 0781
Redirect Chain

https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEB...
https://sync.targeting.unrulymedia.com/csync/RX-b602f861-db43-4b8f-ab75-6be300187185-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAXcoOmQJXaVGmAo4PMJvbaCa6...
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AXcoOmQJXaVGmAo4PMJvbaCa6Le4-RVt_0JQ0wETHYfJo-0fOBVEnH-oYp_UybzogGz_lD8_vhaEDTkVqEE5SvFp3InJXlW7xInpAg&google_hm=A7YC-GHbQ0uPq3Vr4wAYcYU

170 B
188 B

33ms
32ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AXcoOmQJXaVGmAo4PMJvbaCa6Le4-RVt_0JQ0wETHYfJo-0fOBVEnH-oYp_UybzogGz_lD8_vhaEDTkVqEE5SvFp3InJXlW7xInpAg&google_hm=A7YC-GHbQ0uPq3Vr4wAYcYU

Requested by

Host: e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com
URL: https://e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 18 Jan 2024 21:25:23 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AXcoOmQJXaVGmAo4PMJvbaCa6Le4-RVt_0JQ0wETHYfJo-0fOBVEnH-oYp_UybzogGz_lD8_vhaEDTkVqEE5SvFp3InJXlW7xInpAg&google_hm=A7YC-GHbQ0uPq3Vr4wAYcYU
date: Thu, 18 Jan 2024 21:25:23 GMT
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag: RXb602f861db434b8fab756be300187185003
content-type: text/html

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 0781 0
12 B 32ms
30ms Image
text/html 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JKrhpm3W64pvaE7-rOCoShHJ2_zKzyrjy7MKEI_QA-xzAlrRxLY37IcN1NZv3DsSyzoakn

Requested by

Host: e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com
URL: https://e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 21:25:23 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2

200

/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame 5CE1
Redirect Chain

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEFj4FlBtx1fMzOpc2BjyNWA&google_cver=1&google_push=AXcoOmQsuNXC_m7yCyNo8z-ufMk3iEBt5Or2DcJPYcl3XDq7tJVfXOkuh3-2aiKY7VXbQpFNXX4faKLSm5dRQ8QgZWx7BawVaSSp
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=ODU0ODI1MjE5MDYzNDk2NTQ3Ng==&gdpr=&gdpr_consent=
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEEbNVRoPiJq9ZqSRkUndQ4E&google_cver=1

43 B
398 B

27ms
26ms

Image
image/gif

2001:678:cb4:bbbb::11
AMOBEE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEEbNVRoPiJq9ZqSRkUndQ4E&google_cver=1
Protocol: H2
Server: 2001:678:cb4:bbbb::11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software: /
Resource Hash: 48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Thu, 18 Jan 2024 21:25:23 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 43
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma: no-cache
date: Thu, 18 Jan 2024 21:25:24 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEEbNVRoPiJq9ZqSRkUndQ4E&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 5CE1
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEButh8ad-OB3_ot5f5TPI2Y&google_push=AXcoOmQ5Q5a6oIRsz1rtYoxcZf5IvVo9iYWp0Wt7k9ztntQ86VX4E07EAy...

170 B
188 B

33ms
33ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEButh8ad-OB3_ot5f5TPI2Y&google_push=AXcoOmQ5Q5a6oIRsz1rtYoxcZf5IvVo9iYWp0Wt7k9ztntQ86VX4E07EAy_Dh_GkSJ2ARooTeyzY9yNrStYN2qbx4qoTEliZCKk

Requested by

Host: e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com
URL: https://e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 18 Jan 2024 21:25:23 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by: cache-fra-etou8220028-FRA
pragma: no-cache
date: Thu, 18 Jan 2024 21:25:23 GMT
via: 1.1 varnish
server: Jetty(9.4.35.v20201120)
x-timer: S1705613124.788135,VS0,VE98
x-cache: MISS
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin: *
location: https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEButh8ad-OB3_ot5f5TPI2Y&google_push=AXcoOmQ5Q5a6oIRsz1rtYoxcZf5IvVo9iYWp0Wt7k9ztntQ86VX4E07EAy_Dh_GkSJ2ARooTeyzY9yNrStYN2qbx4qoTEliZCKk
cache-control: no-cache
accept-ranges: bytes
content-length: 0
x-cache-hits: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 5CE1
Redirect Chain

https://um.simpli.fi/gp_match?google_gid=CAESEM7lxsAL1oSQsAxMklFmW9U&google_cver=1&google_push=AXcoOmTpIiOvm0G66qZjcgtgE045-YZo_jWMQtsIG3ifG0vZtJCBc1a5gyvofm_aSNnOKDnVdRyHsvBBdEYE2MW3R_NK1sUpQYg
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=F20DEAF8D8DC4AA0B83A8CC34A47602A&google_push=AXcoOmTpIiOvm0G66qZjcgtgE045-YZo_jWMQtsIG3ifG0vZtJCBc1a5gyvofm_aSNnOKDnVdRyHsvBBdEYE2MW...

170 B
188 B

40ms
39ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=F20DEAF8D8DC4AA0B83A8CC34A47602A&google_push=AXcoOmTpIiOvm0G66qZjcgtgE045-YZo_jWMQtsIG3ifG0vZtJCBc1a5gyvofm_aSNnOKDnVdRyHsvBBdEYE2MW3R_NK1sUpQYg

Requested by

Host: e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com
URL: https://e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 18 Jan 2024 21:25:23 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Thu, 18 Jan 2024 21:25:23 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=F20DEAF8D8DC4AA0B83A8CC34A47602A&google_push=AXcoOmTpIiOvm0G66qZjcgtgE045-YZo_jWMQtsIG3ifG0vZtJCBc1a5gyvofm_aSNnOKDnVdRyHsvBBdEYE2MW3R_NK1sUpQYg
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Wed, 17 Jan 2024 21:25:23 GMT

GET
H2 200 usersync.aspx
dis.criteo.com/dis/ Frame 5CE1 43 B
362 B 30ms
29ms Image
image/gif 178.250.1.9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmR-V6zelc3aDPWbWRs3O2JPiH2xMsGZ-7yBGgFLXbli_2FvCxMmB3enRC9r_A8cljo3OpYMJpQ_SCSEiCsadRvaYQFy05yl&google_gid=CAESEJ4iSSQoaJHHN0xavaiyTjc&google_cver=1

Requested by

Host: e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com
URL: https://e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 18 Jan 2024 21:25:23 GMT
x-errorlevel: 0
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 242989
expires: Thu, 18 Jan 2024 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 5CE1
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEPzJkiyolE_JIPXf5phvlLw&google_cver=1&google_push=AXcoOmSHbM5MuWviLddUHE-P1RW_VzMXfqrru1su9OsxKkm0M9XVnoJPLAemiqL6xHB-fuSP07lWvGpt...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDA4NjUzNzg4ODc0MTQ1MjEyOA&google_push=AXcoOmSHbM5MuWviLddUHE-P1RW_VzMXfqrru1su9OsxKkm0M9XVnoJPLAemiqL6xHB-fuSP07lWvG...

170 B
188 B

62ms
62ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDA4NjUzNzg4ODc0MTQ1MjEyOA&google_push=AXcoOmSHbM5MuWviLddUHE-P1RW_VzMXfqrru1su9OsxKkm0M9XVnoJPLAemiqL6xHB-fuSP07lWvGptP9fI8e2bmflWlx2w9QTh

Requested by

Host: e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com
URL: https://e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 18 Jan 2024 21:25:23 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 18 Jan 2024 21:25:23 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDA4NjUzNzg4ODc0MTQ1MjEyOA&google_push=AXcoOmSHbM5MuWviLddUHE-P1RW_VzMXfqrru1su9OsxKkm0M9XVnoJPLAemiqL6xHB-fuSP07lWvGptP9fI8e2bmflWlx2w9QTh
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2 200 UCookieSetPug
image6.pubmatic.com/AdServer/ Frame 5CE1 0
41 B 114ms
32ms Image
text/html 185.64.190.78
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESELOSMBEJuYs6Vw3yvfVxNlw&google_cver=1&google_push=AXcoOmTvSbjJTEKxuvjTInFBovt4FPH125h5Gsf5UjiqjPEIgT1JVakgO1Vd6GUQsec3CP9vUw8IDZvtW2PpktiQ3mGfQt14dCA
Requested by: Host: e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com
URL: https://e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date: Thu, 18 Jan 2024 21:25:23 GMT
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 5CE1
Redirect Chain

https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEI-SGE3-_nj4hViS3NvAMNk&google_cver=1&google_push=AXcoOmT6CV70191ALG9joir_JMo7yWWaaZOGSlGrluIQG2m8BrF0EmM4PW9eFIq0tfroC3hCxaZ2N2EvXZvJ9Q1aM...
https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEI-SGE3-_nj4hViS3NvAMNk&google_cver=1&google_push=AXcoOmT6CV70191ALG9joir_JMo7yWWaaZOGSlGrluIQG2m8BrF0EmM4PW9eFIq0tfroC3hCxaZ2N2EvXZvJ9Q1aM...
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmT6CV70191ALG9joir_JMo7yWWaaZOGSlGrluIQG2m8BrF0EmM4PW9eFIq0tfroC3hCxaZ2N2EvXZvJ9Q1aMoFUg0dS8z2w&google_hm=IA5FAGZHC1Scwzr8SSeSqMQm

170 B
188 B

34ms
34ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmT6CV70191ALG9joir_JMo7yWWaaZOGSlGrluIQG2m8BrF0EmM4PW9eFIq0tfroC3hCxaZ2N2EvXZvJ9Q1aMoFUg0dS8z2w&google_hm=IA5FAGZHC1Scwzr8SSeSqMQm

Protocol

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 18 Jan 2024 21:25:24 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmT6CV70191ALG9joir_JMo7yWWaaZOGSlGrluIQG2m8BrF0EmM4PW9eFIq0tfroC3hCxaZ2N2EvXZvJ9Q1aMoFUg0dS8z2w&google_hm=IA5FAGZHC1Scwzr8SSeSqMQm
access-control-allow-origin: *
date: Thu, 18 Jan 2024 21:25:24 GMT
access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With, Content-Type
content-length: 0
access-control-allow-methods: GET, POST, DELETE, PUT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 5CE1 0
12 B 31ms
30ms Image
text/html 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IQGYhIn5hVyc9I0G0COojxabIL71xr5wsklYTtwro97svWfC3n8VTrVxbJ7HwCac8srXdH

Requested by

Host: e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com
URL: https://e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 21:25:23 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 cookie-frame.html Show response
ad4m.at/ Frame A3C6 2 KB
1 KB 31ms
31ms Document
text/html 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/cookie-frame.html
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0db16c25165bfd35ea9114187f3e97d7084a33135cb56fe276f6cdd2ab675647

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 64508
alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=86400, stale-if-error=86400
cf-cache-status: HIT
cf-ray: 8479e907ae3130d8-FRA
content-encoding: br
content-language: en
content-type: text/html
date: Thu, 18 Jan 2024 21:25:23 GMT
expires: Sat, 30 Dec 2023 10:37:00 GMT
last-modified: Tue, 28 Nov 2023 11:49:55 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OIVSJsX7PcbreIkCd2hRIa9PP14Q8bbAymKAcjun2R%2BUJHdAW9motNB7iEZfNuRWCfB63O898m1ENfJwr%2Bj5voP9xKgFMPJTDnQpfSZJ%2FaqcrHEMTe4n7jY7d6LWpyK7e5l%2BlJc%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H2

200

i.match
s.tribalfusion.com/z/ Frame 6563
Redirect Chain

https://a.tribalfusion.com/i.match?p=b6&u=CAESEDOdZ5X2RKdgbP26YVSHzHQ&google_cver=1&google_push=AXcoOmSZN6dPSOEeNqcOjCjFJPtRtFTnz67JKUUIi9n2iGJEbbSBy3tUrZ7RhijTUngu-qZlLOYW3kYZLQ_u8qX4aKEvTYMMj0lj&...
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEDOdZ5X2RKdgbP26YVSHzHQ&google_cver=1&google_push=AXcoOmSZN6dPSOEeNqcOjCjFJPtRtFTnz67JKUUIi9n2iGJEbbSBy3tUrZ7RhijTUngu-qZlLOYW3kYZLQ_u8qX4aKEvTYMMj0l...

43 B
414 B

223ms
223ms

Image
image/gif

2606:4700::6812:19ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEDOdZ5X2RKdgbP26YVSHzHQ&google_cver=1&google_push=AXcoOmSZN6dPSOEeNqcOjCjFJPtRtFTnz67JKUUIi9n2iGJEbbSBy3tUrZ7RhijTUngu-qZlLOYW3kYZLQ_u8qX4aKEvTYMMj0lj&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmSZN6dPSOEeNqcOjCjFJPtRtFTnz67JKUUIi9n2iGJEbbSBy3tUrZ7RhijTUngu-qZlLOYW3kYZLQ_u8qX4aKEvTYMMj0lj%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by: Host: e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com
URL: https://e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Server: 2606:4700::6812:19ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 18 Jan 2024 21:25:24 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
content-type: image/gif; charset=utf-8
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 8479e908f9afbb9d-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 18 Jan 2024 21:25:23 GMT
cf-cache-status: DYNAMIC
x-function: 206
server: cloudflare
x-reuse-index: 150
content-type: text/html
location: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEDOdZ5X2RKdgbP26YVSHzHQ&google_cver=1&google_push=AXcoOmSZN6dPSOEeNqcOjCjFJPtRtFTnz67JKUUIi9n2iGJEbbSBy3tUrZ7RhijTUngu-qZlLOYW3kYZLQ_u8qX4aKEvTYMMj0lj&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmSZN6dPSOEeNqcOjCjFJPtRtFTnz67JKUUIi9n2iGJEbbSBy3tUrZ7RhijTUngu-qZlLOYW3kYZLQ_u8qX4aKEvTYMMj0lj%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 8479e907d851bb9d-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 6563
Redirect Chain

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEERuGjBsDvuRcJkVPRqLHjQ&google_cver=1&google_push=AXcoOmRe8KgeuA200K6ctjYNiFeHyQa4MRagFS130MQneLwRLkK82ADcdE7Xv16mSDTpel1I0M8goILnEGE...
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmRe8KgeuA200K6ctjYNiFeHyQa4MRagFS130MQneLwRLkK82ADcdE7Xv16mSDTpel1I0M8goILnEGE20XfwfQv43r5rUfo&google_hm=OUw8FIbKQUOxbFOJ3GigvoQ

170 B
188 B

62ms
62ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmRe8KgeuA200K6ctjYNiFeHyQa4MRagFS130MQneLwRLkK82ADcdE7Xv16mSDTpel1I0M8goILnEGE20XfwfQv43r5rUfo&google_hm=OUw8FIbKQUOxbFOJ3GigvoQ

Requested by

Host: e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com
URL: https://e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 18 Jan 2024 21:25:23 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 18 Jan 2024 21:25:23 GMT
via: 1.1 google
server: Apache-Coyote/1.1
p3p: CP="NOI DSP COR NID CUR OUR NOR"
status: 302
location: https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmRe8KgeuA200K6ctjYNiFeHyQa4MRagFS130MQneLwRLkK82ADcdE7Xv16mSDTpel1I0M8goILnEGE20XfwfQv43r5rUfo&google_hm=OUw8FIbKQUOxbFOJ3GigvoQ
content-type: text/html;charset=UTF-8
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 dds
rtb.openx.net/sync/ Frame 6563 43 B
58 B 30ms
29ms Image
image/gif 35.186.253.211
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESEHNUSGq_UZhD0j96QJLbP3s&google_cver=1&google_push=AXcoOmQp8MbhvzzAjiu13n1VZuTj5lokErszaLMnlkSIkWXuzoui-lPnQA7gWHu0-rNaGZENvrto3NyvbNbudU9s61uMX_dq0lJH
Requested by: Host: e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com
URL: https://e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 211.253.186.35.bc.googleusercontent.com
Software: /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 18 Jan 2024 21:25:23 GMT
via: 1.1 google
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 6563
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEPX68Qkpa5P05eF1nvVmwFU&google_cver=1&googl...
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEPX68Qkpa5P05eF1nvVmwFU&google_hm=ZamXQ8kTC2CPqI4ALfC4TQAAFEYAAAAB&google_nid=index&google_push=AXcoOmQCLScv1x8zsKHga19Go2ct9mb8qQNP9...

170 B
188 B

33ms
33ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEPX68Qkpa5P05eF1nvVmwFU&google_hm=ZamXQ8kTC2CPqI4ALfC4TQAAFEYAAAAB&google_nid=index&google_push=AXcoOmQCLScv1x8zsKHga19Go2ct9mb8qQNP9ZCdeT8qB2dj-ijoC2CtUWFeFE8tb7cNJ_R9njQymhn0pK2j_nXQqJ0JV9naPw8

Requested by

Host: e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com
URL: https://e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 18 Jan 2024 21:25:23 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 18 Jan 2024 21:25:23 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8m1jexWiwT%2BYqMu1b%2Bcq01F97dQpgNSLyfgyDHD%2BN4J8R%2FL2aXR1vSvXogwte0NV23gXY7PiY4smuVUJz4xKRAXoKiKr1dHRnSMOX4%2FEHrRHIBTHCDFunnmN0onAI5pLQUVAmqwbJ7g0yA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEPX68Qkpa5P05eF1nvVmwFU&google_hm=ZamXQ8kTC2CPqI4ALfC4TQAAFEYAAAAB&google_nid=index&google_push=AXcoOmQCLScv1x8zsKHga19Go2ct9mb8qQNP9ZCdeT8qB2dj-ijoC2CtUWFeFE8tb7cNJ_R9njQymhn0pK2j_nXQqJ0JV9naPw8
cache-control: no-cache
cf-ray: 8479e907ec345019-WAW
alt-svc: h3=":443"; ma=86400
content-length: 0
expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 6563
Redirect Chain

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESED2DOWHjVfeI3pmI13jmFC8&google_cver=1&google_push=AXcoOmRnYoqqgQCGh1POR_WDdqiHJ7JK5HgGayIG3CNliX4Lp8Y2Zxs3FqMhhCxFqU0fM52D_uCj9Y-s-JgIfsipfzm1PTrvnlu4
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NDM4NzM2ODk5NTcwODgwMTI2MTE4Nw%3D%3D&google_push=AXcoOmRnYoqqgQCGh1POR_WDdqiHJ7JK5HgGayIG3CNliX4Lp8Y2Zxs3...

170 B
188 B

32ms
32ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NDM4NzM2ODk5NTcwODgwMTI2MTE4Nw%3D%3D&google_push=AXcoOmRnYoqqgQCGh1POR_WDdqiHJ7JK5HgGayIG3CNliX4Lp8Y2Zxs3FqMhhCxFqU0fM52D_uCj9Y-s-JgIfsipfzm1PTrvnlu4

Requested by

Host: e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com
URL: https://e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 18 Jan 2024 21:25:23 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NDM4NzM2ODk5NTcwODgwMTI2MTE4Nw%3D%3D&google_push=AXcoOmRnYoqqgQCGh1POR_WDdqiHJ7JK5HgGayIG3CNliX4Lp8Y2Zxs3FqMhhCxFqU0fM52D_uCj9Y-s-JgIfsipfzm1PTrvnlu4
date: Thu, 18 Jan 2024 21:25:23 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2 200 sync
ssbsync.smartadserver.com/api/ Frame 6563 0
45 B 575ms
26ms Image
text/plain 89.149.192.197
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEGmn7yZ059pCZ-w8VfYmxSo&google_cver=1&google_push=AXcoOmRw3dzxsw_mIwTFA9FaWPvMt0Mr-8WlQTVTDedpM8hz_7LiNJm0mQihejTGXQVMSx6_BiXcrq8PoQGNZGKjPg4kVSt9KMCa
Requested by: Host: e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com
URL: https://e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.149.192.197 Bunschoten, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 21:25:24 GMT
content-length: 0

GET
H2 200 https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25
x.bidswitch.net/check_uuid/ Frame 6563 43 B
145 B 83ms
23ms Image
image/gif 18.192.16.65
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEO6Q0zT1Y7Qq7h_vEsT7ySY&google_cver=1&google_push=AXcoOmRyBRHl0ARev2cAq5y0NKg4sZ3wdTqpkFwOSm1PJ11bV9lwfyjjqRtNxwA9d-YFNPBIfFRaNYylwZOVCf7gJxcwEXkJqjgK7w
Requested by: Host: e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com
URL: https://e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.192.16.65 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-192-16-65.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 21:25:23 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 6563 0
12 B 31ms
31ms Image
text/html 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KUAGC_-f4KjvvdPD9vdKf6goOv08qimWZFtKJiIWAzo_99bRCK09MTHiprVOvBJUQtrMcvGA

Requested by

Host: e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com
URL: https://e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 21:25:23 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
DATA 200
OK truncated
/ Frame 31B4 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 35f50e3bc213d7b1619bdee53fb7370ba3082030bfe0cbeebf1ff8ffe39260ac

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 87BE 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e9782305ac1ac2c9e43f214662ce6690d3faab48560614ee888e6caed88cc913

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.50/one-ad/ Frame 87EA 115 KB
14 KB 35ms
35ms Stylesheet
text/css 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.50/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1jcc5hcpqznnv7mjsj4mx01wzdn22jes4x30x28ddwtrvrjhaxadamy9c3n4pxnx4yfyw9f05q6n65xzmjqveyrckfcbyrzd5xnwp6fehd6127cyzqbx4m7rspmxctgnx0x2phzmvwcqq7qqj35kv21d602fm8t7h6hd1xmjq0bzm2bejhnrpp4rtyxes123grtfktnaybnfwtm5681vbek44wck9ykb618jd4y4dp14ctzx68pgf677bmde26p7shdnxandbcpzaw1hsz90p1jtykkt4cjqp6cm5vgj9fecmf15kmhfnm0t22g9g1e3p4jd9msk53xcch7rwm93p7ejqqa2jbhan3h6p8w8rsvb3swh0f9bg8xwv7q3gey65q6tn03btedyv0zreye6cqcfnmsp0et1f4k07rsw2a21gncqtd3zaj205mhaqshvvd7xedfd&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCTpZ8Q5epZbObE4zG7_UP9Kq4uAWQ4YGEXLaoworwAsCNtwEQASAAYJXKhoKYB4IBF2NhLXB1Yi04NzM3NzkzMzg5NjcxNTM1yAEJqQJ_jGMqIjiyPuACAKgDAcgDAqoEiQJP0OkgxITHVZOI1453C2XKum5n-Q4SxwuH2zSO_5ruY-lT8D1wqSULVmBfMP1jmJTQo-MCB_gnXAFGNNI4iFKa4KTNP866Rh2yciNJeY_SQftNFLguL_c3vp35eILbhMvguRyNAIKiYE4u8Dqj3PiUynR6omSY8TaGlmXo66ysgjy_QewFSDLs_N7bFYRjlBbFBkfWjxhVBwy-VrwlgKCBmW6lA9jxELDTZJfjFgpEhiWHV7tloHUw3roDIXYWgN5t5EkbTtDY_1o-XrCsd3YTleNwKe2vVSRGMts0Q4XSyCUGlpDejkSLUtR9k8cV-jeOhxD7qbDQ2B0BYP8Jnjff4q_ZgF00p3my4AQBgAa30KrL2bTPoU2gBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYn7DvgfDngwP6CwIIAYAMAeINEwjr3O-B8OeDAxUM47sIHXQVDlfQFQGAFwE%26num%3D1%26sig%3DAOD64_3MnQzipmEEKofrvyluvTpnUjWdXQ%26client%3Dca-pub-8737793389671535%26adurl%3D
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5f5a0db09b2c7d59fce00d749f6b857d80edafcca6897c038c5b77fb942f1393

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/dr?ed=1jcc5hcpqznnv7mjsj4mx01wzdn22jes4x30x28ddwtrvrjhaxadamy9c3n4pxnx4yfyw9f05q6n65xzmjqveyrckfcbyrzd5xnwp6fehd6127cyzqbx4m7rspmxctgnx0x2phzmvwcqq7qqj35kv21d602fm8t7h6hd1xmjq0bzm2bejhnrpp4rtyxes123grtfktnaybnfwtm5681vbek44wck9ykb618jd4y4dp14ctzx68pgf677bmde26p7shdnxandbcpzaw1hsz90p1jtykkt4cjqp6cm5vgj9fecmf15kmhfnm0t22g9g1e3p4jd9msk53xcch7rwm93p7ejqqa2jbhan3h6p8w8rsvb3swh0f9bg8xwv7q3gey65q6tn03btedyv0zreye6cqcfnmsp0et1f4k07rsw2a21gncqtd3zaj205mhaqshvvd7xedfd&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCTpZ8Q5epZbObE4zG7_UP9Kq4uAWQ4YGEXLaoworwAsCNtwEQASAAYJXKhoKYB4IBF2NhLXB1Yi04NzM3NzkzMzg5NjcxNTM1yAEJqQJ_jGMqIjiyPuACAKgDAcgDAqoEiQJP0OkgxITHVZOI1453C2XKum5n-Q4SxwuH2zSO_5ruY-lT8D1wqSULVmBfMP1jmJTQo-MCB_gnXAFGNNI4iFKa4KTNP866Rh2yciNJeY_SQftNFLguL_c3vp35eILbhMvguRyNAIKiYE4u8Dqj3PiUynR6omSY8TaGlmXo66ysgjy_QewFSDLs_N7bFYRjlBbFBkfWjxhVBwy-VrwlgKCBmW6lA9jxELDTZJfjFgpEhiWHV7tloHUw3roDIXYWgN5t5EkbTtDY_1o-XrCsd3YTleNwKe2vVSRGMts0Q4XSyCUGlpDejkSLUtR9k8cV-jeOhxD7qbDQ2B0BYP8Jnjff4q_ZgF00p3my4AQBgAa30KrL2bTPoU2gBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYn7DvgfDngwP6CwIIAYAMAeINEwjr3O-B8OeDAxUM47sIHXQVDlfQFQGAFwE%26num%3D1%26sig%3DAOD64_3MnQzipmEEKofrvyluvTpnUjWdXQ%26client%3Dca-pub-8737793389671535%26adurl%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 21:25:23 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 500447
cf-polished: origSize=118430
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 02 Nov 2023 10:26:17 GMT
server: cloudflare
etag: W/"486507ccce9ac587d11c0ef3f32a109a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=424AgjTTLuhdq6%2FVyXzC8fPwyIm8kHnzD4P9BdjlBzG3HKWEktBowljsHowjWBgIO9dEntGFzglk0dYRPcLSWIWfsmbQ7ps4YGAmkqXYUAT1JzA90TCRaO4mE3QnqXViq%2BVnF1h1sTc%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=86400
cf-ray: 8479e907fe7230d8-FRA
expires: Fri, 19 Jan 2024 21:25:23 GMT

GET
H3 200 r62eglto.js Show response
ad4m.at/ Frame 87EA 24 KB
10 KB 33ms
33ms Script
application/javascript 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/r62eglto.js
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1jcc5hcpqznnv7mjsj4mx01wzdn22jes4x30x28ddwtrvrjhaxadamy9c3n4pxnx4yfyw9f05q6n65xzmjqveyrckfcbyrzd5xnwp6fehd6127cyzqbx4m7rspmxctgnx0x2phzmvwcqq7qqj35kv21d602fm8t7h6hd1xmjq0bzm2bejhnrpp4rtyxes123grtfktnaybnfwtm5681vbek44wck9ykb618jd4y4dp14ctzx68pgf677bmde26p7shdnxandbcpzaw1hsz90p1jtykkt4cjqp6cm5vgj9fecmf15kmhfnm0t22g9g1e3p4jd9msk53xcch7rwm93p7ejqqa2jbhan3h6p8w8rsvb3swh0f9bg8xwv7q3gey65q6tn03btedyv0zreye6cqcfnmsp0et1f4k07rsw2a21gncqtd3zaj205mhaqshvvd7xedfd&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCTpZ8Q5epZbObE4zG7_UP9Kq4uAWQ4YGEXLaoworwAsCNtwEQASAAYJXKhoKYB4IBF2NhLXB1Yi04NzM3NzkzMzg5NjcxNTM1yAEJqQJ_jGMqIjiyPuACAKgDAcgDAqoEiQJP0OkgxITHVZOI1453C2XKum5n-Q4SxwuH2zSO_5ruY-lT8D1wqSULVmBfMP1jmJTQo-MCB_gnXAFGNNI4iFKa4KTNP866Rh2yciNJeY_SQftNFLguL_c3vp35eILbhMvguRyNAIKiYE4u8Dqj3PiUynR6omSY8TaGlmXo66ysgjy_QewFSDLs_N7bFYRjlBbFBkfWjxhVBwy-VrwlgKCBmW6lA9jxELDTZJfjFgpEhiWHV7tloHUw3roDIXYWgN5t5EkbTtDY_1o-XrCsd3YTleNwKe2vVSRGMts0Q4XSyCUGlpDejkSLUtR9k8cV-jeOhxD7qbDQ2B0BYP8Jnjff4q_ZgF00p3my4AQBgAa30KrL2bTPoU2gBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYn7DvgfDngwP6CwIIAYAMAeINEwjr3O-B8OeDAxUM47sIHXQVDlfQFQGAFwE%26num%3D1%26sig%3DAOD64_3MnQzipmEEKofrvyluvTpnUjWdXQ%26client%3Dca-pub-8737793389671535%26adurl%3D
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 098e6dc516d5b171a1bf126adf3b8e8510746bac17f477f73a6310587e4ab9e8

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 21:25:23 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 09 Jan 2024 06:20:40 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 227066
etag: W/"ea6b8b5621410c697cbfca30307bc4ca"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BN%2FEfG3w1h9EkUGlVeRIbiONo%2BeF%2FrxOnzRC7oX8LK65Fi7fyuRoLMWKi0uFk3cg3K37uFJWRBmpqVv0JU6JaBoziUWmg1K1OTGFWDZTZ3gcJyIISApSeCdJwuvfCVXSlFeZ%2FZ4%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray: 8479e907fe7330d8-FRA
alt-svc: h3=":443"; ma=86400
expires: Tue, 16 Jan 2024 06:20:57 GMT

GET
H2 204 current
dclk-match.dotomi.com/match/bounce/ Frame 1F26 0
103 B 46ms
44ms Image
text/plain 2a02:fa8:8806:13::1400
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEIw4FbUSyExvLOkzCEizCvw&google_cver=1&google_push=AXcoOmSnRlN9RulAkt1Ukwf-8QRuH9WTQ_ylU0B79d8MBd3ANY-4il2LhMSk1A-hag13pELJuQQ_ONt3OVuNLzTAos6KvSqcZA
Requested by: Host: e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com
URL: https://e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:13::1400 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 18 Jan 2024 21:25:23 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET

pixel
cm.g.doubleclick.net/ Frame 1F26
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEM7cFoSR8rL1deY98CQamKA&google_cve...
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEM7cFoSR8rL1deY98CQamKA&goog...
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=MnluVTVvQ1AxUnF6VDU1&google_gid=CAESEM7cFoSR8rL1deY98CQamKA&google_cver=1&google_push=AXcoOmTiWfb6HdOGOvneS4D6GNw0VVAzDQwFdULpajcINtV...

0
0

GET i.match
a.tribalfusion.com/ Frame 1F26 0
0

GET
H2 200 UCookieSetPug
image6.pubmatic.com/AdServer/ Frame 1F26 0
166 B 49ms
31ms Image
text/html 185.64.190.78
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESELOSMBEJuYs6Vw3yvfVxNlw&google_cver=1&google_push=AXcoOmT7XJLygDbzBmjO9kIFdW6jAMI77y6r_9UwpJbc7ZT9KDOZkp_WJwZ34HKRjVZ0ZX02dwVK1ilfU0rW9Cs3ZMfL_yaOXw
Requested by: Host: e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com
URL: https://e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date: Thu, 18 Jan 2024 21:25:23 GMT
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 1F26
Redirect Chain

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEDClDqMGQj27EjQUuG4aV7E&google_cver=1&google_push=AXcoOmRm6QFLHZb1X3Wli_OwkH2epsF-FHR3c_P_sPh6ItPeFD0K0ykFFe4yEub3HJFO-kY3xO1RLps8hm6a...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmRm6QFLHZb1X3Wli_OwkH2epsF-FHR3c_P_sPh6ItPeFD0K0ykFFe4yEub3HJFO-kY3xO1RLps8hm6awn7tK9LYRk3Exg

170 B
188 B

34ms
34ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmRm6QFLHZb1X3Wli_OwkH2epsF-FHR3c_P_sPh6ItPeFD0K0ykFFe4yEub3HJFO-kY3xO1RLps8hm6awn7tK9LYRk3Exg

Requested by

Host: e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com
URL: https://e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 18 Jan 2024 21:25:23 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmRm6QFLHZb1X3Wli_OwkH2epsF-FHR3c_P_sPh6ItPeFD0K0ykFFe4yEub3HJFO-kY3xO1RLps8hm6awn7tK9LYRk3Exg
strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 1F26
Redirect Chain

https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEB...
https://sync.targeting.unrulymedia.com/csync/RX-b602f861-db43-4b8f-ab75-6be300187185-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAXcoOmSV8ejLA9e5WmzilJLNT...
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AXcoOmSV8ejLA9e5WmzilJLNT0iJgPkeRI3dLUlkbeRJWHsGOp3mtKIMabDxo3PZ8c9vukvF0Ss6MPEgPwnIvAa63XshALhMXMU&google_hm=A7YC-GHbQ0uPq3Vr4wAYcYU

170 B
188 B

33ms
32ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AXcoOmSV8ejLA9e5WmzilJLNT0iJgPkeRI3dLUlkbeRJWHsGOp3mtKIMabDxo3PZ8c9vukvF0Ss6MPEgPwnIvAa63XshALhMXMU&google_hm=A7YC-GHbQ0uPq3Vr4wAYcYU

Requested by

Host: e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com
URL: https://e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 18 Jan 2024 21:25:23 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AXcoOmSV8ejLA9e5WmzilJLNT0iJgPkeRI3dLUlkbeRJWHsGOp3mtKIMabDxo3PZ8c9vukvF0Ss6MPEgPwnIvAa63XshALhMXMU&google_hm=A7YC-GHbQ0uPq3Vr4wAYcYU
date: Thu, 18 Jan 2024 21:25:23 GMT
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag: RXb602f861db434b8fab756be300187185003
content-type: text/html

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 1F26
Redirect Chain

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESED2DOWHjVfeI3pmI13jmFC8&google_cver=1&google_push=AXcoOmQMWxpFlL-ryv_n84iarS-BGnxo70C_oBQxHgvQcvpY_36EzDaFgBtmkwrr6ezpBYO0Bt9pPKfWr4wQbCcigyzFH7YbfA
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NDM4NzM2ODk5NTcwODgwMTI2MTE4Nw%3D%3D&google_push=AXcoOmQMWxpFlL-ryv_n84iarS-BGnxo70C_oBQxHgvQcvpY_36EzDaF...

170 B
188 B

34ms
34ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NDM4NzM2ODk5NTcwODgwMTI2MTE4Nw%3D%3D&google_push=AXcoOmQMWxpFlL-ryv_n84iarS-BGnxo70C_oBQxHgvQcvpY_36EzDaFgBtmkwrr6ezpBYO0Bt9pPKfWr4wQbCcigyzFH7YbfA

Requested by

Host: e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com
URL: https://e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 18 Jan 2024 21:25:23 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NDM4NzM2ODk5NTcwODgwMTI2MTE4Nw%3D%3D&google_push=AXcoOmQMWxpFlL-ryv_n84iarS-BGnxo70C_oBQxHgvQcvpY_36EzDaFgBtmkwrr6ezpBYO0Bt9pPKfWr4wQbCcigyzFH7YbfA
date: Thu, 18 Jan 2024 21:25:23 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 1F26 0
12 B 55ms
54ms Image
text/html 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KlwlSWWqQ-THECCLKkJs-Bl9sOlV0tEGD2wfX8bB0LbVmPVW3JjyR6Q1n97_okKkGAaqsL

Requested by

Host: e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com
URL: https://e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 21:25:23 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame A6B7 350 B
878 B 48ms
48ms Image
image/png 2606:4700:20::ac43:444e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/style/0.1.50/one-ad/default.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:444e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d41dc07aed30cb54de661289691254b1288a52bcf4d121cec3acb89d4aa872a8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 21:25:23 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5130370
alt-svc: h3=":443"; ma=86400
content-length: 350
last-modified: Mon, 20 Nov 2023 11:04:04 GMT
server: cloudflare
etag: "e7fc49b61cae983db8c3a1dccf923b93"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wpPeYvoU7OC2wDbowZen35WrSJ4K%2BG0HIKDn0sUbGFPP%2BPd8u9LgcjllWo3jm3kSQZliOFrQ4MSVv0j%2BVZ8jLW6YTsr%2Ft2TfudmMypqr4z6bWLSTuiMPVVWnpC4PLqfwFXwAEtaIftkphH1SzCPRWIih"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 8479e9082a2b3610-FRA
expires: Tue, 19 Nov 2024 11:23:05 GMT

GET
H3 200 adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame 2773 350 B
876 B 33ms
33ms Image
image/png 2606:4700:20::ac43:444e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/style/0.1.50/one-ad/default.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:444e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d41dc07aed30cb54de661289691254b1288a52bcf4d121cec3acb89d4aa872a8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 21:25:23 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5130370
alt-svc: h3=":443"; ma=86400
content-length: 350
last-modified: Mon, 20 Nov 2023 11:04:04 GMT
server: cloudflare
etag: "e7fc49b61cae983db8c3a1dccf923b93"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Npcoa5Oxykn6up8jCs1zTCWNVM2%2BPWzbW6skZ4JEeqG7qWfGnPOeGsXW5KamRVcJ8vK63F9Qf0q6bjQQLbuJZVHV0%2F8EDRzcKJi3CNJNDslqNeqrDIJebzFjbSJmwFA7f69TQ9z0MAvR48FmDIFNsrCH"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 8479e9082a2e3610-FRA
expires: Tue, 19 Nov 2024 11:23:05 GMT

GET
DATA 200
OK truncated
/ Frame 1959 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c5165d0c249f0306e973f02db6a59d8d85df824dab702001bda8af66ba5a7bd4

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame D921 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b1e0b042c6687b43b8b198a8df0cc2ac9b579a336577c152a992bef6d9c37f25

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 i.match
a.tribalfusion.com/ Frame A904 43 B
593 B 179ms
178ms Image
image/gif 2606:4700::6812:19ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.tribalfusion.com/i.match?p=b6&u=CAESELlRvn242vvGkZnxdXjzTew&google_cver=1&google_push=AXcoOmQIK7xdLDmA0LhJgJw-zGRfSR7XwM7ogjxIl6VJgDe9O_K6Nq4kRyaHus6HryrSDlkWUUB2FzOdQYcAH4BeJh1cgFrDR62M&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmQIK7xdLDmA0LhJgJw-zGRfSR7XwM7ogjxIl6VJgDe9O_K6Nq4kRyaHus6HryrSDlkWUUB2FzOdQYcAH4BeJh1cgFrDR62M%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by: Host: e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com
URL: https://e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:19ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 18 Jan 2024 21:25:24 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
content-type: image/gif; charset=utf-8
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 8479e90849779170-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame A904
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEIBe2-tSFeKCqoL_S8mjwrQ&google_cver=1&google_push=AXcoOmS9qiEJPWkrQDZv69DpqRTLykr3t4Zkjd6JHvSycsdpWF0A_EARzqaUVTQksPJEaKyR0_LidCN48u_g48...
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzMyNTU1MjU4MjkyMjUzMzAwOQ%3D%3D&google_push=AXcoOmS9qiEJPWkrQDZv69DpqRTLykr3t4Zkjd6JHvSycsdpWF0A_EARzqaUVTQksPJEaKyR0_LidCN48u_g48hqAz...

170 B
188 B

33ms
33ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzMyNTU1MjU4MjkyMjUzMzAwOQ%3D%3D&google_push=AXcoOmS9qiEJPWkrQDZv69DpqRTLykr3t4Zkjd6JHvSycsdpWF0A_EARzqaUVTQksPJEaKyR0_LidCN48u_g48hqAzmh16QjFWc

Requested by

Host: e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com
URL: https://e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 18 Jan 2024 21:25:23 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzMyNTU1MjU4MjkyMjUzMzAwOQ%3D%3D&google_push=AXcoOmS9qiEJPWkrQDZv69DpqRTLykr3t4Zkjd6JHvSycsdpWF0A_EARzqaUVTQksPJEaKyR0_LidCN48u_g48hqAzmh16QjFWc
Date: Thu, 18 Jan 2024 21:25:23 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET
H2 200 sync
x.bidswitch.net/ Frame A904 43 B
145 B 23ms
22ms Image
image/gif 18.192.16.65
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEHOjgxEXo-kxqPYdEIeLGO4&google_cver=1&google_push=AXcoOmTfsZJ08r1rDYgcC6aTemsArxZydeWaHfZgdhdUyWPx4tKfvXx59J_5Kr50AvJc1jBQJ41fuPlK3YXrNrioQ4HqT4A_-4FR
Requested by: Host: e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com
URL: https://e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.192.16.65 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-192-16-65.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 21:25:23 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame A904
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEGEAYCKuAV3s0r_BIGsldL0&google_cver=1&googl...
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEGEAYCKuAV3s0r_BIGsldL0&google_hm=ZamXQ8kTC2CPqI4ALfC4TQAAFEYAAAAB&google_nid=index&google_push=AXcoOmQxRuWeNBt-uesL9XhX4Wlr6ZvNcJGiX...

170 B
188 B

31ms
31ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEGEAYCKuAV3s0r_BIGsldL0&google_hm=ZamXQ8kTC2CPqI4ALfC4TQAAFEYAAAAB&google_nid=index&google_push=AXcoOmQxRuWeNBt-uesL9XhX4Wlr6ZvNcJGiXFEB1prshW0iXt_HnRLXUE0OSAS-6qX-7DwF7iwl2aeww7lql9E4NxslfylOyef9

Requested by

Host: e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com
URL: https://e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 18 Jan 2024 21:25:23 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 18 Jan 2024 21:25:23 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BRWNgoEZRpaypnmsxUSmd9jWsU2%2FysqSQvkA5Rkb%2F0P9yuuwgWrq6Ir4pS6tlLxaTKGBDbJZE9RdxthMdCYSFObS%2FN8e7mBEOwN1xezd3Vt7tb2tZJ5HyQ5JcgjEjIydMQYL7RKY4IZYSg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEGEAYCKuAV3s0r_BIGsldL0&google_hm=ZamXQ8kTC2CPqI4ALfC4TQAAFEYAAAAB&google_nid=index&google_push=AXcoOmQxRuWeNBt-uesL9XhX4Wlr6ZvNcJGiXFEB1prshW0iXt_HnRLXUE0OSAS-6qX-7DwF7iwl2aeww7lql9E4NxslfylOyef9
cache-control: no-cache
cf-ray: 8479e9085cc35019-WAW
alt-svc: h3=":443"; ma=86400
content-length: 0
expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame A904
Redirect Chain

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESECu1xQ81CDkXo3cx1j4QrTM&google_cver=1&google_push=AXcoOmRUHkW9GpRAvRLeMvhAkimttajnaKl1N-R4EOnHVLbdw5JtwjBCVv1H1xts6I-5AqqUbKML7zAaz6GH...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmRUHkW9GpRAvRLeMvhAkimttajnaKl1N-R4EOnHVLbdw5JtwjBCVv1H1xts6I-5AqqUbKML7zAaz6GHtLFEPsJlai3_Nag6

170 B
188 B

32ms
32ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmRUHkW9GpRAvRLeMvhAkimttajnaKl1N-R4EOnHVLbdw5JtwjBCVv1H1xts6I-5AqqUbKML7zAaz6GHtLFEPsJlai3_Nag6

Requested by

Host: e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com
URL: https://e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 18 Jan 2024 21:25:23 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmRUHkW9GpRAvRLeMvhAkimttajnaKl1N-R4EOnHVLbdw5JtwjBCVv1H1xts6I-5AqqUbKML7zAaz6GHtLFEPsJlai3_Nag6
strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

GET
H2 200 ebda
match.360yield.com/match/ Frame A904 43 B
198 B 43ms
42ms Image
image/gif 34.249.157.147
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.360yield.com/match/ebda?google_gid=CAESEIAckYOJd9i4L8L3UfPT6tw&google_cver=1&google_push=AXcoOmRft9P_0TlOQehVck1TrCTOjgOIGTmzCVBkhkLoLZNu3rMnYsv5G3o_9eBKgtsJyUZgmlak-EejO86uEyhpyrqmjCdPxyEm
Requested by: Host: e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com
URL: https://e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.249.157.147 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-249-157-147.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 18 Jan 2024 21:25:23 GMT
content-type: image/gif
content-length: 43
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H2 200 sync
ssbsync.smartadserver.com/api/ Frame A904 0
44 B 508ms
26ms Image
text/plain 89.149.192.197
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEMBsTioGCjuuuSqOSRcqdRk&google_cver=1&google_push=AXcoOmQX9p0oE_um_PaTa5Drv4CAeR-CSXNAHHPpmaZpaWMRsBp7dnOSqAabKtMPj0tNmBPL5WqSAmivbwZ30ldl0vAIXB-WEVna
Requested by: Host: e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com
URL: https://e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.149.192.197 Bunschoten, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 21:25:23 GMT
content-length: 0

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame A904 0
12 B 32ms
32ms Image
text/html 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LGdza37fPdQ_qPhQyHdxKoQV7hhYM9QHtOZ2A01IeI3RBN3K3NgFBKJtCsXPlb_sJkinup

Requested by

Host: e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com
URL: https://e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 21:25:23 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
DATA 200
OK truncated
/ Frame 8C20 209 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e0549bbfafcffd0f0fd35559311be2a9729ad73e67c8fdb675522d37feac404f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame B111 0
0 58ms
58ms Image
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CNlDBQpepZeKdKdC59u8PmJeqmAWQ4YGEXLaoworwAsCNtwEQASAAYJXKhoKYB4IBF2NhLXB1Yi04NzM3NzkzMzg5NjcxNTM1yAEJqQJ_jGMqIjiyPuACAKgDAcgDAqoEgQJP0OtZ1_I-FReEEu1b1XYJN7Bo-IPb6lpnjj4x4oVcoW0j6giPr7UZA9-tRlOAX5guRohYqP3Y67j0ZLS2vaEhFPxgP-QuS2J6usst6MR8vgRRpgcfHmqd4WA-5igH-y379aEJN6Wj6335NyEFWWN6_H-C8AjC63TyqNiL44QRKZ71dhPVJIR-RjkXfTFmYQB3qJfF7xaplm4s8-3WQRiM-IjXI0R1Nl8cokKwjrOU78ncOPTNLxX_9hvte2YWSqXkRFtA0VU8elAiyTV4rOKgxheNd0dlZrlpX79Bk4LUtOAZ4Am8eruk2b5P4wYTWI2UE2PrL4bzWoZWMslCTuUbzeAEAYAGt9Cqy9m0z6FNoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WJSgsoLw54MDgAoD-gsCCAGADAHiDRMImoGzgvDngwMV0Jz9Bx2YiwpT0BUBgBcBshcdChsSFHB1Yi04NzM3NzkzMzg5NjcxNTM1GKCoiwE&sigh=akYb39MNNRg&uach_m=%5BUACH%5D&cid=CAQSPAAvHhf_G1vfO-F86pyobZVNATehLXQk9N1eDKUNtN8dNp-kIQhRjXWLGeLpB18KMtDXGoZYr0-LqbKx0hgB&cbvp=2&vis=1
Requested by: Host: e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com
URL: https://e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

GET
H3 204 winResponse
prod-rtb.ad4mat.net/ Frame B111 0
11 B 33ms
33ms Image
image/gif 2600:1901:0:76b9::
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://prod-rtb.ad4mat.net/winResponse?a=1hqxhwcmra4rt5rhzfjcf5a1wrfw0dk7x5kb28hyndqtpdg6xseyywsb0ajk4yd1w8c6yascr3xvgek4avy3481xxg2cmwp21xkdyecgeny1bdsvxa1wqs3rkk7wkbp8e4x58r7shz2xyk5w9m8181f18tcr8jdvpwkbydjgbveqpbxgfjtcx2rgewhfkc1bjv2cffx1rpeygzfamw4xpcea2x6mxa5qhpnh0fpqn891r52bdcd6thj74a53qmrd22vty3gx07thcefwfwf0c5k8p5rpwvgteya0px70zmfkakkc2tr1km0gn7wf5vn9t0y961vzbe2s7m1b92zja8nx8b02k56h24a1ryt5rmts85jygg1576cfmcaarda5z2en5wmszsfarhr&b=ZamXQgAKTuIH_ZzQAAqLmBYKmyTYgzVtf8xhUg&cbvp=2
Requested by: Host: e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com
URL: https://e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 18 Jan 2024 21:25:23 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: image/gif

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame EBBD 0
0 61ms
61ms Image
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CI3WLQpepZeGdKdC59u8PmJeqmAWQ4YGEXLaoworwAsCNtwEQASAAYJXKhoKYB4IBF2NhLXB1Yi04NzM3NzkzMzg5NjcxNTM1yAEJqQJ_jGMqIjiyPuACAKgDAcgDAqoEiQJP0EvPm_--F40JGJsXkGL709w-3Xb-hK9O0aQlWNW8eXKrS9niy86RMKIKVQNRDXkD1A1YVfmNcM3lD-KNIA9kIAoglKNPVJGH0h7vLcdeQjjwHAyd4b4N72NXS049xNP_7ljfI_glR5Cb6K837op1zPidyHMJ31GTKLBcU0K6gLyMTEpTdicrZfztCco4kCoBZ11vH7aeidML0FfBSVYelhoPi34Za9IRw_eWyMQ68jiQOn1IfEr0z4bQn8s12N0MmcbWGTDwWhDKdMYws5Ej1xJ01NWkgbVxc1MkSNEqPib9e8H1tZ9xqc2Q07KHvee4xw3D5sBs1mvPBx9CvIdLHEt0FKTOyXeg4AQBgAbF76qXrOryphygBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYlKCygvDngwOACgP6CwIIAYAMAeINEwiZgbOC8OeDAxXQnP0HHZiLClPQFQGAFwGyFx0KGxIUcHViLTg3Mzc3OTMzODk2NzE1MzUYoKiLAQ&sigh=J3Uncrs6jZQ&uach_m=%5BUACH%5D&cid=CAQSPAAvHhf_G1vfO-F86pyobZVNATehLXQk9N1eDKUNtN8dNp-kIQhRjXWLGeLpB18KMtDXGoZYr0-LqbKx0hgB&cbvp=2&vis=1
Requested by: Host: e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com
URL: https://e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

GET
H3 204 winResponse
prod-rtb.ad4mat.net/ Frame EBBD 0
11 B 32ms
32ms Image
image/gif 2600:1901:0:76b9::
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://prod-rtb.ad4mat.net/winResponse?a=1kvfkty3sfebgr9qsvd785pgfxewvkm1qb6zq4z04n79751wr72vnbyy6w3095g8y2swt1jcy0hx5f7p8xda9sc5s5qvwj6s12y7qg0t8qhftjh3mt1ac658k5vxgt4gbn4w18qnsh6aqq78re5tef8x0ydz8fnfaz4j8c3h1b0xhtt8n1ebg7ksapb0ac8q3svzc8wt8vvjehxs8gd0k2030fp5ej646fkhqz8red48wk67n3z68tf05aw4dja24v9n17eba0yazgrgsg93tv13xgthd4k9jvxvfprxyy60th9932hc3v163688tr5sktx556rx5cny4x68p404tnwt53fxdqvn86hbkma0jzsfhkre9kvtmwmnds356k3x7npkrwgpcd8964g&b=ZamXQgAKTuEH_ZzQAAqLmNx1l1joEfSul2m-CQ&cbvp=2
Requested by: Host: e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com
URL: https://e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 18 Jan 2024 21:25:23 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: image/gif

GET adview
securepubads.g.doubleclick.net/pagead/ Frame D921 0
0

GET winResponse
prod-rtb.ad4mat.net/ Frame D921 0
0

GET activeview
pagead2.googlesyndication.com/pcs/ Frame D921 0
0

GET
H2 200 container.html Show response
e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 8954 6 KB
3 KB 103ms
103ms Document
text/html 142.250.184.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401160101/pubads_impl.js?cb=31080488

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f1.1e100.net

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://forexone.alghtas.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 3
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 18 Jan 2024 21:25:21 GMT
expires: Fri, 17 Jan 2025 21:25:21 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 cookie-frame.html Show response
ad4m.at/ Frame 5466 2 KB
1 KB 32ms
31ms Document
text/html 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/cookie-frame.html
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0db16c25165bfd35ea9114187f3e97d7084a33135cb56fe276f6cdd2ab675647

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 64508
alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=86400, stale-if-error=86400
cf-cache-status: HIT
cf-ray: 8479e908ef6430d8-FRA
content-encoding: br
content-language: en
content-type: text/html
date: Thu, 18 Jan 2024 21:25:23 GMT
expires: Sat, 30 Dec 2023 10:37:00 GMT
last-modified: Tue, 28 Nov 2023 11:49:55 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iuRHU2%2BM%2FCiOaNavkYRNZTN2%2BDe2iAqKXKJRuVM1wV5cTr9WJHjh3delQXcx5TD7mfWIU53GesfSdwqTeqSHvMfCbV3XzBn6LoYbFAv9zljSQ%2Blffw9AOut%2BrQLksxOKV1c7FA8%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H3 200 cookie-frame.html Show response
ad4m.at/ Frame 5191 2 KB
1 KB 31ms
31ms Document
text/html 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/cookie-frame.html
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0db16c25165bfd35ea9114187f3e97d7084a33135cb56fe276f6cdd2ab675647

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 64508
alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=86400, stale-if-error=86400
cf-cache-status: HIT
cf-ray: 8479e908ef6530d8-FRA
content-encoding: br
content-language: en
content-type: text/html
date: Thu, 18 Jan 2024 21:25:23 GMT
expires: Sat, 30 Dec 2023 10:37:00 GMT
last-modified: Tue, 28 Nov 2023 11:49:55 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=skXccGTrAkZIJQjs6cJLbU8A4PAFwUhs1OTgKJjMR5z%2Fh42H6jq%2Fou39hzBeRnNfhGZTt2%2B2vv%2FuIl3AEikLQk5l9XpuKdMBIAbolc4Nyy%2FFVrPAhJ7cF2gD3JStqvJ23tZwUIY%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H3 200 adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame A25F 350 B
884 B 47ms
47ms Image
image/png 2606:4700:20::ac43:444e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/style/0.1.50/one-ad/default.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:444e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d41dc07aed30cb54de661289691254b1288a52bcf4d121cec3acb89d4aa872a8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 21:25:24 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5130371
alt-svc: h3=":443"; ma=86400
content-length: 350
last-modified: Mon, 20 Nov 2023 11:04:04 GMT
server: cloudflare
etag: "e7fc49b61cae983db8c3a1dccf923b93"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IdFdV4LD56lz4eRG%2Bf%2F8pnsOsLoUD32XcLLcd%2FivcagTYnUUg0PS4FLI%2BHSAqPzmfUyydShRL1nxCtsnP%2Ff9WWqD04uJzZy9lmI%2FvwD2hedKmhO8JyW6nDfKQpvn2%2FJEb8vDtFZ0Dy4xT8%2FQv%2FJbitwm"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 8479e908fad23610-FRA
expires: Tue, 19 Nov 2024 11:23:05 GMT

GET
H3 200 adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame 2FED 350 B
878 B 51ms
51ms Image
image/png 2606:4700:20::ac43:444e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/style/0.1.50/one-ad/default.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:444e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d41dc07aed30cb54de661289691254b1288a52bcf4d121cec3acb89d4aa872a8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 21:25:24 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5130371
alt-svc: h3=":443"; ma=86400
content-length: 350
last-modified: Mon, 20 Nov 2023 11:04:04 GMT
server: cloudflare
etag: "e7fc49b61cae983db8c3a1dccf923b93"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=V1qve0lMct%2FKJEgX9Ov90X3blBhJg%2F9OvSmcoVxreT09MJRfZw4U6133hHvyxvuvs0i%2FpVIm8SiXWJAQqEwLrG0BFOSWtKAJ0XzGLHsP7ir%2FnpSU3IOGrvali0Tsox8HepuUu55A%2BMLyMgs6UuZkF75Z"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 8479e908fad63610-FRA
expires: Tue, 19 Nov 2024 11:23:05 GMT

GET
H3 200 adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame B9DD 350 B
881 B 47ms
47ms Image
image/png 2606:4700:20::ac43:444e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/style/0.1.50/one-ad/default.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:444e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d41dc07aed30cb54de661289691254b1288a52bcf4d121cec3acb89d4aa872a8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 21:25:24 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5130371
alt-svc: h3=":443"; ma=86400
content-length: 350
last-modified: Mon, 20 Nov 2023 11:04:04 GMT
server: cloudflare
etag: "e7fc49b61cae983db8c3a1dccf923b93"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mdSNa7Ig%2BY0Lh8kloalkzTvTreKfK%2Bu8goQZ1lThZZLt338%2BTg5wCxJtOZWT%2FwF3OMq%2B3k3ntX%2B7X2n0Hb8Nvob8sDOmy668jg1PAQG%2BlC2bujNiGDLP8G4cWM867wUbdG87cd4UFQqpuh1HgRVuqaUW"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 8479e908fad83610-FRA
expires: Tue, 19 Nov 2024 11:23:05 GMT

GET
H3 200 adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame C61A 350 B
876 B 49ms
49ms Image
image/png 2606:4700:20::ac43:444e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/style/0.1.50/one-ad/default.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:444e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d41dc07aed30cb54de661289691254b1288a52bcf4d121cec3acb89d4aa872a8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 21:25:24 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5130371
alt-svc: h3=":443"; ma=86400
content-length: 350
last-modified: Mon, 20 Nov 2023 11:04:04 GMT
server: cloudflare
etag: "e7fc49b61cae983db8c3a1dccf923b93"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fmfq9cIMsV%2FyDbRNPuHMCzoJ774QRDVuaKYGU6q63zjLCrWVbLIM9udMJcmekjm6jjbls9NFh63327JFKeiDy9ZNxj7vjBGktndLlT8WJLn%2BusvJip5df1qA643bTZWcRmXA05vewc%2BA9NkPE14xPOhM"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 8479e908fadb3610-FRA
expires: Tue, 19 Nov 2024 11:23:05 GMT

GET
H3 200 cookie-frame.html Show response
ad4m.at/ Frame 2A7C 2 KB
1 KB 32ms
31ms Document
text/html 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/cookie-frame.html
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0db16c25165bfd35ea9114187f3e97d7084a33135cb56fe276f6cdd2ab675647

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 64509
alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=86400, stale-if-error=86400
cf-cache-status: HIT
cf-ray: 8479e9090f8030d8-FRA
content-encoding: br
content-language: en
content-type: text/html
date: Thu, 18 Jan 2024 21:25:24 GMT
expires: Sat, 30 Dec 2023 10:37:00 GMT
last-modified: Tue, 28 Nov 2023 11:49:55 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OABWqU3DZut8%2FDBhrsr9o54wW9qXxSDkRWsF%2FII6t77qU1aTuep5n4a3LBCgXKVrM7z4oocpkTVTC6R24wRfcbGPD5ZjyfFXBTDpNgTUY9wAxF5RE7k3wKyLdYwYlnlcaPpdG3M%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H3 200 cookie-frame.html Show response
ad4m.at/ Frame 2732 2 KB
1 KB 33ms
33ms Document
text/html 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/cookie-frame.html
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0db16c25165bfd35ea9114187f3e97d7084a33135cb56fe276f6cdd2ab675647

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 64509
alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=86400, stale-if-error=86400
cf-cache-status: HIT
cf-ray: 8479e9090f8230d8-FRA
content-encoding: br
content-language: en
content-type: text/html
date: Thu, 18 Jan 2024 21:25:24 GMT
expires: Sat, 30 Dec 2023 10:37:00 GMT
last-modified: Tue, 28 Nov 2023 11:49:55 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TWunu1BgcMpLPxCr1SB5E4dV6ANYd2Ppkq7DaUHr%2B072A%2FyHKEiPH27rnxzreSq2y49Kwjyl2w4jRqiydWD%2Fqj%2FDfGjUxgMLAhSrpMf65npMdq84r%2FNMEdNjLdGa2DLhSs9t7O0%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H3 200 cookie-frame.html Show response
ad4m.at/ Frame 15EB 2 KB
1 KB 34ms
34ms Document
text/html 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/cookie-frame.html
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0db16c25165bfd35ea9114187f3e97d7084a33135cb56fe276f6cdd2ab675647

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 64509
alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=86400, stale-if-error=86400
cf-cache-status: HIT
cf-ray: 8479e9090f8530d8-FRA
content-encoding: br
content-language: en
content-type: text/html
date: Thu, 18 Jan 2024 21:25:24 GMT
expires: Sat, 30 Dec 2023 10:37:00 GMT
last-modified: Tue, 28 Nov 2023 11:49:55 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Fkojsyy1fPWmoSpFsaBBU2B4gSvrULyCs7y3NWiQo4zPNWUgnE28JrGXS7ig1mT4FG0OQ0M782ooFuyYU4IVVAcYUQsMcQI27sQY5MK%2F7mp%2FbEmCZgyTxT%2BXBf2JGVgr6RpZ34U%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H3 200 cookie-frame.html Show response
ad4m.at/ Frame 1BAE 2 KB
1 KB 34ms
34ms Document
text/html 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/cookie-frame.html
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0db16c25165bfd35ea9114187f3e97d7084a33135cb56fe276f6cdd2ab675647

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 64509
alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=86400, stale-if-error=86400
cf-cache-status: HIT
cf-ray: 8479e9090f8630d8-FRA
content-encoding: br
content-language: en
content-type: text/html
date: Thu, 18 Jan 2024 21:25:24 GMT
expires: Sat, 30 Dec 2023 10:37:00 GMT
last-modified: Tue, 28 Nov 2023 11:49:55 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I0u1ZS0aDOJ57GC7gBtCTUWGf0XuAVG%2BdR7j8XRAhEgOG3whc%2F6vm4caeLoFt1NiUFxt4cO%2FX8XfZvUV07ylqa4g0bsb%2FGIy%2F8dYwWZxu0YL7iipnLQJiXPq9S8rT2DnVTopIzY%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H3 200 adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame 87EA 350 B
879 B 47ms
47ms Image
image/png 2606:4700:20::ac43:444e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/style/0.1.50/one-ad/default.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:444e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d41dc07aed30cb54de661289691254b1288a52bcf4d121cec3acb89d4aa872a8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 21:25:24 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5130371
alt-svc: h3=":443"; ma=86400
content-length: 350
last-modified: Mon, 20 Nov 2023 11:04:04 GMT
server: cloudflare
etag: "e7fc49b61cae983db8c3a1dccf923b93"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qU8jwPHm0Kt3heUOcEoizp%2BH8MQHoKXiSLWI4nlNVLf1nH13HkvHAxQlritV4RaA1bki%2FtBE%2Btnq23Dr3KuueMz8VMsVNEiO95V%2BQo5a%2BnSHVxHZ8z4QhFnLcYF7o%2BoxpmotCNuvCpasvNlB7yKAj4DV"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 8479e9091b273610-FRA
expires: Tue, 19 Nov 2024 11:23:05 GMT

GET
H3 200 cookie-frame.html Show response
ad4m.at/ Frame EFBC 2 KB
1 KB 34ms
34ms Document
text/html 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/cookie-frame.html
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0db16c25165bfd35ea9114187f3e97d7084a33135cb56fe276f6cdd2ab675647

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 64509
alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=86400, stale-if-error=86400
cf-cache-status: HIT
cf-ray: 8479e9091f8830d8-FRA
content-encoding: br
content-language: en
content-type: text/html
date: Thu, 18 Jan 2024 21:25:24 GMT
expires: Sat, 30 Dec 2023 10:37:00 GMT
last-modified: Tue, 28 Nov 2023 11:49:55 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qnMG5UmW21dzz5s31yblktAzaqTrjrmQwiB91q9b0zQOJIQzMwzhVqgqJqp9UBGgsulMWGJKsmSEz4SvyWKULXx%2Fal7XoyQqRTyP4SJbKQfrUjs1ft4QSTmasFa0D3Q7sf5OBiQ%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

OPTIONS
H3 200 rs
ad4m.at/ Frame 0
0 41ms
41ms Preflight
text/plain 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://as.ad4m.at
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin: https://as.ad4m.at
access-control-max-age: 1800
allow: HEAD,POST,GET,OPTIONS
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8479e9091a299193-FRA
content-length: 24
content-type: text/plain
date: Thu, 18 Jan 2024 21:25:24 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QC4203UYqJglYeBsqxU70L4Uqh%2BJYWAcrO4ubx%2FKgAopXCFV3CU6ElNYEryTUuqEe9ehx9NuhqTlSx0UB3zles1NVPZi9Mxs7RonJvB556yyn5up2DHOLZcMJ%2FtBeuN5Lgn4s%2Fo%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
via: 1.1 google
x-backend-server: aa-reachservice-group-europe-west1-rvhs

POST
H3 200 rs Show response
ad4m.at/ Frame 746D 1 KB
2 KB 45ms
44ms XHR
text/plain 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c1a5a879bb4f56f45ca19792d673c18b56560823ab43b5d1d779e287f740dd2e

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 18 Jan 2024 21:25:24 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3x%2FBb8zotJKb1vdbLdxBlRkqYk%2FeBR6SuNpBIPUFenIGox2pnHx%2Bl5zm%2B%2FNydxg%2BrjUazz9d9N8xXgkDg8H9uXIZODhINPlvqlEI0qLt42S7ltF%2FT0a%2F5zRxukELSGWCGU6l%2B%2FA%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain
access-control-allow-origin: https://as.ad4m.at
access-control-allow-credentials: true
cf-ray: 8479e9095a779193-FRA
x-backend-server: aa-reachservice-group-europe-west1-rvhs
alt-svc: h3=":443"; ma=86400

OPTIONS
H3 200 rs
ad4m.at/ Frame 0
0 44ms
44ms Preflight
text/plain 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://as.ad4m.at
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin: https://as.ad4m.at
access-control-max-age: 1800
allow: HEAD,POST,GET,OPTIONS
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8479e9092a4b9193-FRA
content-length: 24
content-type: text/plain
date: Thu, 18 Jan 2024 21:25:24 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gjcrvt7UuAqHAzhcLT%2BOrRdUt0uDgbb4zBdMHUN%2FVYU06n3cEIHLpvW6FNvDvhpjNswT9kTV3OlHSD4%2FBUU0UpARhtDIwZhOjU9%2FUQ7QgEkfEC%2F0eVuZ4dbZZeKp4WpHEV9QV7k%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
via: 1.1 google
x-backend-server: aa-reachservice-group-europe-west1-rvhs

POST
H3 200 rs Show response
ad4m.at/ Frame 2773 1 KB
2 KB 49ms
49ms XHR
text/plain 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e708b56e8195853ece5240160435d3e93af08262242af41d49e5ad80c728ec40

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 18 Jan 2024 21:25:24 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ULgB1C71SgGqcCEurP2Abq0Ja2f3ERTaWRaV%2FWA%2BhpJumF34g5j6Y1PB5LuKQn%2FoiAvSHearcOs9FyPcnRLXpTi5NGeZfkUEOBNde%2B6%2BCX6hWRr17kM8kghlvA%2F7ZvBOChHV38s%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain
access-control-allow-origin: https://as.ad4m.at
access-control-allow-credentials: true
cf-ray: 8479e9097aa29193-FRA
x-backend-server: aa-reachservice-group-europe-west1-rvhs
alt-svc: h3=":443"; ma=86400

OPTIONS
H3 200 rs
ad4m.at/ Frame 0
0 44ms
44ms Preflight
text/plain 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://as.ad4m.at
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin: https://as.ad4m.at
access-control-max-age: 1800
allow: HEAD,POST,GET,OPTIONS
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8479e9092a4c9193-FRA
content-length: 24
content-type: text/plain
date: Thu, 18 Jan 2024 21:25:24 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kSqAR97UewajMnXDilk0MfxjH90o0XZcS3Uaq36LuBu5eLgRoWVj8m9dlKGl3yndfSX8hnPwdfbc9x%2F6eKt0kHOhs0hJrId9XOfbVM7tLM0z0h3SnFgM9cqoqNr6OSs43NOUQjQ%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
via: 1.1 google
x-backend-server: aa-reachservice-group-europe-west1-rvhs

POST
H3 200 rs Show response
ad4m.at/ Frame A6B7 1 KB
2 KB 55ms
55ms XHR
text/plain 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 87d0438995fd444c364e48bf9cc31a8183d65144af870e4f6930f15f215aca0c

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 18 Jan 2024 21:25:24 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gEpmNUSxoLaNSCBNj08df4tDtKFOLbXPPkJeGRSYOaBjP8cFRImKfuF4mj2vKtRekB%2BWG026Qjm3hjDAgwyIf%2F03BKIeWPk3DULjQEQjze7BaP4UvXlAQKwOr%2FZiEtY1GAi%2FZsA%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain
access-control-allow-origin: https://as.ad4m.at
access-control-allow-credentials: true
cf-ray: 8479e9097aa39193-FRA
x-backend-server: aa-reachservice-group-europe-west1-rvhs
alt-svc: h3=":443"; ma=86400

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame EAA6 0
0 61ms
60ms Image
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CiYaVQpepZeOdKdC59u8PmJeqmAWQ4YGEXLaoworwAsCNtwEQASAAYJXKhoKYB4IBF2NhLXB1Yi04NzM3NzkzMzg5NjcxNTM1yAEJqQJ_jGMqIjiyPuACAKgDAcgDAqoEgQJP0MwmwCg5YxAqi76R6vO-0wsn070VASjPs9c2OiFixa5HPA8Xs_2cOeog2ZfIRA948PGaJPhymlUdINExB7iuKMK_Y92kcHFIYod5hfSX4m2CSkrdThoktXTdQWyPCw_pTe2MlY4b_qUBVyUCP4Wmch4jg65jFQZmEx5WYxVM9VC6DeVfushzEVvQ-1Jz-Nc6m5JZa3HUOjBcaCmqG-sEUcW7ORfj37GfFA4lgCGr0Y7GTemDey7pckoFZn44qD0AyszTyfc6Vz0miE4SvaBbk1x3A_JuKky9OJRPvGH4fHymgwInzb8vQCAOaXc6PE8fk0vlmcVv2yP66_rr8gkA7OAEAYAG_JOsh_LJp4IroAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WJSgsoLw54MDgAoD-gsCCAGADAHiDRMIm4GzgvDngwMV0Jz9Bx2YiwpT0BUBgBcBshcdChsSFHB1Yi04NzM3NzkzMzg5NjcxNTM1GKCoiwE&sigh=tTt1KbpykkY&uach_m=%5BUACH%5D&cid=CAQSPAAvHhf_G1vfO-F86pyobZVNATehLXQk9N1eDKUNtN8dNp-kIQhRjXWLGeLpB18KMtDXGoZYr0-LqbKx0hgB&cbvp=2&vis=1
Requested by: Host: e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com
URL: https://e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

GET
H3 204 winResponse
prod-rtb.ad4mat.net/ Frame EAA6 0
11 B 32ms
32ms Image
image/gif 2600:1901:0:76b9::
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://prod-rtb.ad4mat.net/winResponse?a=1hzvw1xj0yj47aq2hvk4detpxcare9hpnvd9zy3mgvzymakbw1peba8sr3k3qk1v6srzbscvyq5fqvgdk9az9ecaa9et4hg5avtcmpcd8hdnabbz5c44f5c9mxkqcj6dgzq3rgc8fp6txb6xjreggb0ke58mw6gb7vqzwe6pp2sxh4czebv72g5qrt66n6tv517k2y7kn61qftqtga0qze42bpst2t7t251z6a53z9vcps6k5pcq8g5cssbpqt5ds1r5b5earkpe5jr39jqg2s9jpdv9epr159t34jjkncvp1b1jt0j6xbr1wvb1xce0jxt5znqqca9r1wgt39tse8pqtfj22zfxzp891m6qrvdmpn18q9pw962j1axnx530rjw4pnmk1katp4r&b=ZamXQgAKTuMH_ZzQAAqLmKxTPR5hsVHOGEI1tA&cbvp=2
Requested by: Host: e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com
URL: https://e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 18 Jan 2024 21:25:24 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: image/gif

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 87BE 0
0 65ms
65ms Image
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CJB_eQpepZeadKdC59u8PmJeqmAWQ4YGEXLaoworwAsCNtwEQASAAYJXKhoKYB4IBF2NhLXB1Yi04NzM3NzkzMzg5NjcxNTM1yAEJqQJ_jGMqIjiyPuACAKgDAcgDAqoEgAJP0ETFi-D7ciiTFDJYeBCBditdVJ4a9sKhVtl9jwMfXkwI5DNsKWLd3Z1ocT5AG2UufrWAYt9mMud9y5pQXKkxx0c-HPLFoshxX2OmwVXNDAKna8hTgoCBdRyZj7wSLI0HzsS9Y5MY1R7ZcYRq4JEGLxHx4eCKsDjsniqSa09nhArmy0_t2fMRIIhARQK7DndYCDK2b6coX-P_jltr-70fXlGLZ3ktiNuyQBDK2PRsKjUeahB_JMgGsgKcslN7P42VfdMSC0fztYQKsLLXpKIwsZnOGTi96tKq8ynyrWKhxwj7CdiFvMpuz9Xb4oPgnEHt3tTxKz9iewM3lXAXNMha4AQBgAa30KrL2bTPoU2gBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYlKCygvDngwOACgP6CwIIAYAMAeINEwiegbOC8OeDAxXQnP0HHZiLClPQFQGAFwGyFx0KGxIUcHViLTg3Mzc3OTMzODk2NzE1MzUYoKiLAQ&sigh=wajf9vem5-0&uach_m=%5BUACH%5D&cid=CAQSPAAvHhf_G1vfO-F86pyobZVNATehLXQk9N1eDKUNtN8dNp-kIQhRjXWLGeLpB18KMtDXGoZYr0-LqbKx0hgB&cbvp=2&vis=1
Requested by: Host: e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com
URL: https://e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

GET
H3 204 winResponse
prod-rtb.ad4mat.net/ Frame 87BE 0
11 B 31ms
31ms Image
image/gif 2600:1901:0:76b9::
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://prod-rtb.ad4mat.net/winResponse?a=1hjnc46b1effzjvn1b06x4qj24zvkgq5wwnjszaxgxbwhz2959e68nz6e3mnppaepcpsn2kdtpqz0fm08wv6rj0wzzeydjj1w6wfga9bd5xk2mm3a951hgz6f6cjjdn83cp95rkjp2aa8b6nhrwbev9zq6n87cb8ezfbd2a269cr64jzgjaar9pw92fr3p2cnsemnk60evxgm6v2w7h09gj5kj61kc6xz0a2b65yzg4qnwksxz5rtk8dgdb87vja77a9pz63dn0ymqh4ssbdrg9jrst9c9v6s5jnmve1nsx39rz8cx2y0mqff3tege3ft1s4rm16yfwy74nevdb647wt4wh38dsf48f8z07hgy7m74gm5x7vbsmpv76gy956xb96q7m3h94ve7g&b=ZamXQgAKTuYH_ZzQAAqLmPZj2FTA9YnF35u3fw&cbvp=2
Requested by: Host: e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com
URL: https://e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 18 Jan 2024 21:25:24 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: image/gif

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 31B4 0
0 62ms
62ms Image
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CT_8VQpepZeWdKdC59u8PmJeqmAWQ4YGEXLaoworwAsCNtwEQASAAYJXKhoKYB4IBF2NhLXB1Yi04NzM3NzkzMzg5NjcxNTM1yAEJqQJ_jGMqIjiyPuACAKgDAcgDAqoEgAJP0JhaGKntI5dxd7BZXGlZL0O9C3HOc7JjESywKmgWftaAzpJzP-Hn35jCzG8cH_tdqDJQRV0nFwNWdTfwgpVR2WPvaUSXTu6NPBng83BgIHPfHG92PQddGg61ILVNfH-7bXW61okQt1FVFUhY0bSEddHqe8NpnUhUk9G92i34hLXj8Qmm--KPrFE_4rQFE2l3Ygm0PGiwkoqaF91X_DPEbYpYVo88pFSsqMNXy3d6ACrRkQHgC7tzaV8H58OEY3CDtZewRlvu1-SImh56lsKIwIesI21zl4a8JtQHdSbeI0lGQJLpzD9JnPi5_dIQvm3_Bl6oIWNQJgprOW9Wv3dF4AQBgAa30KrL2bTPoU2gBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYlKCygvDngwOACgP6CwIIAYAMAeINEwidgbOC8OeDAxXQnP0HHZiLClPQFQGAFwGyFx0KGxIUcHViLTg3Mzc3OTMzODk2NzE1MzUYoKiLAQ&sigh=pSJ84CTcUVk&uach_m=%5BUACH%5D&cid=CAQSPAAvHhf_G1vfO-F86pyobZVNATehLXQk9N1eDKUNtN8dNp-kIQhRjXWLGeLpB18KMtDXGoZYr0-LqbKx0hgB&cbvp=2&vis=1
Requested by: Host: e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com
URL: https://e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

GET
H3 204 winResponse
prod-rtb.ad4mat.net/ Frame 31B4 0
11 B 33ms
33ms Image
image/gif 2600:1901:0:76b9::
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://prod-rtb.ad4mat.net/winResponse?a=1k5zy8x1hxjpvj34jt0rg8wsp9k39hcsm0csy66txpby7rhra6md8apk1cew4f86eg7dfj713vy5crp2vv70hvdchrtm21skfw3mfekasg18cbvrye053w4b4f3cxk2rdhmt9rpv4mkhjjfrnxs3dr8b1ckaepfbq5pp455rmjhwqscsq6pdwgypds4vjfr7eer7ttjw1sa6r033tf7ww9x153ythmjsegd1jqs000w3wm7kc44eeyes9fz3fd21pc1214snwegghy24chhcxrx7cznjge7xakkq87vdahr3w5ckx0w4bjwh3xzypzyfasfp60mjkcdp07mn0nsy8dcfv7b6dspekzqhqj0sv5cxcfw0j5cpp3mepva69w36h7jy19rpravg90r&b=ZamXQgAKTuUH_ZzQAAqLmIPDnwd--9CFTgfXPg&cbvp=2
Requested by: Host: e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com
URL: https://e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 18 Jan 2024 21:25:24 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: image/gif

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 1959 0
0 64ms
64ms Image
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CZ1zzQpepZeedKdC59u8PmJeqmAWQ4YGEXLaoworwAsCNtwEQASAAYJXKhoKYB4IBF2NhLXB1Yi04NzM3NzkzMzg5NjcxNTM1yAEJqQJ_jGMqIjiyPuACAKgDAcgDAqoEgAJP0EQZSy_YxyYeWJe0FvzAOgF9DCM-wvvMcIByxHSDvj57eYTD4yANOmWaZ7CjNBvrdCegGDx910UNaA2OgLtvj8bPhgQsa7qZHYh-7UFjOclPSV162U_3WXDd72JYIU96QVooo35aOoY0yYkSz7DHYrmwrvx6uA02_xbalcflZx29ydNrtNsPgBEiT4Qre0R1JBUC-kXhDWcP0zG_FFx2v97wpWyPC6eGNj26KYVLxkrJFGrUr2jetGmXcofo4-bUVJWxJNNp3DL22jp_9vZ7pRw23y9k9yi4RLkYclOs4dYoa_mHrxC5FoC082eBeMkckJQmFfJ7DyY892TfYMGT4AQBgAb8k6yH8smngiugBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYlKCygvDngwOACgP6CwIIAYAMAeINEwifgbOC8OeDAxXQnP0HHZiLClPQFQGAFwGyFx0KGxIUcHViLTg3Mzc3OTMzODk2NzE1MzUYoKiLAQ&sigh=5eU7LeuqOC0&uach_m=%5BUACH%5D&cid=CAQSPAAvHhf_G1vfO-F86pyobZVNATehLXQk9N1eDKUNtN8dNp-kIQhRjXWLGeLpB18KMtDXGoZYr0-LqbKx0hgB&cbvp=2&vis=1
Requested by: Host: e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com
URL: https://e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

GET
H3 204 winResponse
prod-rtb.ad4mat.net/ Frame 1959 0
11 B 32ms
32ms Image
image/gif 2600:1901:0:76b9::
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://prod-rtb.ad4mat.net/winResponse?a=1g8z9hse9de4jtgz5fsvtafbfde0y49zvdg30ndgtxf34cgdv0j764d8301f46zzet41jafk4d10spe5xnfa1x3aprqh7p0syrgrd8nf20fqqgvy2a422dgyhe76zyk2qsam0ztcz9mw025ghbrjk2j3n3j49vp16c6cy4e7dvensdmr2vd879t9f04yh0fd3t2d7cnxs1qyxm5f1t71zanye9srrzxrpjdbqwbv1a70vjwhv8ceb2s21mewd14phpzsk6bgqtvntv70mr3tv3aaa80yw7xbqbrn1f3tjn1tb22h4h7wq6mtchkbb6avdwcxrzb76pewbdfawpbemqqpw0xesv7xqj61rs2sh1t01m92ravxad4yzyr5gpqv7m35y0h3cv3tsg8&b=ZamXQgAKTucH_ZzQAAqLmE1OtpI3tthVSCMKgw&cbvp=2
Requested by: Host: e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com
URL: https://e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 18 Jan 2024 21:25:24 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: image/gif

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 8C20 0
0 64ms
64ms Image
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=C7bqLQ5epZbObE4zG7_UP9Kq4uAWQ4YGEXLaoworwAsCNtwEQASAAYJXKhoKYB4IBF2NhLXB1Yi04NzM3NzkzMzg5NjcxNTM1yAEJqQJ_jGMqIjiyPuACAKgDAcgDAqoEhgJP0OkgxITHVZOI1453C2XKum5n-Q4SxwuH2zSO_5ruY-lT8D1wqSULVmBfMP1jmJTQo-MCB_gnXAFGNNI4iFKa4KTNP866Rh2yciNJeY_SQftNFLguL_c3vp35eILbhMvguRyNAIKiYE4u8Dqj3PiUynR6omSY8TaGlmXo66ysgjy_QewFSDLs_N7bFYRjlBbFBkfWjxhVBwy-VrwlgKCBmW6lA9jxELDTZJfjFgpEhiWHV7tloHUw3roDIXYWgN5t5EkbTtDY_1o-XrCsd3YTleNwKe2vVSRGMts0Q4XSyGcEtwIJd8PLmlM1BR1caMW3kxpWo57IBZ3DKW3xCinz-noFHx384AQBgAa30KrL2bTPoU2gBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYn7DvgfDngwOACgP6CwIIAYAMAeINEwjr3O-B8OeDAxUM47sIHXQVDlfQFQGAFwGyFx0KGxIUcHViLTg3Mzc3OTMzODk2NzE1MzUYoKiLAQ&sigh=EjiUkQLIkzM&uach_m=%5BUACH%5D&cid=CAQSOwAvHhf_sD3qTnSmOdZYSSQjaBAmPPNTLi4LXow2hkilhOpdggg-aw3MmH9_x9VLeASxH7ig6cx3i6V0GAE&cbvp=2&vis=1
Requested by: Host: e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com
URL: https://e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

GET
H3 204 winResponse
prod-rtb.ad4mat.net/ Frame 8C20 0
11 B 33ms
33ms Image
image/gif 2600:1901:0:76b9::
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://prod-rtb.ad4mat.net/winResponse?a=1jr80emfybwbqc2hnz5bhajcnv8eph3am5mtxkf18xwjsrmsaj76t2x11mwr6bjka61ma6ke7rek8dzxfntj5b7z1g8bsyd1hp9j5ew0zxcd6k5gqadtctrh8e6w0zp17vbjf2gf2c333qs3ppm7ed98jnxvcpjxeg68pvhqv2vhmtwrbwc1qnjbjbe11685pv7573waz6vdvr74y1bna6p57f1dca3q6hn1xn61531gbv3qn6jfw75nyxaty6dz0v378jyc59nh6md64gss8v0ctrawhtc1ms4b43gv4p9g1hw5v4rxr5faj2wamqs7j7n115zt231p0568pmgchxrvscgb4ehgvzfqg37m03m4crfc48r39k46c8pxwkwb6t9tntxrfh8z878&b=ZamXQwAEzbMIu-MMAA4VdJWWinya8nR_H6xCDw&cbvp=2
Requested by: Host: e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com
URL: https://e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 18 Jan 2024 21:25:24 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: image/gif

POST
H3 200 rs Show response
ad4m.at/ Frame A25F 2 KB
2 KB 47ms
47ms XHR
text/plain 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c9db74dade6c6ed3f40fccc1c9353e1f00eaf20f3868171730e7d1c9b92848cb

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 18 Jan 2024 21:25:24 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=esmZe0iQd9ijsSdh6%2B3YO%2Fn%2FNbj9A0v5DoSWa%2FTCZ322lJFmIDgWPg4v9WR0xIStWYjkpLSpmXxt9n9XpOtp3Qm9LFPy0IWPyshHc8Qr5P8%2BYhwRASB6wdyxl7YLowq3H793exQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain
access-control-allow-origin: https://as.ad4m.at
access-control-allow-credentials: true
cf-ray: 8479e909baef9193-FRA
x-backend-server: aa-reachservice-group-europe-west1-rvhs
alt-svc: h3=":443"; ma=86400

OPTIONS
H3 200 rs
ad4m.at/ Frame 0
0 42ms
41ms Preflight
text/plain 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://as.ad4m.at
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin: https://as.ad4m.at
access-control-max-age: 1800
allow: HEAD,POST,GET,OPTIONS
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8479e9097a9d9193-FRA
content-length: 24
content-type: text/plain
date: Thu, 18 Jan 2024 21:25:24 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FtjMsyduTwhamTQPRCHqpo7tlKLRgwq9Qrch2QMSDW5osiEoVIZL2t%2Fjigr7r8wrPLYbpLvAViDhHmYFnNuXkZCxdDpvErVoShMBw0C7NmkptLy2ZUi1ESENx1%2FyFKYa2L5jk7g%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
via: 1.1 google
x-backend-server: aa-reachservice-group-europe-west1-rvhs

OPTIONS
H3 200 rs
ad4m.at/ Frame 0
0 43ms
43ms Preflight
text/plain 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://as.ad4m.at
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin: https://as.ad4m.at
access-control-max-age: 1800
allow: HEAD,POST,GET,OPTIONS
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8479e9097aa69193-FRA
content-length: 24
content-type: text/plain
date: Thu, 18 Jan 2024 21:25:24 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=82JRJ%2BNjje8dg9wqzP3qjkerpze7myUhUPwW0vc2H%2Bh5hbRuUsaRKkyMffxzKd%2FQUn5kkkvsaqCwNXP93JymDDH04%2FDxISUXglBFlhY4bLxRLCcUuid9%2Bo1GjY2Ji7PWcWu3nk0%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
via: 1.1 google
x-backend-server: aa-reachservice-group-europe-west1-rvhs

POST
H3 200 rs Show response
ad4m.at/ Frame B9DD 1 KB
2 KB 44ms
44ms XHR
text/plain 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 50bd0eae9d0f653d9d5754141d9c0920f9854a350ddbd7b6033ae2f3defc9719

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 18 Jan 2024 21:25:24 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l3q0NsOK6nzjdDKDVI45WOdIGbmPKLLlrdshMO2quIBfZi8eRQLz%2BA%2FhItBnsgnU44UJmGZ4fHHWKhkU9gWrZEZLADpnEdH6r1yq5O%2FitbZQLe3fRWhkyC5WYhgdOslDXTgr4lA%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain
access-control-allow-origin: https://as.ad4m.at
access-control-allow-credentials: true
cf-ray: 8479e909baf99193-FRA
x-backend-server: aa-reachservice-group-europe-west1-rvhs
alt-svc: h3=":443"; ma=86400

OPTIONS
H3 200 rs
ad4m.at/ Frame 0
0 41ms
41ms Preflight
text/plain 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://as.ad4m.at
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin: https://as.ad4m.at
access-control-max-age: 1800
allow: HEAD,POST,GET,OPTIONS
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8479e9097aa89193-FRA
content-length: 24
content-type: text/plain
date: Thu, 18 Jan 2024 21:25:24 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XyfPaM1ZW1nyzNaQtR64rLxaf61MgDM32EzQhaLjxvuFTHG2A4%2Fi5gMbKBH3zsT5bEbyKRWWb%2FwOkfDwEX7ayd7uXqO9iSToxkswbsafDGEfPEk5mH38D%2F7EsApqZUoNpWThm4g%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
via: 1.1 google
x-backend-server: aa-reachservice-group-europe-west1-rvhs

POST
H3 200 rs Show response
ad4m.at/ Frame 2FED 1 KB
2 KB 44ms
44ms XHR
text/plain 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 02aa8e2c96f3808f0736a2baf18cd71097138935b353651f7730ee535910eaab

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 18 Jan 2024 21:25:24 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6Sk47nk3vaEfR5NI1ZjV%2FtOtvBiL4piX8KpCahCn0GQuzLrAzX7vejlBo3G2eXjDYwkl4smijGUMbb%2BdyXpqsIKYqDIijwVaJCGCwGyU6VC7k5%2BuQJEwiV4eeW1Uu4RvqCoCNXg%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain
access-control-allow-origin: https://as.ad4m.at
access-control-allow-credentials: true
cf-ray: 8479e909baf69193-FRA
x-backend-server: aa-reachservice-group-europe-west1-rvhs
alt-svc: h3=":443"; ma=86400

GET
H3 200 dr Show response
as.ad4m.at/ad/ Frame C1A1 2 KB
3 KB 44ms
44ms Document
text/html 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/dr?ed=1hdjme2qwrk1y1j85brqw0kneghnv8g6tq3d8x01d1cgaj8qkbjvf6cs4z7f3sk4jy9h58qmm10xnd1ja2jn3y8sst4jqa7smdqgsh4vj36fhpaqhree0h2tr7jjkq1deb63tx15qdx5wnvnd98rr3rebn54yn7cqfrpstr4tzgm9b810wx9bpjvbam7861832xd2hbd9rvmwnvmy86aqnfdhtfk6njzmq68y11vrzqfy58gks6r3c7tekv6z2a9rx2e7nedyjae0afbyt81c01qa9ryvvvazfy2atff9k2b0k897z0ddb2q5cdbfpge369cj079b1bgjs9m6v1r7r8x7tvjrx1sdpsdrhpxakwe0e4vg491sh0hezs53zjjsyt3t3bn2vhxncscej2nb5y1zy33ncwqsvvsr459t867a989wq3z3w817n6nqjh8ab3mc0v6&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCohtDQ5epZeihH8_89u8P472V8AeQ4YGEXLaoworwAsCNtwEQASAAYJXKhoKYB4IBF2NhLXB1Yi04NzM3NzkzMzg5NjcxNTM1yAEJqQJ_jGMqIjiyPuACAKgDAcgDAqoEiQJP0G-PNPT9Fjth6QpbvKN1FDJz39Zp6JKsZMCWIo4SXnv02uFS---wKG7-WXfB9z3CPaF7SxjuJwUV1LFTEamg3_uy7PWbzdZy8VNkwxc99dkuySH3e-wtg0YxU7VlL2UiVonkpl_EULtaHYnnOV1ZSOhl8vXHMJmA2OrUaiIsZX7bcciB-SAvKvE6erHLsrP43phz16ih-ofYBn7M-C1JP3J43NPcwTvmN8y_1y_OadOSCMnY2eLQ4_Qk_w7Ym7qcTSgKxhKBKLTwpbxpF7gGsuCumJ-x5t0hRGXFN8fTEMDUPQrJpDb59d3lYvRuuNBl21B1j0Yfb4gK3yR_71XzD3rDwvicVs0Y4AQBgAbF76qXrOryphygBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYqvnvgfDngwP6CwIIAYAMAeINEwj-wPCB8OeDAxVPvv0HHeNeBX7QFQGAFwE%26num%3D1%26sig%3DAOD64_12Y0Xy455BLkZuiWwmasQGap0LiA%26client%3Dca-pub-8737793389671535%26adurl%3D

Requested by

Host: e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com
URL: https://e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e4c1ac1513adc273cad8f8c65f367b6fe70a779c9e267999e332be8bd3169f69

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src ;connect-src https:;default-src 'self';font-src ;form-action 'none';frame-src ;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src 'unsafe-inline'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 8479e9097fdf30d8-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src *;connect-src https:;default-src 'self';font-src *;form-action 'none';frame-src *;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Thu, 18 Jan 2024 21:25:24 GMT
expires: 0
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
permissions-policy: accelerometer=(),autoplay=(self),camera=(),display-capture=(),encrypted-media=(self),fullscreen=(),gamepad=(),geolocation=(),gyroscope=(),hid=(),identity-credentials-get=(),idle-detection=*,local-fonts=*,magnetometer=(),microphone=(),midi=(),otp-credentials=(),payment=(),picture-in-picture=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=(),web-share=*,xr-spatial-tracking=()
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240117/r20110914/client/ Frame 8954 3 KB
1 KB 19ms
19ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240117/r20110914/client/window_focus_fy2021.js

Requested by

Host: e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com
URL: https://e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 14:56:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 23341
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 01 Feb 2024 14:56:23 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame B2BF 1 KB
643 B 21ms
21ms Document
text/html 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com
URL: https://e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 15280
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 18 Jan 2024 17:10:44 GMT
etag: 48472445140208031
expires: Fri, 19 Jan 2024 17:10:44 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240117/r20110914/client/ Frame 8954 20 KB
8 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240117/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com
URL: https://e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 16:28:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 17841
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8492
x-xss-protection: 0
server: cafe
etag: 9878124937798820110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 01 Feb 2024 16:28:03 GMT

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 8954 24 KB
6 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com
URL: https://e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 01:04:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 159649
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 16 Jan 2025 01:04:35 GMT

GET
H3 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 8954 206 KB
65 KB 57ms
56ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com
URL: https://e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

69c32d8650b1e5f0bcb76d787972b68a1ba327ea5bd8da7ab8ca1a04336735c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 21:25:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66453
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1705495733332172"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 18 Jan 2024 21:25:24 GMT

POST
H3 200 rs Show response
ad4m.at/ Frame C61A 2 KB
2 KB 58ms
55ms XHR
text/plain 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0ddb732921760d11a169c7193ae1421bbde3a687eef1ed89c2c0fcf175e6e869

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 18 Jan 2024 21:25:24 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lOzioUgQd0pASZqoFcRZBlVs5GNLR7pNJ5gTNB2XexewSZ2KTKP7qzrYe5Xgj%2F9WBR%2FbKTf5JY5uFVf37hSUGx1o17ntg%2FB4vDuwQ9NYZX4odkkYeP%2BAcCcBfyhdtSd%2F2h163M8%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain
access-control-allow-origin: https://as.ad4m.at
access-control-allow-credentials: true
cf-ray: 8479e909db079193-FRA
x-backend-server: aa-reachservice-group-europe-west1-rvhs
alt-svc: h3=":443"; ma=86400

POST
H3 200 rs Show response
ad4m.at/ Frame 87EA 1 KB
2 KB 48ms
47ms XHR
text/plain 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2c213c6af5e6b1cacdf2ef6964af8ede5654366f50f7d7c5de0e3184f45946c2

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 18 Jan 2024 21:25:24 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QZAZDQGkB1%2FnZfPwiOe1OUsFJfmAnQmIEHRwOT1jz3gTXjr4CpiQ8cYcnaRfHZpg%2FlnAP560wi9kt6b4ScaKD35CHAguESUgAL%2BsHuEg0imme6%2FrMZJJc1fYdO6PagO5qmU1EyY%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain
access-control-allow-origin: https://as.ad4m.at
access-control-allow-credentials: true
cf-ray: 8479e909db0a9193-FRA
x-backend-server: aa-reachservice-group-europe-west1-rvhs
alt-svc: h3=":443"; ma=86400

OPTIONS
H3 200 rs
ad4m.at/ Frame 0
0 47ms
46ms Preflight
text/plain 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://as.ad4m.at
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin: https://as.ad4m.at
access-control-max-age: 1800
allow: HEAD,POST,GET,OPTIONS
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8479e9097aaf9193-FRA
content-length: 24
content-type: text/plain
date: Thu, 18 Jan 2024 21:25:24 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KvPY%2BqRjrcSm0RdwUHTdiRjxZaWB1VUuNB8yTSIXoNv0CLemzh3g97TAIXKHZzzR2ZvmThdpifxxF0HiOjl1%2FOAiPOn8tfb5Ho5EDMseIyaSXE4fNZOoSus8Ep6GhjBWa4fFs3k%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
via: 1.1 google
x-backend-server: aa-reachservice-group-europe-west1-rvhs

OPTIONS
H3 200 rs
ad4m.at/ Frame 0
0 48ms
48ms Preflight
text/plain 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://as.ad4m.at
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin: https://as.ad4m.at
access-control-max-age: 1800
allow: HEAD,POST,GET,OPTIONS
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8479e9097ab29193-FRA
content-length: 24
content-type: text/plain
date: Thu, 18 Jan 2024 21:25:24 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NTMVjIOS8bXpTX63EIHXhjv7IghE0GEVB7N4mI6U5TZmNr8PuoMEBr7qgWi0HwEJ12zwDl8aGg4cZfFfuuzTTNmZdCLIf2NHVnQTuAPx9PBl1aHhtMxwUkDuxy3DCg4KU18R2UE%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
via: 1.1 google
x-backend-server: aa-reachservice-group-europe-west1-rvhs

GET
H3 200 rar Show response
as.ad4m.at/ad/ Frame 4FD3 3 KB
3 KB 49ms
48ms Document
text/html 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/rar?a=765&b=7QWSqfzf38crHXHgtAtBGMc4S1TQ8Eu2k1j&f=EjgSDfEfgVhzHAHjt6Cq6daKSVTYr3hBgQ5&c=320&d=50&e=&g=0795b19f7aa8586d55b3a66b5f59ba07%2F7760633811250529273&i=1676&j=4&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1705613124042&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gjtva3bs5ne7w2t1ay7k7485950w6cycetaxhmm1skshr0vmr8qxrjwm0khq7n0k2rj2pahjqf2frnpbm7w7y0b2d0dr3fktzkk36v0qenm64d2x6yq2xwsct65js4p6tckc9a9ny01x22s0pb190w6hh5yvq0cezgaw6xc9wvffmqhe49m6wk4yv6z9tc7n88wq51tnp3mmagdd9ghw907qw998afp0grgmq281yx07mjttdkj5a6xvc63qkqejp2wzv7st9yhr7vda61g5cst%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC4FAHQpepZeCdKdC59u8PmJeqmAWQ4YGEXLaoworwAsCNtwEQASAAYJXKhoKYB4IBF2NhLXB1Yi04NzM3NzkzMzg5NjcxNTM1yAEJqQJ_jGMqIjiyPuACAKgDAcgDAqoEhgJP0Ett7skyQfoYRRPKpiX9WgXdPcMNWDJ4nTInIxpolEr0y8H6tIF5ELWg7Ag17pMRJia3KvOSoNO1ajzSG8PsVP9zZy3FhZQ4uimw5zyxlN8J1--hLUiEekCruKRdCxGi4MkvWRtZh7P9qNNjeAat8OccFiw6td_zEBnZ6WWduKUhl58QMqgVRnSB3K16UBNaQiuZxTdKV74fmjY94UqCcFT34_P_cXlnIJJwKlJ69EyiJzmH3fMxiz8qukSXXXuFWhxarZNAD156hIEAp45_FpkvBUbBFWYms-5quea3K93K54OUq6F2f04ujZ6evrJLSK3dGDz5yQbbMTbBOSmNsz6wzmlG4AQBgAbF76qXrOryphygBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYlKCygvDngwP6CwIIAYAMAeINEwiYgbOC8OeDAxXQnP0HHZiLClPQFQGAFwE%2526num%253D1%2526sig%253DAOD64_1_n6-vsi77KJFloNhNiGuHizwxOQ%2526client%253Dca-pub-8737793389671535%2526adurl%253D&y=1&s=&z=0

Requested by

Host: ad4m.at
URL: https://ad4m.at/r62eglto.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d978f3bea3c4b7f772b7a2a66fe1af0d86e36939148993ca8cd9f4c3fbc937bb

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src ;connect-src https:;default-src 'self';font-src ;form-action 'none';frame-src ;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src 'unsafe-inline'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://as.ad4m.at/ad/dr?ed=1k82fwaa71m9y1h8a1jzq5kdmv4t8ykfrfnxzfh6n4yjxrp63rfh96nj2h9aq9awdk26znkgx5y2jgt0xhf64wzayrgmtfx67qcqwypnpp4hpqzztdp2sbmqcy7qgf2a2s4bwc4c406w61pge3a8qkhvnvnjj3raxka4de3kqkpk6npdt266p1dekqyqhsrj9h8ck478mzgdvjjpzkqj7drznc55mxengzwgfy24r6q2ag3zwhgdyz6k8sdrhg7stkspfgjk1np73r4vsq0dcay0tg9ncgq8xtnnaz67c3xgza1d0g4x4qjvsacgaccedfbmfwj131xfegqtq85tzxqvwm6yp2x3mvkdqj8yznv2j7ck453c7pp84avq046eytx2rzwx5czd1wgm7p43vjzazm7ftgdq7dzgabe6t0p3ngwhfnbw63v9xcyb16gnxvvyynr2&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC4FAHQpepZeCdKdC59u8PmJeqmAWQ4YGEXLaoworwAsCNtwEQASAAYJXKhoKYB4IBF2NhLXB1Yi04NzM3NzkzMzg5NjcxNTM1yAEJqQJ_jGMqIjiyPuACAKgDAcgDAqoEhgJP0Ett7skyQfoYRRPKpiX9WgXdPcMNWDJ4nTInIxpolEr0y8H6tIF5ELWg7Ag17pMRJia3KvOSoNO1ajzSG8PsVP9zZy3FhZQ4uimw5zyxlN8J1--hLUiEekCruKRdCxGi4MkvWRtZh7P9qNNjeAat8OccFiw6td_zEBnZ6WWduKUhl58QMqgVRnSB3K16UBNaQiuZxTdKV74fmjY94UqCcFT34_P_cXlnIJJwKlJ69EyiJzmH3fMxiz8qukSXXXuFWhxarZNAD156hIEAp45_FpkvBUbBFWYms-5quea3K93K54OUq6F2f04ujZ6evrJLSK3dGDz5yQbbMTbBOSmNsz6wzmlG4AQBgAbF76qXrOryphygBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYlKCygvDngwP6CwIIAYAMAeINEwiYgbOC8OeDAxXQnP0HHZiLClPQFQGAFwE%26num%3D1%26sig%3DAOD64_1_n6-vsi77KJFloNhNiGuHizwxOQ%26client%3Dca-pub-8737793389671535%26adurl%3D
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 8479e909a80a30d8-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src *;connect-src https:;default-src 'self';font-src *;form-action 'none';frame-src *;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Thu, 18 Jan 2024 21:25:24 GMT
expires: 0
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
permissions-policy: accelerometer=(),autoplay=(self),camera=(),display-capture=(),encrypted-media=(self),fullscreen=(),gamepad=(),geolocation=(),gyroscope=(),hid=(),identity-credentials-get=(),idle-detection=*,local-fonts=*,magnetometer=(),microphone=(),midi=(),otp-credentials=(),payment=(),picture-in-picture=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=(),web-share=*,xr-spatial-tracking=()
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
DATA 200
OK truncated
/ Frame 8954 218 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1d1350543f8418a32e0683401e8be6de68568a96ffa6346dfd7c88f3dbcae111

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 204 current
dclk-match.dotomi.com/match/bounce/ Frame B2BF 0
103 B 44ms
42ms Image
text/plain 2a02:fa8:8806:13::1400
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEGXN7jZqr4DNoObMVrYVJpI&google_cver=1&google_push=AXcoOmS-WOxWVtLq2asDzba6sbzkX_0SgoBL0WARUtdwoiECZwqNOosp3-usHCoGTNJxP3nh1UzCgi9EbCg3vo_ifdg1OQAYyKIj8Q
Requested by: Host: e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com
URL: https://e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:13::1400 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 18 Jan 2024 21:25:24 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame B2BF
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEE01uxT7Wx5H7_16gsl_wMI&google_cve...
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=MnluVTVvQ1AxUnF6VDU1&google_gid=CAESEE01uxT7Wx5H7_16gsl_wMI&google_cver=1&google_push=AXcoOmQwFM0n0VFGRCVsUgp8YA_ZlXqgr40husK1-1cuGEL...

170 B
188 B

33ms
33ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=MnluVTVvQ1AxUnF6VDU1&google_gid=CAESEE01uxT7Wx5H7_16gsl_wMI&google_cver=1&google_push=AXcoOmQwFM0n0VFGRCVsUgp8YA_ZlXqgr40husK1-1cuGEL-semGpP2h9gQtZZuwJxeKR8IW2fG-xlul6nu1WXbc23xn74ckGAtvuA

Requested by

Host: e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com
URL: https://e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 18 Jan 2024 21:25:24 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 18 Jan 2024 21:25:23 GMT
Strict-Transport-Security: max-age=2592000; includeSubDomains
Server: PingMatch/v2.0.30-795-gb641a57#rel-ec2-master i-029f22d856dc4e10e@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Location: https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=MnluVTVvQ1AxUnF6VDU1&google_gid=CAESEE01uxT7Wx5H7_16gsl_wMI&google_cver=1&google_push=AXcoOmQwFM0n0VFGRCVsUgp8YA_ZlXqgr40husK1-1cuGEL-semGpP2h9gQtZZuwJxeKR8IW2fG-xlul6nu1WXbc23xn74ckGAtvuA
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame B2BF
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEDPdXl4vXFN3puGQbIXo9Do&google_cver=1&google_push=AXcoOmR0asWx8MOleqHM_qJQC440acl6LVYJsElDFZ4rHsJMiDAaYs3NRORnQpidwtq1QQx2r4bxK2xB-N3Afj3XTFGMHvs...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmR0asWx8MOleqHM_qJQC440acl6LVYJsElDFZ4rHsJMiDAaYs3NRORnQpidwtq1QQx2r4bxK2xB-N3Afj3XTFGMHvsxlQBRnw&google_hm=eS1tREVzSF90RTJwSGJV...

170 B
188 B

33ms
33ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmR0asWx8MOleqHM_qJQC440acl6LVYJsElDFZ4rHsJMiDAaYs3NRORnQpidwtq1QQx2r4bxK2xB-N3Afj3XTFGMHvsxlQBRnw&google_hm=eS1tREVzSF90RTJwSGJVSDRrZEp4dHdMT2JaUjYzeXdFSX5B

Requested by

Host: e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com
URL: https://e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 18 Jan 2024 21:25:24 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Thu, 18 Jan 2024 21:25:24 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmR0asWx8MOleqHM_qJQC440acl6LVYJsElDFZ4rHsJMiDAaYs3NRORnQpidwtq1QQx2r4bxK2xB-N3Afj3XTFGMHvsxlQBRnw&google_hm=eS1tREVzSF90RTJwSGJVSDRrZEp4dHdMT2JaUjYzeXdFSX5B
content-length: 0

GET
H2 200 usersync.aspx
dis.criteo.com/dis/ Frame B2BF 43 B
362 B 29ms
28ms Image
image/gif 178.250.1.9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmTv8ZekCrAwO-4FAdVZ3mKm9LRTZ5ry3cz81hwXK_6bu7at17ZLGeJDirv3XtjD5mqkhu_VsCeb5UymA_3RnMxO4ZuKcaxsKg&google_gid=CAESEP4pIs9zI3dqSe4I3vOUwTg&google_cver=1

Requested by

Host: e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com
URL: https://e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 18 Jan 2024 21:25:24 GMT
x-errorlevel: 0
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 205657
expires: Thu, 18 Jan 2024 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame B2BF
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESENPIOG-jgjzIENIkthbOIKA&google_cver=1&google_push=AXcoOmStr9dF3WiTGm79-YBpI9nC9XVh6bPwkVypOlo0hvkkg3d-Di57_Sx_4S1JJDOMqaZzaTl3j_af...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDA4NjUzNzg4ODc0MTQ1MjEyOA&google_push=AXcoOmStr9dF3WiTGm79-YBpI9nC9XVh6bPwkVypOlo0hvkkg3d-Di57_Sx_4S1JJDOMqaZzaTl3j_...

170 B
188 B

32ms
32ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDA4NjUzNzg4ODc0MTQ1MjEyOA&google_push=AXcoOmStr9dF3WiTGm79-YBpI9nC9XVh6bPwkVypOlo0hvkkg3d-Di57_Sx_4S1JJDOMqaZzaTl3j_afRTV9VkumHhYBIl97uzMB

Requested by

Host: e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com
URL: https://e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 18 Jan 2024 21:25:24 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 18 Jan 2024 21:25:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDA4NjUzNzg4ODc0MTQ1MjEyOA&google_push=AXcoOmStr9dF3WiTGm79-YBpI9nC9XVh6bPwkVypOlo0hvkkg3d-Di57_Sx_4S1JJDOMqaZzaTl3j_afRTV9VkumHhYBIl97uzMB
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H3 200 dds
rtb.openx.net/sync/ Frame B2BF 43 B
58 B 29ms
29ms Image
image/gif 35.186.253.211
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESEJJKyvXRwA3VGlhB4u_08Vg&google_cver=1&google_push=AXcoOmSBQVNGtMtd_759PjOFaAQvXlcq3x3nTvpgDBrhzp5cKTLoCtWXCkMDZfuqcs1sbSnFgJoBTqf0fD_otaFLZURi6W1X8yma
Requested by: Host: e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com
URL: https://e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 211.253.186.35.bc.googleusercontent.com
Software: /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 18 Jan 2024 21:25:24 GMT
via: 1.1 google
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43

GET
H2 200 https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25
x.bidswitch.net/check_uuid/ Frame B2BF 43 B
145 B 23ms
22ms Image
image/gif 18.192.16.65
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEAEqjlTZuGrsNwW0-a5aWuA&google_cver=1&google_push=AXcoOmSKWO3kb3vYJ_MTUhZBWOqqQpb7X0G5fx0DAq_ji86vh43esY4k6F_7Ag2whXVQDyhRyL8rt0GcR636n4StjNq4S7MjakDjCA4
Requested by: Host: e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com
URL: https://e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.192.16.65 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-192-16-65.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 21:25:24 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame B2BF 0
12 B 30ms
30ms Image
text/html 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IEiQuPhkoLDigJcpNyT1ze0YOoKa_bYESnr6S7ws-OYgpkxon9nSto29VmdY_LeE2MJPVoRw

Requested by

Host: e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com
URL: https://e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 21:25:24 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 rar Show response
as.ad4m.at/ad/ Frame DAD6 3 KB
3 KB 48ms
47ms Document
text/html 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/rar?a=14019&b=Rx3HgfQfZx7TkHwH3tQtdWgf9SzTYMAhB3zZ&f=QxWH4fjfbV7txH5HYt9CZekh6S4TGD4HEzJ5&c=300&d=50&e=&g=8c6452da297663b6e2690788bbc887d2%2F5576148969009994260&i=21596&j=16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1705613124068&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hawzpj54exkcbkrc9m4rtwx3xxfdc5jt57ha2yqbssnndchkwncb2vdd08rmzqvmfqqmfybchsn5nd233x40ehnc6e7tkwcwj1a6q1m5hwkfr88q0qncr8qgf4cns3fbzpbwg8snnep0zxftj8fy2f96dbtbj6cv5fhd8qejc34rq9ax75nq7g8540thntkjd51m7600pc9davtceecp802m7ep01a7c64eb5409xa02xceyn9ykx17wykz4s4r61g14y6pjymnjx6th83vg61h%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCtPB9QpepZeKdKdC59u8PmJeqmAWQ4YGEXLaoworwAsCNtwEQASAAYJXKhoKYB4IBF2NhLXB1Yi04NzM3NzkzMzg5NjcxNTM1yAEJqQJ_jGMqIjiyPuACAKgDAcgDAqoEhAJP0OtZ1_I-FReEEu1b1XYJN7Bo-IPb6lpnjj4x4oVcoW0j6giPr7UZA9-tRlOAX5guRohYqP3Y67j0ZLS2vaEhFPxgP-QuS2J6usst6MR8vgRRpgcfHmqd4WA-5igH-y379aEJN6Wj6335NyEFWWN6_H-C8AjC63TyqNiL44QRKZ71dhPVJIR-RjkXfTFmYQB3qJfF7xaplm4s8-3WQRiM-IjXI0R1Nl8cokKwjrOU78ncOPTNLxX_9hvte2YWSqXkRFtA0VU8elAiyTV4rOKgxheNd0dlZrlpX78DkaNGYxmeoME7Mi1-kCy92hIZ9Ye6C75r7c9hohJIHtGXknpbBYkM4uAEAYAGt9Cqy9m0z6FNoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WJSgsoLw54MD-gsCCAGADAHiDRMImoGzgvDngwMV0Jz9Bx2YiwpT0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1zwwti0WAFL0ikk2qmZuL9tYhPIQ%2526client%253Dca-pub-8737793389671535%2526adurl%253D&y=1&s=&z=0

Requested by

Host: ad4m.at
URL: https://ad4m.at/r62eglto.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

048494d3c4633e329acd8bd73e74677965c75e3fd8d98919979e215d1ff5a830

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src ;connect-src https:;default-src 'self';font-src ;form-action 'none';frame-src ;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src 'unsafe-inline'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://as.ad4m.at/ad/dr?ed=1jsqdqm9ee35ee3gz890c88g4qt219rmksvyhd7skyt4x5vwc7v6kcst7psk0hj8q17awpfcxbgvamxptdtcce5h9be70bh9dq0zc5s6xbwyy73dfea3d8ge91vn49f8efcfyenmksksevha0nh8qwgwk84b39qngy58dq0nbnckfeznkcsx9d92pfsrassqx5d84y9v5j030d13retra42xcnsgb963akq3j590ad3a08vzmy0zqh0px55vp0ey61g28a6svf2kz40rab5yynvtdtdx8h6s9c00eagcb30njjnbp4s0pndrcye7t849gdepb2r1hnnzse08rdftrx7x92zj9k7pv34xbrn1e1gbjv5kafs01paeykvc4k7q4jymb6vyfevhm48ak7dxqpah4q17v8c3hjkx003mgtseczxj4yk1spqz2pw36r48sm2pwk41&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCtPB9QpepZeKdKdC59u8PmJeqmAWQ4YGEXLaoworwAsCNtwEQASAAYJXKhoKYB4IBF2NhLXB1Yi04NzM3NzkzMzg5NjcxNTM1yAEJqQJ_jGMqIjiyPuACAKgDAcgDAqoEhAJP0OtZ1_I-FReEEu1b1XYJN7Bo-IPb6lpnjj4x4oVcoW0j6giPr7UZA9-tRlOAX5guRohYqP3Y67j0ZLS2vaEhFPxgP-QuS2J6usst6MR8vgRRpgcfHmqd4WA-5igH-y379aEJN6Wj6335NyEFWWN6_H-C8AjC63TyqNiL44QRKZ71dhPVJIR-RjkXfTFmYQB3qJfF7xaplm4s8-3WQRiM-IjXI0R1Nl8cokKwjrOU78ncOPTNLxX_9hvte2YWSqXkRFtA0VU8elAiyTV4rOKgxheNd0dlZrlpX78DkaNGYxmeoME7Mi1-kCy92hIZ9Ye6C75r7c9hohJIHtGXknpbBYkM4uAEAYAGt9Cqy9m0z6FNoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WJSgsoLw54MD-gsCCAGADAHiDRMImoGzgvDngwMV0Jz9Bx2YiwpT0BUBgBcB%26num%3D1%26sig%3DAOD64_1zwwti0WAFL0ikk2qmZuL9tYhPIQ%26client%3Dca-pub-8737793389671535%26adurl%3D
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 8479e909c82f30d8-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src *;connect-src https:;default-src 'self';font-src *;form-action 'none';frame-src *;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Thu, 18 Jan 2024 21:25:24 GMT
expires: 0
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
permissions-policy: accelerometer=(),autoplay=(self),camera=(),display-capture=(),encrypted-media=(self),fullscreen=(),gamepad=(),geolocation=(),gyroscope=(),hid=(),identity-credentials-get=(),idle-detection=*,local-fonts=*,magnetometer=(),microphone=(),midi=(),otp-credentials=(),payment=(),picture-in-picture=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=(),web-share=*,xr-spatial-tracking=()
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.50/one-ad/ Frame C1A1 115 KB
14 KB 34ms
32ms Stylesheet
text/css 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.50/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1hdjme2qwrk1y1j85brqw0kneghnv8g6tq3d8x01d1cgaj8qkbjvf6cs4z7f3sk4jy9h58qmm10xnd1ja2jn3y8sst4jqa7smdqgsh4vj36fhpaqhree0h2tr7jjkq1deb63tx15qdx5wnvnd98rr3rebn54yn7cqfrpstr4tzgm9b810wx9bpjvbam7861832xd2hbd9rvmwnvmy86aqnfdhtfk6njzmq68y11vrzqfy58gks6r3c7tekv6z2a9rx2e7nedyjae0afbyt81c01qa9ryvvvazfy2atff9k2b0k897z0ddb2q5cdbfpge369cj079b1bgjs9m6v1r7r8x7tvjrx1sdpsdrhpxakwe0e4vg491sh0hezs53zjjsyt3t3bn2vhxncscej2nb5y1zy33ncwqsvvsr459t867a989wq3z3w817n6nqjh8ab3mc0v6&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCohtDQ5epZeihH8_89u8P472V8AeQ4YGEXLaoworwAsCNtwEQASAAYJXKhoKYB4IBF2NhLXB1Yi04NzM3NzkzMzg5NjcxNTM1yAEJqQJ_jGMqIjiyPuACAKgDAcgDAqoEiQJP0G-PNPT9Fjth6QpbvKN1FDJz39Zp6JKsZMCWIo4SXnv02uFS---wKG7-WXfB9z3CPaF7SxjuJwUV1LFTEamg3_uy7PWbzdZy8VNkwxc99dkuySH3e-wtg0YxU7VlL2UiVonkpl_EULtaHYnnOV1ZSOhl8vXHMJmA2OrUaiIsZX7bcciB-SAvKvE6erHLsrP43phz16ih-ofYBn7M-C1JP3J43NPcwTvmN8y_1y_OadOSCMnY2eLQ4_Qk_w7Ym7qcTSgKxhKBKLTwpbxpF7gGsuCumJ-x5t0hRGXFN8fTEMDUPQrJpDb59d3lYvRuuNBl21B1j0Yfb4gK3yR_71XzD3rDwvicVs0Y4AQBgAbF76qXrOryphygBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYqvnvgfDngwP6CwIIAYAMAeINEwj-wPCB8OeDAxVPvv0HHeNeBX7QFQGAFwE%26num%3D1%26sig%3DAOD64_12Y0Xy455BLkZuiWwmasQGap0LiA%26client%3Dca-pub-8737793389671535%26adurl%3D
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5f5a0db09b2c7d59fce00d749f6b857d80edafcca6897c038c5b77fb942f1393

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/dr?ed=1hdjme2qwrk1y1j85brqw0kneghnv8g6tq3d8x01d1cgaj8qkbjvf6cs4z7f3sk4jy9h58qmm10xnd1ja2jn3y8sst4jqa7smdqgsh4vj36fhpaqhree0h2tr7jjkq1deb63tx15qdx5wnvnd98rr3rebn54yn7cqfrpstr4tzgm9b810wx9bpjvbam7861832xd2hbd9rvmwnvmy86aqnfdhtfk6njzmq68y11vrzqfy58gks6r3c7tekv6z2a9rx2e7nedyjae0afbyt81c01qa9ryvvvazfy2atff9k2b0k897z0ddb2q5cdbfpge369cj079b1bgjs9m6v1r7r8x7tvjrx1sdpsdrhpxakwe0e4vg491sh0hezs53zjjsyt3t3bn2vhxncscej2nb5y1zy33ncwqsvvsr459t867a989wq3z3w817n6nqjh8ab3mc0v6&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCohtDQ5epZeihH8_89u8P472V8AeQ4YGEXLaoworwAsCNtwEQASAAYJXKhoKYB4IBF2NhLXB1Yi04NzM3NzkzMzg5NjcxNTM1yAEJqQJ_jGMqIjiyPuACAKgDAcgDAqoEiQJP0G-PNPT9Fjth6QpbvKN1FDJz39Zp6JKsZMCWIo4SXnv02uFS---wKG7-WXfB9z3CPaF7SxjuJwUV1LFTEamg3_uy7PWbzdZy8VNkwxc99dkuySH3e-wtg0YxU7VlL2UiVonkpl_EULtaHYnnOV1ZSOhl8vXHMJmA2OrUaiIsZX7bcciB-SAvKvE6erHLsrP43phz16ih-ofYBn7M-C1JP3J43NPcwTvmN8y_1y_OadOSCMnY2eLQ4_Qk_w7Ym7qcTSgKxhKBKLTwpbxpF7gGsuCumJ-x5t0hRGXFN8fTEMDUPQrJpDb59d3lYvRuuNBl21B1j0Yfb4gK3yR_71XzD3rDwvicVs0Y4AQBgAbF76qXrOryphygBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYqvnvgfDngwP6CwIIAYAMAeINEwj-wPCB8OeDAxVPvv0HHeNeBX7QFQGAFwE%26num%3D1%26sig%3DAOD64_12Y0Xy455BLkZuiWwmasQGap0LiA%26client%3Dca-pub-8737793389671535%26adurl%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 21:25:24 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 500448
cf-polished: origSize=118430
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 02 Nov 2023 10:26:17 GMT
server: cloudflare
etag: W/"486507ccce9ac587d11c0ef3f32a109a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=k8gw2CPZtgQMIniZlQPm7O8Wx3Ny6Lc3LQ521x5FjCdHRI4C2FG6ICtmbnHqIRQMRmTFChc1UQcyflUYa%2Fys7KU6%2FkoPFnS14hp1BmCTiYY%2Fp2qSHD3UXphEHqhk5WR8aofdjilx6Rc%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=86400
cf-ray: 8479e909c83230d8-FRA
expires: Fri, 19 Jan 2024 21:25:24 GMT

GET
H3 200 r62eglto.js Show response
ad4m.at/ Frame C1A1 24 KB
10 KB 32ms
31ms Script
application/javascript 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/r62eglto.js
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1hdjme2qwrk1y1j85brqw0kneghnv8g6tq3d8x01d1cgaj8qkbjvf6cs4z7f3sk4jy9h58qmm10xnd1ja2jn3y8sst4jqa7smdqgsh4vj36fhpaqhree0h2tr7jjkq1deb63tx15qdx5wnvnd98rr3rebn54yn7cqfrpstr4tzgm9b810wx9bpjvbam7861832xd2hbd9rvmwnvmy86aqnfdhtfk6njzmq68y11vrzqfy58gks6r3c7tekv6z2a9rx2e7nedyjae0afbyt81c01qa9ryvvvazfy2atff9k2b0k897z0ddb2q5cdbfpge369cj079b1bgjs9m6v1r7r8x7tvjrx1sdpsdrhpxakwe0e4vg491sh0hezs53zjjsyt3t3bn2vhxncscej2nb5y1zy33ncwqsvvsr459t867a989wq3z3w817n6nqjh8ab3mc0v6&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCohtDQ5epZeihH8_89u8P472V8AeQ4YGEXLaoworwAsCNtwEQASAAYJXKhoKYB4IBF2NhLXB1Yi04NzM3NzkzMzg5NjcxNTM1yAEJqQJ_jGMqIjiyPuACAKgDAcgDAqoEiQJP0G-PNPT9Fjth6QpbvKN1FDJz39Zp6JKsZMCWIo4SXnv02uFS---wKG7-WXfB9z3CPaF7SxjuJwUV1LFTEamg3_uy7PWbzdZy8VNkwxc99dkuySH3e-wtg0YxU7VlL2UiVonkpl_EULtaHYnnOV1ZSOhl8vXHMJmA2OrUaiIsZX7bcciB-SAvKvE6erHLsrP43phz16ih-ofYBn7M-C1JP3J43NPcwTvmN8y_1y_OadOSCMnY2eLQ4_Qk_w7Ym7qcTSgKxhKBKLTwpbxpF7gGsuCumJ-x5t0hRGXFN8fTEMDUPQrJpDb59d3lYvRuuNBl21B1j0Yfb4gK3yR_71XzD3rDwvicVs0Y4AQBgAbF76qXrOryphygBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYqvnvgfDngwP6CwIIAYAMAeINEwj-wPCB8OeDAxVPvv0HHeNeBX7QFQGAFwE%26num%3D1%26sig%3DAOD64_12Y0Xy455BLkZuiWwmasQGap0LiA%26client%3Dca-pub-8737793389671535%26adurl%3D
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 098e6dc516d5b171a1bf126adf3b8e8510746bac17f477f73a6310587e4ab9e8

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 21:25:24 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 09 Jan 2024 06:20:40 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 227067
etag: W/"ea6b8b5621410c697cbfca30307bc4ca"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qdsjgFjxu3c74fEnQn1pif%2BfRkwmtjSGv32Q5%2BCW6f54sVwikXna%2BoXPO%2BTP36MHJ85JvoER%2BMnt26Es6Nb15h8pC1BvlGNaPsY%2B74oePMgELQc5RrW5uGcDJG5PEIy2f78Ev5I%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray: 8479e909c83330d8-FRA
alt-svc: h3=":443"; ma=86400
expires: Tue, 16 Jan 2024 06:20:57 GMT

GET
H3 200 rar Show response
as.ad4m.at/ad/ Frame 7847 3 KB
3 KB 45ms
45ms Document
text/html 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/rar?a=12798&b=13mUbfKf2Ama9HdH9tAt2zmS2SKTGRWHx7dr&f=wAjudfjfZk3SEHRH2tEC4m9hzSATmrZTKJQ1&c=320&d=50&e=&g=ca6cf9288b5ffa853a40754ddc07265b%2F17633747351325930973&i=20363&j=24&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1705613124072&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hr2scez6rxe1adtasmt78cdtybmnj45cad7je9jxcxq9x2az4cm2b0ftwweec05j9banxtbrssvw4j1bk8t98ex83qw11hkxv8mycgfv9c26rcxexg7khj73274rn5fq330mpyt4q45qm9fda9t1h0trk99d7534ynq4fc94y3r58d935kaxmcxebbq6gpcjxjpgb5wfnrz82b8gfrjbm6w1k7jy1sthmr7e2dn2hep1tydqgkk6c5sfgveth9w4hsxqkw2akkdj7kksc3bg7jv%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCm0PWQpepZeGdKdC59u8PmJeqmAWQ4YGEXLaoworwAsCNtwEQASAAYJXKhoKYB4IBF2NhLXB1Yi04NzM3NzkzMzg5NjcxNTM1yAEJqQJ_jGMqIjiyPuACAKgDAcgDAqoEjAJP0EvPm_--F40JGJsXkGL709w-3Xb-hK9O0aQlWNW8eXKrS9niy86RMKIKVQNRDXkD1A1YVfmNcM3lD-KNIA9kIAoglKNPVJGH0h7vLcdeQjjwHAyd4b4N72NXS049xNP_7ljfI_glR5Cb6K837op1zPidyHMJ31GTKLBcU0K6gLyMTEpTdicrZfztCco4kCoBZ11vH7aeidML0FfBSVYelhoPi34Za9IRw_eWyMQ68jiQOn1IfEr0z4bQn8s12N0MmcbWGTDwWhDKdMYws5Ej1xJ01NWkgbVxc1MkSNEqPib9e4P3lA2mUErQGzXPKz3xVf_68srB3EXX2p-A9RWziFVYDHESVjdo-RQ34AQBgAbF76qXrOryphygBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYlKCygvDngwP6CwIIAYAMAeINEwiZgbOC8OeDAxXQnP0HHZiLClPQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2VhP59kPk0szm7BFx6c0fKMWvzLA%2526client%253Dca-pub-8737793389671535%2526adurl%253D&y=1&s=&z=0

Requested by

Host: ad4m.at
URL: https://ad4m.at/r62eglto.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0bd70411051c47d7bc01d3c9cef56c5da750ed204196b287ee314b14bef36163

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src ;connect-src https:;default-src 'self';font-src ;form-action 'none';frame-src ;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src 'unsafe-inline'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://as.ad4m.at/ad/dr?ed=1je340jfd228zvnf0q95ga1ft02vnq4z8fq0ykmcwnj0mbxgxe3kysqeszd6exnb87ysqky0z8fzdskeq84ecve03k57ffd57zd65q08ebm5vfg4jkgbq421enfwaz2kvq5n5yjw7dk1wja8cmewa6f7knpveqz3kvsfwfrmmdg1mg688nffz0ecbrn699jb76w4fhanf7sbp6km6dfk2jtrdf1cqgns948cp3b3shgfej0528aq2pqejtmsb5cyetjt280gf8ryd72tavfdmft3wb28ep35p5et7npbypmtx6ytb0caqt20kt83s4bbrn4w7vs45ee0y3jgq7ra0r39gpxz33qbwb6aw4ye36afk9fdtrdhydgs84y58ysjqpxvdz4nz5njrg3f08xmnq39qdwyj58zfdppf0f80vbwa7wpnp3k0sqmzt30x2hrneczbdyj&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCm0PWQpepZeGdKdC59u8PmJeqmAWQ4YGEXLaoworwAsCNtwEQASAAYJXKhoKYB4IBF2NhLXB1Yi04NzM3NzkzMzg5NjcxNTM1yAEJqQJ_jGMqIjiyPuACAKgDAcgDAqoEjAJP0EvPm_--F40JGJsXkGL709w-3Xb-hK9O0aQlWNW8eXKrS9niy86RMKIKVQNRDXkD1A1YVfmNcM3lD-KNIA9kIAoglKNPVJGH0h7vLcdeQjjwHAyd4b4N72NXS049xNP_7ljfI_glR5Cb6K837op1zPidyHMJ31GTKLBcU0K6gLyMTEpTdicrZfztCco4kCoBZ11vH7aeidML0FfBSVYelhoPi34Za9IRw_eWyMQ68jiQOn1IfEr0z4bQn8s12N0MmcbWGTDwWhDKdMYws5Ej1xJ01NWkgbVxc1MkSNEqPib9e4P3lA2mUErQGzXPKz3xVf_68srB3EXX2p-A9RWziFVYDHESVjdo-RQ34AQBgAbF76qXrOryphygBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYlKCygvDngwP6CwIIAYAMAeINEwiZgbOC8OeDAxXQnP0HHZiLClPQFQGAFwE%26num%3D1%26sig%3DAOD64_2VhP59kPk0szm7BFx6c0fKMWvzLA%26client%3Dca-pub-8737793389671535%26adurl%3D
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 8479e909d83b30d8-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src *;connect-src https:;default-src 'self';font-src *;form-action 'none';frame-src *;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Thu, 18 Jan 2024 21:25:24 GMT
expires: 0
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
permissions-policy: accelerometer=(),autoplay=(self),camera=(),display-capture=(),encrypted-media=(self),fullscreen=(),gamepad=(),geolocation=(),gyroscope=(),hid=(),identity-credentials-get=(),idle-detection=*,local-fonts=*,magnetometer=(),microphone=(),midi=(),otp-credentials=(),payment=(),picture-in-picture=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=(),web-share=*,xr-spatial-tracking=()
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.50/one-ad/ Frame 4FD3 115 KB
14 KB 36ms
35ms Stylesheet
text/css 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.50/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=765&b=7QWSqfzf38crHXHgtAtBGMc4S1TQ8Eu2k1j&f=EjgSDfEfgVhzHAHjt6Cq6daKSVTYr3hBgQ5&c=320&d=50&e=&g=0795b19f7aa8586d55b3a66b5f59ba07%2F7760633811250529273&i=1676&j=4&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1705613124042&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gjtva3bs5ne7w2t1ay7k7485950w6cycetaxhmm1skshr0vmr8qxrjwm0khq7n0k2rj2pahjqf2frnpbm7w7y0b2d0dr3fktzkk36v0qenm64d2x6yq2xwsct65js4p6tckc9a9ny01x22s0pb190w6hh5yvq0cezgaw6xc9wvffmqhe49m6wk4yv6z9tc7n88wq51tnp3mmagdd9ghw907qw998afp0grgmq281yx07mjttdkj5a6xvc63qkqejp2wzv7st9yhr7vda61g5cst%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC4FAHQpepZeCdKdC59u8PmJeqmAWQ4YGEXLaoworwAsCNtwEQASAAYJXKhoKYB4IBF2NhLXB1Yi04NzM3NzkzMzg5NjcxNTM1yAEJqQJ_jGMqIjiyPuACAKgDAcgDAqoEhgJP0Ett7skyQfoYRRPKpiX9WgXdPcMNWDJ4nTInIxpolEr0y8H6tIF5ELWg7Ag17pMRJia3KvOSoNO1ajzSG8PsVP9zZy3FhZQ4uimw5zyxlN8J1--hLUiEekCruKRdCxGi4MkvWRtZh7P9qNNjeAat8OccFiw6td_zEBnZ6WWduKUhl58QMqgVRnSB3K16UBNaQiuZxTdKV74fmjY94UqCcFT34_P_cXlnIJJwKlJ69EyiJzmH3fMxiz8qukSXXXuFWhxarZNAD156hIEAp45_FpkvBUbBFWYms-5quea3K93K54OUq6F2f04ujZ6evrJLSK3dGDz5yQbbMTbBOSmNsz6wzmlG4AQBgAbF76qXrOryphygBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYlKCygvDngwP6CwIIAYAMAeINEwiYgbOC8OeDAxXQnP0HHZiLClPQFQGAFwE%2526num%253D1%2526sig%253DAOD64_1_n6-vsi77KJFloNhNiGuHizwxOQ%2526client%253Dca-pub-8737793389671535%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5f5a0db09b2c7d59fce00d749f6b857d80edafcca6897c038c5b77fb942f1393

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/rar?a=765&b=7QWSqfzf38crHXHgtAtBGMc4S1TQ8Eu2k1j&f=EjgSDfEfgVhzHAHjt6Cq6daKSVTYr3hBgQ5&c=320&d=50&e=&g=0795b19f7aa8586d55b3a66b5f59ba07%2F7760633811250529273&i=1676&j=4&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1705613124042&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gjtva3bs5ne7w2t1ay7k7485950w6cycetaxhmm1skshr0vmr8qxrjwm0khq7n0k2rj2pahjqf2frnpbm7w7y0b2d0dr3fktzkk36v0qenm64d2x6yq2xwsct65js4p6tckc9a9ny01x22s0pb190w6hh5yvq0cezgaw6xc9wvffmqhe49m6wk4yv6z9tc7n88wq51tnp3mmagdd9ghw907qw998afp0grgmq281yx07mjttdkj5a6xvc63qkqejp2wzv7st9yhr7vda61g5cst%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC4FAHQpepZeCdKdC59u8PmJeqmAWQ4YGEXLaoworwAsCNtwEQASAAYJXKhoKYB4IBF2NhLXB1Yi04NzM3NzkzMzg5NjcxNTM1yAEJqQJ_jGMqIjiyPuACAKgDAcgDAqoEhgJP0Ett7skyQfoYRRPKpiX9WgXdPcMNWDJ4nTInIxpolEr0y8H6tIF5ELWg7Ag17pMRJia3KvOSoNO1ajzSG8PsVP9zZy3FhZQ4uimw5zyxlN8J1--hLUiEekCruKRdCxGi4MkvWRtZh7P9qNNjeAat8OccFiw6td_zEBnZ6WWduKUhl58QMqgVRnSB3K16UBNaQiuZxTdKV74fmjY94UqCcFT34_P_cXlnIJJwKlJ69EyiJzmH3fMxiz8qukSXXXuFWhxarZNAD156hIEAp45_FpkvBUbBFWYms-5quea3K93K54OUq6F2f04ujZ6evrJLSK3dGDz5yQbbMTbBOSmNsz6wzmlG4AQBgAbF76qXrOryphygBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYlKCygvDngwP6CwIIAYAMAeINEwiYgbOC8OeDAxXQnP0HHZiLClPQFQGAFwE%2526num%253D1%2526sig%253DAOD64_1_n6-vsi77KJFloNhNiGuHizwxOQ%2526client%253Dca-pub-8737793389671535%2526adurl%253D&y=1&s=&z=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 21:25:24 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 500448
cf-polished: origSize=118430
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 02 Nov 2023 10:26:17 GMT
server: cloudflare
etag: W/"486507ccce9ac587d11c0ef3f32a109a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AQr26D1FPOAhWQpykG6QJhV9oCZjGzyf3XilyTUfABc%2Fxe6w00xgPs4E%2FYfrheQIhMN3rq4roEIxge54dyk3qPi2PPBNDT84hbXXaGEouxJCc4psgfeLTn32LmRQeHDRA2C7JebiO1Q%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=86400
cf-ray: 8479e909f85230d8-FRA
expires: Fri, 19 Jan 2024 21:25:24 GMT

GET
H2 200 5BEA37F6D446D4C03B5B8A479BAA7B5322DEA7B4FA3695C41DD3E6D3E6347B5DE247A601FDF909E0717C08186D3BBFC9B7677AEC046BA8D01CF57DDA0A0AE7A5
assets.ad4m.at/logo/ Frame 4FD3 6 KB
6 KB 30ms
30ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/5BEA37F6D446D4C03B5B8A479BAA7B5322DEA7B4FA3695C41DD3E6D3E6347B5DE247A601FDF909E0717C08186D3BBFC9B7677AEC046BA8D01CF57DDA0A0AE7A5
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=765&b=7QWSqfzf38crHXHgtAtBGMc4S1TQ8Eu2k1j&f=EjgSDfEfgVhzHAHjt6Cq6daKSVTYr3hBgQ5&c=320&d=50&e=&g=0795b19f7aa8586d55b3a66b5f59ba07%2F7760633811250529273&i=1676&j=4&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1705613124042&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gjtva3bs5ne7w2t1ay7k7485950w6cycetaxhmm1skshr0vmr8qxrjwm0khq7n0k2rj2pahjqf2frnpbm7w7y0b2d0dr3fktzkk36v0qenm64d2x6yq2xwsct65js4p6tckc9a9ny01x22s0pb190w6hh5yvq0cezgaw6xc9wvffmqhe49m6wk4yv6z9tc7n88wq51tnp3mmagdd9ghw907qw998afp0grgmq281yx07mjttdkj5a6xvc63qkqejp2wzv7st9yhr7vda61g5cst%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC4FAHQpepZeCdKdC59u8PmJeqmAWQ4YGEXLaoworwAsCNtwEQASAAYJXKhoKYB4IBF2NhLXB1Yi04NzM3NzkzMzg5NjcxNTM1yAEJqQJ_jGMqIjiyPuACAKgDAcgDAqoEhgJP0Ett7skyQfoYRRPKpiX9WgXdPcMNWDJ4nTInIxpolEr0y8H6tIF5ELWg7Ag17pMRJia3KvOSoNO1ajzSG8PsVP9zZy3FhZQ4uimw5zyxlN8J1--hLUiEekCruKRdCxGi4MkvWRtZh7P9qNNjeAat8OccFiw6td_zEBnZ6WWduKUhl58QMqgVRnSB3K16UBNaQiuZxTdKV74fmjY94UqCcFT34_P_cXlnIJJwKlJ69EyiJzmH3fMxiz8qukSXXXuFWhxarZNAD156hIEAp45_FpkvBUbBFWYms-5quea3K93K54OUq6F2f04ujZ6evrJLSK3dGDz5yQbbMTbBOSmNsz6wzmlG4AQBgAbF76qXrOryphygBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYlKCygvDngwP6CwIIAYAMAeINEwiYgbOC8OeDAxXQnP0HHZiLClPQFQGAFwE%2526num%253D1%2526sig%253DAOD64_1_n6-vsi77KJFloNhNiGuHizwxOQ%2526client%253Dca-pub-8737793389671535%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 40803f6727061b25fdffeca62b391f51e86f4656ec71f6748e70adb24e4ef2a7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 21:25:24 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 698332
cf-polished: origFmt=png, origSize=12441
alt-svc: h3=":443"; ma=86400
content-length: 5676
cf-bgj: imgq:85,h2pri
last-modified: Thu, 12 Oct 2023 15:47:18 GMT
server: cloudflare
etag: "db74c4d3f2426619eeab7362f8f8e9a4"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Cv%2FLiFP1zbLiVZSMxxrH09v1luEowH1h%2BqHwbHwytNLgG7Vm97l3RDkv5uLJarSVMZ1M6MM38hWhO4L7NFZXtXz4%2Bxyq6TO0lxRCJeKDL5sKIHd5K6GZYTvSnM1kwD8x1lZeN1v76Rqrc36j"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 8479e909fb109bc2-FRA

GET
H2 200 9A6AB5B03987FD43FC0F4811D9BA44190BAE529CC9CDBC80A1EE8AEE414929F6AA6AD8AD382FDF20E7DF4F4A57A5523074CB0D4B7C5049C1CFA10DA8CFB941EF
assets.ad4m.at/product_image/ Frame 4FD3 35 KB
36 KB 32ms
32ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/9A6AB5B03987FD43FC0F4811D9BA44190BAE529CC9CDBC80A1EE8AEE414929F6AA6AD8AD382FDF20E7DF4F4A57A5523074CB0D4B7C5049C1CFA10DA8CFB941EF
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=765&b=7QWSqfzf38crHXHgtAtBGMc4S1TQ8Eu2k1j&f=EjgSDfEfgVhzHAHjt6Cq6daKSVTYr3hBgQ5&c=320&d=50&e=&g=0795b19f7aa8586d55b3a66b5f59ba07%2F7760633811250529273&i=1676&j=4&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1705613124042&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gjtva3bs5ne7w2t1ay7k7485950w6cycetaxhmm1skshr0vmr8qxrjwm0khq7n0k2rj2pahjqf2frnpbm7w7y0b2d0dr3fktzkk36v0qenm64d2x6yq2xwsct65js4p6tckc9a9ny01x22s0pb190w6hh5yvq0cezgaw6xc9wvffmqhe49m6wk4yv6z9tc7n88wq51tnp3mmagdd9ghw907qw998afp0grgmq281yx07mjttdkj5a6xvc63qkqejp2wzv7st9yhr7vda61g5cst%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC4FAHQpepZeCdKdC59u8PmJeqmAWQ4YGEXLaoworwAsCNtwEQASAAYJXKhoKYB4IBF2NhLXB1Yi04NzM3NzkzMzg5NjcxNTM1yAEJqQJ_jGMqIjiyPuACAKgDAcgDAqoEhgJP0Ett7skyQfoYRRPKpiX9WgXdPcMNWDJ4nTInIxpolEr0y8H6tIF5ELWg7Ag17pMRJia3KvOSoNO1ajzSG8PsVP9zZy3FhZQ4uimw5zyxlN8J1--hLUiEekCruKRdCxGi4MkvWRtZh7P9qNNjeAat8OccFiw6td_zEBnZ6WWduKUhl58QMqgVRnSB3K16UBNaQiuZxTdKV74fmjY94UqCcFT34_P_cXlnIJJwKlJ69EyiJzmH3fMxiz8qukSXXXuFWhxarZNAD156hIEAp45_FpkvBUbBFWYms-5quea3K93K54OUq6F2f04ujZ6evrJLSK3dGDz5yQbbMTbBOSmNsz6wzmlG4AQBgAbF76qXrOryphygBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYlKCygvDngwP6CwIIAYAMAeINEwiYgbOC8OeDAxXQnP0HHZiLClPQFQGAFwE%2526num%253D1%2526sig%253DAOD64_1_n6-vsi77KJFloNhNiGuHizwxOQ%2526client%253Dca-pub-8737793389671535%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f121a336589baa8e4e36ff8e08c70847b57ad8545b693a2e4e96a0fbda38e42a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 21:25:24 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 535871
cf-polished: qual=85, origFmt=jpeg, origSize=36074
alt-svc: h3=":443"; ma=86400
content-length: 36044
cf-bgj: imgq:85,h2pri
last-modified: Fri, 10 Nov 2023 06:27:23 GMT
server: cloudflare
etag: "7850b9052be937f41ce82bc92c12f968"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t44Ir%2F76oChWhXbzJrjS1yQs3v%2Bo37%2Bi%2BxQtv3MpSVpGLo8RenjDopIfgMU9sF%2B01kvrEOkEKU6W4GTRiH0AaT6aH1pmRJ%2BQa3pYf8gGSL7REKmBIDFqdBaqpHahc4RpC6i8sje3z0F%2BwOTC"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 8479e909fb139bc2-FRA

GET
H2 200 view
t.adcell.com/p/ Frame 4FD3 42 B
459 B 108ms
48ms Image
image/gif 2a02:cb40:200::242
SOPRADO-ANY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.adcell.com/p/view?promoId=164800&slotId=46690&pv=1&subId=oneid7QWSqfzf38crHXHgtAtBGMc4S1TQ8Eu2k1joneid__suite_Netmix_Reach118_EXTRAPUSH&gdpr_consent=&gdpr=0&gdpr_pd=0

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=765&b=7QWSqfzf38crHXHgtAtBGMc4S1TQ8Eu2k1j&f=EjgSDfEfgVhzHAHjt6Cq6daKSVTYr3hBgQ5&c=320&d=50&e=&g=0795b19f7aa8586d55b3a66b5f59ba07%2F7760633811250529273&i=1676&j=4&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1705613124042&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gjtva3bs5ne7w2t1ay7k7485950w6cycetaxhmm1skshr0vmr8qxrjwm0khq7n0k2rj2pahjqf2frnpbm7w7y0b2d0dr3fktzkk36v0qenm64d2x6yq2xwsct65js4p6tckc9a9ny01x22s0pb190w6hh5yvq0cezgaw6xc9wvffmqhe49m6wk4yv6z9tc7n88wq51tnp3mmagdd9ghw907qw998afp0grgmq281yx07mjttdkj5a6xvc63qkqejp2wzv7st9yhr7vda61g5cst%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC4FAHQpepZeCdKdC59u8PmJeqmAWQ4YGEXLaoworwAsCNtwEQASAAYJXKhoKYB4IBF2NhLXB1Yi04NzM3NzkzMzg5NjcxNTM1yAEJqQJ_jGMqIjiyPuACAKgDAcgDAqoEhgJP0Ett7skyQfoYRRPKpiX9WgXdPcMNWDJ4nTInIxpolEr0y8H6tIF5ELWg7Ag17pMRJia3KvOSoNO1ajzSG8PsVP9zZy3FhZQ4uimw5zyxlN8J1--hLUiEekCruKRdCxGi4MkvWRtZh7P9qNNjeAat8OccFiw6td_zEBnZ6WWduKUhl58QMqgVRnSB3K16UBNaQiuZxTdKV74fmjY94UqCcFT34_P_cXlnIJJwKlJ69EyiJzmH3fMxiz8qukSXXXuFWhxarZNAD156hIEAp45_FpkvBUbBFWYms-5quea3K93K54OUq6F2f04ujZ6evrJLSK3dGDz5yQbbMTbBOSmNsz6wzmlG4AQBgAbF76qXrOryphygBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYlKCygvDngwP6CwIIAYAMAeINEwiYgbOC8OeDAxXQnP0HHZiLClPQFQGAFwE%2526num%253D1%2526sig%253DAOD64_1_n6-vsi77KJFloNhNiGuHizwxOQ%2526client%253Dca-pub-8737793389671535%2526adurl%253D&y=1&s=&z=0

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:cb40:200::242 , Germany, ASN20546 (SOPRADO-ANY, DE),

Reverse DNS

Software

myracloud /

Resource Hash

b2c78c910f5ea29e3a9d223dabc203c055c8708b1fe7d83788b490638126db4d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 18 Jan 2024 21:25:24 GMT
strict-transport-security: max-age=15768000
last-modified: Wed, 11 Jan 2006 12:59:00 GMT
server: myracloud
content-type: image/gif
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-length: 42
expires: Sat, 11 Jan 2003 12:59:00 GMT

GET
H3 200 adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame C1A1 350 B
885 B 34ms
33ms Image
image/png 2606:4700:20::ac43:444e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/style/0.1.50/one-ad/default.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:444e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d41dc07aed30cb54de661289691254b1288a52bcf4d121cec3acb89d4aa872a8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 21:25:24 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5130371
alt-svc: h3=":443"; ma=86400
content-length: 350
last-modified: Mon, 20 Nov 2023 11:04:04 GMT
server: cloudflare
etag: "e7fc49b61cae983db8c3a1dccf923b93"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zpsZ0br3f8xW%2FJacjriMyWqVK8GNmsPidiW7PAQBp%2FRBr2WlncwvhKm9IdZnC9YKjX886fSqYtogrG4%2F%2F9yHOS4iBiocXJLEE2biM3GhStF%2B%2Fd%2B0q22n%2Fj5ykWDMX0XgJB15W3p%2B3jmfE%2FK8S2mPIlCS"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 8479e90a0c293610-FRA
expires: Tue, 19 Nov 2024 11:23:05 GMT

GET
H3 200 rar Show response
as.ad4m.at/ad/ Frame 9F12 13 KB
5 KB 46ms
45ms Document
text/html 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/rar?a=19769%2C196439%2C183975&b=8R3cDf8f2qZfgHJHEtxtkZEhGSwTpQZtbw6A%2CJB7Uzf5f3drKCBH6H7tptrjQtxSgT4EGaP39W%2Ce7mt3fVfrkRMajHZHet1t4jXTwSQTK3gsJxrj&f=ZxqHwfBf6A8UmHDHDtDCJQ2a6SXTQRBuY51p%2CGjMSBfpfXwxkcKHeHGtBC31dHZSYTJ78sQVeB%2CDjBS3fwfGA3rF3HmH9twCZ3kTxSmTYEXhZMAz&c=300&d=250&e=&g=d4385695d55eaa2d0e068eeee766ae09%2F15788385245188353517&i=21630%2C25174%2C20597&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1705613124106&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jb9kbepzfvrx502kdp61etz6tpvvhrbp9pn7zw7kf1cyzkhe32dc37bz27p9jzbfejkqn4gvhyxn24taffjfr08c6jq9wadzhwfpks2h53fyprpmtnc73vxm22tz0n7a91cggtjxzk8c0w31zkkbn4gr4pn6scs5t7r8pvjnys393g7ep2vz7vhan2ws0gk8g73kxtta0yg8f4y5m2psxtdrpshjn1j15m3qthwxs6b9d28ewftx2yw1gn4cssw5v7yqnr99hbftwz0tsbscfbe%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCNNT0QpepZeOdKdC59u8PmJeqmAWQ4YGEXLaoworwAsCNtwEQASAAYJXKhoKYB4IBF2NhLXB1Yi04NzM3NzkzMzg5NjcxNTM1yAEJqQJ_jGMqIjiyPuACAKgDAcgDAqoEhAJP0MwmwCg5YxAqi76R6vO-0wsn070VASjPs9c2OiFixa5HPA8Xs_2cOeog2ZfIRA948PGaJPhymlUdINExB7iuKMK_Y92kcHFIYod5hfSX4m2CSkrdThoktXTdQWyPCw_pTe2MlY4b_qUBVyUCP4Wmch4jg65jFQZmEx5WYxVM9VC6DeVfushzEVvQ-1Jz-Nc6m5JZa3HUOjBcaCmqG-sEUcW7ORfj37GfFA4lgCGr0Y7GTemDey7pckoFZn44qD0AyszTyfc6Vz0miE4SvaBbk1x3A_JuKky9OJQNvkBqq4Uhw8qghSn1CbL8UGMwkUUxi5ZlW4z9I7fkx-I-LpZAJAsTKuAEAYAG_JOsh_LJp4IroAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WJSgsoLw54MD-gsCCAGADAHiDRMIm4GzgvDngwMV0Jz9Bx2YiwpT0BUBgBcB%2526num%253D1%2526sig%253DAOD64_0ZmvmF0SkpxWZukQSu8WKxJoJ3sw%2526client%253Dca-pub-8737793389671535%2526adurl%253D&y=1&s=&z=0

Requested by

Host: ad4m.at
URL: https://ad4m.at/r62eglto.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f2059abd62958a07b415390e21f5036e2bb0e868d822d2604b1a376266476597

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src ;connect-src https:;default-src 'self';font-src ;form-action 'none';frame-src ;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src 'unsafe-inline'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://as.ad4m.at/ad/dr?ed=1h8pnxxp0v725nf0drkjesfq2hypgddh1pmjm6m6a132xmb962sa9ecnqfmhandkwe4br4mwvdb53mhvxcvrh4t7szymapg7bgdy40w7dffcm6mkn13fendbzxhdy64g0j7nfg8mfpttxr1zha3zcwew9dy84zcfqx46swyf6qa0vxn1jrd1sf0f55n06mfsx7chyb61d6a8g0akxqdkv26r0vnd5bjh8vk48b3weawa0sxfcm8z5dak713w9tef9eb99fekpw8rraevyh8jzq9e41dqnp8930eavan5813qjjpeg47dfp9mzmg5eypsz9c9h21jbfz2tkjhgjwjb2s0jsaqfk1670tph22c3ffk6v2ty7nawgfx0q7wapxe6073xpxyrk87d0t7t09bkaatc8523a1qr6tpepncw177xqfh64daw1w0prgn0kyzee8jzhz1dm&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCNNT0QpepZeOdKdC59u8PmJeqmAWQ4YGEXLaoworwAsCNtwEQASAAYJXKhoKYB4IBF2NhLXB1Yi04NzM3NzkzMzg5NjcxNTM1yAEJqQJ_jGMqIjiyPuACAKgDAcgDAqoEhAJP0MwmwCg5YxAqi76R6vO-0wsn070VASjPs9c2OiFixa5HPA8Xs_2cOeog2ZfIRA948PGaJPhymlUdINExB7iuKMK_Y92kcHFIYod5hfSX4m2CSkrdThoktXTdQWyPCw_pTe2MlY4b_qUBVyUCP4Wmch4jg65jFQZmEx5WYxVM9VC6DeVfushzEVvQ-1Jz-Nc6m5JZa3HUOjBcaCmqG-sEUcW7ORfj37GfFA4lgCGr0Y7GTemDey7pckoFZn44qD0AyszTyfc6Vz0miE4SvaBbk1x3A_JuKky9OJQNvkBqq4Uhw8qghSn1CbL8UGMwkUUxi5ZlW4z9I7fkx-I-LpZAJAsTKuAEAYAG_JOsh_LJp4IroAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WJSgsoLw54MD-gsCCAGADAHiDRMIm4GzgvDngwMV0Jz9Bx2YiwpT0BUBgBcB%26num%3D1%26sig%3DAOD64_0ZmvmF0SkpxWZukQSu8WKxJoJ3sw%26client%3Dca-pub-8737793389671535%26adurl%3D
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 8479e90a086a30d8-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src *;connect-src https:;default-src 'self';font-src *;form-action 'none';frame-src *;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Thu, 18 Jan 2024 21:25:24 GMT
expires: 0
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
permissions-policy: accelerometer=(),autoplay=(self),camera=(),display-capture=(),encrypted-media=(self),fullscreen=(),gamepad=(),geolocation=(),gyroscope=(),hid=(),identity-credentials-get=(),idle-detection=*,local-fonts=*,magnetometer=(),microphone=(),midi=(),otp-credentials=(),payment=(),picture-in-picture=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=(),web-share=*,xr-spatial-tracking=()
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H3 200 cookie-frame.html Show response
ad4m.at/ Frame 00C4 2 KB
1 KB 33ms
32ms Document
text/html 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/cookie-frame.html
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0db16c25165bfd35ea9114187f3e97d7084a33135cb56fe276f6cdd2ab675647

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 64509
alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=86400, stale-if-error=86400
cf-cache-status: HIT
cf-ray: 8479e90a086c30d8-FRA
content-encoding: br
content-language: en
content-type: text/html
date: Thu, 18 Jan 2024 21:25:24 GMT
expires: Sat, 30 Dec 2023 10:37:00 GMT
last-modified: Tue, 28 Nov 2023 11:49:55 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fVyuUMatSPwML9JIJwvXf%2F0Zt9j4%2B5ynC%2FZ2F9xzFwy39a2t%2BDvAsTMf74nfB9wn78eEwHvBvHXJ5CLotCTzTKnGG2cTykI3peFWOwEDjO3jBk932NkIfMkf9mm%2FN8AAWCM8Hyc%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H3 200 rar Show response
as.ad4m.at/ad/ Frame 8815 4 KB
3 KB 48ms
47ms Document
text/html 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/rar?a=23576&b=dE7HEfkf8x8cEHjHwtEtbbrfeS4T59ATgVmM&f=K1mCRfZfjwju5HMHktzCBB4C7SAT84Jtp2Qx&c=300&d=50&e=&g=d732031732cbe6f4eec8fca0374bebe8%2F15050855953402232539&i=20774&j=14&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1705613124109&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1j353jxc9qrz19cf1s2ex4jywzkpzk5d1txg60d9wtrb4wjwarpkcstk0jfbma5k0bakh2m1yh1mt1k6dnabyey6c3g1pvfyfpeydt2t0vgdtp43k0ahx99jr7kzhkrn9d3qnwr7de9d1j5f0wh55m701492q8h8jeth3v4a67qhjtk008vjq7wn4c3qygb5034z82shekcxxq36mrn28sheqkbxkaxa08m1tmq0496zhq4z8bsj1mrv300436pd0dkmavt2nm5z8x8njqkdcyh6%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC3AQhQpepZeWdKdC59u8PmJeqmAWQ4YGEXLaoworwAsCNtwEQASAAYJXKhoKYB4IBF2NhLXB1Yi04NzM3NzkzMzg5NjcxNTM1yAEJqQJ_jGMqIjiyPuACAKgDAcgDAqoEgwJP0JhaGKntI5dxd7BZXGlZL0O9C3HOc7JjESywKmgWftaAzpJzP-Hn35jCzG8cH_tdqDJQRV0nFwNWdTfwgpVR2WPvaUSXTu6NPBng83BgIHPfHG92PQddGg61ILVNfH-7bXW61okQt1FVFUhY0bSEddHqe8NpnUhUk9G92i34hLXj8Qmm--KPrFE_4rQFE2l3Ygm0PGiwkoqaF91X_DPEbYpYVo88pFSsqMNXy3d6ACrRkQHgC7tzaV8H58OEY3CDtZewRlvu1-SImh56lsKIwIesI21zl4a8JpYFVLQJ2s4GiBWhWuUADgqA6di9tEPn295qaPGoshRHIbqKIDeNko7Y4AQBgAa30KrL2bTPoU2gBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYlKCygvDngwP6CwIIAYAMAeINEwidgbOC8OeDAxXQnP0HHZiLClPQFQGAFwE%2526num%253D1%2526sig%253DAOD64_178tbH9G9URzUp7AZay1k0biEWrw%2526client%253Dca-pub-8737793389671535%2526adurl%253D&y=1&s=&z=0

Requested by

Host: ad4m.at
URL: https://ad4m.at/r62eglto.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ecd80aec7efa6bebc787c571235a0572c88bf0eb0f6878b3829a817c46eb9751

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src ;connect-src https:;default-src 'self';font-src ;form-action 'none';frame-src ;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src 'unsafe-inline'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://as.ad4m.at/ad/dr?ed=1ke86mf6dm70xvm7jqqxnb8nmcajh1x2pq7reyze8yr34stwmm2xznwm633q7tz3xq6qgnt6rdt4mk8vxz70jcxvt7qxbq199h8gbcv49rv0azyzcarfa4vn27z43h5398gw0pmq4t6z6p89m4ts487rteyepkhmr5x80n2y9sdameck9qm8phh3ssz858rehnzcqq01czaqd68te1v23s4tnzea2nhv9x72sp5gpy78w3pa3kcdf9e4h1y0zrr18p8r3etsdgh8wbwppe5v3d3t3h6v1cs4tjms1gf54qqw1336wyv1v493wttzc0d7q7z5fhpvq6c02ybjp9wn8fg7f8025pt40rprfgp22c9mnqdpesvwfnsyfbkqde20rk8s71xc9w38fzhsp8vpxk2ezjb7gesyh90x6rznb17j8272kz3a0qxegeasqjgpmqn615r0&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC3AQhQpepZeWdKdC59u8PmJeqmAWQ4YGEXLaoworwAsCNtwEQASAAYJXKhoKYB4IBF2NhLXB1Yi04NzM3NzkzMzg5NjcxNTM1yAEJqQJ_jGMqIjiyPuACAKgDAcgDAqoEgwJP0JhaGKntI5dxd7BZXGlZL0O9C3HOc7JjESywKmgWftaAzpJzP-Hn35jCzG8cH_tdqDJQRV0nFwNWdTfwgpVR2WPvaUSXTu6NPBng83BgIHPfHG92PQddGg61ILVNfH-7bXW61okQt1FVFUhY0bSEddHqe8NpnUhUk9G92i34hLXj8Qmm--KPrFE_4rQFE2l3Ygm0PGiwkoqaF91X_DPEbYpYVo88pFSsqMNXy3d6ACrRkQHgC7tzaV8H58OEY3CDtZewRlvu1-SImh56lsKIwIesI21zl4a8JpYFVLQJ2s4GiBWhWuUADgqA6di9tEPn295qaPGoshRHIbqKIDeNko7Y4AQBgAa30KrL2bTPoU2gBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYlKCygvDngwP6CwIIAYAMAeINEwidgbOC8OeDAxXQnP0HHZiLClPQFQGAFwE%26num%3D1%26sig%3DAOD64_178tbH9G9URzUp7AZay1k0biEWrw%26client%3Dca-pub-8737793389671535%26adurl%3D
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 8479e90a086e30d8-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src *;connect-src https:;default-src 'self';font-src *;form-action 'none';frame-src *;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Thu, 18 Jan 2024 21:25:24 GMT
expires: 0
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
permissions-policy: accelerometer=(),autoplay=(self),camera=(),display-capture=(),encrypted-media=(self),fullscreen=(),gamepad=(),geolocation=(),gyroscope=(),hid=(),identity-credentials-get=(),idle-detection=*,local-fonts=*,magnetometer=(),microphone=(),midi=(),otp-credentials=(),payment=(),picture-in-picture=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=(),web-share=*,xr-spatial-tracking=()
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H3 200 rar Show response
as.ad4m.at/ad/ Frame 3819 4 KB
3 KB 48ms
48ms Document
text/html 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/rar?a=19491&b=EjgSDfEf8YMUzHAHjt4t44bfKSVTYr3hBgQ5&f=ADYaYfqf7JdtAHRH4tMCMMGsRS4TRrAH3JMm&c=300&d=50&e=&g=f1811c35ca41d34fd65ae3a475b0e4e5%2F9585655961760570765&i=20773&j=14&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1705613124109&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1h6aemsdhc4kk1s4jngmaf3wakmv8zv0jhczy80hd8egmcqzxjdd6s018fxx57a29swsk2fjzb4sp7pnabxzz77zdr8bqzfmvcvjwdxwfmcasc30arfqc0rqmv1c0xft6979x91y7pktcht9x3kyqmnmg0pnmg2qs6x5nf8a9xjmt8pjjqvkk0gn1kcaw4nmz8p0htrya5pqy6d7p6y0cykpzfme8871m06f8axhq4gwjr3nnvvhmkqsmb0jp0qe440ky656k3b0yfdvzw133vx3%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DChPcsQpepZeadKdC59u8PmJeqmAWQ4YGEXLaoworwAsCNtwEQASAAYJXKhoKYB4IBF2NhLXB1Yi04NzM3NzkzMzg5NjcxNTM1yAEJqQJ_jGMqIjiyPuACAKgDAcgDAqoEgwJP0ETFi-D7ciiTFDJYeBCBditdVJ4a9sKhVtl9jwMfXkwI5DNsKWLd3Z1ocT5AG2UufrWAYt9mMud9y5pQXKkxx0c-HPLFoshxX2OmwVXNDAKna8hTgoCBdRyZj7wSLI0HzsS9Y5MY1R7ZcYRq4JEGLxHx4eCKsDjsniqSa09nhArmy0_t2fMRIIhARQK7DndYCDK2b6coX-P_jltr-70fXlGLZ3ktiNuyQBDK2PRsKjUeahB_JMgGsgKcslN7P42VfdMSC0fztYQKsLLXpKIwsZnOGTi96tKq82vwjPB2Po-7wV_NKhAnXSfi9olNlm_1A1QzYq2a7x0bjaXLq4iSTZbr4AQBgAa30KrL2bTPoU2gBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYlKCygvDngwP6CwIIAYAMAeINEwiegbOC8OeDAxXQnP0HHZiLClPQFQGAFwE%2526num%253D1%2526sig%253DAOD64_0gYVPiK-bFPhR6od-6LJWulx-5lQ%2526client%253Dca-pub-8737793389671535%2526adurl%253D&y=1&s=&z=0

Requested by

Host: ad4m.at
URL: https://ad4m.at/r62eglto.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7c73078a13c886962bb3111e88db6906e6ce61ba2c58b599d6689c6cf9debe3a

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src ;connect-src https:;default-src 'self';font-src ;form-action 'none';frame-src ;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src 'unsafe-inline'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://as.ad4m.at/ad/dr?ed=1gc66tg9cfq6j4pfazv716h1m5e0gdarh678z4qb88nrypsdndqfvgn5nh09kta5bgyjhpwn3mfvyq2p9fz33kf8axbv5b6k8q33y85ffgv4qnh6v4jcg7mgydq6wr70zdpq92sgqbtjmpbb60a03rb38915b5rcyv0ckms29ftsqvn2khhvtpb3gf5cnscdb7sfmws2zhvw0mrjds6x7dvh49qjgjy22t7evqfdmtnj0z4dws20kd68abwzjxe44yj0s4yn7et8pabq535wvs0d7wbz19hx119276vgxp3q3vf4d9086reqy8nd037jy1s3dcsc0h3fx7p5hf683v8kc5ezn5jfxkzzdmtreqbk3aapdp6r36bv7pp2edk98hwdbdb0w9fdybd71yhkq9ybrz5te6kaqpsd20pc53f0nqg8ayqqz3yk6hyg9eghka97pe1c&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DChPcsQpepZeadKdC59u8PmJeqmAWQ4YGEXLaoworwAsCNtwEQASAAYJXKhoKYB4IBF2NhLXB1Yi04NzM3NzkzMzg5NjcxNTM1yAEJqQJ_jGMqIjiyPuACAKgDAcgDAqoEgwJP0ETFi-D7ciiTFDJYeBCBditdVJ4a9sKhVtl9jwMfXkwI5DNsKWLd3Z1ocT5AG2UufrWAYt9mMud9y5pQXKkxx0c-HPLFoshxX2OmwVXNDAKna8hTgoCBdRyZj7wSLI0HzsS9Y5MY1R7ZcYRq4JEGLxHx4eCKsDjsniqSa09nhArmy0_t2fMRIIhARQK7DndYCDK2b6coX-P_jltr-70fXlGLZ3ktiNuyQBDK2PRsKjUeahB_JMgGsgKcslN7P42VfdMSC0fztYQKsLLXpKIwsZnOGTi96tKq82vwjPB2Po-7wV_NKhAnXSfi9olNlm_1A1QzYq2a7x0bjaXLq4iSTZbr4AQBgAa30KrL2bTPoU2gBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYlKCygvDngwP6CwIIAYAMAeINEwiegbOC8OeDAxXQnP0HHZiLClPQFQGAFwE%26num%3D1%26sig%3DAOD64_0gYVPiK-bFPhR6od-6LJWulx-5lQ%26client%3Dca-pub-8737793389671535%26adurl%3D
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 8479e90a087430d8-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src *;connect-src https:;default-src 'self';font-src *;form-action 'none';frame-src *;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Thu, 18 Jan 2024 21:25:24 GMT
expires: 0
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
permissions-policy: accelerometer=(),autoplay=(self),camera=(),display-capture=(),encrypted-media=(self),fullscreen=(),gamepad=(),geolocation=(),gyroscope=(),hid=(),identity-credentials-get=(),idle-detection=*,local-fonts=*,magnetometer=(),microphone=(),midi=(),otp-credentials=(),payment=(),picture-in-picture=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=(),web-share=*,xr-spatial-tracking=()
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.50/one-ad/ Frame DAD6 115 KB
14 KB 37ms
36ms Stylesheet
text/css 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.50/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14019&b=Rx3HgfQfZx7TkHwH3tQtdWgf9SzTYMAhB3zZ&f=QxWH4fjfbV7txH5HYt9CZekh6S4TGD4HEzJ5&c=300&d=50&e=&g=8c6452da297663b6e2690788bbc887d2%2F5576148969009994260&i=21596&j=16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1705613124068&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hawzpj54exkcbkrc9m4rtwx3xxfdc5jt57ha2yqbssnndchkwncb2vdd08rmzqvmfqqmfybchsn5nd233x40ehnc6e7tkwcwj1a6q1m5hwkfr88q0qncr8qgf4cns3fbzpbwg8snnep0zxftj8fy2f96dbtbj6cv5fhd8qejc34rq9ax75nq7g8540thntkjd51m7600pc9davtceecp802m7ep01a7c64eb5409xa02xceyn9ykx17wykz4s4r61g14y6pjymnjx6th83vg61h%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCtPB9QpepZeKdKdC59u8PmJeqmAWQ4YGEXLaoworwAsCNtwEQASAAYJXKhoKYB4IBF2NhLXB1Yi04NzM3NzkzMzg5NjcxNTM1yAEJqQJ_jGMqIjiyPuACAKgDAcgDAqoEhAJP0OtZ1_I-FReEEu1b1XYJN7Bo-IPb6lpnjj4x4oVcoW0j6giPr7UZA9-tRlOAX5guRohYqP3Y67j0ZLS2vaEhFPxgP-QuS2J6usst6MR8vgRRpgcfHmqd4WA-5igH-y379aEJN6Wj6335NyEFWWN6_H-C8AjC63TyqNiL44QRKZ71dhPVJIR-RjkXfTFmYQB3qJfF7xaplm4s8-3WQRiM-IjXI0R1Nl8cokKwjrOU78ncOPTNLxX_9hvte2YWSqXkRFtA0VU8elAiyTV4rOKgxheNd0dlZrlpX78DkaNGYxmeoME7Mi1-kCy92hIZ9Ye6C75r7c9hohJIHtGXknpbBYkM4uAEAYAGt9Cqy9m0z6FNoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WJSgsoLw54MD-gsCCAGADAHiDRMImoGzgvDngwMV0Jz9Bx2YiwpT0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1zwwti0WAFL0ikk2qmZuL9tYhPIQ%2526client%253Dca-pub-8737793389671535%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5f5a0db09b2c7d59fce00d749f6b857d80edafcca6897c038c5b77fb942f1393

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/rar?a=14019&b=Rx3HgfQfZx7TkHwH3tQtdWgf9SzTYMAhB3zZ&f=QxWH4fjfbV7txH5HYt9CZekh6S4TGD4HEzJ5&c=300&d=50&e=&g=8c6452da297663b6e2690788bbc887d2%2F5576148969009994260&i=21596&j=16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1705613124068&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hawzpj54exkcbkrc9m4rtwx3xxfdc5jt57ha2yqbssnndchkwncb2vdd08rmzqvmfqqmfybchsn5nd233x40ehnc6e7tkwcwj1a6q1m5hwkfr88q0qncr8qgf4cns3fbzpbwg8snnep0zxftj8fy2f96dbtbj6cv5fhd8qejc34rq9ax75nq7g8540thntkjd51m7600pc9davtceecp802m7ep01a7c64eb5409xa02xceyn9ykx17wykz4s4r61g14y6pjymnjx6th83vg61h%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCtPB9QpepZeKdKdC59u8PmJeqmAWQ4YGEXLaoworwAsCNtwEQASAAYJXKhoKYB4IBF2NhLXB1Yi04NzM3NzkzMzg5NjcxNTM1yAEJqQJ_jGMqIjiyPuACAKgDAcgDAqoEhAJP0OtZ1_I-FReEEu1b1XYJN7Bo-IPb6lpnjj4x4oVcoW0j6giPr7UZA9-tRlOAX5guRohYqP3Y67j0ZLS2vaEhFPxgP-QuS2J6usst6MR8vgRRpgcfHmqd4WA-5igH-y379aEJN6Wj6335NyEFWWN6_H-C8AjC63TyqNiL44QRKZ71dhPVJIR-RjkXfTFmYQB3qJfF7xaplm4s8-3WQRiM-IjXI0R1Nl8cokKwjrOU78ncOPTNLxX_9hvte2YWSqXkRFtA0VU8elAiyTV4rOKgxheNd0dlZrlpX78DkaNGYxmeoME7Mi1-kCy92hIZ9Ye6C75r7c9hohJIHtGXknpbBYkM4uAEAYAGt9Cqy9m0z6FNoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WJSgsoLw54MD-gsCCAGADAHiDRMImoGzgvDngwMV0Jz9Bx2YiwpT0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1zwwti0WAFL0ikk2qmZuL9tYhPIQ%2526client%253Dca-pub-8737793389671535%2526adurl%253D&y=1&s=&z=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 21:25:24 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 500448
cf-polished: origSize=118430
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 02 Nov 2023 10:26:17 GMT
server: cloudflare
etag: W/"486507ccce9ac587d11c0ef3f32a109a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fygnz2q%2FXiQ132VRtHQpgnoPgyphzYxAhbXnUlc9ant%2BPCme9kb4EVKRqADMXquHmIZltUI3i9QExvVlCEUk%2BTIdMU0iRDHNdWxkK3RgG2BHU2mwZySssgfzFtey%2F8U6z26bCTHEd7w%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=86400
cf-ray: 8479e90a288e30d8-FRA
expires: Fri, 19 Jan 2024 21:25:24 GMT

GET
H3 200 762E992A001272DDC355514B76DC4960DDF6238B0F54854C0B29BE64A7E78BA5693E54C1A602322E523834805FE15471ECC3FEB06D9A02796A930A4085F71F84
assets.ad4m.at/logo/ Frame DAD6 7 KB
7 KB 35ms
34ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/762E992A001272DDC355514B76DC4960DDF6238B0F54854C0B29BE64A7E78BA5693E54C1A602322E523834805FE15471ECC3FEB06D9A02796A930A4085F71F84
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14019&b=Rx3HgfQfZx7TkHwH3tQtdWgf9SzTYMAhB3zZ&f=QxWH4fjfbV7txH5HYt9CZekh6S4TGD4HEzJ5&c=300&d=50&e=&g=8c6452da297663b6e2690788bbc887d2%2F5576148969009994260&i=21596&j=16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1705613124068&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hawzpj54exkcbkrc9m4rtwx3xxfdc5jt57ha2yqbssnndchkwncb2vdd08rmzqvmfqqmfybchsn5nd233x40ehnc6e7tkwcwj1a6q1m5hwkfr88q0qncr8qgf4cns3fbzpbwg8snnep0zxftj8fy2f96dbtbj6cv5fhd8qejc34rq9ax75nq7g8540thntkjd51m7600pc9davtceecp802m7ep01a7c64eb5409xa02xceyn9ykx17wykz4s4r61g14y6pjymnjx6th83vg61h%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCtPB9QpepZeKdKdC59u8PmJeqmAWQ4YGEXLaoworwAsCNtwEQASAAYJXKhoKYB4IBF2NhLXB1Yi04NzM3NzkzMzg5NjcxNTM1yAEJqQJ_jGMqIjiyPuACAKgDAcgDAqoEhAJP0OtZ1_I-FReEEu1b1XYJN7Bo-IPb6lpnjj4x4oVcoW0j6giPr7UZA9-tRlOAX5guRohYqP3Y67j0ZLS2vaEhFPxgP-QuS2J6usst6MR8vgRRpgcfHmqd4WA-5igH-y379aEJN6Wj6335NyEFWWN6_H-C8AjC63TyqNiL44QRKZ71dhPVJIR-RjkXfTFmYQB3qJfF7xaplm4s8-3WQRiM-IjXI0R1Nl8cokKwjrOU78ncOPTNLxX_9hvte2YWSqXkRFtA0VU8elAiyTV4rOKgxheNd0dlZrlpX78DkaNGYxmeoME7Mi1-kCy92hIZ9Ye6C75r7c9hohJIHtGXknpbBYkM4uAEAYAGt9Cqy9m0z6FNoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WJSgsoLw54MD-gsCCAGADAHiDRMImoGzgvDngwMV0Jz9Bx2YiwpT0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1zwwti0WAFL0ikk2qmZuL9tYhPIQ%2526client%253Dca-pub-8737793389671535%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e81e6b638202bbdf9e2ebe46b4137db06f58c43baa9f35b3e79d98108001a212

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 21:25:24 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 533996
cf-polished: qual=85, origFmt=jpeg, origSize=8714
alt-svc: h3=":443"; ma=86400
content-length: 6672
cf-bgj: imgq:85,h2pri
last-modified: Wed, 01 Nov 2023 08:50:26 GMT
server: cloudflare
etag: "52953af169f970e1ac17ba40d8c26548"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vHC%2FRcMxU4jQCMHiY4H0QgLPOKcDtINa4RLb1xlnE8IPw17AR%2F5xGGbQ5nWiyihzZlNBEey9ZRqD6Wl7i0DDxvSFHdStB0Betr9Pd4u8zSp1uyO03xtye3k%2FLu0J%2FJm0Huf9fkiNU2bG%2FSPj"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 8479e90a289030d8-FRA

GET
H3 200 E1613AB51B8289501DC4E750FD05DAF49FBB0AEAEF6155FD81001404C0F388525557C80572BA5C3D895730DA3957A6D15AF6D079DFB5F55ED0C22B8402FC82AE
assets.ad4m.at/ Frame DAD6 25 KB
25 KB 33ms
33ms Image
image/jpeg 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/E1613AB51B8289501DC4E750FD05DAF49FBB0AEAEF6155FD81001404C0F388525557C80572BA5C3D895730DA3957A6D15AF6D079DFB5F55ED0C22B8402FC82AE
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14019&b=Rx3HgfQfZx7TkHwH3tQtdWgf9SzTYMAhB3zZ&f=QxWH4fjfbV7txH5HYt9CZekh6S4TGD4HEzJ5&c=300&d=50&e=&g=8c6452da297663b6e2690788bbc887d2%2F5576148969009994260&i=21596&j=16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1705613124068&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hawzpj54exkcbkrc9m4rtwx3xxfdc5jt57ha2yqbssnndchkwncb2vdd08rmzqvmfqqmfybchsn5nd233x40ehnc6e7tkwcwj1a6q1m5hwkfr88q0qncr8qgf4cns3fbzpbwg8snnep0zxftj8fy2f96dbtbj6cv5fhd8qejc34rq9ax75nq7g8540thntkjd51m7600pc9davtceecp802m7ep01a7c64eb5409xa02xceyn9ykx17wykz4s4r61g14y6pjymnjx6th83vg61h%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCtPB9QpepZeKdKdC59u8PmJeqmAWQ4YGEXLaoworwAsCNtwEQASAAYJXKhoKYB4IBF2NhLXB1Yi04NzM3NzkzMzg5NjcxNTM1yAEJqQJ_jGMqIjiyPuACAKgDAcgDAqoEhAJP0OtZ1_I-FReEEu1b1XYJN7Bo-IPb6lpnjj4x4oVcoW0j6giPr7UZA9-tRlOAX5guRohYqP3Y67j0ZLS2vaEhFPxgP-QuS2J6usst6MR8vgRRpgcfHmqd4WA-5igH-y379aEJN6Wj6335NyEFWWN6_H-C8AjC63TyqNiL44QRKZ71dhPVJIR-RjkXfTFmYQB3qJfF7xaplm4s8-3WQRiM-IjXI0R1Nl8cokKwjrOU78ncOPTNLxX_9hvte2YWSqXkRFtA0VU8elAiyTV4rOKgxheNd0dlZrlpX78DkaNGYxmeoME7Mi1-kCy92hIZ9Ye6C75r7c9hohJIHtGXknpbBYkM4uAEAYAGt9Cqy9m0z6FNoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WJSgsoLw54MD-gsCCAGADAHiDRMImoGzgvDngwMV0Jz9Bx2YiwpT0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1zwwti0WAFL0ikk2qmZuL9tYhPIQ%2526client%253Dca-pub-8737793389671535%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d276da068fea1049fbb29d0aaeda5b9fa8a38e50b3f55741ffe2899cd52e6d5d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 21:25:24 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3762067
cf-polished: status=not_needed
alt-svc: h3=":443"; ma=86400
content-length: 25413
cf-bgj: imgq:85,h2pri
last-modified: Wed, 06 Dec 2023 08:24:17 GMT
server: cloudflare
etag: "7e811696e8763f5dce86bbb648013620"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6dIbyglYITSytMoMXGsChlzCYB%2FLFh9o%2FWIc0jWKJCKZhqo6BadYDcx3LxMVG%2BVmxeJ%2BqFSV00Aj3AxshWKqscOAjFc2PnTGC6JBeUa63Qr2S5T%2B2Y8Fk8%2FcpUo18wyy1%2FOaGnzPExprSwHE"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 8479e90a289130d8-FRA

GET
H2

200

ztpv.php
www.conrad.de/ Frame DAD6
Redirect Chain

https://www.awin1.com/cshow.php?s=2470185&v=11354&q=377129&r=412871&pv=1&pref3=oneidRx3HgfQfZx7TkHwH3tQtdWgf9SzTYMAhB3zZoneid__suite_Netmix_Reach118_EXTRAPUSH&gdpr_consent=&gdpr=0&gdpr_pd=0
https://www.conrad.de/ztpv.php?awc=11354_412871_1705613124_1781ff00-b648-11ee-9c4b-223173d2bc6e&insert=AW&&gdpr=0&gdpr_consent=

0
493 B

89ms
36ms

Image
text/html

2606:4700::6813:afbe
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.conrad.de/ztpv.php?awc=11354_412871_1705613124_1781ff00-b648-11ee-9c4b-223173d2bc6e&insert=AW&&gdpr=0&gdpr_consent=

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14019&b=Rx3HgfQfZx7TkHwH3tQtdWgf9SzTYMAhB3zZ&f=QxWH4fjfbV7txH5HYt9CZekh6S4TGD4HEzJ5&c=300&d=50&e=&g=8c6452da297663b6e2690788bbc887d2%2F5576148969009994260&i=21596&j=16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1705613124068&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hawzpj54exkcbkrc9m4rtwx3xxfdc5jt57ha2yqbssnndchkwncb2vdd08rmzqvmfqqmfybchsn5nd233x40ehnc6e7tkwcwj1a6q1m5hwkfr88q0qncr8qgf4cns3fbzpbwg8snnep0zxftj8fy2f96dbtbj6cv5fhd8qejc34rq9ax75nq7g8540thntkjd51m7600pc9davtceecp802m7ep01a7c64eb5409xa02xceyn9ykx17wykz4s4r61g14y6pjymnjx6th83vg61h%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCtPB9QpepZeKdKdC59u8PmJeqmAWQ4YGEXLaoworwAsCNtwEQASAAYJXKhoKYB4IBF2NhLXB1Yi04NzM3NzkzMzg5NjcxNTM1yAEJqQJ_jGMqIjiyPuACAKgDAcgDAqoEhAJP0OtZ1_I-FReEEu1b1XYJN7Bo-IPb6lpnjj4x4oVcoW0j6giPr7UZA9-tRlOAX5guRohYqP3Y67j0ZLS2vaEhFPxgP-QuS2J6usst6MR8vgRRpgcfHmqd4WA-5igH-y379aEJN6Wj6335NyEFWWN6_H-C8AjC63TyqNiL44QRKZ71dhPVJIR-RjkXfTFmYQB3qJfF7xaplm4s8-3WQRiM-IjXI0R1Nl8cokKwjrOU78ncOPTNLxX_9hvte2YWSqXkRFtA0VU8elAiyTV4rOKgxheNd0dlZrlpX78DkaNGYxmeoME7Mi1-kCy92hIZ9Ye6C75r7c9hohJIHtGXknpbBYkM4uAEAYAGt9Cqy9m0z6FNoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WJSgsoLw54MD-gsCCAGADAHiDRMImoGzgvDngwMV0Jz9Bx2YiwpT0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1zwwti0WAFL0ikk2qmZuL9tYhPIQ%2526client%253Dca-pub-8737793389671535%2526adurl%253D&y=1&s=&z=0

Protocol

Server

2606:4700::6813:afbe , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 21:25:24 GMT
strict-transport-security: max-age=15552000
cf-ccp-worker: HTLPHandler-v1
server: cloudflare
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
cache-control: no-cache
cf-ray: 8479e90bab5865c4-FRA
content-length: 0
expires: -1

Redirect headers

Date: Thu, 18 Jan 2024 21:25:24 GMT
Strict-Transport-Security: max-age=86400
Node: Helix
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Location: https://www.conrad.de/ztpv.php?awc=11354_412871_1705613124_1781ff00-b648-11ee-9c4b-223173d2bc6e&insert=AW&&gdpr=0&gdpr_consent=
Awin-Akamai-Rule-Set: default
Connection: keep-alive
Content-Length: 0

GET
H3 200 rar Show response
as.ad4m.at/ad/ Frame 6571 3 KB
3 KB 47ms
47ms Document
text/html 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/rar?a=199445&b=Rx3HgfQfGzwYCkHwH3tQt4dYF9SzTYMAhB3zZ&f=QxWH4fjfP65ZHxH5HYt9C6ZmH6S4TGD4HEzJ5&c=300&d=50&e=&g=7b4ad5b854ff9ef9bb7978ced8ef2386%2F8179706762366311116&i=30890&j=16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1705613124123&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jwgbhy018eewg53ten630360e4zn7cs19hb9rmxrqr5vfmdvqkhy6bn0gp7d9685etm8yza3a49bprebt9wxkwpwwadbms812dbwab72c3ejbm4qr98vn3gdxbdkcrns684gwwywth290qmbfkweqpq9jdh7y4m3nx3kq9a0b4s26rbdq6rc18jpdxcxgdahmtm2g53c9xxbfbfspg3m00ne69g3gf9dskgvtd2mgpefrffvyqhxemeghakwds27q4kscbh04e77b7zf9jrje3s%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCTpZ8Q5epZbObE4zG7_UP9Kq4uAWQ4YGEXLaoworwAsCNtwEQASAAYJXKhoKYB4IBF2NhLXB1Yi04NzM3NzkzMzg5NjcxNTM1yAEJqQJ_jGMqIjiyPuACAKgDAcgDAqoEiQJP0OkgxITHVZOI1453C2XKum5n-Q4SxwuH2zSO_5ruY-lT8D1wqSULVmBfMP1jmJTQo-MCB_gnXAFGNNI4iFKa4KTNP866Rh2yciNJeY_SQftNFLguL_c3vp35eILbhMvguRyNAIKiYE4u8Dqj3PiUynR6omSY8TaGlmXo66ysgjy_QewFSDLs_N7bFYRjlBbFBkfWjxhVBwy-VrwlgKCBmW6lA9jxELDTZJfjFgpEhiWHV7tloHUw3roDIXYWgN5t5EkbTtDY_1o-XrCsd3YTleNwKe2vVSRGMts0Q4XSyCUGlpDejkSLUtR9k8cV-jeOhxD7qbDQ2B0BYP8Jnjff4q_ZgF00p3my4AQBgAa30KrL2bTPoU2gBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYn7DvgfDngwP6CwIIAYAMAeINEwjr3O-B8OeDAxUM47sIHXQVDlfQFQGAFwE%2526num%253D1%2526sig%253DAOD64_3MnQzipmEEKofrvyluvTpnUjWdXQ%2526client%253Dca-pub-8737793389671535%2526adurl%253D&y=1&s=&z=0

Requested by

Host: ad4m.at
URL: https://ad4m.at/r62eglto.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b12499da5db19098d013673189451de343583c60be315696dabbe3c0bf224543

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src ;connect-src https:;default-src 'self';font-src ;form-action 'none';frame-src ;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src 'unsafe-inline'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://as.ad4m.at/ad/dr?ed=1jcc5hcpqznnv7mjsj4mx01wzdn22jes4x30x28ddwtrvrjhaxadamy9c3n4pxnx4yfyw9f05q6n65xzmjqveyrckfcbyrzd5xnwp6fehd6127cyzqbx4m7rspmxctgnx0x2phzmvwcqq7qqj35kv21d602fm8t7h6hd1xmjq0bzm2bejhnrpp4rtyxes123grtfktnaybnfwtm5681vbek44wck9ykb618jd4y4dp14ctzx68pgf677bmde26p7shdnxandbcpzaw1hsz90p1jtykkt4cjqp6cm5vgj9fecmf15kmhfnm0t22g9g1e3p4jd9msk53xcch7rwm93p7ejqqa2jbhan3h6p8w8rsvb3swh0f9bg8xwv7q3gey65q6tn03btedyv0zreye6cqcfnmsp0et1f4k07rsw2a21gncqtd3zaj205mhaqshvvd7xedfd&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCTpZ8Q5epZbObE4zG7_UP9Kq4uAWQ4YGEXLaoworwAsCNtwEQASAAYJXKhoKYB4IBF2NhLXB1Yi04NzM3NzkzMzg5NjcxNTM1yAEJqQJ_jGMqIjiyPuACAKgDAcgDAqoEiQJP0OkgxITHVZOI1453C2XKum5n-Q4SxwuH2zSO_5ruY-lT8D1wqSULVmBfMP1jmJTQo-MCB_gnXAFGNNI4iFKa4KTNP866Rh2yciNJeY_SQftNFLguL_c3vp35eILbhMvguRyNAIKiYE4u8Dqj3PiUynR6omSY8TaGlmXo66ysgjy_QewFSDLs_N7bFYRjlBbFBkfWjxhVBwy-VrwlgKCBmW6lA9jxELDTZJfjFgpEhiWHV7tloHUw3roDIXYWgN5t5EkbTtDY_1o-XrCsd3YTleNwKe2vVSRGMts0Q4XSyCUGlpDejkSLUtR9k8cV-jeOhxD7qbDQ2B0BYP8Jnjff4q_ZgF00p3my4AQBgAa30KrL2bTPoU2gBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYn7DvgfDngwP6CwIIAYAMAeINEwjr3O-B8OeDAxUM47sIHXQVDlfQFQGAFwE%26num%3D1%26sig%3DAOD64_3MnQzipmEEKofrvyluvTpnUjWdXQ%26client%3Dca-pub-8737793389671535%26adurl%3D
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 8479e90a289730d8-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src *;connect-src https:;default-src 'self';font-src *;form-action 'none';frame-src *;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Thu, 18 Jan 2024 21:25:24 GMT
expires: 0
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
permissions-policy: accelerometer=(),autoplay=(self),camera=(),display-capture=(),encrypted-media=(self),fullscreen=(),gamepad=(),geolocation=(),gyroscope=(),hid=(),identity-credentials-get=(),idle-detection=*,local-fonts=*,magnetometer=(),microphone=(),midi=(),otp-credentials=(),payment=(),picture-in-picture=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=(),web-share=*,xr-spatial-tracking=()
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.50/one-ad/ Frame 7847 115 KB
14 KB 46ms
45ms Stylesheet
text/css 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.50/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=12798&b=13mUbfKf2Ama9HdH9tAt2zmS2SKTGRWHx7dr&f=wAjudfjfZk3SEHRH2tEC4m9hzSATmrZTKJQ1&c=320&d=50&e=&g=ca6cf9288b5ffa853a40754ddc07265b%2F17633747351325930973&i=20363&j=24&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1705613124072&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hr2scez6rxe1adtasmt78cdtybmnj45cad7je9jxcxq9x2az4cm2b0ftwweec05j9banxtbrssvw4j1bk8t98ex83qw11hkxv8mycgfv9c26rcxexg7khj73274rn5fq330mpyt4q45qm9fda9t1h0trk99d7534ynq4fc94y3r58d935kaxmcxebbq6gpcjxjpgb5wfnrz82b8gfrjbm6w1k7jy1sthmr7e2dn2hep1tydqgkk6c5sfgveth9w4hsxqkw2akkdj7kksc3bg7jv%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCm0PWQpepZeGdKdC59u8PmJeqmAWQ4YGEXLaoworwAsCNtwEQASAAYJXKhoKYB4IBF2NhLXB1Yi04NzM3NzkzMzg5NjcxNTM1yAEJqQJ_jGMqIjiyPuACAKgDAcgDAqoEjAJP0EvPm_--F40JGJsXkGL709w-3Xb-hK9O0aQlWNW8eXKrS9niy86RMKIKVQNRDXkD1A1YVfmNcM3lD-KNIA9kIAoglKNPVJGH0h7vLcdeQjjwHAyd4b4N72NXS049xNP_7ljfI_glR5Cb6K837op1zPidyHMJ31GTKLBcU0K6gLyMTEpTdicrZfztCco4kCoBZ11vH7aeidML0FfBSVYelhoPi34Za9IRw_eWyMQ68jiQOn1IfEr0z4bQn8s12N0MmcbWGTDwWhDKdMYws5Ej1xJ01NWkgbVxc1MkSNEqPib9e4P3lA2mUErQGzXPKz3xVf_68srB3EXX2p-A9RWziFVYDHESVjdo-RQ34AQBgAbF76qXrOryphygBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYlKCygvDngwP6CwIIAYAMAeINEwiZgbOC8OeDAxXQnP0HHZiLClPQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2VhP59kPk0szm7BFx6c0fKMWvzLA%2526client%253Dca-pub-8737793389671535%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5f5a0db09b2c7d59fce00d749f6b857d80edafcca6897c038c5b77fb942f1393

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/rar?a=12798&b=13mUbfKf2Ama9HdH9tAt2zmS2SKTGRWHx7dr&f=wAjudfjfZk3SEHRH2tEC4m9hzSATmrZTKJQ1&c=320&d=50&e=&g=ca6cf9288b5ffa853a40754ddc07265b%2F17633747351325930973&i=20363&j=24&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1705613124072&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hr2scez6rxe1adtasmt78cdtybmnj45cad7je9jxcxq9x2az4cm2b0ftwweec05j9banxtbrssvw4j1bk8t98ex83qw11hkxv8mycgfv9c26rcxexg7khj73274rn5fq330mpyt4q45qm9fda9t1h0trk99d7534ynq4fc94y3r58d935kaxmcxebbq6gpcjxjpgb5wfnrz82b8gfrjbm6w1k7jy1sthmr7e2dn2hep1tydqgkk6c5sfgveth9w4hsxqkw2akkdj7kksc3bg7jv%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCm0PWQpepZeGdKdC59u8PmJeqmAWQ4YGEXLaoworwAsCNtwEQASAAYJXKhoKYB4IBF2NhLXB1Yi04NzM3NzkzMzg5NjcxNTM1yAEJqQJ_jGMqIjiyPuACAKgDAcgDAqoEjAJP0EvPm_--F40JGJsXkGL709w-3Xb-hK9O0aQlWNW8eXKrS9niy86RMKIKVQNRDXkD1A1YVfmNcM3lD-KNIA9kIAoglKNPVJGH0h7vLcdeQjjwHAyd4b4N72NXS049xNP_7ljfI_glR5Cb6K837op1zPidyHMJ31GTKLBcU0K6gLyMTEpTdicrZfztCco4kCoBZ11vH7aeidML0FfBSVYelhoPi34Za9IRw_eWyMQ68jiQOn1IfEr0z4bQn8s12N0MmcbWGTDwWhDKdMYws5Ej1xJ01NWkgbVxc1MkSNEqPib9e4P3lA2mUErQGzXPKz3xVf_68srB3EXX2p-A9RWziFVYDHESVjdo-RQ34AQBgAbF76qXrOryphygBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYlKCygvDngwP6CwIIAYAMAeINEwiZgbOC8OeDAxXQnP0HHZiLClPQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2VhP59kPk0szm7BFx6c0fKMWvzLA%2526client%253Dca-pub-8737793389671535%2526adurl%253D&y=1&s=&z=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 21:25:24 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 500448
cf-polished: origSize=118430
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 02 Nov 2023 10:26:17 GMT
server: cloudflare
etag: W/"486507ccce9ac587d11c0ef3f32a109a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8JjOD4AnA86pGoEKys%2FLU17EkgVl4UFc%2FCxUTHDu%2Fy4omPg2YMNIaQM8N3mYDl9ji47Fj%2B7ZnyUyXV0mJrON3uouy8TGPlRXiZdmy3vaMkQNxzz56z6yFP3Vu%2BsVnlEZvDkI7qfy7Gs%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=86400
cf-ray: 8479e90a389d30d8-FRA
expires: Fri, 19 Jan 2024 21:25:24 GMT

GET
H3 200 CE6834AD498963D86DCF81CEFC3C8B2F207262F71B4D750782ACC1A1406885822D68122DFB2A560E5E701C233F87E8D5DDF70708DEEF423D7ACE0B4A3456D62C
assets.ad4m.at/logo/ Frame 7847 19 KB
20 KB 33ms
32ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/CE6834AD498963D86DCF81CEFC3C8B2F207262F71B4D750782ACC1A1406885822D68122DFB2A560E5E701C233F87E8D5DDF70708DEEF423D7ACE0B4A3456D62C
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=12798&b=13mUbfKf2Ama9HdH9tAt2zmS2SKTGRWHx7dr&f=wAjudfjfZk3SEHRH2tEC4m9hzSATmrZTKJQ1&c=320&d=50&e=&g=ca6cf9288b5ffa853a40754ddc07265b%2F17633747351325930973&i=20363&j=24&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1705613124072&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hr2scez6rxe1adtasmt78cdtybmnj45cad7je9jxcxq9x2az4cm2b0ftwweec05j9banxtbrssvw4j1bk8t98ex83qw11hkxv8mycgfv9c26rcxexg7khj73274rn5fq330mpyt4q45qm9fda9t1h0trk99d7534ynq4fc94y3r58d935kaxmcxebbq6gpcjxjpgb5wfnrz82b8gfrjbm6w1k7jy1sthmr7e2dn2hep1tydqgkk6c5sfgveth9w4hsxqkw2akkdj7kksc3bg7jv%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCm0PWQpepZeGdKdC59u8PmJeqmAWQ4YGEXLaoworwAsCNtwEQASAAYJXKhoKYB4IBF2NhLXB1Yi04NzM3NzkzMzg5NjcxNTM1yAEJqQJ_jGMqIjiyPuACAKgDAcgDAqoEjAJP0EvPm_--F40JGJsXkGL709w-3Xb-hK9O0aQlWNW8eXKrS9niy86RMKIKVQNRDXkD1A1YVfmNcM3lD-KNIA9kIAoglKNPVJGH0h7vLcdeQjjwHAyd4b4N72NXS049xNP_7ljfI_glR5Cb6K837op1zPidyHMJ31GTKLBcU0K6gLyMTEpTdicrZfztCco4kCoBZ11vH7aeidML0FfBSVYelhoPi34Za9IRw_eWyMQ68jiQOn1IfEr0z4bQn8s12N0MmcbWGTDwWhDKdMYws5Ej1xJ01NWkgbVxc1MkSNEqPib9e4P3lA2mUErQGzXPKz3xVf_68srB3EXX2p-A9RWziFVYDHESVjdo-RQ34AQBgAbF76qXrOryphygBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYlKCygvDngwP6CwIIAYAMAeINEwiZgbOC8OeDAxXQnP0HHZiLClPQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2VhP59kPk0szm7BFx6c0fKMWvzLA%2526client%253Dca-pub-8737793389671535%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0608f1a7ef6606a2cfffc069a4dbfac115530a028c34f41fdee74025a8e041ee

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 21:25:24 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 535272
cf-polished: origFmt=png, origSize=22787
alt-svc: h3=":443"; ma=86400
content-length: 19466
cf-bgj: imgq:85,h2pri
last-modified: Fri, 03 Nov 2023 22:10:05 GMT
server: cloudflare
etag: "4b9704be0737f6ef5c79d5399f862263"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lMpjcro2YHf3nwK6hQCFRMNhxnXwv0K1n4gbqEgCTB6GhnoWk4AwpQ%2BiH50TXM3ivkheiCfDXc%2BP5m5p7Um1%2FQK9NVF0%2BxnYnEaEMjmgI5WrqtgOCo8V2flFgN3E5WbAcxRQM1CGyshqhfnz"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 8479e90a389e30d8-FRA

GET
H3 200 4B927AAF30F443F7A88AA5F69050293EE8D5C60E263C40829E029C16040D20F6AE81092D665019CBC0DD839F6AFB90D93F94F73A47C1002601D444B61B1C7967
assets.ad4m.at/ Frame 7847 36 KB
37 KB 49ms
48ms Image
image/jpeg 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/4B927AAF30F443F7A88AA5F69050293EE8D5C60E263C40829E029C16040D20F6AE81092D665019CBC0DD839F6AFB90D93F94F73A47C1002601D444B61B1C7967
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=12798&b=13mUbfKf2Ama9HdH9tAt2zmS2SKTGRWHx7dr&f=wAjudfjfZk3SEHRH2tEC4m9hzSATmrZTKJQ1&c=320&d=50&e=&g=ca6cf9288b5ffa853a40754ddc07265b%2F17633747351325930973&i=20363&j=24&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1705613124072&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hr2scez6rxe1adtasmt78cdtybmnj45cad7je9jxcxq9x2az4cm2b0ftwweec05j9banxtbrssvw4j1bk8t98ex83qw11hkxv8mycgfv9c26rcxexg7khj73274rn5fq330mpyt4q45qm9fda9t1h0trk99d7534ynq4fc94y3r58d935kaxmcxebbq6gpcjxjpgb5wfnrz82b8gfrjbm6w1k7jy1sthmr7e2dn2hep1tydqgkk6c5sfgveth9w4hsxqkw2akkdj7kksc3bg7jv%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCm0PWQpepZeGdKdC59u8PmJeqmAWQ4YGEXLaoworwAsCNtwEQASAAYJXKhoKYB4IBF2NhLXB1Yi04NzM3NzkzMzg5NjcxNTM1yAEJqQJ_jGMqIjiyPuACAKgDAcgDAqoEjAJP0EvPm_--F40JGJsXkGL709w-3Xb-hK9O0aQlWNW8eXKrS9niy86RMKIKVQNRDXkD1A1YVfmNcM3lD-KNIA9kIAoglKNPVJGH0h7vLcdeQjjwHAyd4b4N72NXS049xNP_7ljfI_glR5Cb6K837op1zPidyHMJ31GTKLBcU0K6gLyMTEpTdicrZfztCco4kCoBZ11vH7aeidML0FfBSVYelhoPi34Za9IRw_eWyMQ68jiQOn1IfEr0z4bQn8s12N0MmcbWGTDwWhDKdMYws5Ej1xJ01NWkgbVxc1MkSNEqPib9e4P3lA2mUErQGzXPKz3xVf_68srB3EXX2p-A9RWziFVYDHESVjdo-RQ34AQBgAbF76qXrOryphygBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYlKCygvDngwP6CwIIAYAMAeINEwiZgbOC8OeDAxXQnP0HHZiLClPQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2VhP59kPk0szm7BFx6c0fKMWvzLA%2526client%253Dca-pub-8737793389671535%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5c6a31c295e712e8e9e0875189171f743c70a2da3d2b3f975ed577844698fc5f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 21:25:24 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 627289
cf-polished: status=not_needed
alt-svc: h3=":443"; ma=86400
content-length: 37180
cf-bgj: imgq:85,h2pri
last-modified: Thu, 11 Jan 2024 15:10:27 GMT
server: cloudflare
etag: "9e3ea7345b998abf34ffc42fd4d7f7df"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OK3GnAjEiVdX9XFw2MuzctIEfrx29NVELXUFKDAoECfrVouA81Yo635QVDZ3MKAIXlF1J3I4CMRJD%2BkouDyuFpIRm5ozKI4xm0Yis3EprZjaTBb%2F%2FXc0sKxFY%2FxExyf4p%2BpI%2BmZuGUk%2BvlFN"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 8479e90a389f30d8-FRA

GET
H/1.1 200
OK af4ff75e9ff0f691fd8dd53e639ddaad Show response
netzwerk.uppr.de/trck/epv/ Frame 7847 542 B
1 KB 293ms
215ms Script
application/javascript 147.135.143.66
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://netzwerk.uppr.de/trck/epv/af4ff75e9ff0f691fd8dd53e639ddaad?subid=oneid13mUbfKf2Ama9HdH9tAt2zmS2SKTGRWHx7droneid__suite_Netmix_Reach118_EXTRAPUSH&gdpr_consent=&gdpr=0&gdpr_pd=0
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=12798&b=13mUbfKf2Ama9HdH9tAt2zmS2SKTGRWHx7dr&f=wAjudfjfZk3SEHRH2tEC4m9hzSATmrZTKJQ1&c=320&d=50&e=&g=ca6cf9288b5ffa853a40754ddc07265b%2F17633747351325930973&i=20363&j=24&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1705613124072&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hr2scez6rxe1adtasmt78cdtybmnj45cad7je9jxcxq9x2az4cm2b0ftwweec05j9banxtbrssvw4j1bk8t98ex83qw11hkxv8mycgfv9c26rcxexg7khj73274rn5fq330mpyt4q45qm9fda9t1h0trk99d7534ynq4fc94y3r58d935kaxmcxebbq6gpcjxjpgb5wfnrz82b8gfrjbm6w1k7jy1sthmr7e2dn2hep1tydqgkk6c5sfgveth9w4hsxqkw2akkdj7kksc3bg7jv%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCm0PWQpepZeGdKdC59u8PmJeqmAWQ4YGEXLaoworwAsCNtwEQASAAYJXKhoKYB4IBF2NhLXB1Yi04NzM3NzkzMzg5NjcxNTM1yAEJqQJ_jGMqIjiyPuACAKgDAcgDAqoEjAJP0EvPm_--F40JGJsXkGL709w-3Xb-hK9O0aQlWNW8eXKrS9niy86RMKIKVQNRDXkD1A1YVfmNcM3lD-KNIA9kIAoglKNPVJGH0h7vLcdeQjjwHAyd4b4N72NXS049xNP_7ljfI_glR5Cb6K837op1zPidyHMJ31GTKLBcU0K6gLyMTEpTdicrZfztCco4kCoBZ11vH7aeidML0FfBSVYelhoPi34Za9IRw_eWyMQ68jiQOn1IfEr0z4bQn8s12N0MmcbWGTDwWhDKdMYws5Ej1xJ01NWkgbVxc1MkSNEqPib9e4P3lA2mUErQGzXPKz3xVf_68srB3EXX2p-A9RWziFVYDHESVjdo-RQ34AQBgAbF76qXrOryphygBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYlKCygvDngwP6CwIIAYAMAeINEwiZgbOC8OeDAxXQnP0HHZiLClPQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2VhP59kPk0szm7BFx6c0fKMWvzLA%2526client%253Dca-pub-8737793389671535%2526adurl%253D&y=1&s=&z=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 147.135.143.66 Montpellier, France, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx /
Resource Hash: 8379dad3533a173c1a5b6ceb8e4da35e6fb5d015b753e32eab9b89023dce8412

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 21:25:24 GMT
attribution-reporting-register-source: {"source_event_id":"12200505250107494","destination":"https://trck.easy-m.de","expiry":5184000,"filter_data":{}}
server: nginx
x-iplb-request-id: D972D784:B946_93878F42:01BB_65A99744_15052E3:4AE3
x-iplb-instance: 54193
vary: Origin
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: X-Request-ID
access-control-allow-credentials: true
x-https-header: 1
content-length: 542

GET
H3 200 rar Show response
as.ad4m.at/ad/ Frame 5E8C 11 KB
5 KB 65ms
64ms Document
text/html 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/rar?a=29002%2C685%2C197862&b=ZxqHwfBfMzDtmHDHDt3t6R4T6SXTQRBuY51p%2CYxRHrf3fkXaVH9HetQteg5ukS1Td9rF1Z6q%2CRx3HgfQfGPqeUkHwH3tQtw2A7u9SzTYMAhB3zZ&f=9jbSMfmfGdBtKHBH2tzCVWAc9SmTzPMfrbJW%2Cq42umfWfAzSZHgHDtRCwrdHeSgTJD5sq4xM%2CQxWH4fjfP93YUxH5HYt9CbqrpT6S4TGD4HEzJ5&c=300&d=250&e=&g=9386754a2ee639bbd1c939ab1bfc040f%2F4994517816740415661&i=25052%2C17908%2C71725&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1705613124126&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jsy38rndxpbqy3a14gtsyamggmz9fz74tzagwfzx6660xcsr2cr8kg5p9t0nzctvzfdc9pkkaahgck540krg15mahb1r38mdb6v296pb568a493bxzsnbh4j860fm0jf5t00hfc58n58ehc69n9n36zadpwbva1j93mgpnr9rtc8jmf4q7wpededw41yty2kydadmdqygv4jmyscfeypgyabmwg9zv64natxevfajdjeknxqqdnfev5c7r21gh7d9770ndqcjr9p4ss8x5qeceq%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC4HAoQpepZeedKdC59u8PmJeqmAWQ4YGEXLaoworwAsCNtwEQASAAYJXKhoKYB4IBF2NhLXB1Yi04NzM3NzkzMzg5NjcxNTM1yAEJqQJ_jGMqIjiyPuACAKgDAcgDAqoEgwJP0EQZSy_YxyYeWJe0FvzAOgF9DCM-wvvMcIByxHSDvj57eYTD4yANOmWaZ7CjNBvrdCegGDx910UNaA2OgLtvj8bPhgQsa7qZHYh-7UFjOclPSV162U_3WXDd72JYIU96QVooo35aOoY0yYkSz7DHYrmwrvx6uA02_xbalcflZx29ydNrtNsPgBEiT4Qre0R1JBUC-kXhDWcP0zG_FFx2v97wpWyPC6eGNj26KYVLxkrJFGrUr2jetGmXcofo4-bUVJWxJNNp3DL22jp_9vZ7pRw23y9k9yi4RPsaU8F7GFFoo37POcrwhHKN520scucETRTkXGCDmzgQ77ED_4FbF7i-4AQBgAb8k6yH8smngiugBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYlKCygvDngwP6CwIIAYAMAeINEwifgbOC8OeDAxXQnP0HHZiLClPQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2Voj4mfJ1FTjTsOig2RUYFg9HoZw%2526client%253Dca-pub-8737793389671535%2526adurl%253D&y=1&s=&z=0

Requested by

Host: ad4m.at
URL: https://ad4m.at/r62eglto.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f91e10a47eee634aa17de5148caac8619aa13b76bcd09ed5798d02ab2c1e4e53

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src ;connect-src https:;default-src 'self';font-src ;form-action 'none';frame-src ;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src 'unsafe-inline'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://as.ad4m.at/ad/dr?ed=1j9jdgmc8n4040a457g2269cm40z3aaexatkn8s5ms7fdkbf4a48x700tdv39gcrf9hpbyxwk1pe7e6qpezq953f9vp9yxdwj2dxxekfrsmbjkx9jqxx79xasfbyxx9g6qjmv87fgmbyw5ra924kzrjx1fbagesysmqqm3h7b5h7dtzq10362jw7rx082es7y208842gc9dhd75e1racn5x5k024h52zn0rkvtyw8bwhcntpde70esx3bdsw9y4v8bge4jvvz4ehdt6t7zz6q2rc4wjs1pxm4rs6qtd1vkr0tvya0beqq615h04p0jgwky8c7xyrk83veqwre3k3jebebds3az63dxq3pbfjfke1fnwh9d080efgesjkwsmqgk3n5ew4ybzc5mwc7c4xv4856w1jyt6gkxmnjtcwd85cfym729t9et70ekhrd5g68wyvw2yrkg&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC4HAoQpepZeedKdC59u8PmJeqmAWQ4YGEXLaoworwAsCNtwEQASAAYJXKhoKYB4IBF2NhLXB1Yi04NzM3NzkzMzg5NjcxNTM1yAEJqQJ_jGMqIjiyPuACAKgDAcgDAqoEgwJP0EQZSy_YxyYeWJe0FvzAOgF9DCM-wvvMcIByxHSDvj57eYTD4yANOmWaZ7CjNBvrdCegGDx910UNaA2OgLtvj8bPhgQsa7qZHYh-7UFjOclPSV162U_3WXDd72JYIU96QVooo35aOoY0yYkSz7DHYrmwrvx6uA02_xbalcflZx29ydNrtNsPgBEiT4Qre0R1JBUC-kXhDWcP0zG_FFx2v97wpWyPC6eGNj26KYVLxkrJFGrUr2jetGmXcofo4-bUVJWxJNNp3DL22jp_9vZ7pRw23y9k9yi4RPsaU8F7GFFoo37POcrwhHKN520scucETRTkXGCDmzgQ77ED_4FbF7i-4AQBgAb8k6yH8smngiugBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYlKCygvDngwP6CwIIAYAMAeINEwifgbOC8OeDAxXQnP0HHZiLClPQFQGAFwE%26num%3D1%26sig%3DAOD64_2Voj4mfJ1FTjTsOig2RUYFg9HoZw%26client%3Dca-pub-8737793389671535%26adurl%3D
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 8479e90a38a330d8-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src *;connect-src https:;default-src 'self';font-src *;form-action 'none';frame-src *;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Thu, 18 Jan 2024 21:25:24 GMT
expires: 0
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
permissions-policy: accelerometer=(),autoplay=(self),camera=(),display-capture=(),encrypted-media=(self),fullscreen=(),gamepad=(),geolocation=(),gyroscope=(),hid=(),identity-credentials-get=(),idle-detection=*,local-fonts=*,magnetometer=(),microphone=(),midi=(),otp-credentials=(),payment=(),picture-in-picture=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=(),web-share=*,xr-spatial-tracking=()
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 8954 0
0 64ms
61ms Image
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CFzImQ5epZeihH8_89u8P472V8AeQ4YGEXLaoworwAsCNtwEQASAAYJXKhoKYB4IBF2NhLXB1Yi04NzM3NzkzMzg5NjcxNTM1yAEJqQJ_jGMqIjiyPuACAKgDAcgDAqoEhgJP0G-PNPT9Fjth6QpbvKN1FDJz39Zp6JKsZMCWIo4SXnv02uFS---wKG7-WXfB9z3CPaF7SxjuJwUV1LFTEamg3_uy7PWbzdZy8VNkwxc99dkuySH3e-wtg0YxU7VlL2UiVonkpl_EULtaHYnnOV1ZSOhl8vXHMJmA2OrUaiIsZX7bcciB-SAvKvE6erHLsrP43phz16ih-ofYBn7M-C1JP3J43NPcwTvmN8y_1y_OadOSCMnY2eLQ4_Qk_w7Ym7qcTSgKxhKBKLTwpbxpF7gGsuCumJ-x5t0hRGXFN8fTEILWHJgeXbG5PVqt9C4nKiJcz1rYhWgHsgjIlraHe0vfF68fXbhU4AQBgAbF76qXrOryphygBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYqvnvgfDngwOACgP6CwIIAYAMAeINEwj-wPCB8OeDAxVPvv0HHeNeBX7QFQGAFwGyFx0KGxIUcHViLTg3Mzc3OTMzODk2NzE1MzUYoKiLAQ&sigh=jsueVrbI8Uc&uach_m=%5BUACH%5D&cid=CAQSOwAvHhf_lS9ySNWte3rnkmffjoA8dFmJH6Git8PMX2t66J7IFK2frgHMP6IKgpEsLzeQr0rvRfo6tMwXGAE&cbvp=2&vis=1
Requested by: Host: e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com
URL: https://e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

GET
H3 204 winResponse
prod-rtb.ad4mat.net/ Frame 8954 0
11 B 35ms
34ms Image
image/gif 2600:1901:0:76b9::
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://prod-rtb.ad4mat.net/winResponse?a=1g2f19yzcm378n3j3c7s03aq8n7n2a1ws1dra5f73wh6w0aajts6f63nzhys2e2xd1dj436tmp0yye57bsejtnynszhzmsx9xe2dxs08zagxs7t1fqj0adf4t3sbtry0gejv9sn2t45cj9a459d324m6tcy7esg1yg13aemaq66sdkxcc6egmdt748tnvkgjehcf721zcckejkmewywak21zpefak1bbe6jtrd51bq6pnm7qcd4t546y3tnemvdm9426w4g11x74xhcxxkyd0tm9trt0wvg5nwt0vbpfk3agqq18m1y3mh34nrqfhkma7759havthx4sst9aqstckhf6tt6z2cqv8vdzds6zwhxry54j6n5cw1hnrhggr128panbmcm65wys0p8&b=ZamXQwAH0OgH_b5PAAVe4x4xaetUZKKPDqiolA&cbvp=2
Requested by: Host: e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com
URL: https://e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 18 Jan 2024 21:25:24 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: image/gif

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.50/one-ad/ Frame 9F12 115 KB
14 KB 43ms
41ms Stylesheet
text/css 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.50/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=19769%2C196439%2C183975&b=8R3cDf8f2qZfgHJHEtxtkZEhGSwTpQZtbw6A%2CJB7Uzf5f3drKCBH6H7tptrjQtxSgT4EGaP39W%2Ce7mt3fVfrkRMajHZHet1t4jXTwSQTK3gsJxrj&f=ZxqHwfBf6A8UmHDHDtDCJQ2a6SXTQRBuY51p%2CGjMSBfpfXwxkcKHeHGtBC31dHZSYTJ78sQVeB%2CDjBS3fwfGA3rF3HmH9twCZ3kTxSmTYEXhZMAz&c=300&d=250&e=&g=d4385695d55eaa2d0e068eeee766ae09%2F15788385245188353517&i=21630%2C25174%2C20597&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1705613124106&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jb9kbepzfvrx502kdp61etz6tpvvhrbp9pn7zw7kf1cyzkhe32dc37bz27p9jzbfejkqn4gvhyxn24taffjfr08c6jq9wadzhwfpks2h53fyprpmtnc73vxm22tz0n7a91cggtjxzk8c0w31zkkbn4gr4pn6scs5t7r8pvjnys393g7ep2vz7vhan2ws0gk8g73kxtta0yg8f4y5m2psxtdrpshjn1j15m3qthwxs6b9d28ewftx2yw1gn4cssw5v7yqnr99hbftwz0tsbscfbe%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCNNT0QpepZeOdKdC59u8PmJeqmAWQ4YGEXLaoworwAsCNtwEQASAAYJXKhoKYB4IBF2NhLXB1Yi04NzM3NzkzMzg5NjcxNTM1yAEJqQJ_jGMqIjiyPuACAKgDAcgDAqoEhAJP0MwmwCg5YxAqi76R6vO-0wsn070VASjPs9c2OiFixa5HPA8Xs_2cOeog2ZfIRA948PGaJPhymlUdINExB7iuKMK_Y92kcHFIYod5hfSX4m2CSkrdThoktXTdQWyPCw_pTe2MlY4b_qUBVyUCP4Wmch4jg65jFQZmEx5WYxVM9VC6DeVfushzEVvQ-1Jz-Nc6m5JZa3HUOjBcaCmqG-sEUcW7ORfj37GfFA4lgCGr0Y7GTemDey7pckoFZn44qD0AyszTyfc6Vz0miE4SvaBbk1x3A_JuKky9OJQNvkBqq4Uhw8qghSn1CbL8UGMwkUUxi5ZlW4z9I7fkx-I-LpZAJAsTKuAEAYAG_JOsh_LJp4IroAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WJSgsoLw54MD-gsCCAGADAHiDRMIm4GzgvDngwMV0Jz9Bx2YiwpT0BUBgBcB%2526num%253D1%2526sig%253DAOD64_0ZmvmF0SkpxWZukQSu8WKxJoJ3sw%2526client%253Dca-pub-8737793389671535%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5f5a0db09b2c7d59fce00d749f6b857d80edafcca6897c038c5b77fb942f1393

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/rar?a=19769%2C196439%2C183975&b=8R3cDf8f2qZfgHJHEtxtkZEhGSwTpQZtbw6A%2CJB7Uzf5f3drKCBH6H7tptrjQtxSgT4EGaP39W%2Ce7mt3fVfrkRMajHZHet1t4jXTwSQTK3gsJxrj&f=ZxqHwfBf6A8UmHDHDtDCJQ2a6SXTQRBuY51p%2CGjMSBfpfXwxkcKHeHGtBC31dHZSYTJ78sQVeB%2CDjBS3fwfGA3rF3HmH9twCZ3kTxSmTYEXhZMAz&c=300&d=250&e=&g=d4385695d55eaa2d0e068eeee766ae09%2F15788385245188353517&i=21630%2C25174%2C20597&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1705613124106&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jb9kbepzfvrx502kdp61etz6tpvvhrbp9pn7zw7kf1cyzkhe32dc37bz27p9jzbfejkqn4gvhyxn24taffjfr08c6jq9wadzhwfpks2h53fyprpmtnc73vxm22tz0n7a91cggtjxzk8c0w31zkkbn4gr4pn6scs5t7r8pvjnys393g7ep2vz7vhan2ws0gk8g73kxtta0yg8f4y5m2psxtdrpshjn1j15m3qthwxs6b9d28ewftx2yw1gn4cssw5v7yqnr99hbftwz0tsbscfbe%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCNNT0QpepZeOdKdC59u8PmJeqmAWQ4YGEXLaoworwAsCNtwEQASAAYJXKhoKYB4IBF2NhLXB1Yi04NzM3NzkzMzg5NjcxNTM1yAEJqQJ_jGMqIjiyPuACAKgDAcgDAqoEhAJP0MwmwCg5YxAqi76R6vO-0wsn070VASjPs9c2OiFixa5HPA8Xs_2cOeog2ZfIRA948PGaJPhymlUdINExB7iuKMK_Y92kcHFIYod5hfSX4m2CSkrdThoktXTdQWyPCw_pTe2MlY4b_qUBVyUCP4Wmch4jg65jFQZmEx5WYxVM9VC6DeVfushzEVvQ-1Jz-Nc6m5JZa3HUOjBcaCmqG-sEUcW7ORfj37GfFA4lgCGr0Y7GTemDey7pckoFZn44qD0AyszTyfc6Vz0miE4SvaBbk1x3A_JuKky9OJQNvkBqq4Uhw8qghSn1CbL8UGMwkUUxi5ZlW4z9I7fkx-I-LpZAJAsTKuAEAYAG_JOsh_LJp4IroAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WJSgsoLw54MD-gsCCAGADAHiDRMIm4GzgvDngwMV0Jz9Bx2YiwpT0BUBgBcB%2526num%253D1%2526sig%253DAOD64_0ZmvmF0SkpxWZukQSu8WKxJoJ3sw%2526client%253Dca-pub-8737793389671535%2526adurl%253D&y=1&s=&z=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 21:25:24 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 500448
cf-polished: origSize=118430
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 02 Nov 2023 10:26:17 GMT
server: cloudflare
etag: W/"486507ccce9ac587d11c0ef3f32a109a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eDd1SM2KeMLaUVcbWXnZBXr5bJ%2FuIxeCRkq2O9QZl3vQ7eAuhUY6hoErlZdDYDydzOQ%2FG%2F07x2c7KZbmw%2FF0C0%2FZ%2BtqDGdIN%2B0qYVQ3iD%2FH5JHY%2ByhNihCTIPQLlM2Y3R9cn%2FStzX1Q%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=86400
cf-ray: 8479e90a58cb30d8-FRA
expires: Fri, 19 Jan 2024 21:25:24 GMT

GET
H3 200 90E11D2E4CFB32857DB7C2E1317DD53401EA4F6F6F9CD68E6E871CA9D0C876402E8B3C561F20D09E5FFCF6D6F6634B28F60F47276020F60158747BE09B58F826
assets.ad4m.at/logo/ Frame 9F12 4 KB
5 KB 46ms
44ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/90E11D2E4CFB32857DB7C2E1317DD53401EA4F6F6F9CD68E6E871CA9D0C876402E8B3C561F20D09E5FFCF6D6F6634B28F60F47276020F60158747BE09B58F826
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=19769%2C196439%2C183975&b=8R3cDf8f2qZfgHJHEtxtkZEhGSwTpQZtbw6A%2CJB7Uzf5f3drKCBH6H7tptrjQtxSgT4EGaP39W%2Ce7mt3fVfrkRMajHZHet1t4jXTwSQTK3gsJxrj&f=ZxqHwfBf6A8UmHDHDtDCJQ2a6SXTQRBuY51p%2CGjMSBfpfXwxkcKHeHGtBC31dHZSYTJ78sQVeB%2CDjBS3fwfGA3rF3HmH9twCZ3kTxSmTYEXhZMAz&c=300&d=250&e=&g=d4385695d55eaa2d0e068eeee766ae09%2F15788385245188353517&i=21630%2C25174%2C20597&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1705613124106&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jb9kbepzfvrx502kdp61etz6tpvvhrbp9pn7zw7kf1cyzkhe32dc37bz27p9jzbfejkqn4gvhyxn24taffjfr08c6jq9wadzhwfpks2h53fyprpmtnc73vxm22tz0n7a91cggtjxzk8c0w31zkkbn4gr4pn6scs5t7r8pvjnys393g7ep2vz7vhan2ws0gk8g73kxtta0yg8f4y5m2psxtdrpshjn1j15m3qthwxs6b9d28ewftx2yw1gn4cssw5v7yqnr99hbftwz0tsbscfbe%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCNNT0QpepZeOdKdC59u8PmJeqmAWQ4YGEXLaoworwAsCNtwEQASAAYJXKhoKYB4IBF2NhLXB1Yi04NzM3NzkzMzg5NjcxNTM1yAEJqQJ_jGMqIjiyPuACAKgDAcgDAqoEhAJP0MwmwCg5YxAqi76R6vO-0wsn070VASjPs9c2OiFixa5HPA8Xs_2cOeog2ZfIRA948PGaJPhymlUdINExB7iuKMK_Y92kcHFIYod5hfSX4m2CSkrdThoktXTdQWyPCw_pTe2MlY4b_qUBVyUCP4Wmch4jg65jFQZmEx5WYxVM9VC6DeVfushzEVvQ-1Jz-Nc6m5JZa3HUOjBcaCmqG-sEUcW7ORfj37GfFA4lgCGr0Y7GTemDey7pckoFZn44qD0AyszTyfc6Vz0miE4SvaBbk1x3A_JuKky9OJQNvkBqq4Uhw8qghSn1CbL8UGMwkUUxi5ZlW4z9I7fkx-I-LpZAJAsTKuAEAYAG_JOsh_LJp4IroAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WJSgsoLw54MD-gsCCAGADAHiDRMIm4GzgvDngwMV0Jz9Bx2YiwpT0BUBgBcB%2526num%253D1%2526sig%253DAOD64_0ZmvmF0SkpxWZukQSu8WKxJoJ3sw%2526client%253Dca-pub-8737793389671535%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7df956c080a1bb3ed36decdc5b978505ddf07aa8d4b1b69e6ded3a9773464a2b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 21:25:24 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 541140
cf-polished: qual=85, origFmt=jpeg, origSize=7258
alt-svc: h3=":443"; ma=86400
content-length: 4294
cf-bgj: imgq:85,h2pri
last-modified: Wed, 01 Nov 2023 09:56:16 GMT
server: cloudflare
etag: "679602b08629bcaaabfcfad4e68fe53a"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QrTzxn6F9TyO4JGsMvOskwpFAeRK64lsSSrfZcA2WgEfikoSHH4KU6sJCxqXoQBaO40VYCK3UZQYa%2BhFoTqWtvjzGVY0jhFqc8N2NmTaHwL0JpyjHl4vQsuHfRdhxxedIszbyVwCYEs4MqEr"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 8479e90a58cc30d8-FRA

GET
H3 200 287435BEDBEF5210566F91ED2E6D57494D1CBA241E887A111712FB8ADF6747B3B44CBC7EE390AD74BB6985CDD69339A9B2EDEE7334ACD70F503D0812F8C7EBF1
assets.ad4m.at/ Frame 9F12 15 KB
16 KB 46ms
44ms Image
image/jpeg 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/287435BEDBEF5210566F91ED2E6D57494D1CBA241E887A111712FB8ADF6747B3B44CBC7EE390AD74BB6985CDD69339A9B2EDEE7334ACD70F503D0812F8C7EBF1
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=19769%2C196439%2C183975&b=8R3cDf8f2qZfgHJHEtxtkZEhGSwTpQZtbw6A%2CJB7Uzf5f3drKCBH6H7tptrjQtxSgT4EGaP39W%2Ce7mt3fVfrkRMajHZHet1t4jXTwSQTK3gsJxrj&f=ZxqHwfBf6A8UmHDHDtDCJQ2a6SXTQRBuY51p%2CGjMSBfpfXwxkcKHeHGtBC31dHZSYTJ78sQVeB%2CDjBS3fwfGA3rF3HmH9twCZ3kTxSmTYEXhZMAz&c=300&d=250&e=&g=d4385695d55eaa2d0e068eeee766ae09%2F15788385245188353517&i=21630%2C25174%2C20597&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1705613124106&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jb9kbepzfvrx502kdp61etz6tpvvhrbp9pn7zw7kf1cyzkhe32dc37bz27p9jzbfejkqn4gvhyxn24taffjfr08c6jq9wadzhwfpks2h53fyprpmtnc73vxm22tz0n7a91cggtjxzk8c0w31zkkbn4gr4pn6scs5t7r8pvjnys393g7ep2vz7vhan2ws0gk8g73kxtta0yg8f4y5m2psxtdrpshjn1j15m3qthwxs6b9d28ewftx2yw1gn4cssw5v7yqnr99hbftwz0tsbscfbe%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCNNT0QpepZeOdKdC59u8PmJeqmAWQ4YGEXLaoworwAsCNtwEQASAAYJXKhoKYB4IBF2NhLXB1Yi04NzM3NzkzMzg5NjcxNTM1yAEJqQJ_jGMqIjiyPuACAKgDAcgDAqoEhAJP0MwmwCg5YxAqi76R6vO-0wsn070VASjPs9c2OiFixa5HPA8Xs_2cOeog2ZfIRA948PGaJPhymlUdINExB7iuKMK_Y92kcHFIYod5hfSX4m2CSkrdThoktXTdQWyPCw_pTe2MlY4b_qUBVyUCP4Wmch4jg65jFQZmEx5WYxVM9VC6DeVfushzEVvQ-1Jz-Nc6m5JZa3HUOjBcaCmqG-sEUcW7ORfj37GfFA4lgCGr0Y7GTemDey7pckoFZn44qD0AyszTyfc6Vz0miE4SvaBbk1x3A_JuKky9OJQNvkBqq4Uhw8qghSn1CbL8UGMwkUUxi5ZlW4z9I7fkx-I-LpZAJAsTKuAEAYAG_JOsh_LJp4IroAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WJSgsoLw54MD-gsCCAGADAHiDRMIm4GzgvDngwMV0Jz9Bx2YiwpT0BUBgBcB%2526num%253D1%2526sig%253DAOD64_0ZmvmF0SkpxWZukQSu8WKxJoJ3sw%2526client%253Dca-pub-8737793389671535%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5c8aaf3a0a4a9840eef8109904bf9d8ca3cf0933567fc63c82f239b7bd344ce3

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 21:25:24 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3577720
cf-polished: status=not_needed
alt-svc: h3=":443"; ma=86400
content-length: 15521
cf-bgj: imgq:85,h2pri
last-modified: Thu, 09 Nov 2023 08:09:52 GMT
server: cloudflare
etag: "269bd58060bc660c3aec98b388bae571"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xG9bDvT2xf6KTLIK088gtYgecvrDJsE8%2FJjZCQSN8QBH1GyZCRveUcywwKWfBvXzVXSOAfsw37AbDBK3U3OsMgn%2F9GQkj4U7PlsY03AcAsgpVIySHadrxsLphGCRXbXDgzM9HA167VuNPSda"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 8479e90a68cf30d8-FRA

GET
H/1.1 200
OK cshow.php
www.awin1.com/ Frame 9F12 43 B
704 B 330ms
278ms Image
image/gif 23.199.221.167
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.awin1.com/cshow.php?s=2531885&v=14702&q=365825&r=412871&pv=1&pref3=oneid8R3cDf8f2qZfgHJHEtxtkZEhGSwTpQZtbw6Aoneid__suite_Netmix_Reach118_EXTRAPUSH&gdpr_consent=&gdpr=0&gdpr_pd=0

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=19769%2C196439%2C183975&b=8R3cDf8f2qZfgHJHEtxtkZEhGSwTpQZtbw6A%2CJB7Uzf5f3drKCBH6H7tptrjQtxSgT4EGaP39W%2Ce7mt3fVfrkRMajHZHet1t4jXTwSQTK3gsJxrj&f=ZxqHwfBf6A8UmHDHDtDCJQ2a6SXTQRBuY51p%2CGjMSBfpfXwxkcKHeHGtBC31dHZSYTJ78sQVeB%2CDjBS3fwfGA3rF3HmH9twCZ3kTxSmTYEXhZMAz&c=300&d=250&e=&g=d4385695d55eaa2d0e068eeee766ae09%2F15788385245188353517&i=21630%2C25174%2C20597&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1705613124106&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jb9kbepzfvrx502kdp61etz6tpvvhrbp9pn7zw7kf1cyzkhe32dc37bz27p9jzbfejkqn4gvhyxn24taffjfr08c6jq9wadzhwfpks2h53fyprpmtnc73vxm22tz0n7a91cggtjxzk8c0w31zkkbn4gr4pn6scs5t7r8pvjnys393g7ep2vz7vhan2ws0gk8g73kxtta0yg8f4y5m2psxtdrpshjn1j15m3qthwxs6b9d28ewftx2yw1gn4cssw5v7yqnr99hbftwz0tsbscfbe%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCNNT0QpepZeOdKdC59u8PmJeqmAWQ4YGEXLaoworwAsCNtwEQASAAYJXKhoKYB4IBF2NhLXB1Yi04NzM3NzkzMzg5NjcxNTM1yAEJqQJ_jGMqIjiyPuACAKgDAcgDAqoEhAJP0MwmwCg5YxAqi76R6vO-0wsn070VASjPs9c2OiFixa5HPA8Xs_2cOeog2ZfIRA948PGaJPhymlUdINExB7iuKMK_Y92kcHFIYod5hfSX4m2CSkrdThoktXTdQWyPCw_pTe2MlY4b_qUBVyUCP4Wmch4jg65jFQZmEx5WYxVM9VC6DeVfushzEVvQ-1Jz-Nc6m5JZa3HUOjBcaCmqG-sEUcW7ORfj37GfFA4lgCGr0Y7GTemDey7pckoFZn44qD0AyszTyfc6Vz0miE4SvaBbk1x3A_JuKky9OJQNvkBqq4Uhw8qghSn1CbL8UGMwkUUxi5ZlW4z9I7fkx-I-LpZAJAsTKuAEAYAG_JOsh_LJp4IroAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WJSgsoLw54MD-gsCCAGADAHiDRMIm4GzgvDngwMV0Jz9Bx2YiwpT0BUBgBcB%2526num%253D1%2526sig%253DAOD64_0ZmvmF0SkpxWZukQSu8WKxJoJ3sw%2526client%253Dca-pub-8737793389671535%2526adurl%253D&y=1&s=&z=0

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.199.221.167 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-199-221-167.deploy.static.akamaitechnologies.com

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 18 Jan 2024 21:25:24 GMT
Strict-Transport-Security: max-age=86400
Node: Helix
Content-Type: image/gif
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set: default
Connection: keep-alive
Content-Length: 43
Expires: 0

GET
H3 200 F1668CEEF41AAD8A0C029F9D23FE46EC6F8068CDC15DA60F85AFC1E3BD14A8C560B4DF91D88D53A78DBCC7160246BC21A8B17CCED604428331EE91402A545B83
assets.ad4m.at/logo/ Frame 9F12 9 KB
10 KB 61ms
59ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/F1668CEEF41AAD8A0C029F9D23FE46EC6F8068CDC15DA60F85AFC1E3BD14A8C560B4DF91D88D53A78DBCC7160246BC21A8B17CCED604428331EE91402A545B83
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=19769%2C196439%2C183975&b=8R3cDf8f2qZfgHJHEtxtkZEhGSwTpQZtbw6A%2CJB7Uzf5f3drKCBH6H7tptrjQtxSgT4EGaP39W%2Ce7mt3fVfrkRMajHZHet1t4jXTwSQTK3gsJxrj&f=ZxqHwfBf6A8UmHDHDtDCJQ2a6SXTQRBuY51p%2CGjMSBfpfXwxkcKHeHGtBC31dHZSYTJ78sQVeB%2CDjBS3fwfGA3rF3HmH9twCZ3kTxSmTYEXhZMAz&c=300&d=250&e=&g=d4385695d55eaa2d0e068eeee766ae09%2F15788385245188353517&i=21630%2C25174%2C20597&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1705613124106&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jb9kbepzfvrx502kdp61etz6tpvvhrbp9pn7zw7kf1cyzkhe32dc37bz27p9jzbfejkqn4gvhyxn24taffjfr08c6jq9wadzhwfpks2h53fyprpmtnc73vxm22tz0n7a91cggtjxzk8c0w31zkkbn4gr4pn6scs5t7r8pvjnys393g7ep2vz7vhan2ws0gk8g73kxtta0yg8f4y5m2psxtdrpshjn1j15m3qthwxs6b9d28ewftx2yw1gn4cssw5v7yqnr99hbftwz0tsbscfbe%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCNNT0QpepZeOdKdC59u8PmJeqmAWQ4YGEXLaoworwAsCNtwEQASAAYJXKhoKYB4IBF2NhLXB1Yi04NzM3NzkzMzg5NjcxNTM1yAEJqQJ_jGMqIjiyPuACAKgDAcgDAqoEhAJP0MwmwCg5YxAqi76R6vO-0wsn070VASjPs9c2OiFixa5HPA8Xs_2cOeog2ZfIRA948PGaJPhymlUdINExB7iuKMK_Y92kcHFIYod5hfSX4m2CSkrdThoktXTdQWyPCw_pTe2MlY4b_qUBVyUCP4Wmch4jg65jFQZmEx5WYxVM9VC6DeVfushzEVvQ-1Jz-Nc6m5JZa3HUOjBcaCmqG-sEUcW7ORfj37GfFA4lgCGr0Y7GTemDey7pckoFZn44qD0AyszTyfc6Vz0miE4SvaBbk1x3A_JuKky9OJQNvkBqq4Uhw8qghSn1CbL8UGMwkUUxi5ZlW4z9I7fkx-I-LpZAJAsTKuAEAYAG_JOsh_LJp4IroAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WJSgsoLw54MD-gsCCAGADAHiDRMIm4GzgvDngwMV0Jz9Bx2YiwpT0BUBgBcB%2526num%253D1%2526sig%253DAOD64_0ZmvmF0SkpxWZukQSu8WKxJoJ3sw%2526client%253Dca-pub-8737793389671535%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3dd5bb9fda081a3cb1bd6d513edb1a71746031bec07d8c646abe5813ba9dd4c4

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 21:25:24 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 537695
cf-polished: qual=85, origFmt=jpeg, origSize=13332
alt-svc: h3=":443"; ma=86400
content-length: 9604
cf-bgj: imgq:85,h2pri
last-modified: Fri, 03 Nov 2023 17:02:02 GMT
server: cloudflare
etag: "23e86ef8ba51d351917574e3e8d33ca5"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iyFk86iMPY7qu29Eq92vg%2FHuglKPHgiap7nZY%2BGhGJetgO4YKRvA0ydSsO0enQfXA6BGFZdHm79JzVGJEMH%2FbiTGoANyqYG2UteDolKhRJmpO6mz42zFaBteAmkSkwjeeTcnOnCUzLhJOTgr"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 8479e90a68d430d8-FRA

GET
H3 200 96AA637161FCFF7D0AE42DD0E3CF6E6A33D7A2D96B5FF2BDA5B1A8E0996EEB464D78D8CE114DFCCD8F5FCF559382B5A858EE2F2DD03A6307DB4B399DF7A75EC6
assets.ad4m.at/product_image/ Frame 9F12 38 KB
39 KB 62ms
60ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/96AA637161FCFF7D0AE42DD0E3CF6E6A33D7A2D96B5FF2BDA5B1A8E0996EEB464D78D8CE114DFCCD8F5FCF559382B5A858EE2F2DD03A6307DB4B399DF7A75EC6
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=19769%2C196439%2C183975&b=8R3cDf8f2qZfgHJHEtxtkZEhGSwTpQZtbw6A%2CJB7Uzf5f3drKCBH6H7tptrjQtxSgT4EGaP39W%2Ce7mt3fVfrkRMajHZHet1t4jXTwSQTK3gsJxrj&f=ZxqHwfBf6A8UmHDHDtDCJQ2a6SXTQRBuY51p%2CGjMSBfpfXwxkcKHeHGtBC31dHZSYTJ78sQVeB%2CDjBS3fwfGA3rF3HmH9twCZ3kTxSmTYEXhZMAz&c=300&d=250&e=&g=d4385695d55eaa2d0e068eeee766ae09%2F15788385245188353517&i=21630%2C25174%2C20597&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1705613124106&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jb9kbepzfvrx502kdp61etz6tpvvhrbp9pn7zw7kf1cyzkhe32dc37bz27p9jzbfejkqn4gvhyxn24taffjfr08c6jq9wadzhwfpks2h53fyprpmtnc73vxm22tz0n7a91cggtjxzk8c0w31zkkbn4gr4pn6scs5t7r8pvjnys393g7ep2vz7vhan2ws0gk8g73kxtta0yg8f4y5m2psxtdrpshjn1j15m3qthwxs6b9d28ewftx2yw1gn4cssw5v7yqnr99hbftwz0tsbscfbe%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCNNT0QpepZeOdKdC59u8PmJeqmAWQ4YGEXLaoworwAsCNtwEQASAAYJXKhoKYB4IBF2NhLXB1Yi04NzM3NzkzMzg5NjcxNTM1yAEJqQJ_jGMqIjiyPuACAKgDAcgDAqoEhAJP0MwmwCg5YxAqi76R6vO-0wsn070VASjPs9c2OiFixa5HPA8Xs_2cOeog2ZfIRA948PGaJPhymlUdINExB7iuKMK_Y92kcHFIYod5hfSX4m2CSkrdThoktXTdQWyPCw_pTe2MlY4b_qUBVyUCP4Wmch4jg65jFQZmEx5WYxVM9VC6DeVfushzEVvQ-1Jz-Nc6m5JZa3HUOjBcaCmqG-sEUcW7ORfj37GfFA4lgCGr0Y7GTemDey7pckoFZn44qD0AyszTyfc6Vz0miE4SvaBbk1x3A_JuKky9OJQNvkBqq4Uhw8qghSn1CbL8UGMwkUUxi5ZlW4z9I7fkx-I-LpZAJAsTKuAEAYAG_JOsh_LJp4IroAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WJSgsoLw54MD-gsCCAGADAHiDRMIm4GzgvDngwMV0Jz9Bx2YiwpT0BUBgBcB%2526num%253D1%2526sig%253DAOD64_0ZmvmF0SkpxWZukQSu8WKxJoJ3sw%2526client%253Dca-pub-8737793389671535%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f69ebf9ca7ae850e32198a052f55963edf2902c4c59db49df9bfa7a00e1cbca3

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 21:25:24 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 541682
cf-polished: qual=85, origFmt=jpeg, origSize=40773
alt-svc: h3=":443"; ma=86400
content-length: 38886
cf-bgj: imgq:85,h2pri
last-modified: Thu, 02 Nov 2023 08:21:41 GMT
server: cloudflare
etag: "a04ac696e19d12e5d2c10644577cb8fe"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Xqclb8NRrQj0JhgAdET6y0akkwxyzWyL166fmfCbb7sYQcIT6WAxR1735a8XzMAzAEcxKcBTgB0h9GdyC%2BGujAMtI6OwWpRISW%2FhOtU7RSKzOQUhSGfDpxVe9xSpy7MxdPKmeMSOgAEmZ8at"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 8479e90a68d530d8-FRA

GET
H/1.1

200

/
banner.congstar.de/cookie/ Frame 9F12
Redirect Chain

https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=%3Fhttps%3...
https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_pre=CI6yloPw54MDFZ2Agwcdi-wOOA;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_d...
https://www.awin1.com/cawshow.php?v=11938&s=2542680&q=367022&r=412871&pv=1&pref3=pv_oneidJB7Uzf5f3drKCBH6H7tptrjQtxSgT4EGaP39Woneid__suite_Netmix_Reach118_EXTRAPUSH&gdpr_consent=&gdpr=0&gdpr_pd=0
https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1705613124_178e0cf0-b648-11ee-94b4-2233c304522e

0
549 B

61ms
14ms

Image
text/plain

87.118.116.9
KEYWEB-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1705613124_178e0cf0-b648-11ee-94b4-2233c304522e
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=19769%2C196439%2C183975&b=8R3cDf8f2qZfgHJHEtxtkZEhGSwTpQZtbw6A%2CJB7Uzf5f3drKCBH6H7tptrjQtxSgT4EGaP39W%2Ce7mt3fVfrkRMajHZHet1t4jXTwSQTK3gsJxrj&f=ZxqHwfBf6A8UmHDHDtDCJQ2a6SXTQRBuY51p%2CGjMSBfpfXwxkcKHeHGtBC31dHZSYTJ78sQVeB%2CDjBS3fwfGA3rF3HmH9twCZ3kTxSmTYEXhZMAz&c=300&d=250&e=&g=d4385695d55eaa2d0e068eeee766ae09%2F15788385245188353517&i=21630%2C25174%2C20597&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1705613124106&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jb9kbepzfvrx502kdp61etz6tpvvhrbp9pn7zw7kf1cyzkhe32dc37bz27p9jzbfejkqn4gvhyxn24taffjfr08c6jq9wadzhwfpks2h53fyprpmtnc73vxm22tz0n7a91cggtjxzk8c0w31zkkbn4gr4pn6scs5t7r8pvjnys393g7ep2vz7vhan2ws0gk8g73kxtta0yg8f4y5m2psxtdrpshjn1j15m3qthwxs6b9d28ewftx2yw1gn4cssw5v7yqnr99hbftwz0tsbscfbe%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCNNT0QpepZeOdKdC59u8PmJeqmAWQ4YGEXLaoworwAsCNtwEQASAAYJXKhoKYB4IBF2NhLXB1Yi04NzM3NzkzMzg5NjcxNTM1yAEJqQJ_jGMqIjiyPuACAKgDAcgDAqoEhAJP0MwmwCg5YxAqi76R6vO-0wsn070VASjPs9c2OiFixa5HPA8Xs_2cOeog2ZfIRA948PGaJPhymlUdINExB7iuKMK_Y92kcHFIYod5hfSX4m2CSkrdThoktXTdQWyPCw_pTe2MlY4b_qUBVyUCP4Wmch4jg65jFQZmEx5WYxVM9VC6DeVfushzEVvQ-1Jz-Nc6m5JZa3HUOjBcaCmqG-sEUcW7ORfj37GfFA4lgCGr0Y7GTemDey7pckoFZn44qD0AyszTyfc6Vz0miE4SvaBbk1x3A_JuKky9OJQNvkBqq4Uhw8qghSn1CbL8UGMwkUUxi5ZlW4z9I7fkx-I-LpZAJAsTKuAEAYAG_JOsh_LJp4IroAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WJSgsoLw54MD-gsCCAGADAHiDRMIm4GzgvDngwMV0Jz9Bx2YiwpT0BUBgBcB%2526num%253D1%2526sig%253DAOD64_0ZmvmF0SkpxWZukQSu8WKxJoJ3sw%2526client%253Dca-pub-8737793389671535%2526adurl%253D&y=1&s=&z=0
Protocol: HTTP/1.1
Server: 87.118.116.9 , Germany, ASN31103 (KEYWEB-AS, DE),
Reverse DNS: km36617.keymachine.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 18 Jan 2024 21:25:24 GMT
Server: Apache
P3P: CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
Content-Length: 0

Redirect headers

Date: Thu, 18 Jan 2024 21:25:24 GMT
Strict-Transport-Security: max-age=86400
Node: Helix
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Location: https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1705613124_178e0cf0-b648-11ee-94b4-2233c304522e
Awin-Akamai-Rule-Set: default
Connection: keep-alive
Content-Length: 0

GET
H3 200 71822252443746CAFD12D9E55FD268C1CD4E723FC7E6FEA7C619297C18F60F705EDC75D8C302298612ADE97D145F0B4D195653C63CDD1F77FE140282FF3AC22A
assets.ad4m.at/logo/ Frame 9F12 10 KB
10 KB 80ms
78ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/71822252443746CAFD12D9E55FD268C1CD4E723FC7E6FEA7C619297C18F60F705EDC75D8C302298612ADE97D145F0B4D195653C63CDD1F77FE140282FF3AC22A
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=19769%2C196439%2C183975&b=8R3cDf8f2qZfgHJHEtxtkZEhGSwTpQZtbw6A%2CJB7Uzf5f3drKCBH6H7tptrjQtxSgT4EGaP39W%2Ce7mt3fVfrkRMajHZHet1t4jXTwSQTK3gsJxrj&f=ZxqHwfBf6A8UmHDHDtDCJQ2a6SXTQRBuY51p%2CGjMSBfpfXwxkcKHeHGtBC31dHZSYTJ78sQVeB%2CDjBS3fwfGA3rF3HmH9twCZ3kTxSmTYEXhZMAz&c=300&d=250&e=&g=d4385695d55eaa2d0e068eeee766ae09%2F15788385245188353517&i=21630%2C25174%2C20597&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1705613124106&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jb9kbepzfvrx502kdp61etz6tpvvhrbp9pn7zw7kf1cyzkhe32dc37bz27p9jzbfejkqn4gvhyxn24taffjfr08c6jq9wadzhwfpks2h53fyprpmtnc73vxm22tz0n7a91cggtjxzk8c0w31zkkbn4gr4pn6scs5t7r8pvjnys393g7ep2vz7vhan2ws0gk8g73kxtta0yg8f4y5m2psxtdrpshjn1j15m3qthwxs6b9d28ewftx2yw1gn4cssw5v7yqnr99hbftwz0tsbscfbe%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCNNT0QpepZeOdKdC59u8PmJeqmAWQ4YGEXLaoworwAsCNtwEQASAAYJXKhoKYB4IBF2NhLXB1Yi04NzM3NzkzMzg5NjcxNTM1yAEJqQJ_jGMqIjiyPuACAKgDAcgDAqoEhAJP0MwmwCg5YxAqi76R6vO-0wsn070VASjPs9c2OiFixa5HPA8Xs_2cOeog2ZfIRA948PGaJPhymlUdINExB7iuKMK_Y92kcHFIYod5hfSX4m2CSkrdThoktXTdQWyPCw_pTe2MlY4b_qUBVyUCP4Wmch4jg65jFQZmEx5WYxVM9VC6DeVfushzEVvQ-1Jz-Nc6m5JZa3HUOjBcaCmqG-sEUcW7ORfj37GfFA4lgCGr0Y7GTemDey7pckoFZn44qD0AyszTyfc6Vz0miE4SvaBbk1x3A_JuKky9OJQNvkBqq4Uhw8qghSn1CbL8UGMwkUUxi5ZlW4z9I7fkx-I-LpZAJAsTKuAEAYAG_JOsh_LJp4IroAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WJSgsoLw54MD-gsCCAGADAHiDRMIm4GzgvDngwMV0Jz9Bx2YiwpT0BUBgBcB%2526num%253D1%2526sig%253DAOD64_0ZmvmF0SkpxWZukQSu8WKxJoJ3sw%2526client%253Dca-pub-8737793389671535%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 40df2b78182e4ea8c29b45c73a0e7bef10dc5ab61798ce22238d039d2bd81b92

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 21:25:24 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 536466
cf-polished: origFmt=png, origSize=10653
alt-svc: h3=":443"; ma=86400
content-length: 9924
cf-bgj: imgq:85,h2pri
last-modified: Wed, 08 Nov 2023 11:11:38 GMT
server: cloudflare
etag: "ca1cf24fc82b7541b262f0d4b15a8100"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=v0U%2BVbfnD%2Fc5GVGSIh3CIlWQ0imCltnB9Yozf81HccfBPJoYz98N%2FmTreyem806jbhLQV%2FaS29VVMGQC%2Fl1dWaQlWNRYXQhJPJbvI%2Fo41fi0RFvST8wRdlU7a%2FJD1Vypj8%2BSafjuuN3JRN9c"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 8479e90a68d630d8-FRA

GET
H3 200 1408E404D125984EC307986C30204BFB93CEF5A079A8B664A2AB24EB8E10E04B06FC2810F2A3432611FA8E4EB56D40C4CE476E3578F76162AC45AD15ADEE2CC0
assets.ad4m.at/product_image/ Frame 9F12 28 KB
28 KB 81ms
80ms Image
image/jpeg 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/1408E404D125984EC307986C30204BFB93CEF5A079A8B664A2AB24EB8E10E04B06FC2810F2A3432611FA8E4EB56D40C4CE476E3578F76162AC45AD15ADEE2CC0
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=19769%2C196439%2C183975&b=8R3cDf8f2qZfgHJHEtxtkZEhGSwTpQZtbw6A%2CJB7Uzf5f3drKCBH6H7tptrjQtxSgT4EGaP39W%2Ce7mt3fVfrkRMajHZHet1t4jXTwSQTK3gsJxrj&f=ZxqHwfBf6A8UmHDHDtDCJQ2a6SXTQRBuY51p%2CGjMSBfpfXwxkcKHeHGtBC31dHZSYTJ78sQVeB%2CDjBS3fwfGA3rF3HmH9twCZ3kTxSmTYEXhZMAz&c=300&d=250&e=&g=d4385695d55eaa2d0e068eeee766ae09%2F15788385245188353517&i=21630%2C25174%2C20597&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1705613124106&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jb9kbepzfvrx502kdp61etz6tpvvhrbp9pn7zw7kf1cyzkhe32dc37bz27p9jzbfejkqn4gvhyxn24taffjfr08c6jq9wadzhwfpks2h53fyprpmtnc73vxm22tz0n7a91cggtjxzk8c0w31zkkbn4gr4pn6scs5t7r8pvjnys393g7ep2vz7vhan2ws0gk8g73kxtta0yg8f4y5m2psxtdrpshjn1j15m3qthwxs6b9d28ewftx2yw1gn4cssw5v7yqnr99hbftwz0tsbscfbe%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCNNT0QpepZeOdKdC59u8PmJeqmAWQ4YGEXLaoworwAsCNtwEQASAAYJXKhoKYB4IBF2NhLXB1Yi04NzM3NzkzMzg5NjcxNTM1yAEJqQJ_jGMqIjiyPuACAKgDAcgDAqoEhAJP0MwmwCg5YxAqi76R6vO-0wsn070VASjPs9c2OiFixa5HPA8Xs_2cOeog2ZfIRA948PGaJPhymlUdINExB7iuKMK_Y92kcHFIYod5hfSX4m2CSkrdThoktXTdQWyPCw_pTe2MlY4b_qUBVyUCP4Wmch4jg65jFQZmEx5WYxVM9VC6DeVfushzEVvQ-1Jz-Nc6m5JZa3HUOjBcaCmqG-sEUcW7ORfj37GfFA4lgCGr0Y7GTemDey7pckoFZn44qD0AyszTyfc6Vz0miE4SvaBbk1x3A_JuKky9OJQNvkBqq4Uhw8qghSn1CbL8UGMwkUUxi5ZlW4z9I7fkx-I-LpZAJAsTKuAEAYAG_JOsh_LJp4IroAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WJSgsoLw54MD-gsCCAGADAHiDRMIm4GzgvDngwMV0Jz9Bx2YiwpT0BUBgBcB%2526num%253D1%2526sig%253DAOD64_0ZmvmF0SkpxWZukQSu8WKxJoJ3sw%2526client%253Dca-pub-8737793389671535%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8dc0b8445f80ad134748d7c83953db4326302247a34ba6fa2239b61836930842

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 21:25:24 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5678459
cf-polished: status=not_needed
alt-svc: h3=":443"; ma=86400
content-length: 28452
cf-bgj: imgq:85,h2pri
last-modified: Thu, 09 Nov 2023 08:10:32 GMT
server: cloudflare
etag: "ad60aab65075d58e4390c75c7ea7b04e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RBdiuP6iva6SEYXZwNAT%2Fo0LhQvxYwe4qCMBlZF1FyolUgSTxMUnUzMiuMSNbkw6mpPdZO3z%2FSOu51C37m%2Bl5vf35CUq49HRGIz6AuOgc2EBSiHfgjhU%2FU0UADndyVmqM1C0tJ%2BLrskk7otm"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 8479e90a68d730d8-FRA

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.50/one-ad/ Frame 8815 115 KB
14 KB 45ms
44ms Stylesheet
text/css 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.50/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23576&b=dE7HEfkf8x8cEHjHwtEtbbrfeS4T59ATgVmM&f=K1mCRfZfjwju5HMHktzCBB4C7SAT84Jtp2Qx&c=300&d=50&e=&g=d732031732cbe6f4eec8fca0374bebe8%2F15050855953402232539&i=20774&j=14&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1705613124109&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1j353jxc9qrz19cf1s2ex4jywzkpzk5d1txg60d9wtrb4wjwarpkcstk0jfbma5k0bakh2m1yh1mt1k6dnabyey6c3g1pvfyfpeydt2t0vgdtp43k0ahx99jr7kzhkrn9d3qnwr7de9d1j5f0wh55m701492q8h8jeth3v4a67qhjtk008vjq7wn4c3qygb5034z82shekcxxq36mrn28sheqkbxkaxa08m1tmq0496zhq4z8bsj1mrv300436pd0dkmavt2nm5z8x8njqkdcyh6%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC3AQhQpepZeWdKdC59u8PmJeqmAWQ4YGEXLaoworwAsCNtwEQASAAYJXKhoKYB4IBF2NhLXB1Yi04NzM3NzkzMzg5NjcxNTM1yAEJqQJ_jGMqIjiyPuACAKgDAcgDAqoEgwJP0JhaGKntI5dxd7BZXGlZL0O9C3HOc7JjESywKmgWftaAzpJzP-Hn35jCzG8cH_tdqDJQRV0nFwNWdTfwgpVR2WPvaUSXTu6NPBng83BgIHPfHG92PQddGg61ILVNfH-7bXW61okQt1FVFUhY0bSEddHqe8NpnUhUk9G92i34hLXj8Qmm--KPrFE_4rQFE2l3Ygm0PGiwkoqaF91X_DPEbYpYVo88pFSsqMNXy3d6ACrRkQHgC7tzaV8H58OEY3CDtZewRlvu1-SImh56lsKIwIesI21zl4a8JpYFVLQJ2s4GiBWhWuUADgqA6di9tEPn295qaPGoshRHIbqKIDeNko7Y4AQBgAa30KrL2bTPoU2gBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYlKCygvDngwP6CwIIAYAMAeINEwidgbOC8OeDAxXQnP0HHZiLClPQFQGAFwE%2526num%253D1%2526sig%253DAOD64_178tbH9G9URzUp7AZay1k0biEWrw%2526client%253Dca-pub-8737793389671535%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5f5a0db09b2c7d59fce00d749f6b857d80edafcca6897c038c5b77fb942f1393

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/rar?a=23576&b=dE7HEfkf8x8cEHjHwtEtbbrfeS4T59ATgVmM&f=K1mCRfZfjwju5HMHktzCBB4C7SAT84Jtp2Qx&c=300&d=50&e=&g=d732031732cbe6f4eec8fca0374bebe8%2F15050855953402232539&i=20774&j=14&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1705613124109&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1j353jxc9qrz19cf1s2ex4jywzkpzk5d1txg60d9wtrb4wjwarpkcstk0jfbma5k0bakh2m1yh1mt1k6dnabyey6c3g1pvfyfpeydt2t0vgdtp43k0ahx99jr7kzhkrn9d3qnwr7de9d1j5f0wh55m701492q8h8jeth3v4a67qhjtk008vjq7wn4c3qygb5034z82shekcxxq36mrn28sheqkbxkaxa08m1tmq0496zhq4z8bsj1mrv300436pd0dkmavt2nm5z8x8njqkdcyh6%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC3AQhQpepZeWdKdC59u8PmJeqmAWQ4YGEXLaoworwAsCNtwEQASAAYJXKhoKYB4IBF2NhLXB1Yi04NzM3NzkzMzg5NjcxNTM1yAEJqQJ_jGMqIjiyPuACAKgDAcgDAqoEgwJP0JhaGKntI5dxd7BZXGlZL0O9C3HOc7JjESywKmgWftaAzpJzP-Hn35jCzG8cH_tdqDJQRV0nFwNWdTfwgpVR2WPvaUSXTu6NPBng83BgIHPfHG92PQddGg61ILVNfH-7bXW61okQt1FVFUhY0bSEddHqe8NpnUhUk9G92i34hLXj8Qmm--KPrFE_4rQFE2l3Ygm0PGiwkoqaF91X_DPEbYpYVo88pFSsqMNXy3d6ACrRkQHgC7tzaV8H58OEY3CDtZewRlvu1-SImh56lsKIwIesI21zl4a8JpYFVLQJ2s4GiBWhWuUADgqA6di9tEPn295qaPGoshRHIbqKIDeNko7Y4AQBgAa30KrL2bTPoU2gBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYlKCygvDngwP6CwIIAYAMAeINEwidgbOC8OeDAxXQnP0HHZiLClPQFQGAFwE%2526num%253D1%2526sig%253DAOD64_178tbH9G9URzUp7AZay1k0biEWrw%2526client%253Dca-pub-8737793389671535%2526adurl%253D&y=1&s=&z=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 21:25:24 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 500448
cf-polished: origSize=118430
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 02 Nov 2023 10:26:17 GMT
server: cloudflare
etag: W/"486507ccce9ac587d11c0ef3f32a109a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rQbgViRxXa7PldlivTuGTvbloav8Mqgs8%2BKkZDIwUqOhDZGtgeN%2BFFhjXF1%2BUDcHEgfUszhCwrXHwImzeFnqYeEU%2F5JqjF5pNHrvPEeMg%2FbgKeggTiSVbw9RTDaOalQP3sVJn4gbYRY%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=86400
cf-ray: 8479e90a68d030d8-FRA
expires: Fri, 19 Jan 2024 21:25:24 GMT

GET
H3 200 D694B3AB12381C049B127B34DC11A792684BA8B6EE8B598D6E4045678591B7D0DC6B2CEF7528F06BB05FC11826A1D16CF24DA68FCFC2416343996FBFC05A3155
assets.ad4m.at/logo/ Frame 8815 8 KB
8 KB 47ms
44ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/D694B3AB12381C049B127B34DC11A792684BA8B6EE8B598D6E4045678591B7D0DC6B2CEF7528F06BB05FC11826A1D16CF24DA68FCFC2416343996FBFC05A3155
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23576&b=dE7HEfkf8x8cEHjHwtEtbbrfeS4T59ATgVmM&f=K1mCRfZfjwju5HMHktzCBB4C7SAT84Jtp2Qx&c=300&d=50&e=&g=d732031732cbe6f4eec8fca0374bebe8%2F15050855953402232539&i=20774&j=14&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1705613124109&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1j353jxc9qrz19cf1s2ex4jywzkpzk5d1txg60d9wtrb4wjwarpkcstk0jfbma5k0bakh2m1yh1mt1k6dnabyey6c3g1pvfyfpeydt2t0vgdtp43k0ahx99jr7kzhkrn9d3qnwr7de9d1j5f0wh55m701492q8h8jeth3v4a67qhjtk008vjq7wn4c3qygb5034z82shekcxxq36mrn28sheqkbxkaxa08m1tmq0496zhq4z8bsj1mrv300436pd0dkmavt2nm5z8x8njqkdcyh6%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC3AQhQpepZeWdKdC59u8PmJeqmAWQ4YGEXLaoworwAsCNtwEQASAAYJXKhoKYB4IBF2NhLXB1Yi04NzM3NzkzMzg5NjcxNTM1yAEJqQJ_jGMqIjiyPuACAKgDAcgDAqoEgwJP0JhaGKntI5dxd7BZXGlZL0O9C3HOc7JjESywKmgWftaAzpJzP-Hn35jCzG8cH_tdqDJQRV0nFwNWdTfwgpVR2WPvaUSXTu6NPBng83BgIHPfHG92PQddGg61ILVNfH-7bXW61okQt1FVFUhY0bSEddHqe8NpnUhUk9G92i34hLXj8Qmm--KPrFE_4rQFE2l3Ygm0PGiwkoqaF91X_DPEbYpYVo88pFSsqMNXy3d6ACrRkQHgC7tzaV8H58OEY3CDtZewRlvu1-SImh56lsKIwIesI21zl4a8JpYFVLQJ2s4GiBWhWuUADgqA6di9tEPn295qaPGoshRHIbqKIDeNko7Y4AQBgAa30KrL2bTPoU2gBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYlKCygvDngwP6CwIIAYAMAeINEwidgbOC8OeDAxXQnP0HHZiLClPQFQGAFwE%2526num%253D1%2526sig%253DAOD64_178tbH9G9URzUp7AZay1k0biEWrw%2526client%253Dca-pub-8737793389671535%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4275ee4b58a39dcbd59ebeb2c806cb7afc45bde82e90daf14808b64702ad40b7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 21:25:24 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 702234
cf-polished: qual=85, origFmt=jpeg, origSize=12951
alt-svc: h3=":443"; ma=86400
content-length: 7758
cf-bgj: imgq:85,h2pri
last-modified: Fri, 20 Oct 2023 22:22:01 GMT
server: cloudflare
etag: "12e3523b35b31c7ddfe7c77dcdb14a34"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kkXzoTbi1iUHda0sKxaV1oEjEytAGhzVYrwmfWxOhVmxPxeRbKOuhjqF4TaA6ddwDDP3V9SX0vORPjpBk7V6V9Cv%2BPNPIyfU4sho0Cc8Bx7bHPiWVK7PrFGylZy1f%2FX7Z2c57lQwQhOP%2Be9%2F"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 8479e90a68d230d8-FRA

GET
H3 200 F62A1DE9558535D0FF655677BD09A3CC277ACE3637CF682E0D52C0F5BBA2668E34C6194AEF65CBBC1F6ECA33D1332A3C8BE1215EA4AB0FD0FBE5F5B485AF1875
assets.ad4m.at/product_image/ Frame 8815 20 KB
21 KB 59ms
56ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/F62A1DE9558535D0FF655677BD09A3CC277ACE3637CF682E0D52C0F5BBA2668E34C6194AEF65CBBC1F6ECA33D1332A3C8BE1215EA4AB0FD0FBE5F5B485AF1875
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23576&b=dE7HEfkf8x8cEHjHwtEtbbrfeS4T59ATgVmM&f=K1mCRfZfjwju5HMHktzCBB4C7SAT84Jtp2Qx&c=300&d=50&e=&g=d732031732cbe6f4eec8fca0374bebe8%2F15050855953402232539&i=20774&j=14&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1705613124109&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1j353jxc9qrz19cf1s2ex4jywzkpzk5d1txg60d9wtrb4wjwarpkcstk0jfbma5k0bakh2m1yh1mt1k6dnabyey6c3g1pvfyfpeydt2t0vgdtp43k0ahx99jr7kzhkrn9d3qnwr7de9d1j5f0wh55m701492q8h8jeth3v4a67qhjtk008vjq7wn4c3qygb5034z82shekcxxq36mrn28sheqkbxkaxa08m1tmq0496zhq4z8bsj1mrv300436pd0dkmavt2nm5z8x8njqkdcyh6%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC3AQhQpepZeWdKdC59u8PmJeqmAWQ4YGEXLaoworwAsCNtwEQASAAYJXKhoKYB4IBF2NhLXB1Yi04NzM3NzkzMzg5NjcxNTM1yAEJqQJ_jGMqIjiyPuACAKgDAcgDAqoEgwJP0JhaGKntI5dxd7BZXGlZL0O9C3HOc7JjESywKmgWftaAzpJzP-Hn35jCzG8cH_tdqDJQRV0nFwNWdTfwgpVR2WPvaUSXTu6NPBng83BgIHPfHG92PQddGg61ILVNfH-7bXW61okQt1FVFUhY0bSEddHqe8NpnUhUk9G92i34hLXj8Qmm--KPrFE_4rQFE2l3Ygm0PGiwkoqaF91X_DPEbYpYVo88pFSsqMNXy3d6ACrRkQHgC7tzaV8H58OEY3CDtZewRlvu1-SImh56lsKIwIesI21zl4a8JpYFVLQJ2s4GiBWhWuUADgqA6di9tEPn295qaPGoshRHIbqKIDeNko7Y4AQBgAa30KrL2bTPoU2gBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYlKCygvDngwP6CwIIAYAMAeINEwidgbOC8OeDAxXQnP0HHZiLClPQFQGAFwE%2526num%253D1%2526sig%253DAOD64_178tbH9G9URzUp7AZay1k0biEWrw%2526client%253Dca-pub-8737793389671535%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8be82f349b2994d7f0ed7fcba5e50ffb8a960f135e513b34730af4578cab9883

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 21:25:24 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 537479
cf-polished: qual=85, origFmt=jpeg, origSize=23329
alt-svc: h3=":443"; ma=86400
content-length: 20802
cf-bgj: imgq:85,h2pri
last-modified: Tue, 31 Oct 2023 16:54:32 GMT
server: cloudflare
etag: "e320c43993ae8577c544483e96756c59"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pbQkF39DHfac%2FsN1VkZWEcQudEXmtMpRr7A05WoY7vU0M5F0%2FryCPFCJ0WBm%2FWhcR9mY3AYQeWquuMJOdLrAc3TTrsM%2BHoJ5cG47KlxO4ulfZcZSHWUz6GlF5QYhXLVoDRla%2Bsz2fQ8db4sB"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 8479e90a68d330d8-FRA

GET
H/1.1

200
OK

/
partner.o2online.de/a/ Frame 8815
Redirect Chain

https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_t...
https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_pre=COisloPw54MDFeLyEQgdv7sFRQ;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=...
https://www.telefonica-partner.de/tpv.php?t=120211V1226132702M&subid=viewoneiddE7HEfkf8x8cEHjHwtEtbbrfeS4T59ATgVmMoneid__suite_Netmix_Reach118_EXTRAPUSH&gdpr_consent=&gdpr=0&gdpr_pd=0
https://www.lead-alliance.net/tpv.php?t=120211V1226132702M&subid=viewoneiddE7HEfkf8x8cEHjHwtEtbbrfeS4T59ATgVmMoneid__suite_Netmix_Reach118_EXTRAPUSH&gdpr_consent=&gdpr=0&gdpr_pd=0
https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=120211&s_id=2024011822252492476356373X120211V1226132702MSviewoneiddE7HEfkf8x8cEHjHwtEtbbrfeS4T59ATgVmMoneid__suite...

49 B
1 KB

146ms
45ms

Image
image/gif

167.233.13.224
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=120211&s_id=2024011822252492476356373X120211V1226132702MSviewoneiddE7HEfkf8x8cEHjHwtEtbbrfeS4T59ATgVmMoneid__suite_Netmix_Reach118_EXTRAPUSH&gdpr_consent=&gdpr=0&cons=0&spid=2024011822252492476356373X120211V1226132702MSviewoneiddE7HEfkf8x8cEHjHwtEtbbrfeS4T59ATgVmMoneid__suite_Netmix_Reach118_EXTRAPUSH&wfid=120211&partnerid=12218
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23576&b=dE7HEfkf8x8cEHjHwtEtbbrfeS4T59ATgVmM&f=K1mCRfZfjwju5HMHktzCBB4C7SAT84Jtp2Qx&c=300&d=50&e=&g=d732031732cbe6f4eec8fca0374bebe8%2F15050855953402232539&i=20774&j=14&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1705613124109&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1j353jxc9qrz19cf1s2ex4jywzkpzk5d1txg60d9wtrb4wjwarpkcstk0jfbma5k0bakh2m1yh1mt1k6dnabyey6c3g1pvfyfpeydt2t0vgdtp43k0ahx99jr7kzhkrn9d3qnwr7de9d1j5f0wh55m701492q8h8jeth3v4a67qhjtk008vjq7wn4c3qygb5034z82shekcxxq36mrn28sheqkbxkaxa08m1tmq0496zhq4z8bsj1mrv300436pd0dkmavt2nm5z8x8njqkdcyh6%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC3AQhQpepZeWdKdC59u8PmJeqmAWQ4YGEXLaoworwAsCNtwEQASAAYJXKhoKYB4IBF2NhLXB1Yi04NzM3NzkzMzg5NjcxNTM1yAEJqQJ_jGMqIjiyPuACAKgDAcgDAqoEgwJP0JhaGKntI5dxd7BZXGlZL0O9C3HOc7JjESywKmgWftaAzpJzP-Hn35jCzG8cH_tdqDJQRV0nFwNWdTfwgpVR2WPvaUSXTu6NPBng83BgIHPfHG92PQddGg61ILVNfH-7bXW61okQt1FVFUhY0bSEddHqe8NpnUhUk9G92i34hLXj8Qmm--KPrFE_4rQFE2l3Ygm0PGiwkoqaF91X_DPEbYpYVo88pFSsqMNXy3d6ACrRkQHgC7tzaV8H58OEY3CDtZewRlvu1-SImh56lsKIwIesI21zl4a8JpYFVLQJ2s4GiBWhWuUADgqA6di9tEPn295qaPGoshRHIbqKIDeNko7Y4AQBgAa30KrL2bTPoU2gBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYlKCygvDngwP6CwIIAYAMAeINEwidgbOC8OeDAxXQnP0HHZiLClPQFQGAFwE%2526num%253D1%2526sig%253DAOD64_178tbH9G9URzUp7AZay1k0biEWrw%2526client%253Dca-pub-8737793389671535%2526adurl%253D&y=1&s=&z=0
Protocol: HTTP/1.1
Server: 167.233.13.224 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.224.13.233.167.clients.your-server.de
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Thu, 18 Jan 2024 21:25:24 GMT
X-NODEIP: 46.4.41.145
Server: nginx/1.14.0 (Ubuntu)
RM-PrivacyPolicy: https://www.nonstoppartner.net/
Content-Type: image/gif
P3P: policyref="https://a.nonstoppartner.net/w3c/p3p.a.xml", CP="NOI CUR OUR STP"
Connection: keep-alive
Keep-Alive: timeout=10
Content-Length: 49

Redirect headers

location: https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=120211&s_id=2024011822252492476356373X120211V1226132702MSviewoneiddE7HEfkf8x8cEHjHwtEtbbrfeS4T59ATgVmMoneid__suite_Netmix_Reach118_EXTRAPUSH&gdpr_consent=&gdpr=0&cons=0&spid=2024011822252492476356373X120211V1226132702MSviewoneiddE7HEfkf8x8cEHjHwtEtbbrfeS4T59ATgVmMoneid__suite_Netmix_Reach118_EXTRAPUSH&wfid=120211&partnerid=12218
date: Thu, 18 Jan 2024 21:25:24 GMT
x-content-type-options: nosniff
server: nginx
x-xss-protection: 1; mode=block
content-type: text/html; charset=UTF-8

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.50/one-ad/ Frame 3819 115 KB
14 KB 83ms
83ms Stylesheet
text/css 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.50/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=19491&b=EjgSDfEf8YMUzHAHjt4t44bfKSVTYr3hBgQ5&f=ADYaYfqf7JdtAHRH4tMCMMGsRS4TRrAH3JMm&c=300&d=50&e=&g=f1811c35ca41d34fd65ae3a475b0e4e5%2F9585655961760570765&i=20773&j=14&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1705613124109&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1h6aemsdhc4kk1s4jngmaf3wakmv8zv0jhczy80hd8egmcqzxjdd6s018fxx57a29swsk2fjzb4sp7pnabxzz77zdr8bqzfmvcvjwdxwfmcasc30arfqc0rqmv1c0xft6979x91y7pktcht9x3kyqmnmg0pnmg2qs6x5nf8a9xjmt8pjjqvkk0gn1kcaw4nmz8p0htrya5pqy6d7p6y0cykpzfme8871m06f8axhq4gwjr3nnvvhmkqsmb0jp0qe440ky656k3b0yfdvzw133vx3%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DChPcsQpepZeadKdC59u8PmJeqmAWQ4YGEXLaoworwAsCNtwEQASAAYJXKhoKYB4IBF2NhLXB1Yi04NzM3NzkzMzg5NjcxNTM1yAEJqQJ_jGMqIjiyPuACAKgDAcgDAqoEgwJP0ETFi-D7ciiTFDJYeBCBditdVJ4a9sKhVtl9jwMfXkwI5DNsKWLd3Z1ocT5AG2UufrWAYt9mMud9y5pQXKkxx0c-HPLFoshxX2OmwVXNDAKna8hTgoCBdRyZj7wSLI0HzsS9Y5MY1R7ZcYRq4JEGLxHx4eCKsDjsniqSa09nhArmy0_t2fMRIIhARQK7DndYCDK2b6coX-P_jltr-70fXlGLZ3ktiNuyQBDK2PRsKjUeahB_JMgGsgKcslN7P42VfdMSC0fztYQKsLLXpKIwsZnOGTi96tKq82vwjPB2Po-7wV_NKhAnXSfi9olNlm_1A1QzYq2a7x0bjaXLq4iSTZbr4AQBgAa30KrL2bTPoU2gBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYlKCygvDngwP6CwIIAYAMAeINEwiegbOC8OeDAxXQnP0HHZiLClPQFQGAFwE%2526num%253D1%2526sig%253DAOD64_0gYVPiK-bFPhR6od-6LJWulx-5lQ%2526client%253Dca-pub-8737793389671535%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5f5a0db09b2c7d59fce00d749f6b857d80edafcca6897c038c5b77fb942f1393

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/rar?a=19491&b=EjgSDfEf8YMUzHAHjt4t44bfKSVTYr3hBgQ5&f=ADYaYfqf7JdtAHRH4tMCMMGsRS4TRrAH3JMm&c=300&d=50&e=&g=f1811c35ca41d34fd65ae3a475b0e4e5%2F9585655961760570765&i=20773&j=14&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1705613124109&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1h6aemsdhc4kk1s4jngmaf3wakmv8zv0jhczy80hd8egmcqzxjdd6s018fxx57a29swsk2fjzb4sp7pnabxzz77zdr8bqzfmvcvjwdxwfmcasc30arfqc0rqmv1c0xft6979x91y7pktcht9x3kyqmnmg0pnmg2qs6x5nf8a9xjmt8pjjqvkk0gn1kcaw4nmz8p0htrya5pqy6d7p6y0cykpzfme8871m06f8axhq4gwjr3nnvvhmkqsmb0jp0qe440ky656k3b0yfdvzw133vx3%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DChPcsQpepZeadKdC59u8PmJeqmAWQ4YGEXLaoworwAsCNtwEQASAAYJXKhoKYB4IBF2NhLXB1Yi04NzM3NzkzMzg5NjcxNTM1yAEJqQJ_jGMqIjiyPuACAKgDAcgDAqoEgwJP0ETFi-D7ciiTFDJYeBCBditdVJ4a9sKhVtl9jwMfXkwI5DNsKWLd3Z1ocT5AG2UufrWAYt9mMud9y5pQXKkxx0c-HPLFoshxX2OmwVXNDAKna8hTgoCBdRyZj7wSLI0HzsS9Y5MY1R7ZcYRq4JEGLxHx4eCKsDjsniqSa09nhArmy0_t2fMRIIhARQK7DndYCDK2b6coX-P_jltr-70fXlGLZ3ktiNuyQBDK2PRsKjUeahB_JMgGsgKcslN7P42VfdMSC0fztYQKsLLXpKIwsZnOGTi96tKq82vwjPB2Po-7wV_NKhAnXSfi9olNlm_1A1QzYq2a7x0bjaXLq4iSTZbr4AQBgAa30KrL2bTPoU2gBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYlKCygvDngwP6CwIIAYAMAeINEwiegbOC8OeDAxXQnP0HHZiLClPQFQGAFwE%2526num%253D1%2526sig%253DAOD64_0gYVPiK-bFPhR6od-6LJWulx-5lQ%2526client%253Dca-pub-8737793389671535%2526adurl%253D&y=1&s=&z=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 21:25:24 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 500448
cf-polished: origSize=118430
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 02 Nov 2023 10:26:17 GMT
server: cloudflare
etag: W/"486507ccce9ac587d11c0ef3f32a109a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gvITKN8g7npUWFVCrrn187u%2FUQvdOO4lP2gGZAUqGc%2F0Bg%2Bna8IYAxvcr7FGimITpwmMTFEgbSVjsT9joyU0PB1LsyBcNF96k1zdVSN%2BkItFhrFLWkkkfC%2ByvEaffYIT84lDzWAauqk%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=86400
cf-ray: 8479e90a68dc30d8-FRA
expires: Fri, 19 Jan 2024 21:25:24 GMT

GET
H3 200 DF9A32151D42BCC835EC0C9BE62CF0094313EE46FD4E5D3DC0F1217B7F8F1AD49F0F4DDF5D50AE1511A12D11F97A6BCA3DF8CE9D056CE7A3DC11AF6ED1255D71
assets.ad4m.at/logo/ Frame 3819 4 KB
4 KB 84ms
84ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/DF9A32151D42BCC835EC0C9BE62CF0094313EE46FD4E5D3DC0F1217B7F8F1AD49F0F4DDF5D50AE1511A12D11F97A6BCA3DF8CE9D056CE7A3DC11AF6ED1255D71
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=19491&b=EjgSDfEf8YMUzHAHjt4t44bfKSVTYr3hBgQ5&f=ADYaYfqf7JdtAHRH4tMCMMGsRS4TRrAH3JMm&c=300&d=50&e=&g=f1811c35ca41d34fd65ae3a475b0e4e5%2F9585655961760570765&i=20773&j=14&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1705613124109&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1h6aemsdhc4kk1s4jngmaf3wakmv8zv0jhczy80hd8egmcqzxjdd6s018fxx57a29swsk2fjzb4sp7pnabxzz77zdr8bqzfmvcvjwdxwfmcasc30arfqc0rqmv1c0xft6979x91y7pktcht9x3kyqmnmg0pnmg2qs6x5nf8a9xjmt8pjjqvkk0gn1kcaw4nmz8p0htrya5pqy6d7p6y0cykpzfme8871m06f8axhq4gwjr3nnvvhmkqsmb0jp0qe440ky656k3b0yfdvzw133vx3%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DChPcsQpepZeadKdC59u8PmJeqmAWQ4YGEXLaoworwAsCNtwEQASAAYJXKhoKYB4IBF2NhLXB1Yi04NzM3NzkzMzg5NjcxNTM1yAEJqQJ_jGMqIjiyPuACAKgDAcgDAqoEgwJP0ETFi-D7ciiTFDJYeBCBditdVJ4a9sKhVtl9jwMfXkwI5DNsKWLd3Z1ocT5AG2UufrWAYt9mMud9y5pQXKkxx0c-HPLFoshxX2OmwVXNDAKna8hTgoCBdRyZj7wSLI0HzsS9Y5MY1R7ZcYRq4JEGLxHx4eCKsDjsniqSa09nhArmy0_t2fMRIIhARQK7DndYCDK2b6coX-P_jltr-70fXlGLZ3ktiNuyQBDK2PRsKjUeahB_JMgGsgKcslN7P42VfdMSC0fztYQKsLLXpKIwsZnOGTi96tKq82vwjPB2Po-7wV_NKhAnXSfi9olNlm_1A1QzYq2a7x0bjaXLq4iSTZbr4AQBgAa30KrL2bTPoU2gBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYlKCygvDngwP6CwIIAYAMAeINEwiegbOC8OeDAxXQnP0HHZiLClPQFQGAFwE%2526num%253D1%2526sig%253DAOD64_0gYVPiK-bFPhR6od-6LJWulx-5lQ%2526client%253Dca-pub-8737793389671535%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: edf1f567fd0e29d5899e287541a1623601c1b33cea621dbe80eaefbbaea28ff1

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 21:25:24 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 540689
cf-polished: origFmt=png, origSize=4006
alt-svc: h3=":443"; ma=86400
content-length: 3690
cf-bgj: imgq:85,h2pri
last-modified: Thu, 09 Nov 2023 06:54:50 GMT
server: cloudflare
etag: "22de341e7cd2b7cc34bb6862e6295571"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BI%2BPBunx3nn05m%2BiHS%2B9fuCv0zYLcZnx%2BF56%2Fq%2BRVJAg2farLGLtwWcRsoBvgxSU9OU2xAu%2FtyBaqhxWJTrWUUaZreP49px%2FQNR1DzSKIP1Vk%2B2n%2FdcFnqAb1mJikAI71liOyQZtrd7Yd0k7"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 8479e90a68df30d8-FRA

GET
H3 200 51ECFC013A5F4D4C3D4DC1C255BF8F138C8B8A67556A0A34EA7C631900B254A0EB5547C19BAB6B3133A765FC8201B8BDAD0A142C2E2304A3FBDC1210CDE43179
assets.ad4m.at/ Frame 3819 10 KB
11 KB 94ms
94ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/51ECFC013A5F4D4C3D4DC1C255BF8F138C8B8A67556A0A34EA7C631900B254A0EB5547C19BAB6B3133A765FC8201B8BDAD0A142C2E2304A3FBDC1210CDE43179
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=19491&b=EjgSDfEf8YMUzHAHjt4t44bfKSVTYr3hBgQ5&f=ADYaYfqf7JdtAHRH4tMCMMGsRS4TRrAH3JMm&c=300&d=50&e=&g=f1811c35ca41d34fd65ae3a475b0e4e5%2F9585655961760570765&i=20773&j=14&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1705613124109&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1h6aemsdhc4kk1s4jngmaf3wakmv8zv0jhczy80hd8egmcqzxjdd6s018fxx57a29swsk2fjzb4sp7pnabxzz77zdr8bqzfmvcvjwdxwfmcasc30arfqc0rqmv1c0xft6979x91y7pktcht9x3kyqmnmg0pnmg2qs6x5nf8a9xjmt8pjjqvkk0gn1kcaw4nmz8p0htrya5pqy6d7p6y0cykpzfme8871m06f8axhq4gwjr3nnvvhmkqsmb0jp0qe440ky656k3b0yfdvzw133vx3%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DChPcsQpepZeadKdC59u8PmJeqmAWQ4YGEXLaoworwAsCNtwEQASAAYJXKhoKYB4IBF2NhLXB1Yi04NzM3NzkzMzg5NjcxNTM1yAEJqQJ_jGMqIjiyPuACAKgDAcgDAqoEgwJP0ETFi-D7ciiTFDJYeBCBditdVJ4a9sKhVtl9jwMfXkwI5DNsKWLd3Z1ocT5AG2UufrWAYt9mMud9y5pQXKkxx0c-HPLFoshxX2OmwVXNDAKna8hTgoCBdRyZj7wSLI0HzsS9Y5MY1R7ZcYRq4JEGLxHx4eCKsDjsniqSa09nhArmy0_t2fMRIIhARQK7DndYCDK2b6coX-P_jltr-70fXlGLZ3ktiNuyQBDK2PRsKjUeahB_JMgGsgKcslN7P42VfdMSC0fztYQKsLLXpKIwsZnOGTi96tKq82vwjPB2Po-7wV_NKhAnXSfi9olNlm_1A1QzYq2a7x0bjaXLq4iSTZbr4AQBgAa30KrL2bTPoU2gBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYlKCygvDngwP6CwIIAYAMAeINEwiegbOC8OeDAxXQnP0HHZiLClPQFQGAFwE%2526num%253D1%2526sig%253DAOD64_0gYVPiK-bFPhR6od-6LJWulx-5lQ%2526client%253Dca-pub-8737793389671535%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7508b103c9922511dfd5371763b291290112b7b1dbdfbbeafc0fe674e345d752

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 21:25:24 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 541736
cf-polished: qual=85, origFmt=jpeg, origSize=13249
alt-svc: h3=":443"; ma=86400
content-length: 10410
cf-bgj: imgq:85,h2pri
last-modified: Thu, 09 Nov 2023 11:38:35 GMT
server: cloudflare
etag: "ed180a32a9f1c239ac553e65570e6257"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CGx2D%2FcpDn63AifsVVR3xIwOX6LvHSm6oCjN531fLBBLGOnyqVXtT%2B0mcBgOfiAJqYsieC3flZZYoptgWh2hrzlDg8NNM%2FMLDfkiQ1g6p9EfMNFBUkEmuf6Yw3xQH6h3v1dOPlT0OhTT4%2B9q"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 8479e90a68e130d8-FRA

GET
H/1.1

200
OK

/
partner.blau.de/a/ Frame 3819
Redirect Chain

https://ad.doubleclick.net/ddm/trackimp/N773418.3163536BLAU_AFFILIATE/B25532621.345088000;dc_trk_aid=536454876;dc_trk_cid=177082088;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed...
https://ad.doubleclick.net/ddm/trackimp/N773418.3163536BLAU_AFFILIATE/B25532621.345088000;dc_pre=CMKxloPw54MDFbs2VQgdqQsLTQ;dc_trk_aid=536454876;dc_trk_cid=177082088;ord=%7B%7Btimestamp%7D%7D;dc_la...
https://www.telefonica-partner.de/tpv.php?t=113752V1225131106M&subid=viewoneidEjgSDfEf8YMUzHAHjt4t44bfKSVTYr3hBgQ5oneid__suite_Netmix_Reach118_EXTRAPUSH&gdpr_consent=&gdpr=0&gdpr_pd=0
https://www.lead-alliance.net/tpv.php?t=113752V1225131106M&subid=viewoneidEjgSDfEf8YMUzHAHjt4t44bfKSVTYr3hBgQ5oneid__suite_Netmix_Reach118_EXTRAPUSH&gdpr_consent=&gdpr=0&gdpr_pd=0
https://partner.blau.de/a/?i=pview&client=blau&camp=pview&l=de&nw=lea1&affiliate=113752&s_id=2024011822252492476356367X113752V1225131106MSviewoneidEjgSDfEf8YMUzHAHjt4t44bfKSVTYr3hBgQ5oneid__suite_N...

49 B
1 KB

117ms
42ms

Image
image/gif

167.233.13.224
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://partner.blau.de/a/?i=pview&client=blau&camp=pview&l=de&nw=lea1&affiliate=113752&s_id=2024011822252492476356367X113752V1225131106MSviewoneidEjgSDfEf8YMUzHAHjt4t44bfKSVTYr3hBgQ5oneid__suite_Netmix_Reach118_EXTRAPUSH&gdpr_consent=&gdpr=0&cons=0
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=19491&b=EjgSDfEf8YMUzHAHjt4t44bfKSVTYr3hBgQ5&f=ADYaYfqf7JdtAHRH4tMCMMGsRS4TRrAH3JMm&c=300&d=50&e=&g=f1811c35ca41d34fd65ae3a475b0e4e5%2F9585655961760570765&i=20773&j=14&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1705613124109&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1h6aemsdhc4kk1s4jngmaf3wakmv8zv0jhczy80hd8egmcqzxjdd6s018fxx57a29swsk2fjzb4sp7pnabxzz77zdr8bqzfmvcvjwdxwfmcasc30arfqc0rqmv1c0xft6979x91y7pktcht9x3kyqmnmg0pnmg2qs6x5nf8a9xjmt8pjjqvkk0gn1kcaw4nmz8p0htrya5pqy6d7p6y0cykpzfme8871m06f8axhq4gwjr3nnvvhmkqsmb0jp0qe440ky656k3b0yfdvzw133vx3%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DChPcsQpepZeadKdC59u8PmJeqmAWQ4YGEXLaoworwAsCNtwEQASAAYJXKhoKYB4IBF2NhLXB1Yi04NzM3NzkzMzg5NjcxNTM1yAEJqQJ_jGMqIjiyPuACAKgDAcgDAqoEgwJP0ETFi-D7ciiTFDJYeBCBditdVJ4a9sKhVtl9jwMfXkwI5DNsKWLd3Z1ocT5AG2UufrWAYt9mMud9y5pQXKkxx0c-HPLFoshxX2OmwVXNDAKna8hTgoCBdRyZj7wSLI0HzsS9Y5MY1R7ZcYRq4JEGLxHx4eCKsDjsniqSa09nhArmy0_t2fMRIIhARQK7DndYCDK2b6coX-P_jltr-70fXlGLZ3ktiNuyQBDK2PRsKjUeahB_JMgGsgKcslN7P42VfdMSC0fztYQKsLLXpKIwsZnOGTi96tKq82vwjPB2Po-7wV_NKhAnXSfi9olNlm_1A1QzYq2a7x0bjaXLq4iSTZbr4AQBgAa30KrL2bTPoU2gBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYlKCygvDngwP6CwIIAYAMAeINEwiegbOC8OeDAxXQnP0HHZiLClPQFQGAFwE%2526num%253D1%2526sig%253DAOD64_0gYVPiK-bFPhR6od-6LJWulx-5lQ%2526client%253Dca-pub-8737793389671535%2526adurl%253D&y=1&s=&z=0
Protocol: HTTP/1.1
Server: 167.233.13.224 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.224.13.233.167.clients.your-server.de
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Thu, 18 Jan 2024 21:25:24 GMT
X-NODEIP: 78.46.85.162
Server: nginx/1.14.0 (Ubuntu)
RM-PrivacyPolicy: https://www.nonstoppartner.net/
Content-Type: image/gif
P3P: policyref="https://a.nonstoppartner.net/w3c/p3p.a.xml", CP="NOI CUR OUR STP"
Connection: keep-alive
Keep-Alive: timeout=10
Content-Length: 49

Redirect headers

location: https://partner.blau.de/a/?i=pview&client=blau&camp=pview&l=de&nw=lea1&affiliate=113752&s_id=2024011822252492476356367X113752V1225131106MSviewoneidEjgSDfEf8YMUzHAHjt4t44bfKSVTYr3hBgQ5oneid__suite_Netmix_Reach118_EXTRAPUSH&gdpr_consent=&gdpr=0&cons=0
date: Thu, 18 Jan 2024 21:25:24 GMT
x-content-type-options: nosniff
server: nginx
x-xss-protection: 1; mode=block
content-type: text/html; charset=UTF-8

POST
H3 200 rs Show response
ad4m.at/ Frame C1A1 1 KB
2 KB 48ms
48ms XHR
text/plain 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a7593f23d5c06e008d1a30e09bba6a4b76e7fb5086976214fcebc483ae4caf54

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 18 Jan 2024 21:25:24 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HTe%2B6Glfi7KCfmb%2FiMQMbRZaC0aVZbWA6XlZHp2u0MXZ1l9%2FvBfgCT5tAvcTCnEBauWLg2laNK%2BKfdTgWAzKsEjGLzRkWTToY2o7P88OCqPvbINWawKN2yPhYkBRhZs7niQdQvE%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain
access-control-allow-origin: https://as.ad4m.at
access-control-allow-credentials: true
cf-ray: 8479e90acc279193-FRA
x-backend-server: aa-reachservice-group-europe-west1-rvhs
alt-svc: h3=":443"; ma=86400

OPTIONS
H3 200 rs
ad4m.at/ Frame 0
0 45ms
45ms Preflight
text/plain 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://as.ad4m.at
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin: https://as.ad4m.at
access-control-max-age: 1800
allow: HEAD,POST,GET,OPTIONS
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8479e90a7bda9193-FRA
content-length: 24
content-type: text/plain
date: Thu, 18 Jan 2024 21:25:24 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bf6rE711V6RggcaBIlKsG6eSjwGFDBVf86bgj%2B6j19jBSFaTePYHy8M2qKdMFza4DafeCokoXaigv%2BDY7DS6OM5FSifd2Q1G2Pk4e9OQEI6HIdaOFMf0xRCL52B5eeMiN45PbB4%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
via: 1.1 google
x-backend-server: aa-reachservice-group-europe-west1-rvhs

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.50/one-ad/ Frame 6571 115 KB
14 KB 85ms
84ms Stylesheet
text/css 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.50/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=199445&b=Rx3HgfQfGzwYCkHwH3tQt4dYF9SzTYMAhB3zZ&f=QxWH4fjfP65ZHxH5HYt9C6ZmH6S4TGD4HEzJ5&c=300&d=50&e=&g=7b4ad5b854ff9ef9bb7978ced8ef2386%2F8179706762366311116&i=30890&j=16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1705613124123&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jwgbhy018eewg53ten630360e4zn7cs19hb9rmxrqr5vfmdvqkhy6bn0gp7d9685etm8yza3a49bprebt9wxkwpwwadbms812dbwab72c3ejbm4qr98vn3gdxbdkcrns684gwwywth290qmbfkweqpq9jdh7y4m3nx3kq9a0b4s26rbdq6rc18jpdxcxgdahmtm2g53c9xxbfbfspg3m00ne69g3gf9dskgvtd2mgpefrffvyqhxemeghakwds27q4kscbh04e77b7zf9jrje3s%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCTpZ8Q5epZbObE4zG7_UP9Kq4uAWQ4YGEXLaoworwAsCNtwEQASAAYJXKhoKYB4IBF2NhLXB1Yi04NzM3NzkzMzg5NjcxNTM1yAEJqQJ_jGMqIjiyPuACAKgDAcgDAqoEiQJP0OkgxITHVZOI1453C2XKum5n-Q4SxwuH2zSO_5ruY-lT8D1wqSULVmBfMP1jmJTQo-MCB_gnXAFGNNI4iFKa4KTNP866Rh2yciNJeY_SQftNFLguL_c3vp35eILbhMvguRyNAIKiYE4u8Dqj3PiUynR6omSY8TaGlmXo66ysgjy_QewFSDLs_N7bFYRjlBbFBkfWjxhVBwy-VrwlgKCBmW6lA9jxELDTZJfjFgpEhiWHV7tloHUw3roDIXYWgN5t5EkbTtDY_1o-XrCsd3YTleNwKe2vVSRGMts0Q4XSyCUGlpDejkSLUtR9k8cV-jeOhxD7qbDQ2B0BYP8Jnjff4q_ZgF00p3my4AQBgAa30KrL2bTPoU2gBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYn7DvgfDngwP6CwIIAYAMAeINEwjr3O-B8OeDAxUM47sIHXQVDlfQFQGAFwE%2526num%253D1%2526sig%253DAOD64_3MnQzipmEEKofrvyluvTpnUjWdXQ%2526client%253Dca-pub-8737793389671535%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5f5a0db09b2c7d59fce00d749f6b857d80edafcca6897c038c5b77fb942f1393

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/rar?a=199445&b=Rx3HgfQfGzwYCkHwH3tQt4dYF9SzTYMAhB3zZ&f=QxWH4fjfP65ZHxH5HYt9C6ZmH6S4TGD4HEzJ5&c=300&d=50&e=&g=7b4ad5b854ff9ef9bb7978ced8ef2386%2F8179706762366311116&i=30890&j=16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1705613124123&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jwgbhy018eewg53ten630360e4zn7cs19hb9rmxrqr5vfmdvqkhy6bn0gp7d9685etm8yza3a49bprebt9wxkwpwwadbms812dbwab72c3ejbm4qr98vn3gdxbdkcrns684gwwywth290qmbfkweqpq9jdh7y4m3nx3kq9a0b4s26rbdq6rc18jpdxcxgdahmtm2g53c9xxbfbfspg3m00ne69g3gf9dskgvtd2mgpefrffvyqhxemeghakwds27q4kscbh04e77b7zf9jrje3s%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCTpZ8Q5epZbObE4zG7_UP9Kq4uAWQ4YGEXLaoworwAsCNtwEQASAAYJXKhoKYB4IBF2NhLXB1Yi04NzM3NzkzMzg5NjcxNTM1yAEJqQJ_jGMqIjiyPuACAKgDAcgDAqoEiQJP0OkgxITHVZOI1453C2XKum5n-Q4SxwuH2zSO_5ruY-lT8D1wqSULVmBfMP1jmJTQo-MCB_gnXAFGNNI4iFKa4KTNP866Rh2yciNJeY_SQftNFLguL_c3vp35eILbhMvguRyNAIKiYE4u8Dqj3PiUynR6omSY8TaGlmXo66ysgjy_QewFSDLs_N7bFYRjlBbFBkfWjxhVBwy-VrwlgKCBmW6lA9jxELDTZJfjFgpEhiWHV7tloHUw3roDIXYWgN5t5EkbTtDY_1o-XrCsd3YTleNwKe2vVSRGMts0Q4XSyCUGlpDejkSLUtR9k8cV-jeOhxD7qbDQ2B0BYP8Jnjff4q_ZgF00p3my4AQBgAa30KrL2bTPoU2gBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYn7DvgfDngwP6CwIIAYAMAeINEwjr3O-B8OeDAxUM47sIHXQVDlfQFQGAFwE%2526num%253D1%2526sig%253DAOD64_3MnQzipmEEKofrvyluvTpnUjWdXQ%2526client%253Dca-pub-8737793389671535%2526adurl%253D&y=1&s=&z=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 21:25:24 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 500448
cf-polished: origSize=118430
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 02 Nov 2023 10:26:17 GMT
server: cloudflare
etag: W/"486507ccce9ac587d11c0ef3f32a109a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DcdYGpOHtnQJ%2FOMtaMlDt83u9mXtiqWX7LD78G%2Be9Tu%2FsJkaVLe8skBjh%2F0KjSYiMoxbS27au56pEQq2ltCmNMowT6fPIyb%2BSCTO6N0zrRpKqA5xYpyvg4tY4EMK7oHcurQ80gPAljw%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=86400
cf-ray: 8479e90a78f130d8-FRA
expires: Fri, 19 Jan 2024 21:25:24 GMT

GET
H3 200 410F9B8729DCCB6529D4265EDE0A8D14768C8A9944E520488DC77FE5BFF69557C6B7A7E11D1C112626794DFE8AD8E81809BE12539B53971F9EA7978EF8E85069
assets.ad4m.at/logo/ Frame 6571 4 KB
5 KB 86ms
85ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/410F9B8729DCCB6529D4265EDE0A8D14768C8A9944E520488DC77FE5BFF69557C6B7A7E11D1C112626794DFE8AD8E81809BE12539B53971F9EA7978EF8E85069
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=199445&b=Rx3HgfQfGzwYCkHwH3tQt4dYF9SzTYMAhB3zZ&f=QxWH4fjfP65ZHxH5HYt9C6ZmH6S4TGD4HEzJ5&c=300&d=50&e=&g=7b4ad5b854ff9ef9bb7978ced8ef2386%2F8179706762366311116&i=30890&j=16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1705613124123&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jwgbhy018eewg53ten630360e4zn7cs19hb9rmxrqr5vfmdvqkhy6bn0gp7d9685etm8yza3a49bprebt9wxkwpwwadbms812dbwab72c3ejbm4qr98vn3gdxbdkcrns684gwwywth290qmbfkweqpq9jdh7y4m3nx3kq9a0b4s26rbdq6rc18jpdxcxgdahmtm2g53c9xxbfbfspg3m00ne69g3gf9dskgvtd2mgpefrffvyqhxemeghakwds27q4kscbh04e77b7zf9jrje3s%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCTpZ8Q5epZbObE4zG7_UP9Kq4uAWQ4YGEXLaoworwAsCNtwEQASAAYJXKhoKYB4IBF2NhLXB1Yi04NzM3NzkzMzg5NjcxNTM1yAEJqQJ_jGMqIjiyPuACAKgDAcgDAqoEiQJP0OkgxITHVZOI1453C2XKum5n-Q4SxwuH2zSO_5ruY-lT8D1wqSULVmBfMP1jmJTQo-MCB_gnXAFGNNI4iFKa4KTNP866Rh2yciNJeY_SQftNFLguL_c3vp35eILbhMvguRyNAIKiYE4u8Dqj3PiUynR6omSY8TaGlmXo66ysgjy_QewFSDLs_N7bFYRjlBbFBkfWjxhVBwy-VrwlgKCBmW6lA9jxELDTZJfjFgpEhiWHV7tloHUw3roDIXYWgN5t5EkbTtDY_1o-XrCsd3YTleNwKe2vVSRGMts0Q4XSyCUGlpDejkSLUtR9k8cV-jeOhxD7qbDQ2B0BYP8Jnjff4q_ZgF00p3my4AQBgAa30KrL2bTPoU2gBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYn7DvgfDngwP6CwIIAYAMAeINEwjr3O-B8OeDAxUM47sIHXQVDlfQFQGAFwE%2526num%253D1%2526sig%253DAOD64_3MnQzipmEEKofrvyluvTpnUjWdXQ%2526client%253Dca-pub-8737793389671535%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d9d687403a888b690e8483af6169d3de1f0f052396edf8fc25078eae056e6180

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 21:25:24 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 535543
cf-polished: origFmt=png, origSize=5793
alt-svc: h3=":443"; ma=86400
content-length: 4226
cf-bgj: imgq:85,h2pri
last-modified: Thu, 12 Oct 2023 15:45:22 GMT
server: cloudflare
etag: "5ee1925a9ba68dabc0123652922954de"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T0HQa5XB6xlzwVVym9%2FE4f74%2BZJ9k2mEgugxGWCJVnT%2BI2Ehtp%2BGLu9LiCkTfMm%2FoZ2ISsZ3yDYvRHn9UE1l27ZUxKuF0Acm3DPMV1FLLxCxK3IWVycArBojv%2BYzyfOwL02wQisa3bU24WuI"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 8479e90a78f330d8-FRA

GET
H3 200 53F01CC3E9AA51F77B4A486F9C89312C6BE459B3CEDFEC07EDF759CC4D841F8B95329EBAE76CB77EFAEBFD0E1B9BBB671E23D12E8E30017A684429A77A34135C
assets.ad4m.at/ Frame 6571 31 KB
31 KB 87ms
86ms Image
image/jpeg 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/53F01CC3E9AA51F77B4A486F9C89312C6BE459B3CEDFEC07EDF759CC4D841F8B95329EBAE76CB77EFAEBFD0E1B9BBB671E23D12E8E30017A684429A77A34135C
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=199445&b=Rx3HgfQfGzwYCkHwH3tQt4dYF9SzTYMAhB3zZ&f=QxWH4fjfP65ZHxH5HYt9C6ZmH6S4TGD4HEzJ5&c=300&d=50&e=&g=7b4ad5b854ff9ef9bb7978ced8ef2386%2F8179706762366311116&i=30890&j=16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1705613124123&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jwgbhy018eewg53ten630360e4zn7cs19hb9rmxrqr5vfmdvqkhy6bn0gp7d9685etm8yza3a49bprebt9wxkwpwwadbms812dbwab72c3ejbm4qr98vn3gdxbdkcrns684gwwywth290qmbfkweqpq9jdh7y4m3nx3kq9a0b4s26rbdq6rc18jpdxcxgdahmtm2g53c9xxbfbfspg3m00ne69g3gf9dskgvtd2mgpefrffvyqhxemeghakwds27q4kscbh04e77b7zf9jrje3s%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCTpZ8Q5epZbObE4zG7_UP9Kq4uAWQ4YGEXLaoworwAsCNtwEQASAAYJXKhoKYB4IBF2NhLXB1Yi04NzM3NzkzMzg5NjcxNTM1yAEJqQJ_jGMqIjiyPuACAKgDAcgDAqoEiQJP0OkgxITHVZOI1453C2XKum5n-Q4SxwuH2zSO_5ruY-lT8D1wqSULVmBfMP1jmJTQo-MCB_gnXAFGNNI4iFKa4KTNP866Rh2yciNJeY_SQftNFLguL_c3vp35eILbhMvguRyNAIKiYE4u8Dqj3PiUynR6omSY8TaGlmXo66ysgjy_QewFSDLs_N7bFYRjlBbFBkfWjxhVBwy-VrwlgKCBmW6lA9jxELDTZJfjFgpEhiWHV7tloHUw3roDIXYWgN5t5EkbTtDY_1o-XrCsd3YTleNwKe2vVSRGMts0Q4XSyCUGlpDejkSLUtR9k8cV-jeOhxD7qbDQ2B0BYP8Jnjff4q_ZgF00p3my4AQBgAa30KrL2bTPoU2gBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYn7DvgfDngwP6CwIIAYAMAeINEwjr3O-B8OeDAxUM47sIHXQVDlfQFQGAFwE%2526num%253D1%2526sig%253DAOD64_3MnQzipmEEKofrvyluvTpnUjWdXQ%2526client%253Dca-pub-8737793389671535%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 80f50929d3405fe521ed603dc6bb8fae7967b1cc0c527d07f9e1f32cd1e54d35

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 21:25:24 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4381017
cf-polished: status=not_needed
alt-svc: h3=":443"; ma=86400
content-length: 31447
cf-bgj: imgq:85,h2pri
last-modified: Fri, 10 Nov 2023 13:12:21 GMT
server: cloudflare
etag: "8e94f34854f878ed3f2dc00ced543e82"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2s3hszTEDlGI0OXbcnUEAluqcUwWWTeZ5CU9uCBxG8JIvGP42AW%2Bx3HIr4Jz0qEptypnbMF%2FgYa%2BKgFLy4MWCFd%2BajnNFdLz%2FB2WA6GHAQTv6isW3G281wwN4ppXwmdBEe2FV6rzwBatHxH3"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 8479e90a78f430d8-FRA

GET
H2

200

htlp
www.guenther.de/ Frame 6571
Redirect Chain

https://www.awin1.com/cshow.php?s=2527593&v=14063&q=365261&r=412871&pv=1&pref3=oneidRx3HgfQfGzwYCkHwH3tQt4dYF9SzTYMAhB3zZoneid__suite_Netmix_Reach118_EXTRAPUSH&gdpr_consent=&gdpr=0&gdpr_pd=0
https://www.guenther.de/htlp?awc=14063_412871_1705613124_1781ff00-b648-11ee-86b5-22356fe9f584

0
481 B

293ms
225ms

Image
text/html

37.208.110.235
UVENSYS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.guenther.de/htlp?awc=14063_412871_1705613124_1781ff00-b648-11ee-86b5-22356fe9f584

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=199445&b=Rx3HgfQfGzwYCkHwH3tQt4dYF9SzTYMAhB3zZ&f=QxWH4fjfP65ZHxH5HYt9C6ZmH6S4TGD4HEzJ5&c=300&d=50&e=&g=7b4ad5b854ff9ef9bb7978ced8ef2386%2F8179706762366311116&i=30890&j=16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1705613124123&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jwgbhy018eewg53ten630360e4zn7cs19hb9rmxrqr5vfmdvqkhy6bn0gp7d9685etm8yza3a49bprebt9wxkwpwwadbms812dbwab72c3ejbm4qr98vn3gdxbdkcrns684gwwywth290qmbfkweqpq9jdh7y4m3nx3kq9a0b4s26rbdq6rc18jpdxcxgdahmtm2g53c9xxbfbfspg3m00ne69g3gf9dskgvtd2mgpefrffvyqhxemeghakwds27q4kscbh04e77b7zf9jrje3s%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCTpZ8Q5epZbObE4zG7_UP9Kq4uAWQ4YGEXLaoworwAsCNtwEQASAAYJXKhoKYB4IBF2NhLXB1Yi04NzM3NzkzMzg5NjcxNTM1yAEJqQJ_jGMqIjiyPuACAKgDAcgDAqoEiQJP0OkgxITHVZOI1453C2XKum5n-Q4SxwuH2zSO_5ruY-lT8D1wqSULVmBfMP1jmJTQo-MCB_gnXAFGNNI4iFKa4KTNP866Rh2yciNJeY_SQftNFLguL_c3vp35eILbhMvguRyNAIKiYE4u8Dqj3PiUynR6omSY8TaGlmXo66ysgjy_QewFSDLs_N7bFYRjlBbFBkfWjxhVBwy-VrwlgKCBmW6lA9jxELDTZJfjFgpEhiWHV7tloHUw3roDIXYWgN5t5EkbTtDY_1o-XrCsd3YTleNwKe2vVSRGMts0Q4XSyCUGlpDejkSLUtR9k8cV-jeOhxD7qbDQ2B0BYP8Jnjff4q_ZgF00p3my4AQBgAa30KrL2bTPoU2gBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYn7DvgfDngwP6CwIIAYAMAeINEwjr3O-B8OeDAxUM47sIHXQVDlfQFQGAFwE%2526num%253D1%2526sig%253DAOD64_3MnQzipmEEKofrvyluvTpnUjWdXQ%2526client%253Dca-pub-8737793389671535%2526adurl%253D&y=1&s=&z=0

Protocol

Server

37.208.110.235 , Germany, ASN58010 (UVENSYS, DE),

Reverse DNS

web01.g-direct.de

Software

nginx / pimcore

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 21:25:24 GMT
strict-transport-security: max-age=15768000
content-encoding: gzip
server: nginx
x-powered-by: pimcore
content-language: de
content-type: text/html; charset=UTF-8
cache-control: max-age=0, must-revalidate, private
x-pimcore-output-cache-disable-reason: Session in use
expires: Thu, 18 Jan 2024 21:25:24 GMT

Redirect headers

Date: Thu, 18 Jan 2024 21:25:24 GMT
Strict-Transport-Security: max-age=86400
Node: Helix
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Location: https://www.guenther.de/htlp?awc=14063_412871_1705613124_1781ff00-b648-11ee-86b5-22356fe9f584
Awin-Akamai-Rule-Set: default
Connection: keep-alive
Content-Length: 0

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.50/one-ad/ Frame 5E8C 115 KB
14 KB 74ms
72ms Stylesheet
text/css 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.50/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=29002%2C685%2C197862&b=ZxqHwfBfMzDtmHDHDt3t6R4T6SXTQRBuY51p%2CYxRHrf3fkXaVH9HetQteg5ukS1Td9rF1Z6q%2CRx3HgfQfGPqeUkHwH3tQtw2A7u9SzTYMAhB3zZ&f=9jbSMfmfGdBtKHBH2tzCVWAc9SmTzPMfrbJW%2Cq42umfWfAzSZHgHDtRCwrdHeSgTJD5sq4xM%2CQxWH4fjfP93YUxH5HYt9CbqrpT6S4TGD4HEzJ5&c=300&d=250&e=&g=9386754a2ee639bbd1c939ab1bfc040f%2F4994517816740415661&i=25052%2C17908%2C71725&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1705613124126&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jsy38rndxpbqy3a14gtsyamggmz9fz74tzagwfzx6660xcsr2cr8kg5p9t0nzctvzfdc9pkkaahgck540krg15mahb1r38mdb6v296pb568a493bxzsnbh4j860fm0jf5t00hfc58n58ehc69n9n36zadpwbva1j93mgpnr9rtc8jmf4q7wpededw41yty2kydadmdqygv4jmyscfeypgyabmwg9zv64natxevfajdjeknxqqdnfev5c7r21gh7d9770ndqcjr9p4ss8x5qeceq%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC4HAoQpepZeedKdC59u8PmJeqmAWQ4YGEXLaoworwAsCNtwEQASAAYJXKhoKYB4IBF2NhLXB1Yi04NzM3NzkzMzg5NjcxNTM1yAEJqQJ_jGMqIjiyPuACAKgDAcgDAqoEgwJP0EQZSy_YxyYeWJe0FvzAOgF9DCM-wvvMcIByxHSDvj57eYTD4yANOmWaZ7CjNBvrdCegGDx910UNaA2OgLtvj8bPhgQsa7qZHYh-7UFjOclPSV162U_3WXDd72JYIU96QVooo35aOoY0yYkSz7DHYrmwrvx6uA02_xbalcflZx29ydNrtNsPgBEiT4Qre0R1JBUC-kXhDWcP0zG_FFx2v97wpWyPC6eGNj26KYVLxkrJFGrUr2jetGmXcofo4-bUVJWxJNNp3DL22jp_9vZ7pRw23y9k9yi4RPsaU8F7GFFoo37POcrwhHKN520scucETRTkXGCDmzgQ77ED_4FbF7i-4AQBgAb8k6yH8smngiugBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYlKCygvDngwP6CwIIAYAMAeINEwifgbOC8OeDAxXQnP0HHZiLClPQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2Voj4mfJ1FTjTsOig2RUYFg9HoZw%2526client%253Dca-pub-8737793389671535%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5f5a0db09b2c7d59fce00d749f6b857d80edafcca6897c038c5b77fb942f1393

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/rar?a=29002%2C685%2C197862&b=ZxqHwfBfMzDtmHDHDt3t6R4T6SXTQRBuY51p%2CYxRHrf3fkXaVH9HetQteg5ukS1Td9rF1Z6q%2CRx3HgfQfGPqeUkHwH3tQtw2A7u9SzTYMAhB3zZ&f=9jbSMfmfGdBtKHBH2tzCVWAc9SmTzPMfrbJW%2Cq42umfWfAzSZHgHDtRCwrdHeSgTJD5sq4xM%2CQxWH4fjfP93YUxH5HYt9CbqrpT6S4TGD4HEzJ5&c=300&d=250&e=&g=9386754a2ee639bbd1c939ab1bfc040f%2F4994517816740415661&i=25052%2C17908%2C71725&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1705613124126&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jsy38rndxpbqy3a14gtsyamggmz9fz74tzagwfzx6660xcsr2cr8kg5p9t0nzctvzfdc9pkkaahgck540krg15mahb1r38mdb6v296pb568a493bxzsnbh4j860fm0jf5t00hfc58n58ehc69n9n36zadpwbva1j93mgpnr9rtc8jmf4q7wpededw41yty2kydadmdqygv4jmyscfeypgyabmwg9zv64natxevfajdjeknxqqdnfev5c7r21gh7d9770ndqcjr9p4ss8x5qeceq%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC4HAoQpepZeedKdC59u8PmJeqmAWQ4YGEXLaoworwAsCNtwEQASAAYJXKhoKYB4IBF2NhLXB1Yi04NzM3NzkzMzg5NjcxNTM1yAEJqQJ_jGMqIjiyPuACAKgDAcgDAqoEgwJP0EQZSy_YxyYeWJe0FvzAOgF9DCM-wvvMcIByxHSDvj57eYTD4yANOmWaZ7CjNBvrdCegGDx910UNaA2OgLtvj8bPhgQsa7qZHYh-7UFjOclPSV162U_3WXDd72JYIU96QVooo35aOoY0yYkSz7DHYrmwrvx6uA02_xbalcflZx29ydNrtNsPgBEiT4Qre0R1JBUC-kXhDWcP0zG_FFx2v97wpWyPC6eGNj26KYVLxkrJFGrUr2jetGmXcofo4-bUVJWxJNNp3DL22jp_9vZ7pRw23y9k9yi4RPsaU8F7GFFoo37POcrwhHKN520scucETRTkXGCDmzgQ77ED_4FbF7i-4AQBgAb8k6yH8smngiugBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYlKCygvDngwP6CwIIAYAMAeINEwifgbOC8OeDAxXQnP0HHZiLClPQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2Voj4mfJ1FTjTsOig2RUYFg9HoZw%2526client%253Dca-pub-8737793389671535%2526adurl%253D&y=1&s=&z=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 21:25:24 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 500448
cf-polished: origSize=118430
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 02 Nov 2023 10:26:17 GMT
server: cloudflare
etag: W/"486507ccce9ac587d11c0ef3f32a109a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZSLLAcbEGT7tpuaxHmK%2FQtR5cMsD4p3K1YwZrrfkwrfxq8rEbXmAbbemYD5vLs6uBcJNGEvAkki1XgWRFD2kPLHxqB0z6cLM%2FvJle%2BADQEsENi%2F7ylE%2F0QIjSyv6y4zoaRm8dVV3kvs%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=86400
cf-ray: 8479e90aa91330d8-FRA
expires: Fri, 19 Jan 2024 21:25:24 GMT

GET
H3 200 7DC86BB3A0677D1A111CF2F02BF20FC822723E084233C66D05A3D22F9BFF9CBFABB3E42ACE676F78BB64730FEC16E4997CC372D96DF4EFE43050DA28B276D6EA
assets.ad4m.at/logo/ Frame 5E8C 7 KB
7 KB 83ms
81ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/7DC86BB3A0677D1A111CF2F02BF20FC822723E084233C66D05A3D22F9BFF9CBFABB3E42ACE676F78BB64730FEC16E4997CC372D96DF4EFE43050DA28B276D6EA
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=29002%2C685%2C197862&b=ZxqHwfBfMzDtmHDHDt3t6R4T6SXTQRBuY51p%2CYxRHrf3fkXaVH9HetQteg5ukS1Td9rF1Z6q%2CRx3HgfQfGPqeUkHwH3tQtw2A7u9SzTYMAhB3zZ&f=9jbSMfmfGdBtKHBH2tzCVWAc9SmTzPMfrbJW%2Cq42umfWfAzSZHgHDtRCwrdHeSgTJD5sq4xM%2CQxWH4fjfP93YUxH5HYt9CbqrpT6S4TGD4HEzJ5&c=300&d=250&e=&g=9386754a2ee639bbd1c939ab1bfc040f%2F4994517816740415661&i=25052%2C17908%2C71725&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1705613124126&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jsy38rndxpbqy3a14gtsyamggmz9fz74tzagwfzx6660xcsr2cr8kg5p9t0nzctvzfdc9pkkaahgck540krg15mahb1r38mdb6v296pb568a493bxzsnbh4j860fm0jf5t00hfc58n58ehc69n9n36zadpwbva1j93mgpnr9rtc8jmf4q7wpededw41yty2kydadmdqygv4jmyscfeypgyabmwg9zv64natxevfajdjeknxqqdnfev5c7r21gh7d9770ndqcjr9p4ss8x5qeceq%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC4HAoQpepZeedKdC59u8PmJeqmAWQ4YGEXLaoworwAsCNtwEQASAAYJXKhoKYB4IBF2NhLXB1Yi04NzM3NzkzMzg5NjcxNTM1yAEJqQJ_jGMqIjiyPuACAKgDAcgDAqoEgwJP0EQZSy_YxyYeWJe0FvzAOgF9DCM-wvvMcIByxHSDvj57eYTD4yANOmWaZ7CjNBvrdCegGDx910UNaA2OgLtvj8bPhgQsa7qZHYh-7UFjOclPSV162U_3WXDd72JYIU96QVooo35aOoY0yYkSz7DHYrmwrvx6uA02_xbalcflZx29ydNrtNsPgBEiT4Qre0R1JBUC-kXhDWcP0zG_FFx2v97wpWyPC6eGNj26KYVLxkrJFGrUr2jetGmXcofo4-bUVJWxJNNp3DL22jp_9vZ7pRw23y9k9yi4RPsaU8F7GFFoo37POcrwhHKN520scucETRTkXGCDmzgQ77ED_4FbF7i-4AQBgAb8k6yH8smngiugBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYlKCygvDngwP6CwIIAYAMAeINEwifgbOC8OeDAxXQnP0HHZiLClPQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2Voj4mfJ1FTjTsOig2RUYFg9HoZw%2526client%253Dca-pub-8737793389671535%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 80e7bfe2aaa1b8be1ff5792cf190eb4b9e7d922240eea9ccc0a835b2bbde9f56

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 21:25:24 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 537269
cf-polished: qual=85, origFmt=jpeg, origSize=20298
alt-svc: h3=":443"; ma=86400
content-length: 6740
cf-bgj: imgq:85,h2pri
last-modified: Thu, 12 Oct 2023 15:49:29 GMT
server: cloudflare
etag: "dcdbfc63ef930c205a6c8ec70a6f5e71"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dP0fLiOMGg1xPr9Q0voa5SY3rRRULCgn11qQB9bLaDQu9HDxOqDuqbA8fAWKELQnA9nSwmxrvNdfxP6%2B7PQD20xiOECguaDgmqfbuvcAM9yBK%2F%2FMn%2BpSwK22C6DrsUCeVP251fFjOm3b%2Fq94"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 8479e90aa91430d8-FRA

GET
H3 200 EEACCF1387D6770984DA8E61AC19B9B106EFAB433C9BC99F272CCDE7F6C5F6963A2BD7EDCA944083C5D1FA54EA7EB69DFB75D9EFC064FB7CC124FCCC8412C2AC
assets.ad4m.at/product_image/ Frame 5E8C 26 KB
27 KB 84ms
82ms Image
image/jpeg 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/EEACCF1387D6770984DA8E61AC19B9B106EFAB433C9BC99F272CCDE7F6C5F6963A2BD7EDCA944083C5D1FA54EA7EB69DFB75D9EFC064FB7CC124FCCC8412C2AC
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=29002%2C685%2C197862&b=ZxqHwfBfMzDtmHDHDt3t6R4T6SXTQRBuY51p%2CYxRHrf3fkXaVH9HetQteg5ukS1Td9rF1Z6q%2CRx3HgfQfGPqeUkHwH3tQtw2A7u9SzTYMAhB3zZ&f=9jbSMfmfGdBtKHBH2tzCVWAc9SmTzPMfrbJW%2Cq42umfWfAzSZHgHDtRCwrdHeSgTJD5sq4xM%2CQxWH4fjfP93YUxH5HYt9CbqrpT6S4TGD4HEzJ5&c=300&d=250&e=&g=9386754a2ee639bbd1c939ab1bfc040f%2F4994517816740415661&i=25052%2C17908%2C71725&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1705613124126&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jsy38rndxpbqy3a14gtsyamggmz9fz74tzagwfzx6660xcsr2cr8kg5p9t0nzctvzfdc9pkkaahgck540krg15mahb1r38mdb6v296pb568a493bxzsnbh4j860fm0jf5t00hfc58n58ehc69n9n36zadpwbva1j93mgpnr9rtc8jmf4q7wpededw41yty2kydadmdqygv4jmyscfeypgyabmwg9zv64natxevfajdjeknxqqdnfev5c7r21gh7d9770ndqcjr9p4ss8x5qeceq%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC4HAoQpepZeedKdC59u8PmJeqmAWQ4YGEXLaoworwAsCNtwEQASAAYJXKhoKYB4IBF2NhLXB1Yi04NzM3NzkzMzg5NjcxNTM1yAEJqQJ_jGMqIjiyPuACAKgDAcgDAqoEgwJP0EQZSy_YxyYeWJe0FvzAOgF9DCM-wvvMcIByxHSDvj57eYTD4yANOmWaZ7CjNBvrdCegGDx910UNaA2OgLtvj8bPhgQsa7qZHYh-7UFjOclPSV162U_3WXDd72JYIU96QVooo35aOoY0yYkSz7DHYrmwrvx6uA02_xbalcflZx29ydNrtNsPgBEiT4Qre0R1JBUC-kXhDWcP0zG_FFx2v97wpWyPC6eGNj26KYVLxkrJFGrUr2jetGmXcofo4-bUVJWxJNNp3DL22jp_9vZ7pRw23y9k9yi4RPsaU8F7GFFoo37POcrwhHKN520scucETRTkXGCDmzgQ77ED_4FbF7i-4AQBgAb8k6yH8smngiugBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYlKCygvDngwP6CwIIAYAMAeINEwifgbOC8OeDAxXQnP0HHZiLClPQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2Voj4mfJ1FTjTsOig2RUYFg9HoZw%2526client%253Dca-pub-8737793389671535%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c50cef0534fcc9f901046ad6c0dffe00209ffbe4319e019fb960a262a6b2ec71

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 21:25:24 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3577719
cf-polished: status=not_needed
alt-svc: h3=":443"; ma=86400
content-length: 26621
cf-bgj: imgq:85,h2pri
last-modified: Thu, 09 Nov 2023 09:09:50 GMT
server: cloudflare
etag: "0a62ebe3b3faad549be8ad7d4386119f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cuQNhC9pdSGg0Ap2tSC9zNHhjjzDEH%2F1GneaPWKgbbVrC67DFELSEv4MKPK3NLy%2F3vkpAYAcNLdy7ZXuXxfpuJb0g8v8zRX%2BZhrB2UnkGwvEay3p6ybfgL5iZCUdXupcLHEJgcp%2BJtJ7MPko"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 8479e90aa91630d8-FRA

GET
H2

200

/
pvx.freenet-mobilfunk.de/ Frame 5E8C
Redirect Chain

https://www.awin1.com/cshow.php?s=2524318&v=11420&q=392147&r=412871&pv=1&pref3=oneidZxqHwfBfMzDtmHDHDt3t6R4T6SXTQRBuY51poneid__suite_Netmix_Reach118_EXTRAPUSH&gdpr_consent=&gdpr=0&gdpr_pd=0
https://pvx.freenet-mobilfunk.de/?vp_nummer=41006061&subvpid=412871&eventid=11420_412871_1705613124_17835e90-b648-11ee-8694-226555b1c0ac

43 B
1 KB

103ms
39ms

Image
image/gif

2606:4700:4400::ac40:9b32
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pvx.freenet-mobilfunk.de/?vp_nummer=41006061&subvpid=412871&eventid=11420_412871_1705613124_17835e90-b648-11ee-8694-226555b1c0ac

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=29002%2C685%2C197862&b=ZxqHwfBfMzDtmHDHDt3t6R4T6SXTQRBuY51p%2CYxRHrf3fkXaVH9HetQteg5ukS1Td9rF1Z6q%2CRx3HgfQfGPqeUkHwH3tQtw2A7u9SzTYMAhB3zZ&f=9jbSMfmfGdBtKHBH2tzCVWAc9SmTzPMfrbJW%2Cq42umfWfAzSZHgHDtRCwrdHeSgTJD5sq4xM%2CQxWH4fjfP93YUxH5HYt9CbqrpT6S4TGD4HEzJ5&c=300&d=250&e=&g=9386754a2ee639bbd1c939ab1bfc040f%2F4994517816740415661&i=25052%2C17908%2C71725&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1705613124126&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jsy38rndxpbqy3a14gtsyamggmz9fz74tzagwfzx6660xcsr2cr8kg5p9t0nzctvzfdc9pkkaahgck540krg15mahb1r38mdb6v296pb568a493bxzsnbh4j860fm0jf5t00hfc58n58ehc69n9n36zadpwbva1j93mgpnr9rtc8jmf4q7wpededw41yty2kydadmdqygv4jmyscfeypgyabmwg9zv64natxevfajdjeknxqqdnfev5c7r21gh7d9770ndqcjr9p4ss8x5qeceq%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC4HAoQpepZeedKdC59u8PmJeqmAWQ4YGEXLaoworwAsCNtwEQASAAYJXKhoKYB4IBF2NhLXB1Yi04NzM3NzkzMzg5NjcxNTM1yAEJqQJ_jGMqIjiyPuACAKgDAcgDAqoEgwJP0EQZSy_YxyYeWJe0FvzAOgF9DCM-wvvMcIByxHSDvj57eYTD4yANOmWaZ7CjNBvrdCegGDx910UNaA2OgLtvj8bPhgQsa7qZHYh-7UFjOclPSV162U_3WXDd72JYIU96QVooo35aOoY0yYkSz7DHYrmwrvx6uA02_xbalcflZx29ydNrtNsPgBEiT4Qre0R1JBUC-kXhDWcP0zG_FFx2v97wpWyPC6eGNj26KYVLxkrJFGrUr2jetGmXcofo4-bUVJWxJNNp3DL22jp_9vZ7pRw23y9k9yi4RPsaU8F7GFFoo37POcrwhHKN520scucETRTkXGCDmzgQ77ED_4FbF7i-4AQBgAb8k6yH8smngiugBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYlKCygvDngwP6CwIIAYAMAeINEwifgbOC8OeDAxXQnP0HHZiLClPQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2Voj4mfJ1FTjTsOig2RUYFg9HoZw%2526client%253Dca-pub-8737793389671535%2526adurl%253D&y=1&s=&z=0

Protocol

Server

2606:4700:4400::ac40:9b32 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3331a0486cb3e8a75c8c2fdf02bf80fd8fe2b811dfe5c7b4aa892d38bfcf604a

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' http: https: data: blob: 'unsafe-inline'
Strict-Transport-Security	max-age=31536001; includeSubDomains; preload;, max-age=31536000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 21:25:24 GMT
content-security-policy: default-src 'self' http: https: data: blob: 'unsafe-inline'
strict-transport-security: max-age=31536001; includeSubDomains; preload;, max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
server: cloudflare
x-frame-options: SAMEORIGIN
content-type: image/gif
p3p: CP="ALL CUR DEV PSA OUR IND STA"
cf-ray: 8479e90bc8a93a8c-FRA
x-xss-protection: 1; mode=block

Redirect headers

Date: Thu, 18 Jan 2024 21:25:24 GMT
Strict-Transport-Security: max-age=86400
Node: Helix
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Location: https://pvx.freenet-mobilfunk.de/?vp_nummer=41006061&subvpid=412871&eventid=11420_412871_1705613124_17835e90-b648-11ee-8694-226555b1c0ac
Awin-Akamai-Rule-Set: default
Connection: keep-alive
Content-Length: 0

GET
H3 200 79FC682F1964A9878E60B32706C7794D93D692CA8BFD59E3B082D848C1AEEE8C94EBD4285B7A9DB6401B80DA69AA3B610BDCA688C20A46BC7F7BB6E193F8BAC5
assets.ad4m.at/logo/ Frame 5E8C 40 KB
41 KB 88ms
84ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/79FC682F1964A9878E60B32706C7794D93D692CA8BFD59E3B082D848C1AEEE8C94EBD4285B7A9DB6401B80DA69AA3B610BDCA688C20A46BC7F7BB6E193F8BAC5
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=29002%2C685%2C197862&b=ZxqHwfBfMzDtmHDHDt3t6R4T6SXTQRBuY51p%2CYxRHrf3fkXaVH9HetQteg5ukS1Td9rF1Z6q%2CRx3HgfQfGPqeUkHwH3tQtw2A7u9SzTYMAhB3zZ&f=9jbSMfmfGdBtKHBH2tzCVWAc9SmTzPMfrbJW%2Cq42umfWfAzSZHgHDtRCwrdHeSgTJD5sq4xM%2CQxWH4fjfP93YUxH5HYt9CbqrpT6S4TGD4HEzJ5&c=300&d=250&e=&g=9386754a2ee639bbd1c939ab1bfc040f%2F4994517816740415661&i=25052%2C17908%2C71725&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1705613124126&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jsy38rndxpbqy3a14gtsyamggmz9fz74tzagwfzx6660xcsr2cr8kg5p9t0nzctvzfdc9pkkaahgck540krg15mahb1r38mdb6v296pb568a493bxzsnbh4j860fm0jf5t00hfc58n58ehc69n9n36zadpwbva1j93mgpnr9rtc8jmf4q7wpededw41yty2kydadmdqygv4jmyscfeypgyabmwg9zv64natxevfajdjeknxqqdnfev5c7r21gh7d9770ndqcjr9p4ss8x5qeceq%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC4HAoQpepZeedKdC59u8PmJeqmAWQ4YGEXLaoworwAsCNtwEQASAAYJXKhoKYB4IBF2NhLXB1Yi04NzM3NzkzMzg5NjcxNTM1yAEJqQJ_jGMqIjiyPuACAKgDAcgDAqoEgwJP0EQZSy_YxyYeWJe0FvzAOgF9DCM-wvvMcIByxHSDvj57eYTD4yANOmWaZ7CjNBvrdCegGDx910UNaA2OgLtvj8bPhgQsa7qZHYh-7UFjOclPSV162U_3WXDd72JYIU96QVooo35aOoY0yYkSz7DHYrmwrvx6uA02_xbalcflZx29ydNrtNsPgBEiT4Qre0R1JBUC-kXhDWcP0zG_FFx2v97wpWyPC6eGNj26KYVLxkrJFGrUr2jetGmXcofo4-bUVJWxJNNp3DL22jp_9vZ7pRw23y9k9yi4RPsaU8F7GFFoo37POcrwhHKN520scucETRTkXGCDmzgQ77ED_4FbF7i-4AQBgAb8k6yH8smngiugBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYlKCygvDngwP6CwIIAYAMAeINEwifgbOC8OeDAxXQnP0HHZiLClPQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2Voj4mfJ1FTjTsOig2RUYFg9HoZw%2526client%253Dca-pub-8737793389671535%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b3222bfa95a46c6088aadf2d56df60205dc04d967114a8d3c0e530152bff291a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 21:25:24 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 536835
cf-polished: origFmt=png, origSize=64298
alt-svc: h3=":443"; ma=86400
content-length: 41368
cf-bgj: imgq:85,h2pri
last-modified: Thu, 12 Oct 2023 15:49:16 GMT
server: cloudflare
etag: "022fde674f8244bd6ea8e277931701d1"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aTPOMika3ssekVcyKNhyF1vALNMW5OkIwo%2FBYeQT80ZLkdUA2Nx3QYl8LeSZf5ARAgfBrXwcDNdWOMWHR2pDcWWz78wM4oSgnb5P8caPFrBJoZP1IOhu0N%2F%2BQ2md%2F456zWq6iGDp74GTfjG7"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 8479e90aa91830d8-FRA

GET
H3 200 AA411373BF0C7F22839854CD988B15C5F40341A91B9FF5E43891BAA927BE7F66922DB3BBCB899C278DF5E0DDCD58C46383A7881875218F3A38735924199AF8CB
assets.ad4m.at/product_image/ Frame 5E8C 32 KB
32 KB 105ms
101ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/AA411373BF0C7F22839854CD988B15C5F40341A91B9FF5E43891BAA927BE7F66922DB3BBCB899C278DF5E0DDCD58C46383A7881875218F3A38735924199AF8CB
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=29002%2C685%2C197862&b=ZxqHwfBfMzDtmHDHDt3t6R4T6SXTQRBuY51p%2CYxRHrf3fkXaVH9HetQteg5ukS1Td9rF1Z6q%2CRx3HgfQfGPqeUkHwH3tQtw2A7u9SzTYMAhB3zZ&f=9jbSMfmfGdBtKHBH2tzCVWAc9SmTzPMfrbJW%2Cq42umfWfAzSZHgHDtRCwrdHeSgTJD5sq4xM%2CQxWH4fjfP93YUxH5HYt9CbqrpT6S4TGD4HEzJ5&c=300&d=250&e=&g=9386754a2ee639bbd1c939ab1bfc040f%2F4994517816740415661&i=25052%2C17908%2C71725&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1705613124126&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jsy38rndxpbqy3a14gtsyamggmz9fz74tzagwfzx6660xcsr2cr8kg5p9t0nzctvzfdc9pkkaahgck540krg15mahb1r38mdb6v296pb568a493bxzsnbh4j860fm0jf5t00hfc58n58ehc69n9n36zadpwbva1j93mgpnr9rtc8jmf4q7wpededw41yty2kydadmdqygv4jmyscfeypgyabmwg9zv64natxevfajdjeknxqqdnfev5c7r21gh7d9770ndqcjr9p4ss8x5qeceq%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC4HAoQpepZeedKdC59u8PmJeqmAWQ4YGEXLaoworwAsCNtwEQASAAYJXKhoKYB4IBF2NhLXB1Yi04NzM3NzkzMzg5NjcxNTM1yAEJqQJ_jGMqIjiyPuACAKgDAcgDAqoEgwJP0EQZSy_YxyYeWJe0FvzAOgF9DCM-wvvMcIByxHSDvj57eYTD4yANOmWaZ7CjNBvrdCegGDx910UNaA2OgLtvj8bPhgQsa7qZHYh-7UFjOclPSV162U_3WXDd72JYIU96QVooo35aOoY0yYkSz7DHYrmwrvx6uA02_xbalcflZx29ydNrtNsPgBEiT4Qre0R1JBUC-kXhDWcP0zG_FFx2v97wpWyPC6eGNj26KYVLxkrJFGrUr2jetGmXcofo4-bUVJWxJNNp3DL22jp_9vZ7pRw23y9k9yi4RPsaU8F7GFFoo37POcrwhHKN520scucETRTkXGCDmzgQ77ED_4FbF7i-4AQBgAb8k6yH8smngiugBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYlKCygvDngwP6CwIIAYAMAeINEwifgbOC8OeDAxXQnP0HHZiLClPQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2Voj4mfJ1FTjTsOig2RUYFg9HoZw%2526client%253Dca-pub-8737793389671535%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4d458a5a8a0a9f0d5b5ac8020f47e4ede140c76b6237318b86a5c3afa38c9ab0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 21:25:24 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 540313
cf-polished: qual=85, origFmt=jpeg, origSize=33392
alt-svc: h3=":443"; ma=86400
content-length: 32534
cf-bgj: imgq:85,h2pri
last-modified: Wed, 08 Nov 2023 12:16:59 GMT
server: cloudflare
etag: "72806258abbb9105087a5fa8e0fc1009"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7d923ydqY7NQlCGcd4LEdTOuB68Uao5s4ix%2BkJwhmPCPQm998Kz2BnMK2jjza1b4gFoxSW2IleucihoVJXSQr4UCsY%2FPyTps5gF5wp%2FPHyO0eQGhzMJp8CUB5%2FS0GtH%2BHEMe5cb%2BgVAjrC%2BA"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 8479e90aa91a30d8-FRA

GET
H/1.1 200
OK cshow.php
www.awin1.com/ Frame 5E8C 43 B
702 B 228ms
179ms Image
image/gif 23.199.221.167
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.awin1.com/cshow.php?s=2283025&v=11746&q=349594&r=412871&pv=1&pref3=oneidYxRHrf3fkXaVH9HetQteg5ukS1Td9rF1Z6qoneid__suite_Netmix_Reach118_EXTRAPUSH&gdpr_consent=&gdpr=0&gdpr_pd=0

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.199.221.167 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-199-221-167.deploy.static.akamaitechnologies.com

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 18 Jan 2024 21:25:24 GMT
Strict-Transport-Security: max-age=86400
Node: Helix
Content-Type: image/gif
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set: default
Connection: keep-alive
Content-Length: 43
Expires: 0

GET
H3 200 AC50ED06D6B01579BBF8202CAC1E2BC99A8C4EFC03AE0DB29DFC1BDB2F82E09188D30122E09EB7D91DC8B3182DA9DB4A5BED06E4BC2B9D6F0CA2AC61EC267111
assets.ad4m.at/logo/ Frame 5E8C 8 KB
8 KB 109ms
105ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/AC50ED06D6B01579BBF8202CAC1E2BC99A8C4EFC03AE0DB29DFC1BDB2F82E09188D30122E09EB7D91DC8B3182DA9DB4A5BED06E4BC2B9D6F0CA2AC61EC267111
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=29002%2C685%2C197862&b=ZxqHwfBfMzDtmHDHDt3t6R4T6SXTQRBuY51p%2CYxRHrf3fkXaVH9HetQteg5ukS1Td9rF1Z6q%2CRx3HgfQfGPqeUkHwH3tQtw2A7u9SzTYMAhB3zZ&f=9jbSMfmfGdBtKHBH2tzCVWAc9SmTzPMfrbJW%2Cq42umfWfAzSZHgHDtRCwrdHeSgTJD5sq4xM%2CQxWH4fjfP93YUxH5HYt9CbqrpT6S4TGD4HEzJ5&c=300&d=250&e=&g=9386754a2ee639bbd1c939ab1bfc040f%2F4994517816740415661&i=25052%2C17908%2C71725&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1705613124126&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jsy38rndxpbqy3a14gtsyamggmz9fz74tzagwfzx6660xcsr2cr8kg5p9t0nzctvzfdc9pkkaahgck540krg15mahb1r38mdb6v296pb568a493bxzsnbh4j860fm0jf5t00hfc58n58ehc69n9n36zadpwbva1j93mgpnr9rtc8jmf4q7wpededw41yty2kydadmdqygv4jmyscfeypgyabmwg9zv64natxevfajdjeknxqqdnfev5c7r21gh7d9770ndqcjr9p4ss8x5qeceq%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC4HAoQpepZeedKdC59u8PmJeqmAWQ4YGEXLaoworwAsCNtwEQASAAYJXKhoKYB4IBF2NhLXB1Yi04NzM3NzkzMzg5NjcxNTM1yAEJqQJ_jGMqIjiyPuACAKgDAcgDAqoEgwJP0EQZSy_YxyYeWJe0FvzAOgF9DCM-wvvMcIByxHSDvj57eYTD4yANOmWaZ7CjNBvrdCegGDx910UNaA2OgLtvj8bPhgQsa7qZHYh-7UFjOclPSV162U_3WXDd72JYIU96QVooo35aOoY0yYkSz7DHYrmwrvx6uA02_xbalcflZx29ydNrtNsPgBEiT4Qre0R1JBUC-kXhDWcP0zG_FFx2v97wpWyPC6eGNj26KYVLxkrJFGrUr2jetGmXcofo4-bUVJWxJNNp3DL22jp_9vZ7pRw23y9k9yi4RPsaU8F7GFFoo37POcrwhHKN520scucETRTkXGCDmzgQ77ED_4FbF7i-4AQBgAb8k6yH8smngiugBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYlKCygvDngwP6CwIIAYAMAeINEwifgbOC8OeDAxXQnP0HHZiLClPQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2Voj4mfJ1FTjTsOig2RUYFg9HoZw%2526client%253Dca-pub-8737793389671535%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1126261762db36bce53560ac36f5ede1954662d33a6d6eeb62d84b715070e7bc

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 21:25:24 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 536316
cf-polished: qual=85, origFmt=jpeg, origSize=10446
alt-svc: h3=":443"; ma=86400
content-length: 7728
cf-bgj: imgq:85,h2pri
last-modified: Sat, 04 Nov 2023 16:41:23 GMT
server: cloudflare
etag: "bddcb815cd8abad672404f9cdec6f97c"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=k%2FJa4ruzkfrbXMKVJdb5lgZSn%2Fi6GRwsUVgtGNNsC4KK1fu8%2BCdELvI7bv2Xw%2FYaUEUlFN4yZiuv%2F60gH18u%2BmZoNzQyOZ8Bvb4YgqrdbSe2BguyVhlHbkPv1bek2J%2BPcablG6ZIpyIgAC5k"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 8479e90aa91c30d8-FRA

GET
H3 200 A36DAD0D440985CF6ABFA23492945CE5BC6D94350A66B19418CB771AFE823AD9B48ADE8E2F007546F0A50A710172EEFC2CAC1468E38852CE2028C22592AAFB75
assets.ad4m.at/product_image/ Frame 5E8C 11 KB
12 KB 113ms
110ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/A36DAD0D440985CF6ABFA23492945CE5BC6D94350A66B19418CB771AFE823AD9B48ADE8E2F007546F0A50A710172EEFC2CAC1468E38852CE2028C22592AAFB75
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=29002%2C685%2C197862&b=ZxqHwfBfMzDtmHDHDt3t6R4T6SXTQRBuY51p%2CYxRHrf3fkXaVH9HetQteg5ukS1Td9rF1Z6q%2CRx3HgfQfGPqeUkHwH3tQtw2A7u9SzTYMAhB3zZ&f=9jbSMfmfGdBtKHBH2tzCVWAc9SmTzPMfrbJW%2Cq42umfWfAzSZHgHDtRCwrdHeSgTJD5sq4xM%2CQxWH4fjfP93YUxH5HYt9CbqrpT6S4TGD4HEzJ5&c=300&d=250&e=&g=9386754a2ee639bbd1c939ab1bfc040f%2F4994517816740415661&i=25052%2C17908%2C71725&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1705613124126&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jsy38rndxpbqy3a14gtsyamggmz9fz74tzagwfzx6660xcsr2cr8kg5p9t0nzctvzfdc9pkkaahgck540krg15mahb1r38mdb6v296pb568a493bxzsnbh4j860fm0jf5t00hfc58n58ehc69n9n36zadpwbva1j93mgpnr9rtc8jmf4q7wpededw41yty2kydadmdqygv4jmyscfeypgyabmwg9zv64natxevfajdjeknxqqdnfev5c7r21gh7d9770ndqcjr9p4ss8x5qeceq%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC4HAoQpepZeedKdC59u8PmJeqmAWQ4YGEXLaoworwAsCNtwEQASAAYJXKhoKYB4IBF2NhLXB1Yi04NzM3NzkzMzg5NjcxNTM1yAEJqQJ_jGMqIjiyPuACAKgDAcgDAqoEgwJP0EQZSy_YxyYeWJe0FvzAOgF9DCM-wvvMcIByxHSDvj57eYTD4yANOmWaZ7CjNBvrdCegGDx910UNaA2OgLtvj8bPhgQsa7qZHYh-7UFjOclPSV162U_3WXDd72JYIU96QVooo35aOoY0yYkSz7DHYrmwrvx6uA02_xbalcflZx29ydNrtNsPgBEiT4Qre0R1JBUC-kXhDWcP0zG_FFx2v97wpWyPC6eGNj26KYVLxkrJFGrUr2jetGmXcofo4-bUVJWxJNNp3DL22jp_9vZ7pRw23y9k9yi4RPsaU8F7GFFoo37POcrwhHKN520scucETRTkXGCDmzgQ77ED_4FbF7i-4AQBgAb8k6yH8smngiugBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYlKCygvDngwP6CwIIAYAMAeINEwifgbOC8OeDAxXQnP0HHZiLClPQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2Voj4mfJ1FTjTsOig2RUYFg9HoZw%2526client%253Dca-pub-8737793389671535%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c7f7f5265aeb0202ce88e8a6dfcc0ca25a7b990bb9ffac2f9e430ae6af2b6154

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 21:25:24 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 539110
cf-polished: qual=85, origFmt=jpeg, origSize=13532
alt-svc: h3=":443"; ma=86400
content-length: 11268
cf-bgj: imgq:85,h2pri
last-modified: Fri, 03 Nov 2023 22:13:51 GMT
server: cloudflare
etag: "d9fd29c7a268fd485230a60f0d2e0192"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0nCgfK6xWw%2FS1wRMfwBg4FP1%2BxjHzOquevZXEKDzLxhBT5Swrv7tYAhVcG6oNesdSSyifasyyOoavUwf5GJf0ojZo8GW5wBBGggsFq2E6qMxJTjgiGZrhwhDwkQbPt%2FC%2FL8Rll4L5I%2FmPq3Z"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 8479e90aa91e30d8-FRA

GET
H2 200 link.html Show response
track.webgains.com/ Frame 9F12 2 KB
2 KB 160ms
77ms Script
text/html 18.132.128.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://track.webgains.com/link.html?wglinkid=2370525&wgcampaignid=1384975&wgprogramid=265645&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1g2r4sfshvyzq3aahmjfhapfg9tykw1xy13xe6v36bcp1tc37m79gf7fhv5wjfrpva55k061xp0fs0t9f3de43h6h1rgpmwvvp597ymjrvxb2hre76qjfdj88jt8k4dgp607dbe1wgspamayx5cf08w4r5phj403584g230g28w6by7tt4zbnv88jxmz6gwry9g94v96vym2vp9a6qk1fzz99bd6y5khqn4v5g5ptsykrcd4jnmpc7s07a45t3x05e498%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1jb9kbepzfvrx502kdp61etz6tpvvhrbp9pn7zw7kf1cyzkhe32dc37bz27p9jzbfejkqn4gvhyxn24taffjfr08c6jq9wadzhwfpks2h53fyprpmtnc73vxm22tz0n7a91cggtjxzk8c0w31zkkbn4gr4pn6scs5t7r8pvjnys393g7ep2vz7vhan2ws0gk8g73kxtta0yg8f4y5m2psxtdrpshjn1j15m3qthwxs6b9d28ewftx2yw1gn4cssw5v7yqnr99hbftwz0tsbscfbe%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCNNT0QpepZeOdKdC59u8PmJeqmAWQ4YGEXLaoworwAsCNtwEQASAAYJXKhoKYB4IBF2NhLXB1Yi04NzM3NzkzMzg5NjcxNTM1yAEJqQJ_jGMqIjiyPuACAKgDAcgDAqoEhAJP0MwmwCg5YxAqi76R6vO-0wsn070VASjPs9c2OiFixa5HPA8Xs_2cOeog2ZfIRA948PGaJPhymlUdINExB7iuKMK_Y92kcHFIYod5hfSX4m2CSkrdThoktXTdQWyPCw_pTe2MlY4b_qUBVyUCP4Wmch4jg65jFQZmEx5WYxVM9VC6DeVfushzEVvQ-1Jz-Nc6m5JZa3HUOjBcaCmqG-sEUcW7ORfj37GfFA4lgCGr0Y7GTemDey7pckoFZn44qD0AyszTyfc6Vz0miE4SvaBbk1x3A_JuKky9OJQNvkBqq4Uhw8qghSn1CbL8UGMwkUUxi5ZlW4z9I7fkx-I-LpZAJAsTKuAEAYAG_JOsh_LJp4IroAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WJSgsoLw54MD-gsCCAGADAHiDRMIm4GzgvDngwMV0Jz9Bx2YiwpT0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_0ZmvmF0SkpxWZukQSu8WKxJoJ3sw%252526client%25253Dca-pub-8737793389671535%252526adurl%25253D&clickref=oneidDjBS3fwfGA3rF3HmH9twCZ3kTxSmTYEXhZMAzoneid__suite_Netmix_Reach118_EXTRAPUSH&viewref=oneide7mt3fVfrkRMajHZHet1t4jXTwSQTK3gsJxrjoneid__suite_Netmix_Reach118_EXTRAPUSH
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=19769%2C196439%2C183975&b=8R3cDf8f2qZfgHJHEtxtkZEhGSwTpQZtbw6A%2CJB7Uzf5f3drKCBH6H7tptrjQtxSgT4EGaP39W%2Ce7mt3fVfrkRMajHZHet1t4jXTwSQTK3gsJxrj&f=ZxqHwfBf6A8UmHDHDtDCJQ2a6SXTQRBuY51p%2CGjMSBfpfXwxkcKHeHGtBC31dHZSYTJ78sQVeB%2CDjBS3fwfGA3rF3HmH9twCZ3kTxSmTYEXhZMAz&c=300&d=250&e=&g=d4385695d55eaa2d0e068eeee766ae09%2F15788385245188353517&i=21630%2C25174%2C20597&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1705613124106&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jb9kbepzfvrx502kdp61etz6tpvvhrbp9pn7zw7kf1cyzkhe32dc37bz27p9jzbfejkqn4gvhyxn24taffjfr08c6jq9wadzhwfpks2h53fyprpmtnc73vxm22tz0n7a91cggtjxzk8c0w31zkkbn4gr4pn6scs5t7r8pvjnys393g7ep2vz7vhan2ws0gk8g73kxtta0yg8f4y5m2psxtdrpshjn1j15m3qthwxs6b9d28ewftx2yw1gn4cssw5v7yqnr99hbftwz0tsbscfbe%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCNNT0QpepZeOdKdC59u8PmJeqmAWQ4YGEXLaoworwAsCNtwEQASAAYJXKhoKYB4IBF2NhLXB1Yi04NzM3NzkzMzg5NjcxNTM1yAEJqQJ_jGMqIjiyPuACAKgDAcgDAqoEhAJP0MwmwCg5YxAqi76R6vO-0wsn070VASjPs9c2OiFixa5HPA8Xs_2cOeog2ZfIRA948PGaJPhymlUdINExB7iuKMK_Y92kcHFIYod5hfSX4m2CSkrdThoktXTdQWyPCw_pTe2MlY4b_qUBVyUCP4Wmch4jg65jFQZmEx5WYxVM9VC6DeVfushzEVvQ-1Jz-Nc6m5JZa3HUOjBcaCmqG-sEUcW7ORfj37GfFA4lgCGr0Y7GTemDey7pckoFZn44qD0AyszTyfc6Vz0miE4SvaBbk1x3A_JuKky9OJQNvkBqq4Uhw8qghSn1CbL8UGMwkUUxi5ZlW4z9I7fkx-I-LpZAJAsTKuAEAYAG_JOsh_LJp4IroAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WJSgsoLw54MD-gsCCAGADAHiDRMIm4GzgvDngwMV0Jz9Bx2YiwpT0BUBgBcB%2526num%253D1%2526sig%253DAOD64_0ZmvmF0SkpxWZukQSu8WKxJoJ3sw%2526client%253Dca-pub-8737793389671535%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.132.128.129 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-132-128-129.eu-west-2.compute.amazonaws.com
Software: nginx / PHP/7.4.26
Resource Hash: 13573dbb7ddf1d67a79d4cfaa8ed8b0cf64a3ec293c07131fe467ac3cc2070c3

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 21:25:24 GMT
last-modified: Thu, 18 Jan 2024 21:25:24 GMT
server: nginx
x-powered-by: PHP/7.4.26
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=60
access-control-allow-headers: Authorization
expires: Thu, 18 Jan 2024 21:26:24 GMT

GET
H3 200 rar Show response
as.ad4m.at/ad/ Frame DA01 3 KB
3 KB 54ms
54ms Document
text/html 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/rar?a=765&b=7QWSqfzf38crHXHgtAtBGMc4S1TQ8Eu2k1j&f=EjgSDfEfgVhzHAHjt6Cq6daKSVTYr3hBgQ5&c=320&d=50&e=&g=9bebf31ccf8e26ddff68d7a51cc1fd13%2F13672119027642775347&i=1676&j=4&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1705613124273&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1j5prascqfywdpt0z48wb5frb6gfk04f4yr821nyb04jdrcjse6k24xa3v4kt6k0jcmkhdn2gd4jvb2y93s6q3q1s8wna9fyere8c9vtgnmfj33s99by27rh0949x4cp8hnhag1cpp5aan8xzdeyyeps3m8ktcb8h44xy4vt1r71hkesf9s1x5h3kh2r40tgfcta40npv0r36dq3fbw1bbv43qnt1t0v0xx5dr9xpda4c50wwtxr3x8ekwtm2e0e0df9bryjnf1wmfsqvav4e625%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCohtDQ5epZeihH8_89u8P472V8AeQ4YGEXLaoworwAsCNtwEQASAAYJXKhoKYB4IBF2NhLXB1Yi04NzM3NzkzMzg5NjcxNTM1yAEJqQJ_jGMqIjiyPuACAKgDAcgDAqoEiQJP0G-PNPT9Fjth6QpbvKN1FDJz39Zp6JKsZMCWIo4SXnv02uFS---wKG7-WXfB9z3CPaF7SxjuJwUV1LFTEamg3_uy7PWbzdZy8VNkwxc99dkuySH3e-wtg0YxU7VlL2UiVonkpl_EULtaHYnnOV1ZSOhl8vXHMJmA2OrUaiIsZX7bcciB-SAvKvE6erHLsrP43phz16ih-ofYBn7M-C1JP3J43NPcwTvmN8y_1y_OadOSCMnY2eLQ4_Qk_w7Ym7qcTSgKxhKBKLTwpbxpF7gGsuCumJ-x5t0hRGXFN8fTEMDUPQrJpDb59d3lYvRuuNBl21B1j0Yfb4gK3yR_71XzD3rDwvicVs0Y4AQBgAbF76qXrOryphygBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYqvnvgfDngwP6CwIIAYAMAeINEwj-wPCB8OeDAxVPvv0HHeNeBX7QFQGAFwE%2526num%253D1%2526sig%253DAOD64_12Y0Xy455BLkZuiWwmasQGap0LiA%2526client%253Dca-pub-8737793389671535%2526adurl%253D&y=1&s=&z=0

Requested by

Host: ad4m.at
URL: https://ad4m.at/r62eglto.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

082fb646931996346c1cf52c2aaf259e7de1812a11d706b2adc16469e0dc3413

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src ;connect-src https:;default-src 'self';font-src ;form-action 'none';frame-src ;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src 'unsafe-inline'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://as.ad4m.at/ad/dr?ed=1hdjme2qwrk1y1j85brqw0kneghnv8g6tq3d8x01d1cgaj8qkbjvf6cs4z7f3sk4jy9h58qmm10xnd1ja2jn3y8sst4jqa7smdqgsh4vj36fhpaqhree0h2tr7jjkq1deb63tx15qdx5wnvnd98rr3rebn54yn7cqfrpstr4tzgm9b810wx9bpjvbam7861832xd2hbd9rvmwnvmy86aqnfdhtfk6njzmq68y11vrzqfy58gks6r3c7tekv6z2a9rx2e7nedyjae0afbyt81c01qa9ryvvvazfy2atff9k2b0k897z0ddb2q5cdbfpge369cj079b1bgjs9m6v1r7r8x7tvjrx1sdpsdrhpxakwe0e4vg491sh0hezs53zjjsyt3t3bn2vhxncscej2nb5y1zy33ncwqsvvsr459t867a989wq3z3w817n6nqjh8ab3mc0v6&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCohtDQ5epZeihH8_89u8P472V8AeQ4YGEXLaoworwAsCNtwEQASAAYJXKhoKYB4IBF2NhLXB1Yi04NzM3NzkzMzg5NjcxNTM1yAEJqQJ_jGMqIjiyPuACAKgDAcgDAqoEiQJP0G-PNPT9Fjth6QpbvKN1FDJz39Zp6JKsZMCWIo4SXnv02uFS---wKG7-WXfB9z3CPaF7SxjuJwUV1LFTEamg3_uy7PWbzdZy8VNkwxc99dkuySH3e-wtg0YxU7VlL2UiVonkpl_EULtaHYnnOV1ZSOhl8vXHMJmA2OrUaiIsZX7bcciB-SAvKvE6erHLsrP43phz16ih-ofYBn7M-C1JP3J43NPcwTvmN8y_1y_OadOSCMnY2eLQ4_Qk_w7Ym7qcTSgKxhKBKLTwpbxpF7gGsuCumJ-x5t0hRGXFN8fTEMDUPQrJpDb59d3lYvRuuNBl21B1j0Yfb4gK3yR_71XzD3rDwvicVs0Y4AQBgAbF76qXrOryphygBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYqvnvgfDngwP6CwIIAYAMAeINEwj-wPCB8OeDAxVPvv0HHeNeBX7QFQGAFwE%26num%3D1%26sig%3DAOD64_12Y0Xy455BLkZuiWwmasQGap0LiA%26client%3Dca-pub-8737793389671535%26adurl%3D
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 8479e90b198e30d8-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src *;connect-src https:;default-src 'self';font-src *;form-action 'none';frame-src *;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Thu, 18 Jan 2024 21:25:24 GMT
expires: 0
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
permissions-policy: accelerometer=(),autoplay=(self),camera=(),display-capture=(),encrypted-media=(self),fullscreen=(),gamepad=(),geolocation=(),gyroscope=(),hid=(),identity-credentials-get=(),idle-detection=*,local-fonts=*,magnetometer=(),microphone=(),midi=(),otp-credentials=(),payment=(),picture-in-picture=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=(),web-share=*,xr-spatial-tracking=()
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H2 200 link.html Show response
track.webgains.com/ Frame 5E8C 2 KB
2 KB 69ms
60ms Script
text/html 18.132.128.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://track.webgains.com/link.html?wglinkid=3641431&wgcampaignid=1384975&wgprogramid=286305&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1kj72hqg90jdq0ykdyzdf2cjt0ya4w8a35bt2nvjnpr2hd8fj79h0801mznyrrrsaw7cazsyc36jdbhbzktg8vw9kyqd0yryagfv7mgb2b1351khrfbr9mptj5a7desathqh6y9zkwc18h2ck290n1yx14b3xb4fxsd15qcc78tay34c5q03fw6q3tj3tavhatqrqww4gawebj5re7887jj2hkh03hk5qr2a9mpwm49dq41y9wbjd8dkn78wctwwhn9g%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1jsy38rndxpbqy3a14gtsyamggmz9fz74tzagwfzx6660xcsr2cr8kg5p9t0nzctvzfdc9pkkaahgck540krg15mahb1r38mdb6v296pb568a493bxzsnbh4j860fm0jf5t00hfc58n58ehc69n9n36zadpwbva1j93mgpnr9rtc8jmf4q7wpededw41yty2kydadmdqygv4jmyscfeypgyabmwg9zv64natxevfajdjeknxqqdnfev5c7r21gh7d9770ndqcjr9p4ss8x5qeceq%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DC4HAoQpepZeedKdC59u8PmJeqmAWQ4YGEXLaoworwAsCNtwEQASAAYJXKhoKYB4IBF2NhLXB1Yi04NzM3NzkzMzg5NjcxNTM1yAEJqQJ_jGMqIjiyPuACAKgDAcgDAqoEgwJP0EQZSy_YxyYeWJe0FvzAOgF9DCM-wvvMcIByxHSDvj57eYTD4yANOmWaZ7CjNBvrdCegGDx910UNaA2OgLtvj8bPhgQsa7qZHYh-7UFjOclPSV162U_3WXDd72JYIU96QVooo35aOoY0yYkSz7DHYrmwrvx6uA02_xbalcflZx29ydNrtNsPgBEiT4Qre0R1JBUC-kXhDWcP0zG_FFx2v97wpWyPC6eGNj26KYVLxkrJFGrUr2jetGmXcofo4-bUVJWxJNNp3DL22jp_9vZ7pRw23y9k9yi4RPsaU8F7GFFoo37POcrwhHKN520scucETRTkXGCDmzgQ77ED_4FbF7i-4AQBgAb8k6yH8smngiugBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYlKCygvDngwP6CwIIAYAMAeINEwifgbOC8OeDAxXQnP0HHZiLClPQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_2Voj4mfJ1FTjTsOig2RUYFg9HoZw%252526client%25253Dca-pub-8737793389671535%252526adurl%25253D&clickref=oneidQxWH4fjfP93YUxH5HYt9CbqrpT6S4TGD4HEzJ5oneid__suite_Netmix_Reach118_EXTRAPUSH&viewref=oneidRx3HgfQfGPqeUkHwH3tQtw2A7u9SzTYMAhB3zZoneid__suite_Netmix_Reach118_EXTRAPUSH
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=29002%2C685%2C197862&b=ZxqHwfBfMzDtmHDHDt3t6R4T6SXTQRBuY51p%2CYxRHrf3fkXaVH9HetQteg5ukS1Td9rF1Z6q%2CRx3HgfQfGPqeUkHwH3tQtw2A7u9SzTYMAhB3zZ&f=9jbSMfmfGdBtKHBH2tzCVWAc9SmTzPMfrbJW%2Cq42umfWfAzSZHgHDtRCwrdHeSgTJD5sq4xM%2CQxWH4fjfP93YUxH5HYt9CbqrpT6S4TGD4HEzJ5&c=300&d=250&e=&g=9386754a2ee639bbd1c939ab1bfc040f%2F4994517816740415661&i=25052%2C17908%2C71725&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1705613124126&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jsy38rndxpbqy3a14gtsyamggmz9fz74tzagwfzx6660xcsr2cr8kg5p9t0nzctvzfdc9pkkaahgck540krg15mahb1r38mdb6v296pb568a493bxzsnbh4j860fm0jf5t00hfc58n58ehc69n9n36zadpwbva1j93mgpnr9rtc8jmf4q7wpededw41yty2kydadmdqygv4jmyscfeypgyabmwg9zv64natxevfajdjeknxqqdnfev5c7r21gh7d9770ndqcjr9p4ss8x5qeceq%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC4HAoQpepZeedKdC59u8PmJeqmAWQ4YGEXLaoworwAsCNtwEQASAAYJXKhoKYB4IBF2NhLXB1Yi04NzM3NzkzMzg5NjcxNTM1yAEJqQJ_jGMqIjiyPuACAKgDAcgDAqoEgwJP0EQZSy_YxyYeWJe0FvzAOgF9DCM-wvvMcIByxHSDvj57eYTD4yANOmWaZ7CjNBvrdCegGDx910UNaA2OgLtvj8bPhgQsa7qZHYh-7UFjOclPSV162U_3WXDd72JYIU96QVooo35aOoY0yYkSz7DHYrmwrvx6uA02_xbalcflZx29ydNrtNsPgBEiT4Qre0R1JBUC-kXhDWcP0zG_FFx2v97wpWyPC6eGNj26KYVLxkrJFGrUr2jetGmXcofo4-bUVJWxJNNp3DL22jp_9vZ7pRw23y9k9yi4RPsaU8F7GFFoo37POcrwhHKN520scucETRTkXGCDmzgQ77ED_4FbF7i-4AQBgAb8k6yH8smngiugBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYlKCygvDngwP6CwIIAYAMAeINEwifgbOC8OeDAxXQnP0HHZiLClPQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2Voj4mfJ1FTjTsOig2RUYFg9HoZw%2526client%253Dca-pub-8737793389671535%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.132.128.129 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-132-128-129.eu-west-2.compute.amazonaws.com
Software: nginx / PHP/7.4.26
Resource Hash: 87cecba5a042d5cbdadc113c4d8401dd30cb8d6dbc3e5f8140d68f7e6a859864

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 21:25:24 GMT
last-modified: Thu, 18 Jan 2024 21:25:24 GMT
server: nginx
x-powered-by: PHP/7.4.26
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=60
access-control-allow-headers: Authorization
expires: Thu, 18 Jan 2024 21:26:24 GMT

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.50/one-ad/ Frame DA01 115 KB
14 KB 37ms
36ms Stylesheet
text/css 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.50/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=765&b=7QWSqfzf38crHXHgtAtBGMc4S1TQ8Eu2k1j&f=EjgSDfEfgVhzHAHjt6Cq6daKSVTYr3hBgQ5&c=320&d=50&e=&g=9bebf31ccf8e26ddff68d7a51cc1fd13%2F13672119027642775347&i=1676&j=4&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1705613124273&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1j5prascqfywdpt0z48wb5frb6gfk04f4yr821nyb04jdrcjse6k24xa3v4kt6k0jcmkhdn2gd4jvb2y93s6q3q1s8wna9fyere8c9vtgnmfj33s99by27rh0949x4cp8hnhag1cpp5aan8xzdeyyeps3m8ktcb8h44xy4vt1r71hkesf9s1x5h3kh2r40tgfcta40npv0r36dq3fbw1bbv43qnt1t0v0xx5dr9xpda4c50wwtxr3x8ekwtm2e0e0df9bryjnf1wmfsqvav4e625%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCohtDQ5epZeihH8_89u8P472V8AeQ4YGEXLaoworwAsCNtwEQASAAYJXKhoKYB4IBF2NhLXB1Yi04NzM3NzkzMzg5NjcxNTM1yAEJqQJ_jGMqIjiyPuACAKgDAcgDAqoEiQJP0G-PNPT9Fjth6QpbvKN1FDJz39Zp6JKsZMCWIo4SXnv02uFS---wKG7-WXfB9z3CPaF7SxjuJwUV1LFTEamg3_uy7PWbzdZy8VNkwxc99dkuySH3e-wtg0YxU7VlL2UiVonkpl_EULtaHYnnOV1ZSOhl8vXHMJmA2OrUaiIsZX7bcciB-SAvKvE6erHLsrP43phz16ih-ofYBn7M-C1JP3J43NPcwTvmN8y_1y_OadOSCMnY2eLQ4_Qk_w7Ym7qcTSgKxhKBKLTwpbxpF7gGsuCumJ-x5t0hRGXFN8fTEMDUPQrJpDb59d3lYvRuuNBl21B1j0Yfb4gK3yR_71XzD3rDwvicVs0Y4AQBgAbF76qXrOryphygBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYqvnvgfDngwP6CwIIAYAMAeINEwj-wPCB8OeDAxVPvv0HHeNeBX7QFQGAFwE%2526num%253D1%2526sig%253DAOD64_12Y0Xy455BLkZuiWwmasQGap0LiA%2526client%253Dca-pub-8737793389671535%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5f5a0db09b2c7d59fce00d749f6b857d80edafcca6897c038c5b77fb942f1393

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/rar?a=765&b=7QWSqfzf38crHXHgtAtBGMc4S1TQ8Eu2k1j&f=EjgSDfEfgVhzHAHjt6Cq6daKSVTYr3hBgQ5&c=320&d=50&e=&g=9bebf31ccf8e26ddff68d7a51cc1fd13%2F13672119027642775347&i=1676&j=4&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1705613124273&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1j5prascqfywdpt0z48wb5frb6gfk04f4yr821nyb04jdrcjse6k24xa3v4kt6k0jcmkhdn2gd4jvb2y93s6q3q1s8wna9fyere8c9vtgnmfj33s99by27rh0949x4cp8hnhag1cpp5aan8xzdeyyeps3m8ktcb8h44xy4vt1r71hkesf9s1x5h3kh2r40tgfcta40npv0r36dq3fbw1bbv43qnt1t0v0xx5dr9xpda4c50wwtxr3x8ekwtm2e0e0df9bryjnf1wmfsqvav4e625%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCohtDQ5epZeihH8_89u8P472V8AeQ4YGEXLaoworwAsCNtwEQASAAYJXKhoKYB4IBF2NhLXB1Yi04NzM3NzkzMzg5NjcxNTM1yAEJqQJ_jGMqIjiyPuACAKgDAcgDAqoEiQJP0G-PNPT9Fjth6QpbvKN1FDJz39Zp6JKsZMCWIo4SXnv02uFS---wKG7-WXfB9z3CPaF7SxjuJwUV1LFTEamg3_uy7PWbzdZy8VNkwxc99dkuySH3e-wtg0YxU7VlL2UiVonkpl_EULtaHYnnOV1ZSOhl8vXHMJmA2OrUaiIsZX7bcciB-SAvKvE6erHLsrP43phz16ih-ofYBn7M-C1JP3J43NPcwTvmN8y_1y_OadOSCMnY2eLQ4_Qk_w7Ym7qcTSgKxhKBKLTwpbxpF7gGsuCumJ-x5t0hRGXFN8fTEMDUPQrJpDb59d3lYvRuuNBl21B1j0Yfb4gK3yR_71XzD3rDwvicVs0Y4AQBgAbF76qXrOryphygBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYqvnvgfDngwP6CwIIAYAMAeINEwj-wPCB8OeDAxVPvv0HHeNeBX7QFQGAFwE%2526num%253D1%2526sig%253DAOD64_12Y0Xy455BLkZuiWwmasQGap0LiA%2526client%253Dca-pub-8737793389671535%2526adurl%253D&y=1&s=&z=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 21:25:24 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 500448
cf-polished: origSize=118430
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 02 Nov 2023 10:26:17 GMT
server: cloudflare
etag: W/"486507ccce9ac587d11c0ef3f32a109a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1bV8r9JXCGQRMrlCaj57oO8L88d%2BPi98WvCECxPrXdZ0CiUKDAgVlHJ6wm%2BRP3SCa%2FuTAVLWY%2FM%2BSmf35leGDV2JHSQAn6bP1zYcawOykOEAvAqZNrbdEH9Cz6Rpw0SHP%2B%2BgzdliRpc%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=86400
cf-ray: 8479e90b69db30d8-FRA
expires: Fri, 19 Jan 2024 21:25:24 GMT

GET
H3 200 5BEA37F6D446D4C03B5B8A479BAA7B5322DEA7B4FA3695C41DD3E6D3E6347B5DE247A601FDF909E0717C08186D3BBFC9B7677AEC046BA8D01CF57DDA0A0AE7A5
assets.ad4m.at/logo/ Frame DA01 6 KB
6 KB 34ms
33ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/5BEA37F6D446D4C03B5B8A479BAA7B5322DEA7B4FA3695C41DD3E6D3E6347B5DE247A601FDF909E0717C08186D3BBFC9B7677AEC046BA8D01CF57DDA0A0AE7A5
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=765&b=7QWSqfzf38crHXHgtAtBGMc4S1TQ8Eu2k1j&f=EjgSDfEfgVhzHAHjt6Cq6daKSVTYr3hBgQ5&c=320&d=50&e=&g=9bebf31ccf8e26ddff68d7a51cc1fd13%2F13672119027642775347&i=1676&j=4&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1705613124273&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1j5prascqfywdpt0z48wb5frb6gfk04f4yr821nyb04jdrcjse6k24xa3v4kt6k0jcmkhdn2gd4jvb2y93s6q3q1s8wna9fyere8c9vtgnmfj33s99by27rh0949x4cp8hnhag1cpp5aan8xzdeyyeps3m8ktcb8h44xy4vt1r71hkesf9s1x5h3kh2r40tgfcta40npv0r36dq3fbw1bbv43qnt1t0v0xx5dr9xpda4c50wwtxr3x8ekwtm2e0e0df9bryjnf1wmfsqvav4e625%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCohtDQ5epZeihH8_89u8P472V8AeQ4YGEXLaoworwAsCNtwEQASAAYJXKhoKYB4IBF2NhLXB1Yi04NzM3NzkzMzg5NjcxNTM1yAEJqQJ_jGMqIjiyPuACAKgDAcgDAqoEiQJP0G-PNPT9Fjth6QpbvKN1FDJz39Zp6JKsZMCWIo4SXnv02uFS---wKG7-WXfB9z3CPaF7SxjuJwUV1LFTEamg3_uy7PWbzdZy8VNkwxc99dkuySH3e-wtg0YxU7VlL2UiVonkpl_EULtaHYnnOV1ZSOhl8vXHMJmA2OrUaiIsZX7bcciB-SAvKvE6erHLsrP43phz16ih-ofYBn7M-C1JP3J43NPcwTvmN8y_1y_OadOSCMnY2eLQ4_Qk_w7Ym7qcTSgKxhKBKLTwpbxpF7gGsuCumJ-x5t0hRGXFN8fTEMDUPQrJpDb59d3lYvRuuNBl21B1j0Yfb4gK3yR_71XzD3rDwvicVs0Y4AQBgAbF76qXrOryphygBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYqvnvgfDngwP6CwIIAYAMAeINEwj-wPCB8OeDAxVPvv0HHeNeBX7QFQGAFwE%2526num%253D1%2526sig%253DAOD64_12Y0Xy455BLkZuiWwmasQGap0LiA%2526client%253Dca-pub-8737793389671535%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 40803f6727061b25fdffeca62b391f51e86f4656ec71f6748e70adb24e4ef2a7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 21:25:24 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 533616
cf-polished: origFmt=png, origSize=12441
alt-svc: h3=":443"; ma=86400
content-length: 5676
cf-bgj: imgq:85,h2pri
last-modified: Thu, 12 Oct 2023 15:47:18 GMT
server: cloudflare
etag: "db74c4d3f2426619eeab7362f8f8e9a4"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NafGVC62rwnsTs3hpsL7iVh2xPecHi%2BSr7jHQJOIsfqq4xOHfEEm8hNdHB78TVB13EGfuOLDS2XAAt2CGW9a2%2FdmDjhZsfz8GDqHCB1WZ3Kaqk7kzDqCnSbq8M6B9p3zDV%2FPy4bHwSftQJ0K"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 8479e90b69dd30d8-FRA

GET
H3 200 9A6AB5B03987FD43FC0F4811D9BA44190BAE529CC9CDBC80A1EE8AEE414929F6AA6AD8AD382FDF20E7DF4F4A57A5523074CB0D4B7C5049C1CFA10DA8CFB941EF
assets.ad4m.at/product_image/ Frame DA01 35 KB
36 KB 35ms
34ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/9A6AB5B03987FD43FC0F4811D9BA44190BAE529CC9CDBC80A1EE8AEE414929F6AA6AD8AD382FDF20E7DF4F4A57A5523074CB0D4B7C5049C1CFA10DA8CFB941EF
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=765&b=7QWSqfzf38crHXHgtAtBGMc4S1TQ8Eu2k1j&f=EjgSDfEfgVhzHAHjt6Cq6daKSVTYr3hBgQ5&c=320&d=50&e=&g=9bebf31ccf8e26ddff68d7a51cc1fd13%2F13672119027642775347&i=1676&j=4&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1705613124273&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1j5prascqfywdpt0z48wb5frb6gfk04f4yr821nyb04jdrcjse6k24xa3v4kt6k0jcmkhdn2gd4jvb2y93s6q3q1s8wna9fyere8c9vtgnmfj33s99by27rh0949x4cp8hnhag1cpp5aan8xzdeyyeps3m8ktcb8h44xy4vt1r71hkesf9s1x5h3kh2r40tgfcta40npv0r36dq3fbw1bbv43qnt1t0v0xx5dr9xpda4c50wwtxr3x8ekwtm2e0e0df9bryjnf1wmfsqvav4e625%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCohtDQ5epZeihH8_89u8P472V8AeQ4YGEXLaoworwAsCNtwEQASAAYJXKhoKYB4IBF2NhLXB1Yi04NzM3NzkzMzg5NjcxNTM1yAEJqQJ_jGMqIjiyPuACAKgDAcgDAqoEiQJP0G-PNPT9Fjth6QpbvKN1FDJz39Zp6JKsZMCWIo4SXnv02uFS---wKG7-WXfB9z3CPaF7SxjuJwUV1LFTEamg3_uy7PWbzdZy8VNkwxc99dkuySH3e-wtg0YxU7VlL2UiVonkpl_EULtaHYnnOV1ZSOhl8vXHMJmA2OrUaiIsZX7bcciB-SAvKvE6erHLsrP43phz16ih-ofYBn7M-C1JP3J43NPcwTvmN8y_1y_OadOSCMnY2eLQ4_Qk_w7Ym7qcTSgKxhKBKLTwpbxpF7gGsuCumJ-x5t0hRGXFN8fTEMDUPQrJpDb59d3lYvRuuNBl21B1j0Yfb4gK3yR_71XzD3rDwvicVs0Y4AQBgAbF76qXrOryphygBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYqvnvgfDngwP6CwIIAYAMAeINEwj-wPCB8OeDAxVPvv0HHeNeBX7QFQGAFwE%2526num%253D1%2526sig%253DAOD64_12Y0Xy455BLkZuiWwmasQGap0LiA%2526client%253Dca-pub-8737793389671535%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f121a336589baa8e4e36ff8e08c70847b57ad8545b693a2e4e96a0fbda38e42a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 21:25:24 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 701056
cf-polished: qual=85, origFmt=jpeg, origSize=36074
alt-svc: h3=":443"; ma=86400
content-length: 36044
cf-bgj: imgq:85,h2pri
last-modified: Fri, 10 Nov 2023 06:27:23 GMT
server: cloudflare
etag: "7850b9052be937f41ce82bc92c12f968"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pLmlKBXeUuTmneceoS8TFBdvu1LRMFOj0cLp4PIblS6v18rAezmyE8lTwDjJd7GIaz1Aqe%2FSFxDFl7pAOC3S6VjDBKOBoIWlJAd21nmMPl46TXAM6%2Fsym2T%2B%2BiHET8oPUfKdV4FqxRwgQiJn"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 8479e90b69de30d8-FRA

GET
H2 200 view
t.adcell.com/p/ Frame DA01 42 B
458 B 48ms
48ms Image
image/gif 2a02:cb40:200::242
SOPRADO-ANY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.adcell.com/p/view?promoId=164800&slotId=46690&pv=1&subId=oneid7QWSqfzf38crHXHgtAtBGMc4S1TQ8Eu2k1joneid__suite_Netmix_Reach118_EXTRAPUSH&gdpr_consent=&gdpr=0&gdpr_pd=0

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=765&b=7QWSqfzf38crHXHgtAtBGMc4S1TQ8Eu2k1j&f=EjgSDfEfgVhzHAHjt6Cq6daKSVTYr3hBgQ5&c=320&d=50&e=&g=9bebf31ccf8e26ddff68d7a51cc1fd13%2F13672119027642775347&i=1676&j=4&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1705613124273&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1j5prascqfywdpt0z48wb5frb6gfk04f4yr821nyb04jdrcjse6k24xa3v4kt6k0jcmkhdn2gd4jvb2y93s6q3q1s8wna9fyere8c9vtgnmfj33s99by27rh0949x4cp8hnhag1cpp5aan8xzdeyyeps3m8ktcb8h44xy4vt1r71hkesf9s1x5h3kh2r40tgfcta40npv0r36dq3fbw1bbv43qnt1t0v0xx5dr9xpda4c50wwtxr3x8ekwtm2e0e0df9bryjnf1wmfsqvav4e625%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCohtDQ5epZeihH8_89u8P472V8AeQ4YGEXLaoworwAsCNtwEQASAAYJXKhoKYB4IBF2NhLXB1Yi04NzM3NzkzMzg5NjcxNTM1yAEJqQJ_jGMqIjiyPuACAKgDAcgDAqoEiQJP0G-PNPT9Fjth6QpbvKN1FDJz39Zp6JKsZMCWIo4SXnv02uFS---wKG7-WXfB9z3CPaF7SxjuJwUV1LFTEamg3_uy7PWbzdZy8VNkwxc99dkuySH3e-wtg0YxU7VlL2UiVonkpl_EULtaHYnnOV1ZSOhl8vXHMJmA2OrUaiIsZX7bcciB-SAvKvE6erHLsrP43phz16ih-ofYBn7M-C1JP3J43NPcwTvmN8y_1y_OadOSCMnY2eLQ4_Qk_w7Ym7qcTSgKxhKBKLTwpbxpF7gGsuCumJ-x5t0hRGXFN8fTEMDUPQrJpDb59d3lYvRuuNBl21B1j0Yfb4gK3yR_71XzD3rDwvicVs0Y4AQBgAbF76qXrOryphygBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYqvnvgfDngwP6CwIIAYAMAeINEwj-wPCB8OeDAxVPvv0HHeNeBX7QFQGAFwE%2526num%253D1%2526sig%253DAOD64_12Y0Xy455BLkZuiWwmasQGap0LiA%2526client%253Dca-pub-8737793389671535%2526adurl%253D&y=1&s=&z=0

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:cb40:200::242 , Germany, ASN20546 (SOPRADO-ANY, DE),

Reverse DNS

Software

myracloud /

Resource Hash

b2c78c910f5ea29e3a9d223dabc203c055c8708b1fe7d83788b490638126db4d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 18 Jan 2024 21:25:24 GMT
strict-transport-security: max-age=15768000
last-modified: Wed, 11 Jan 2006 12:59:00 GMT
server: myracloud
content-type: image/gif
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-length: 42
expires: Sat, 11 Jan 2003 12:59:00 GMT

GET
H2 200 pvClk.min.js Show response
analytics.webgains.io/ Frame 5E8C 54 KB
19 KB 127ms
34ms Script
application/javascript 108.157.4.61
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.webgains.io/pvClk.min.js
Requested by: Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=3641431&wgcampaignid=1384975&wgprogramid=286305&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1kj72hqg90jdq0ykdyzdf2cjt0ya4w8a35bt2nvjnpr2hd8fj79h0801mznyrrrsaw7cazsyc36jdbhbzktg8vw9kyqd0yryagfv7mgb2b1351khrfbr9mptj5a7desathqh6y9zkwc18h2ck290n1yx14b3xb4fxsd15qcc78tay34c5q03fw6q3tj3tavhatqrqww4gawebj5re7887jj2hkh03hk5qr2a9mpwm49dq41y9wbjd8dkn78wctwwhn9g%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1jsy38rndxpbqy3a14gtsyamggmz9fz74tzagwfzx6660xcsr2cr8kg5p9t0nzctvzfdc9pkkaahgck540krg15mahb1r38mdb6v296pb568a493bxzsnbh4j860fm0jf5t00hfc58n58ehc69n9n36zadpwbva1j93mgpnr9rtc8jmf4q7wpededw41yty2kydadmdqygv4jmyscfeypgyabmwg9zv64natxevfajdjeknxqqdnfev5c7r21gh7d9770ndqcjr9p4ss8x5qeceq%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DC4HAoQpepZeedKdC59u8PmJeqmAWQ4YGEXLaoworwAsCNtwEQASAAYJXKhoKYB4IBF2NhLXB1Yi04NzM3NzkzMzg5NjcxNTM1yAEJqQJ_jGMqIjiyPuACAKgDAcgDAqoEgwJP0EQZSy_YxyYeWJe0FvzAOgF9DCM-wvvMcIByxHSDvj57eYTD4yANOmWaZ7CjNBvrdCegGDx910UNaA2OgLtvj8bPhgQsa7qZHYh-7UFjOclPSV162U_3WXDd72JYIU96QVooo35aOoY0yYkSz7DHYrmwrvx6uA02_xbalcflZx29ydNrtNsPgBEiT4Qre0R1JBUC-kXhDWcP0zG_FFx2v97wpWyPC6eGNj26KYVLxkrJFGrUr2jetGmXcofo4-bUVJWxJNNp3DL22jp_9vZ7pRw23y9k9yi4RPsaU8F7GFFoo37POcrwhHKN520scucETRTkXGCDmzgQ77ED_4FbF7i-4AQBgAb8k6yH8smngiugBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYlKCygvDngwP6CwIIAYAMAeINEwifgbOC8OeDAxXQnP0HHZiLClPQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_2Voj4mfJ1FTjTsOig2RUYFg9HoZw%252526client%25253Dca-pub-8737793389671535%252526adurl%25253D&clickref=oneidQxWH4fjfP93YUxH5HYt9CbqrpT6S4TGD4HEzJ5oneid__suite_Netmix_Reach118_EXTRAPUSH&viewref=oneidRx3HgfQfGPqeUkHwH3tQtw2A7u9SzTYMAhB3zZoneid__suite_Netmix_Reach118_EXTRAPUSH
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.4.61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-4-61.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 5ca4b5260e5b7a45b242e3c117e96451cb1d43563baee057f0d609548a112db7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 16:24:12 GMT
content-encoding: gzip
via: 1.1 3b5a3bc53642845f1ba1a839609aac0e.cloudfront.net (CloudFront)
last-modified: Thu, 11 Jan 2024 16:01:13 GMT
server: AmazonS3
x-amz-cf-pop: DUS51-P2
age: 18073
x-amz-server-side-encryption: AES256
etag: W/"1885e2f5560c2347761a6db4984ea717"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: hpRNAvi6w3pD1jf21yY1d9B1cBhJz2D4Suf_1dWJRdTikrFuqgclEQ==

GET
H2 200 1619604937_fPkEZHu3MNy3GC7XuV3lA1s9E5XlSAcF.png
cdn.track.production.webgains.team/286305/ Frame 5E8C 15 KB
15 KB 98ms
28ms Image
image/png 18.239.50.21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.track.production.webgains.team/286305/1619604937_fPkEZHu3MNy3GC7XuV3lA1s9E5XlSAcF.png?Expires=1705613424&Signature=Ddruuc9QYdpG3Rrg-stFaa-77K7XCd-pex2zIomr7vR77n-XmBO4myv4X3KBvR063BmuwSj6XfbngfSPLCZ4cXHAKjqCkfoGIDubtpL2g6cg1oU5pTUYANnoLcJR5Q70gbAlNDJJ5RAUtMJfbNTVe6kDU3rhBnjUwc~BO2AzrckGTtr1SqONCR28UM7AHyKRz5KCiFygt4agNb3V~N7Ig3GNbgPEDzia3NG~K4lcpA9dDAiyUi59pSAkdUfsOAne1ZZ1jeMhNrhjZHzdo5BhybYT-fmeExIR-Tq7hOxn5gkyvsYY084EG-TYMNF0GYKcgjXrOF0wBRLOuotDYfgQkQ__&Key-Pair-Id=K28VXAGA7VWE0O
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=29002%2C685%2C197862&b=ZxqHwfBfMzDtmHDHDt3t6R4T6SXTQRBuY51p%2CYxRHrf3fkXaVH9HetQteg5ukS1Td9rF1Z6q%2CRx3HgfQfGPqeUkHwH3tQtw2A7u9SzTYMAhB3zZ&f=9jbSMfmfGdBtKHBH2tzCVWAc9SmTzPMfrbJW%2Cq42umfWfAzSZHgHDtRCwrdHeSgTJD5sq4xM%2CQxWH4fjfP93YUxH5HYt9CbqrpT6S4TGD4HEzJ5&c=300&d=250&e=&g=9386754a2ee639bbd1c939ab1bfc040f%2F4994517816740415661&i=25052%2C17908%2C71725&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1705613124126&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jsy38rndxpbqy3a14gtsyamggmz9fz74tzagwfzx6660xcsr2cr8kg5p9t0nzctvzfdc9pkkaahgck540krg15mahb1r38mdb6v296pb568a493bxzsnbh4j860fm0jf5t00hfc58n58ehc69n9n36zadpwbva1j93mgpnr9rtc8jmf4q7wpededw41yty2kydadmdqygv4jmyscfeypgyabmwg9zv64natxevfajdjeknxqqdnfev5c7r21gh7d9770ndqcjr9p4ss8x5qeceq%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC4HAoQpepZeedKdC59u8PmJeqmAWQ4YGEXLaoworwAsCNtwEQASAAYJXKhoKYB4IBF2NhLXB1Yi04NzM3NzkzMzg5NjcxNTM1yAEJqQJ_jGMqIjiyPuACAKgDAcgDAqoEgwJP0EQZSy_YxyYeWJe0FvzAOgF9DCM-wvvMcIByxHSDvj57eYTD4yANOmWaZ7CjNBvrdCegGDx910UNaA2OgLtvj8bPhgQsa7qZHYh-7UFjOclPSV162U_3WXDd72JYIU96QVooo35aOoY0yYkSz7DHYrmwrvx6uA02_xbalcflZx29ydNrtNsPgBEiT4Qre0R1JBUC-kXhDWcP0zG_FFx2v97wpWyPC6eGNj26KYVLxkrJFGrUr2jetGmXcofo4-bUVJWxJNNp3DL22jp_9vZ7pRw23y9k9yi4RPsaU8F7GFFoo37POcrwhHKN520scucETRTkXGCDmzgQ77ED_4FbF7i-4AQBgAb8k6yH8smngiugBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYlKCygvDngwP6CwIIAYAMAeINEwifgbOC8OeDAxXQnP0HHZiLClPQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2Voj4mfJ1FTjTsOig2RUYFg9HoZw%2526client%253Dca-pub-8737793389671535%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.239.50.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-239-50-21.ams58.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 60bf02832688d14251ec1c7b8acfda233a91f927f26c7202bdaba781a1f0fcdf

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id: null
date: Thu, 18 Jan 2024 11:44:07 GMT
via: 1.1 702b555619c53ec5f8f56dfeed61c334.cloudfront.net (CloudFront)
last-modified: Fri, 06 May 2022 10:41:35 GMT
server: AmazonS3
x-amz-cf-pop: AMS58-P3
age: 34878
etag: "d4e8f970f24f6d19b53aa92b1907c1ef"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 15054
x-amz-cf-id: _Fjj9wS9BaL27NkDV_4xH4-OamVz739gsGpvE_z6UWXP6OOZilRxfg==

GET
H2 200 pvClk.min.js Show response
analytics.webgains.io/ Frame 9F12 54 KB
19 KB 106ms
30ms Script
application/javascript 108.157.4.61
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.webgains.io/pvClk.min.js
Requested by: Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=2370525&wgcampaignid=1384975&wgprogramid=265645&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1g2r4sfshvyzq3aahmjfhapfg9tykw1xy13xe6v36bcp1tc37m79gf7fhv5wjfrpva55k061xp0fs0t9f3de43h6h1rgpmwvvp597ymjrvxb2hre76qjfdj88jt8k4dgp607dbe1wgspamayx5cf08w4r5phj403584g230g28w6by7tt4zbnv88jxmz6gwry9g94v96vym2vp9a6qk1fzz99bd6y5khqn4v5g5ptsykrcd4jnmpc7s07a45t3x05e498%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1jb9kbepzfvrx502kdp61etz6tpvvhrbp9pn7zw7kf1cyzkhe32dc37bz27p9jzbfejkqn4gvhyxn24taffjfr08c6jq9wadzhwfpks2h53fyprpmtnc73vxm22tz0n7a91cggtjxzk8c0w31zkkbn4gr4pn6scs5t7r8pvjnys393g7ep2vz7vhan2ws0gk8g73kxtta0yg8f4y5m2psxtdrpshjn1j15m3qthwxs6b9d28ewftx2yw1gn4cssw5v7yqnr99hbftwz0tsbscfbe%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCNNT0QpepZeOdKdC59u8PmJeqmAWQ4YGEXLaoworwAsCNtwEQASAAYJXKhoKYB4IBF2NhLXB1Yi04NzM3NzkzMzg5NjcxNTM1yAEJqQJ_jGMqIjiyPuACAKgDAcgDAqoEhAJP0MwmwCg5YxAqi76R6vO-0wsn070VASjPs9c2OiFixa5HPA8Xs_2cOeog2ZfIRA948PGaJPhymlUdINExB7iuKMK_Y92kcHFIYod5hfSX4m2CSkrdThoktXTdQWyPCw_pTe2MlY4b_qUBVyUCP4Wmch4jg65jFQZmEx5WYxVM9VC6DeVfushzEVvQ-1Jz-Nc6m5JZa3HUOjBcaCmqG-sEUcW7ORfj37GfFA4lgCGr0Y7GTemDey7pckoFZn44qD0AyszTyfc6Vz0miE4SvaBbk1x3A_JuKky9OJQNvkBqq4Uhw8qghSn1CbL8UGMwkUUxi5ZlW4z9I7fkx-I-LpZAJAsTKuAEAYAG_JOsh_LJp4IroAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WJSgsoLw54MD-gsCCAGADAHiDRMIm4GzgvDngwMV0Jz9Bx2YiwpT0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_0ZmvmF0SkpxWZukQSu8WKxJoJ3sw%252526client%25253Dca-pub-8737793389671535%252526adurl%25253D&clickref=oneidDjBS3fwfGA3rF3HmH9twCZ3kTxSmTYEXhZMAzoneid__suite_Netmix_Reach118_EXTRAPUSH&viewref=oneide7mt3fVfrkRMajHZHet1t4jXTwSQTK3gsJxrjoneid__suite_Netmix_Reach118_EXTRAPUSH
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.4.61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-4-61.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 5ca4b5260e5b7a45b242e3c117e96451cb1d43563baee057f0d609548a112db7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 16:24:12 GMT
content-encoding: gzip
via: 1.1 3b5a3bc53642845f1ba1a839609aac0e.cloudfront.net (CloudFront)
last-modified: Thu, 11 Jan 2024 16:01:13 GMT
server: AmazonS3
x-amz-cf-pop: DUS51-P2
age: 18073
x-amz-server-side-encryption: AES256
etag: W/"1885e2f5560c2347761a6db4984ea717"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: uwgeFodKsJyHhRMV392kOwuQJgzHY9vI9InHtc9sizCzpG_hrzq4Cw==

GET
H2 200 1692282615_nrkxmt2VWiWvZTgzkEX59Uj0oUlxtD2O.png
cdn.track.production.webgains.team/265645/ Frame 9F12 4 KB
4 KB 83ms
29ms Image
image/png 18.239.50.21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.track.production.webgains.team/265645/1692282615_nrkxmt2VWiWvZTgzkEX59Uj0oUlxtD2O.png?Expires=1705613424&Signature=EcQkyt7kyUiICIe8UR-X6iC1ARI5Lp1MWECoawQ~QJPYQDaU29YNFz8KK6HgmVZ4F0Q99NFKV7SU6V8BkhTwjt3e~YHpWKmB4cqu~PW0EYi1KU~hnmzzpf1rDE8xyenKrnWIyB4xwHGctVGf9fERkdlK9NGFg24O689J0Hir~w9YP3BE~8QhyTsDhywEkLBOtVtrE930j0zTpUTSY2WYEUOI4qDajR5hSYTWCm-Tf29INGEjCuix~PGS80D3qaeS1g4J6jLAHuvdEEc9YZUH84XeU-pR3SHXYYgGwacaauYliy4cisAjj~gqQ8Va2qN~UCU~0lzY4HwBP0L-oQa9XQ__&Key-Pair-Id=K28VXAGA7VWE0O
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=19769%2C196439%2C183975&b=8R3cDf8f2qZfgHJHEtxtkZEhGSwTpQZtbw6A%2CJB7Uzf5f3drKCBH6H7tptrjQtxSgT4EGaP39W%2Ce7mt3fVfrkRMajHZHet1t4jXTwSQTK3gsJxrj&f=ZxqHwfBf6A8UmHDHDtDCJQ2a6SXTQRBuY51p%2CGjMSBfpfXwxkcKHeHGtBC31dHZSYTJ78sQVeB%2CDjBS3fwfGA3rF3HmH9twCZ3kTxSmTYEXhZMAz&c=300&d=250&e=&g=d4385695d55eaa2d0e068eeee766ae09%2F15788385245188353517&i=21630%2C25174%2C20597&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1705613124106&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jb9kbepzfvrx502kdp61etz6tpvvhrbp9pn7zw7kf1cyzkhe32dc37bz27p9jzbfejkqn4gvhyxn24taffjfr08c6jq9wadzhwfpks2h53fyprpmtnc73vxm22tz0n7a91cggtjxzk8c0w31zkkbn4gr4pn6scs5t7r8pvjnys393g7ep2vz7vhan2ws0gk8g73kxtta0yg8f4y5m2psxtdrpshjn1j15m3qthwxs6b9d28ewftx2yw1gn4cssw5v7yqnr99hbftwz0tsbscfbe%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCNNT0QpepZeOdKdC59u8PmJeqmAWQ4YGEXLaoworwAsCNtwEQASAAYJXKhoKYB4IBF2NhLXB1Yi04NzM3NzkzMzg5NjcxNTM1yAEJqQJ_jGMqIjiyPuACAKgDAcgDAqoEhAJP0MwmwCg5YxAqi76R6vO-0wsn070VASjPs9c2OiFixa5HPA8Xs_2cOeog2ZfIRA948PGaJPhymlUdINExB7iuKMK_Y92kcHFIYod5hfSX4m2CSkrdThoktXTdQWyPCw_pTe2MlY4b_qUBVyUCP4Wmch4jg65jFQZmEx5WYxVM9VC6DeVfushzEVvQ-1Jz-Nc6m5JZa3HUOjBcaCmqG-sEUcW7ORfj37GfFA4lgCGr0Y7GTemDey7pckoFZn44qD0AyszTyfc6Vz0miE4SvaBbk1x3A_JuKky9OJQNvkBqq4Uhw8qghSn1CbL8UGMwkUUxi5ZlW4z9I7fkx-I-LpZAJAsTKuAEAYAG_JOsh_LJp4IroAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WJSgsoLw54MD-gsCCAGADAHiDRMIm4GzgvDngwMV0Jz9Bx2YiwpT0BUBgBcB%2526num%253D1%2526sig%253DAOD64_0ZmvmF0SkpxWZukQSu8WKxJoJ3sw%2526client%253Dca-pub-8737793389671535%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.239.50.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-239-50-21.ams58.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9341de86e937a45a93d5120d0a9d94cdfdbfcbd2e4da2a1c529fdc69d6b4d2e0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id: null
date: Thu, 18 Jan 2024 07:25:28 GMT
via: 1.1 702b555619c53ec5f8f56dfeed61c334.cloudfront.net (CloudFront)
last-modified: Thu, 17 Aug 2023 14:30:16 GMT
server: AmazonS3
x-amz-cf-pop: AMS58-P3
age: 50397
x-amz-server-side-encryption: AES256
etag: "47f1e003b9b074a403e5469f531658f2"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 3904
x-amz-cf-id: Balsx3g9BUHJYUV75UMCjqJUP-daWsYhkrFTRoVybJDNVPJL3UAf3Q==

GET
H2 200 postview Show response
www.eprimo.de/ Frame 48AC 334 B
462 B 74ms
23ms Document
text/html 3.73.69.41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.eprimo.de/postview?hp=8000001991&pvid=65a99744141e30d18afb40f5&gdpr=0&gdpr_consent=&gdpr_pd=0

Requested by

Host: netzwerk.uppr.de
URL: https://netzwerk.uppr.de/trck/epv/af4ff75e9ff0f691fd8dd53e639ddaad?subid=oneid13mUbfKf2Ama9HdH9tAt2zmS2SKTGRWHx7droneid__suite_Netmix_Reach118_EXTRAPUSH&gdpr_consent=&gdpr=0&gdpr_pd=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.73.69.41 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-73-69-41.eu-central-1.compute.amazonaws.com

Software

nginx /

Resource Hash

4803fb9ad425e3d59451441ac6a7c901a4392f78f7732f07aa2a5292503460bb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-type: text/html
date: Thu, 18 Jan 2024 21:25:24 GMT
etag: W/"65a4fd24-14e"
last-modified: Mon, 15 Jan 2024 09:38:44 GMT
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 88x31.png
ht.uppr.de/campaign_118_eprimo/20210714_Logos/ Frame 7847 4 KB
4 KB 72ms
21ms Image
image/png 54.37.204.178
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ht.uppr.de/campaign_118_eprimo/20210714_Logos/88x31.png
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=12798&b=13mUbfKf2Ama9HdH9tAt2zmS2SKTGRWHx7dr&f=wAjudfjfZk3SEHRH2tEC4m9hzSATmrZTKJQ1&c=320&d=50&e=&g=ca6cf9288b5ffa853a40754ddc07265b%2F17633747351325930973&i=20363&j=24&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1705613124072&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hr2scez6rxe1adtasmt78cdtybmnj45cad7je9jxcxq9x2az4cm2b0ftwweec05j9banxtbrssvw4j1bk8t98ex83qw11hkxv8mycgfv9c26rcxexg7khj73274rn5fq330mpyt4q45qm9fda9t1h0trk99d7534ynq4fc94y3r58d935kaxmcxebbq6gpcjxjpgb5wfnrz82b8gfrjbm6w1k7jy1sthmr7e2dn2hep1tydqgkk6c5sfgveth9w4hsxqkw2akkdj7kksc3bg7jv%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCm0PWQpepZeGdKdC59u8PmJeqmAWQ4YGEXLaoworwAsCNtwEQASAAYJXKhoKYB4IBF2NhLXB1Yi04NzM3NzkzMzg5NjcxNTM1yAEJqQJ_jGMqIjiyPuACAKgDAcgDAqoEjAJP0EvPm_--F40JGJsXkGL709w-3Xb-hK9O0aQlWNW8eXKrS9niy86RMKIKVQNRDXkD1A1YVfmNcM3lD-KNIA9kIAoglKNPVJGH0h7vLcdeQjjwHAyd4b4N72NXS049xNP_7ljfI_glR5Cb6K837op1zPidyHMJ31GTKLBcU0K6gLyMTEpTdicrZfztCco4kCoBZ11vH7aeidML0FfBSVYelhoPi34Za9IRw_eWyMQ68jiQOn1IfEr0z4bQn8s12N0MmcbWGTDwWhDKdMYws5Ej1xJ01NWkgbVxc1MkSNEqPib9e4P3lA2mUErQGzXPKz3xVf_68srB3EXX2p-A9RWziFVYDHESVjdo-RQ34AQBgAbF76qXrOryphygBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYlKCygvDngwP6CwIIAYAMAeINEwiZgbOC8OeDAxXQnP0HHZiLClPQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2VhP59kPk0szm7BFx6c0fKMWvzLA%2526client%253Dca-pub-8737793389671535%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 54.37.204.178 , France, ASN16276 (OVH, FR),
Reverse DNS: 178.ip-54-37-204.eu
Software: nginx/1.24.0 /
Resource Hash: b5cbed9147f88e081848cdd63a0791004ad19c85d075033508db726df783c558

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 21:25:24 GMT
last-modified: Wed, 14 Jul 2021 10:35:04 GMT
server: nginx/1.24.0
accept-ranges: bytes
etag: "60eebdd8-116b"
content-length: 4459
content-type: image/png

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 37B3 42 B
64 B 58ms
58ms Image
image/gif 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvOxFl5C3dmTT41cnzJFf23wE5XByjmF2uHpE6luPbmNQ3TOHPvVqkJL5iA2ERgd1bslq7JbdLSg538rIsTExU6A3Qcp0waIcTzcY2TF3hV_4J3ovo7gPMpk3Mt68sSnCnljBWtdTUrrKt2vQBNYpqshhcO&sai=AMfl-YSU6dSZcNl9oZjUvim6iavFJtYT8w7EYtCGLja4VsRO9BrTU9GkvahGosDlFjMtCgpTCk2FSD2PSTPlJT6qvO7aXy_SZjTO8tAU1mW4eW5xxjvf4RryAZH1r2mC&sig=Cg0ArKJSzCUSYXAm1v0YEAE&cid=CAQSPAAvHhf_G1vfO-F86pyobZVNATehLXQk9N1eDKUNtN8dNp-kIQhRjXWLGeLpB18KMtDXGoZYr0-LqbKx0hgB&id=ampim&o=650,261&d=300,600&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=62&tls=1062&g=100&h=100&tt=1062&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://forexone.alghtas.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 18 Jan 2024 21:25:24 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cookieFork.js Show response
www.eprimo.de/postview/ Frame 48AC 9 KB
3 KB 23ms
23ms Script
application/javascript 3.73.69.41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.eprimo.de/postview/cookieFork.js

Requested by

Host: www.eprimo.de
URL: https://www.eprimo.de/postview?hp=8000001991&pvid=65a99744141e30d18afb40f5&gdpr=0&gdpr_consent=&gdpr_pd=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.73.69.41 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-73-69-41.eu-central-1.compute.amazonaws.com

Software

nginx /

Resource Hash

48c851642ddc61a2093c2445e17251c1b7465d979185267312ddc5b496828813

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.eprimo.de/postview?hp=8000001991&pvid=65a99744141e30d18afb40f5&gdpr=0&gdpr_consent=&gdpr_pd=0
Origin: https://www.eprimo.de
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 21:25:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
last-modified: Mon, 15 Jan 2024 09:38:44 GMT
server: nginx
content-encoding: gzip
etag: W/"65a4fd24-24ea"
content-type: application/javascript
x-xss-protection: 1; mode=block

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 17CA 42 B
64 B 55ms
55ms Fetch
image/gif 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssuEnmBbS0oYdxV57SGGlkESEgULM8HaPrpb6jwu5sdL7vVceTJsbxWrXF9FkLO13U5G1fUt08PUSkA2JEn4axp5GoYIIsN5lmuBqjjxyvzUxrTsUA29A&sig=Cg0ArKJSzCPtQbB_auv4EAE&id=lidar2&mcvt=1000&p=0,640,50,960&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20240117&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=952610916&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1705613123423&rpt=237&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 18 Jan 2024 21:25:24 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame EBBD 42 B
64 B 54ms
53ms Fetch
image/gif 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuAZ377Y1SwHHj690EryM_3wv_IvqA0tZm9yTxzxJBO1JFpeTf9C5LJCa35QXpYWoaIFmhp7rdmt_P8EQg2_H4NPkCIvJV96DGMSXDpNse58G9J4M6DsQ&sig=Cg0ArKJSzL6daT_uww39EAE&id=lidar2&mcvt=1000&p=1150,640,1200,960&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20240117&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=528138116&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1705613123426&rpt=284&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 18 Jan 2024 21:25:24 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame B111 42 B
64 B 53ms
53ms Fetch
image/gif 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssjZBYJxzhbWI_UjnaEBa9MyHmKJ8Or9QGpBpL2tDy2Yqv6lefBFix9DtEzKidpxY2G5al8HnZJqYZMDswwTzi7gyvBxRbp2Q0TYSfvarilUPt-TdqxhQ&sig=Cg0ArKJSzKfcBEAh3tRFEAE&id=lidar2&mcvt=1000&p=80,1280,130,1580&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20240117&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=798339477&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1705613123429&rpt=371&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 18 Jan 2024 21:25:24 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame EAA6 42 B
64 B 53ms
52ms Fetch
image/gif 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvJmOtj_Vi9P0AqvQQ0nG81Ex1L8-ntU6I1yrxkmaA4gIjC8oXM0Uqijbph3lK8qCFSbvEEjvprpcWXHxre5NN6mLQV1VQ8xirBg179YEIzRrPI7JChlA&sig=Cg0ArKJSzNQVl_7VeoD0EAE&id=lidar2&mcvt=1001&p=804,41,1054,341&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20240117&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=2989853341&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1705613123444&rpt=371&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 18 Jan 2024 21:25:24 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 31B4 42 B
64 B 53ms
53ms Fetch
image/gif 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss2rLHigJhS4eJjM9l37huv1Ep43syv5bH9KyrNaLAE87_mMLX8SJPmHRqYpGc9liwubbBk8SUnfzaDKwwxoI11PfbZqMydWf98HeP2WBoKErq1awJFOw&sig=Cg0ArKJSzJGRNVdUqm2UEAE&id=lidar2&mcvt=1000&p=139,650,189,950&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20240117&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=4176891793&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1705613123452&rpt=430&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 18 Jan 2024 21:25:24 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 1959 42 B
64 B 53ms
53ms Fetch
image/gif 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstxid6CAOteiPCKBTElzonE4x_wuvzabzCB5xciNKhLlUqGWF-12YkVUGMvscqJ3vM2LYcxaWStxhlmiZcCSDrNrolkHiR6HRMvH3VLii-uaqIm_7VUag&sig=Cg0ArKJSzOm2psHeNUzJEAE&id=lidar2&mcvt=1002&p=586,650,836,950&mtos=1002,1002,1002,1002,1002&tos=1002,0,0,0,0&v=20240117&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=3309457587&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1705613123460&rpt=434&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 18 Jan 2024 21:25:24 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 87BE 42 B
64 B 53ms
53ms Fetch
image/gif 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvaDl0vVWFFeAwvc2aREMbGwWba2yRJs6p_EsrWtwhlGXLd7hlL3oUK-vqeZPCuwUe7jA72wFQgh0Jj1IAR_LLNXfYkPhEaGxyVMW4U-20B5jNklqwsgQ&sig=Cg0ArKJSzJ1oMVUhuvOQEAE&id=lidar2&mcvt=1003&p=411,650,461,950&mtos=1003,1003,1003,1003,1003&tos=1003,0,0,0,0&v=20240117&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=4165396585&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1705613123456&rpt=453&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 18 Jan 2024 21:25:24 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 tracking-event Show response
api.webgains.io/ Frame 9F12 16 B
209 B 73ms
73ms Fetch
application/json 18.134.214.132
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.webgains.io/tracking-event

Requested by

Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.134.214.132 London, United Kingdom, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-134-214-132.eu-west-2.compute.amazonaws.com

Software

nginx / PHP/8.1.14

Resource Hash

c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 18 Jan 2024 21:25:25 GMT
x-content-type-options: nosniff
server: nginx
x-powered-by: PHP/8.1.14
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, private
x-xss-protection: 1; mode=block

OPTIONS
H2 204 tracking-event
api.webgains.io/ Frame 0
0 130ms
37ms Preflight 18.134.214.132
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.webgains.io/tracking-event
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.134.214.132 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-134-214-132.eu-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://as.ad4m.at
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-headers: Authorization, Content-Type
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: *
date: Thu, 18 Jan 2024 21:25:25 GMT
server: nginx

POST
H2 200 tracking-event Show response
api.webgains.io/ Frame 5E8C 16 B
209 B 98ms
97ms Fetch
application/json 18.134.214.132
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.webgains.io/tracking-event

Requested by

Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.134.214.132 London, United Kingdom, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-134-214-132.eu-west-2.compute.amazonaws.com

Software

nginx / PHP/8.1.14

Resource Hash

c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 18 Jan 2024 21:25:25 GMT
x-content-type-options: nosniff
server: nginx
x-powered-by: PHP/8.1.14
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, private
x-xss-protection: 1; mode=block

OPTIONS
H2 204 tracking-event
api.webgains.io/ Frame 0
0 124ms
36ms Preflight 18.134.214.132
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.webgains.io/tracking-event
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.134.214.132 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-134-214-132.eu-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://as.ad4m.at
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-headers: Authorization, Content-Type
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: *
date: Thu, 18 Jan 2024 21:25:25 GMT
server: nginx

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: cm.g.doubleclick.net
URL: https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmRuQGq2v3dYUR_6kTT7R4lJ6upWSpERWE6G6n65YyiLeOEqCflVO8yMh5oIW779AfoOUNFPLkPuFyh_N1Z7n-ut_mBGa9s9

Domain: cm.g.doubleclick.net
URL: https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESENxJXqfCSbRAUB--9lWnqH0&google_hm=ZamXQ8kTC2CPqI4ALfC4TQAAFEYAAAAB&google_nid=index&google_push=AXcoOmT1xXwoYTJswCE2k4db46tgSZMOPB9K8Vu3GmDb8PeQMxUyEKLo637QkZ8CG81AEg6EOicRvCg7NltGaPHHinIY9OmHAzJB

Domain: e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com
URL: https://e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Domain: as.ad4m.at
URL: https://as.ad4m.at/ad/style/0.1.50/one-ad/default.css

Domain: assets.ad4m.at
URL: https://assets.ad4m.at/logo/AC50ED06D6B01579BBF8202CAC1E2BC99A8C4EFC03AE0DB29DFC1BDB2F82E09188D30122E09EB7D91DC8B3182DA9DB4A5BED06E4BC2B9D6F0CA2AC61EC267111

Domain: assets.ad4m.at
URL: https://assets.ad4m.at/product_image/A36DAD0D440985CF6ABFA23492945CE5BC6D94350A66B19418CB771AFE823AD9B48ADE8E2F007546F0A50A710172EEFC2CAC1468E38852CE2028C22592AAFB75

Domain: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CgE-cQpepZb71Mb3F7_UPydaGuAuQ4YGEXLaoworwAsCNtwEQASAAYJXKhoKYB4IBF2NhLXB1Yi04NzM3NzkzMzg5NjcxNTM1yAEJqQJ_jGMqIjiyPuACAKgDAcgDAqoEgAJP0ALvUIyq_GFmBBUL_R6YKjEvnQleVbPxQBlopM8NwfnKXn8NCQxSotij4RdF728Atmek4KQ1OwGzePAhkFFZHG38NeK6Kr68QqvGqt71v9dwULTOLruHW7wT2za76vT778vytbQ0gL2Ys8DBbc-Fq4eyJIiK_2UHXC1uVeDmYnCJnOcGSLfqSOfRF-YsN241XNswuewL_TpO_5rxSrEspxovqcnVlFy5O49Feisjs9B-Gaw0ANO0Aexw-IaaV2qT5eaUwxoJQcwl9K3e-ov5TWgbE28epfs2RmSv40B4aRbCiMuQmsryCNVov8ecuD0tyQ-Kf7cqZyF_9oqtax244AQBgAa30KrL2bTPoU2gBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYyezugfDngwOACgP6CwIIAYAMAeINEwiknu-B8OeDAxW94rsIHUmrAbfQFQGAFwGyFx0KGxIUcHViLTg3Mzc3OTMzODk2NzE1MzUYoKiLAQ&sigh=lWKe58iI4oo&uach_m=%5BUACH%5D&cid=CAQSOwAvHhf_C7wYq3Zq-lRK6e_ZAe8g_EvBa6hRfO4Kf_NQnK-2v2o5efSoQvuo9WJhU4TK60QGedP_I5RPGAE&cbvp=2&vis=1

Domain: prod-rtb.ad4mat.net
URL: https://prod-rtb.ad4mat.net/winResponse?a=1h7e63y2x5gbj6mhb865ahw9w0f7vt472va8tw8yqfxh755m2vw2hznez9tyx13nsepqvmr7024b1r5nryxve9gtx3e6xsyv4zsw6abfkw3fv4wnpv9g8p73sfdhs5bpmpnr6h2xq21ehh1faxq54ht0r9frpj7hg39m6pgapgttmmqaexn9hnzgmh856eyaq5nzep78v0d454q9qv5nbjt0ve9jqa3c21vbmf1k434q8vatxp5yw8mekbpytpd0d4nyx0mad715t1cns08ksqrgxzzz4r7tdtjz7jbmmx9qbnh5kbhjqp988wrk2tmy95thvdjwt1rqmy9zxg308nep3j8rp46n87z8dptahkyy4t1eadwxzf152ce4exnnszgdt3v29bp6xvg&b=ZamXQgAMer4Iu-K9AAGrSbOx_fRTb4t5Wzo0JQ&cbvp=2

Domain: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstgTPRzLITZBvdIh_5C-TUUoQzjxM87VnkhoJMc9n4bOtXZy91GvAhHJZHXU_kFDCkFvqA3pznZLMYEWtCc7IrXnG0Oyb4cuROJ7cdDzr-7zBuTpzXfXg&sig=Cg0ArKJSzO1OMMJe0XEcEAE&id=lidartos&mcvt=246&p=139,640,189,960&mtos=246,246,246,246,246&tos=246,0,0,0,0&v=20240117&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=4176891793&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=3&r=b&rst=1705613122846&rpt=335&isd=0&lsd=0&ec=1&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Domain: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssIj0QiMuHW1At-XN7-xrwPBcKAHJfdMVl-qvXnbvbwTI9TIhmQomdzh7T7pdFUMSl5atGt6X450LzKfO9ql8tzkIK8tR2Vh2yWuPr2Hb3Mowxi5UG1pA&sig=Cg0ArKJSzM8iM5vzZnijEAE&id=lidartos&mcvt=57&p=411,650,461,950&mtos=57,57,57,57,57&tos=57,0,0,0,0&v=20240117&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=4165396585&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=3&r=b&rst=1705613123103&rpt=272&isd=0&lsd=0&ec=1&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Domain: e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com
URL: https://e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Domain: cm.g.doubleclick.net
URL: https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=MnluVTVvQ1AxUnF6VDU1&google_gid=CAESEM7cFoSR8rL1deY98CQamKA&google_cver=1&google_push=AXcoOmTiWfb6HdOGOvneS4D6GNw0VVAzDQwFdULpajcINtV1Uq3cfRZ6N9hBzcDIBpwUlqb5UfnS4rIsW_I0M0b6DGS6zji2jE0

Domain: a.tribalfusion.com
URL: https://a.tribalfusion.com/i.match?p=b6&u=CAESEDOdZ5X2RKdgbP26YVSHzHQ&google_cver=1&google_push=AXcoOmRHb1wie2aFpkR7_yvxwAj60u7zyjHeQ2icHATS9jtetWoRWJXn8FH1xaQj1cryArUar283rU6u31Ae13hw5PWE_nR843A&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmRHb1wie2aFpkR7_yvxwAj60u7zyjHeQ2icHATS9jtetWoRWJXn8FH1xaQj1cryArUar283rU6u31Ae13hw5PWE_nR843A%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24

Domain: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=Cn0iUQpepZemdKdC59u8PmJeqmAWQ4YGEXLaoworwAsCNtwEQASAAYJXKhoKYB4IBF2NhLXB1Yi04NzM3NzkzMzg5NjcxNTM1yAEJqQJ_jGMqIjiyPuACAKgDAcgDAqoEhgJP0ILqF87FdOOwwc69UoYwi65WIrwMt9Ev5dBLeK149nf7xaqemVLoSZNnuyWyKK5VEyH8-I9wFMaU62ApUnrVyz1ENo7QqSLuu0pn7rarSKmMTsdaokQK670W92Qb_g7NvAR-HLFFkOCvBChey65h50s7nKwaW4vffnxczSywO3B1XzoWp_GKpGAiv9kW7CooZaT4EQ8QrrAs6s0Ef0w-Bl7iCEEEocA81t5BaCTH8gzGsmIQ6CMoCRVmJzbYyjJfuTaoDDnvqZi0mpLOtuCp9J8CPkWEGuoD13JIdAJxnbhKG23XP1RPajivD6A3HrnJKeUZlK-57NMLUeKC1Hqkpyx_06t74AQBgAb8k6yH8smngiugBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYlKCygvDngwOACgP6CwIIAYAMAeINEwihgbOC8OeDAxXQnP0HHZiLClPQFQGAFwGyFx0KGxIUcHViLTg3Mzc3OTMzODk2NzE1MzUYoKiLAQ&sigh=NrFWvMJuX60&uach_m=%5BUACH%5D&cid=CAQSPAAvHhf_G1vfO-F86pyobZVNATehLXQk9N1eDKUNtN8dNp-kIQhRjXWLGeLpB18KMtDXGoZYr0-LqbKx0hgB&cbvp=2&vis=1

Domain: prod-rtb.ad4mat.net
URL: https://prod-rtb.ad4mat.net/winResponse?a=1jwg7x6mhr25tv5grt8d47maend0g3rkcgqrch1jf14waha94j6akxda1wq54mrst077k7x4np0r12m5xxneq48w23t59xsygz266pvmdaax3g2568xhj4ehy13khav77nb1m6v6vmp2rq4hr85n50dm40qs40749e28yedxx4vxcek3e9631vzyrgwrb7vtjxeeeyb4y6r9ec6w08zf66q474hf6jyz459898terwc69gzf7h8y3xj3tewavweyaaz9vjka3tzqcf4y66n3h92j4afdz3wsafhngzvzxseb666f95wvmbz0acyngj2g7a2yxrxq3yz4nv8qqt5d2f3n6fqpwsbez7t98c0qr3etd8qzvxse47skdw15d1estjnxf46xabd7xhr&b=ZamXQgAKTukH_ZzQAAqLmBXXSY3N0OAWS-SYNg&cbvp=2

Domain: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssUSjB3kEzw9WkQST0AX0NKJLCjeMEeXDOCk2rYuFkDAbNQCnwoNb5yi41yfEq-bOJ4kE00RJAR0tXeiiTAk8B2kkhodPuq2xlrWVVKPG9idYCxfjJGmA&sig=Cg0ArKJSzDhJXev9SKwYEAE&id=lidartos&mcvt=0&p=0,0,0,0&mtos=0,0,0,0,0&tos=0,0,0,0,0&v=20240117&bin=7&avms=nio&bs=0,0&mc=0&if=1&vu=1&app=0&itpl=20&adk=624631471&rs=4&la=0&cr=0&vs=3&r=b&rst=1705613123469&rpt=458&ec=1&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Verdicts & Comments Add Verdict or Comment

100 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

60 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.ad4m.at/cookie-frame.html	1970-01-20 18:30:05	Name: userId Value: 3l_x5jAAq0YeFQsbUefhw6FHmFnv5xf9
short-jambo.ink/	1969-12-31 23:59:59	Name: AppSession Value: 2314c2bd0d2f4a9c8ecd5ee5af839b45
short-jambo.ink/	1970-01-20 17:46:53	Name: refCFx1GV8K Value: M2YzNjIxZjMzMjk4MDZkMDM1YzJmNzk0MzBlZjAyYzMxOTU4NzIwYTg0M2VlYTdhODU5OGRkMTQ2MWZlMjliZndouVUFjWadLC3Pdi5Ej1MylvCEDf58nsBiBpSAB5am
forexone.alghtas.xyz/	1969-12-31 23:59:59	Name: PHPSESSID Value: 52ba87ff536f4a5558d539b2800860b5
.alghtas.xyz/	1970-01-21 03:08:29	Name: __gads Value: ID=b45d9001de90f8b4:T=1705613120:RT=1705613120:S=ALNI_MYeFOqUxruCno3-6epyE3vOLaeiFg
.alghtas.xyz/	1970-01-21 03:08:29	Name: __gpi Value: UID=00000d43e45f9dde:T=1705613120:RT=1705613120:S=ALNI_MZdvOxFKp-nh0SF3jdilxtedqnb0Q
.3lift.com/	1970-01-20 19:56:29	Name: tluid Value: 4387368995708801261187
.ctnsnet.com/	1970-01-21 02:32:29	Name: gid_CAESEGe2z5xjWouKPCbB5_rDwac Value: 1
.1rx.io/	1970-01-21 02:32:29	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-b602f861-db43-4b8f-ab75-6be300187185-003%22%7D
.csync.loopme.me/	1970-01-20 19:57:55	Name: viewer_token Value: 72985f67-0d94-46b6-93f3-2ef826fd1493
.targeting.unrulymedia.com/	1970-01-21 02:32:29	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-b602f861-db43-4b8f-ab75-6be300187185-003%22%7D
.blismedia.com/	1970-01-21 02:32:33	Name: b Value: 65A9974352DAFD57DBBEEB29BLIS
.adfarm1.adition.com/	1970-01-20 19:56:29	Name: UserID1 Value: 7325552582922533009
.casalemedia.com/	1970-01-21 02:32:29	Name: CMID Value: ZamXQ8kTC2CPqI4ALfC4TQAA
.casalemedia.com/	1970-01-20 19:56:29	Name: CMPS Value: 5190
.casalemedia.com/	1970-01-20 19:56:29	Name: CMPRO Value: 5190
.de17a.com/	1970-01-21 02:25:17	Name: guid Value: 1.7818370482252951864
pixel.rubiconproject.com/	1970-01-20 19:56:29	Name: receive-cookie-deprecation Value: 1
.ctnsnet.com/	1970-01-21 02:32:29	Name: cid Value: 394c3c1486ca4143b16c5389dc68a0be
.ctnsnet.com/	1970-01-21 02:32:29	Name: gid_CAESEERuGjBsDvuRcJkVPRqLHjQ Value: 1
.adform.net/	1970-01-20 18:31:31	Name: C Value: 1
.adform.net/	1970-01-20 19:13:17	Name: uid Value: 4086537888741452128
.quantserve.com/	1970-01-20 19:56:29	Name: d Value: EEUBCQH3KoEA
.quantserve.com/	1970-01-21 03:17:07	Name: mc Value: 65a99743-ad32a-c7706-9319d
.simpli.fi/	1970-01-21 02:33:55	Name: suid Value: F20DEAF8D8DC4AA0B83A8CC34A47602A
.doubleclick.net/	1970-01-21 03:08:29	Name: IDE Value: AHWqTUl8NV1RpHqKZceUCdOSz6u7JAwEwExpKfnHCLeEmNt5ew_0d3ChSSvlRvY-_M0
.everesttech.net/	1970-01-21 02:32:29	Name: everest_g_v2 Value: g_surferid~ZamXQwAPf3MzfwBd
.w55c.net/	1970-01-20 18:30:05	Name: matchgoogle Value: 5
.yahoo.com/	1970-01-21 02:32:50	Name: A3 Value: d=AQABBEOXqWUCEDKdvg_R8sgAjpfe2UgXuLAFEgEBAQHoqmWzZQAAAAAA_eMAAA&S=AQAAAov7vlX1M1AVXZHSwbj5vPQ
.w55c.net/	1970-01-21 03:18:33	Name: wfivefivec Value: 2ynU5oCP1RqzT55
.turn.com/	1970-01-20 22:06:05	Name: uid Value: 8476194596597037540
.lijit.com/	1970-01-21 02:32:29	Name: ljt_reader Value: IA5FAGZHC1Scwzr8SSeSqMQm
.tribalfusion.com/	1970-01-20 19:56:29	Name: ANON_ID Value: aPnt6ZawZcF1foXarpebwFTZafZdyrZbEJYD1k7fAY9KHe8RU3GUfkJpnUiIaZbZaToknEZaZamukarL4PNqZbrmUcIxITN3JEj7yC
t.adcell.com/	1970-01-20 17:51:12	Name: ADCELLvpid2945 Value: 164800-46690-oneid7QWSqfzf38crHXHgtAtBGMc4S1TQ8Eu2k1joneid__suite_Netmix_Reach118_EXTRAPUSH%23%23%23%23%40%40%40%401705613124
.doubleclick.net/	1970-01-20 22:06:05	Name: APC Value: AfxxVi4B0L16nkHiqpk1txLseL2-wpskmUbG2_D3maKhxTGPuCNNcA
.awin1.com/	1970-01-20 18:01:17	Name: awpv14063 Value: 412871\|1705613124\|1781ff00-b648-11ee-86b5-22356fe9f584
.awin1.com/	1970-01-20 17:51:12	Name: awpv11354 Value: 412871\|1705613124\|1781ff00-b648-11ee-9c4b-223173d2bc6e
.awin1.com/	1970-01-20 17:56:57	Name: awpv11420 Value: 412871\|1705613124\|17835e90-b648-11ee-8694-226555b1c0ac
.awin1.com/	1970-01-20 17:56:57	Name: awpv11938 Value: 412871\|1705613124\|178e0cf0-b648-11ee-94b4-2233c304522e
www.conrad.de/	1970-01-20 17:51:12	Name: HTLP_timestamp Value: 1705613124440
www.conrad.de/	1970-01-20 17:51:12	Name: CEAffHA Value: YD
.www.conrad.de/	1970-01-20 17:46:54	Name: __cf_bm Value: Qkj5zhPINnRZdy.NZEReSv2AHPHTTsQLmNIwpm8gW_8-1705613124-1-AfuIEDtsSFp79XrL5GjmyoL8821dCLntt+zhrTi8v3wr9clSG6rbpmIPi7eHN58BBLkuz4jM/9Onth1NWkg2GBY=
.freenet-mobilfunk.de/	1970-01-20 17:56:57	Name: VPCommission Value: 41006061
.freenet-mobilfunk.de/	1970-01-20 17:56:57	Name: eventid Value: 11420_412871_1705613124_17835e90-b648-11ee-8694-226555b1c0ac
.freenet-mobilfunk.de/	1970-01-20 17:56:57	Name: subvpid Value: 412871
.freenet-mobilfunk.de/	1970-01-20 17:46:54	Name: __cf_bm Value: KdUAYrU8sMYO191TAhH.eQHe.LnKwKljmZd7tbHDi60-1705613124-1-ARvTmPZgiEn1mXZkMDKqMFESRrJEd7brexHfaR20hl/38+eFf6ovx9se29tnIKFl3t0hDW5u1S+sO6PMgDlENUs=
.freenet-mobilfunk.de/	1969-12-31 23:59:59	Name: _cfuvid Value: DQlBZOw4.jwQ_wjWm4jCN1BP7psqFIK_7dJJPllEWL8-1705613124464-0-604800000
.awin1.com/	1970-01-20 17:47:57	Name: awpv11746 Value: 412871\|1705613124\|17911a30-b648-11ee-86b5-22356fe9f584
.congstar.de/	1970-01-20 17:57:01	Name: staticentry Value: %7B%22spfr%22%3A%22412871%22%2C%22awc%22%3A%2211938_412871_1705613124_178e0cf0-b648-11ee-94b4-2233c304522e%22%2C%22sp%22%3A%22awin%22%7D
.awin1.com/	1970-01-20 17:49:45	Name: awpv14702 Value: 412871\|1705613124\|17922ba0-b648-11ee-94b4-2233c304522e
.awin1.com/	1969-12-31 23:59:59	Name: AWSESS Value: 365825:2531885
www.eprimo.de/	1970-01-20 17:51:12	Name: upprPostView Value: {"hp":"8000001991","em_source":null,"emid":null,"puid":null,"pvid":"65a99744141e30d18afb40f5","lifetime":"2024-1-21 22:25:24"}
.blau.de/	1970-01-20 17:56:57	Name: nscT486 Value: v01MTQyMTExMzExMTExMTExMTEwMTQyMTI4MDAwMDAwMDA2MTcwNTYxMzEyNHZsZWExZGUyMDI0MDExODIyMjUyNDkyNDc2MzU2MzY3WDExMzc1MlYxMjI1MTMxMTA2TVN2aWV3b25laWRFamdTRGZFZjhZTVV6SEFIanQ0dDQ0YmZLU1ZUWXIzaEJnUTVvbmVpZF9fc3VpdGVfTmV0bWl4X1JlYWNoMTE4X0VYVFJBUFVTSDExMzc1Mg
.blau.de/	1970-01-20 17:56:57	Name: nscQ486 Value: V
.blau.de/	1970-01-20 17:56:57	Name: webShopPV Value: ?partnerId=BLU_AFF_POV_EXA_35008&mediacode=AFF_la_113752_-HTLP&utm_term=AFF_la_113752_-HTLP&utm_content=BLU_AFF_POV_EXA_35008&spid=2024011822252492476356367X113752V1225131106MSviewoneidEjgSDfEf8YMUzHAHjt4t44bfKSVTYr3hBgQ5oneid__suite_Netmix_Reach118_EXTRAPUSH&wfid=113752&affiliateId=v01MTQyMTExMzExMTExMTExMTEwMTQyMTI4MDAwMDAwMDA2MTcwNTYxMzEyNHZsZWExZGUyMDI0MDExODIyMjUyNDkyNDc2MzU2MzY3WDExMzc1MlYxMjI1MTMxMTA2T
.o2online.de/	1970-01-20 17:56:57	Name: nscT485 Value: v01MTQyMTExMzExMTExMTExMTEwMTQyMTI4MDAwMDAwMDA2MTcwNTYxMzEyNHZsZWExZGUyMDI0MDExODIyMjUyNDkyNDc2MzU2MzczWDEyMDIxMVYxMjI2MTMyNzAyTVN2aWV3b25laWRkRTdIRWZrZjh4OGNFSGpId3RFdGJicmZlUzRUNTlBVGdWbU1vbmVpZF9fc3VpdGVfTmV0bWl4X1JlYWNoMTE4X0VYVFJBUFVTSDEyMDIxMQ
.o2online.de/	1970-01-20 17:56:57	Name: nscQ485 Value: V
.o2online.de/	1970-01-20 17:56:57	Name: webShopPV Value: ?partnerId=O2_AFF_POV_EXA_15008&mediacode=AFF_la_120211_-HTLP&utm_term=AFF_la_120211_-HTLP&utm_content=O2_AFF_POV_EXA_15008&spid=2024011822252492476356373X120211V1226132702MSviewoneiddE7HEfkf8x8cEHjHwtEtbbrfeS4T59ATgVmMoneid__suite_Netmix_Reach118_EXTRAPUSH&wfid=120211&affiliateId=v01MTQyMTExMzExMTExMTExMTEwMTQyMTI4MDAwMDAwMDA2MTcwNTYxMzEyNHZsZWExZGUyMDI0MDExODIyMjUyNDkyNDc2MzU2MzczWDEyMDIxMVYxMjI2MTMyNzAyT
www.guenther.de/	1970-01-21 02:32:29	Name: awin_awc Value: 14063_412871_1705613124_1781ff00-b648-11ee-86b5-22356fe9f584
www.guenther.de/	1969-12-31 23:59:59	Name: PHPSESSID Value: 0mm0ojtriufsp52qg9vae6nchu

29 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	URL: https://forexone.alghtas.xyz/50-pips-a-day-forex-strategy/(Line 99) Message: Mixed Content: The page at 'https://forexone.alghtas.xyz/50-pips-a-day-forex-strategy/' was loaded over HTTPS, but requested an insecure element 'http://lh3.ggpht.com/_beEpWOXwLJE/TIb57Lu4fwI/AAAAAAAABE0/q7niFVRbyNE/top-toolbar.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
network	error	URL: https://lh3.ggpht.com/_beEpWOXwLJE/TIb57Lu4fwI/AAAAAAAABE0/q7niFVRbyNE/top-toolbar.jpg Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://lh3.ggpht.com/_beEpWOXwLJE/TIb57Lu4fwI/AAAAAAAABE0/q7niFVRbyNE/top-toolbar.jpg Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401160101/pubads_impl.js?cb=31080488(Line 9) Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://lh3.ggpht.com/_beEpWOXwLJE/TIb57Lu4fwI/AAAAAAAABE0/q7niFVRbyNE/top-toolbar.jpg Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://lh3.ggpht.com/_beEpWOXwLJE/TIb57Lu4fwI/AAAAAAAABE0/q7niFVRbyNE/top-toolbar.jpg Message: Failed to load resource: the server responded with a status of 404 ()
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'web-share'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'web-share'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'web-share'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'web-share'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'web-share'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'web-share'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'web-share'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'web-share'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'web-share'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'web-share'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'web-share'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'web-share'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'web-share'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'web-share'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'web-share'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'web-share'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'web-share'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'web-share'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'web-share'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'web-share'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'web-share'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'web-share'.
other	warning	URL: https://netzwerk.uppr.de/trck/epv/af4ff75e9ff0f691fd8dd53e639ddaad?subid=oneid13mUbfKf2Ama9HdH9tAt2zmS2SKTGRWHx7droneid__suite_Netmix_Reach118_EXTRAPUSH&gdpr_consent=&gdpr=0&gdpr_pd=0 Message: Origin trial controlled feature not enabled: 'attribution-reporting'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.tribalfusion.com
ad.doubleclick.net
ad.turn.com
ad4m.at
analytics.webgains.io
ap.lijit.com
api.webgains.io
as.ad4m.at
assets.ad4m.at
banner.congstar.de
c1.adform.net
cdn.ampproject.org
cdn.track.production.webgains.team
cdnjs.cloudflare.com
cm.g.doubleclick.net
cms.quantserve.com
code.jquery.com
csync.loopme.me
dclk-match.dotomi.com
dis.criteo.com
dsp.adfarm1.adition.com
e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com
eb2.3lift.com
fonts.googleapis.com
fonts.gstatic.com
forexone.alghtas.xyz
gcm.ctnsnet.com
ht.uppr.de
image6.pubmatic.com
k.top4top.io
lh3.ggpht.com
match.360yield.com
match.adsrvr.org
netzwerk.uppr.de
onetag-sys.com
pagead2.googlesyndication.com
partner.blau.de
partner.o2online.de
pixel.rubiconproject.com
pm.w55c.net
pr-bh.ybp.yahoo.com
prod-rtb.ad4mat.net
pvx.freenet-mobilfunk.de
r.turn.com
rtb.openx.net
s.ad.smaato.net
s.tribalfusion.com
securepubads.g.doubleclick.net
short-jambo.ink
ssbsync.smartadserver.com
ssum-sec.casalemedia.com
stackpath.bootstrapcdn.com
static-de.ad4mat.net
sync-tm.everesttech.net
sync.1rx.io
sync.targeting.unrulymedia.com
t.adcell.com
tpc.googlesyndication.com
tr.blismedia.com
track.webgains.com
um.simpli.fi
unpkg.com
www.awin1.com
www.conrad.de
www.eprimo.de
www.google.com
www.googletagservices.com
www.guenther.de
www.lead-alliance.net
www.telefonica-partner.de
x.bidswitch.net
a.tribalfusion.com
as.ad4m.at
assets.ad4m.at
cm.g.doubleclick.net
e2d881dde60082c9bbe951d6e114b010.safeframe.googlesyndication.com
pagead2.googlesyndication.com
prod-rtb.ad4mat.net
securepubads.g.doubleclick.net
108.157.4.61
13.248.245.213
142.250.184.193
142.250.184.198
142.250.186.34
147.135.143.66
151.101.66.49
167.233.13.224
172.64.151.101
178.250.1.9
18.132.128.129
18.134.214.132
18.192.16.65
18.239.50.21
184.94.215.169
185.64.190.78
2001:678:cb4:bbbb::11
23.199.221.167
2600:1901:0:76b9::
2600:9000:224a:3600:1b:5138:8a40:93a1
2606:4700:20::681a:ad1
2606:4700:20::ac43:444e
2606:4700:20::ac43:4a81
2606:4700:4400::ac40:9b32
2606:4700::6810:7daf
2606:4700::6811:180e
2606:4700::6812:19ad
2606:4700::6812:bcf
2606:4700::6813:afbe
2620:116:800d:21:de2e:c7b3:55c0:d5a0
2a00:1450:4001:802::2001
2a00:1450:4001:80f::2001
2a00:1450:4001:811::2004
2a00:1450:4001:81c::2002
2a00:1450:4001:828::2002
2a00:1450:4001:828::2003
2a00:1450:4001:82a::200a
2a00:1450:4001:82f::2001
2a00:1450:4001:82f::2002
2a02:cb40:200::242
2a02:fa8:8806:13::1400
2a04:4e42:200::649
2a05:d018:d29:3602:cc6c:4f79:2b51:3805
2a06:98c1:3121::3
3.254.35.3
3.73.69.41
34.249.157.147
34.96.105.8
35.186.193.173
35.186.253.211
35.204.158.49
35.214.180.228
35.71.131.137
37.157.3.20
37.208.110.235
46.228.174.117
51.75.86.98
52.58.114.78
54.37.204.178
65.21.235.194
69.173.144.139
84.200.5.215
85.114.159.93
87.118.116.9
89.149.192.197
02aa8e2c96f3808f0736a2baf18cd71097138935b353651f7730ee535910eaab
048494d3c4633e329acd8bd73e74677965c75e3fd8d98919979e215d1ff5a830
0608f1a7ef6606a2cfffc069a4dbfac115530a028c34f41fdee74025a8e041ee
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
082fb646931996346c1cf52c2aaf259e7de1812a11d706b2adc16469e0dc3413
098e6dc516d5b171a1bf126adf3b8e8510746bac17f477f73a6310587e4ab9e8
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bd70411051c47d7bc01d3c9cef56c5da750ed204196b287ee314b14bef36163
0db16c25165bfd35ea9114187f3e97d7084a33135cb56fe276f6cdd2ab675647
0ddb732921760d11a169c7193ae1421bbde3a687eef1ed89c2c0fcf175e6e869
1126261762db36bce53560ac36f5ede1954662d33a6d6eeb62d84b715070e7bc
13573dbb7ddf1d67a79d4cfaa8ed8b0cf64a3ec293c07131fe467ac3cc2070c3
161dbcdd15428f53d15f17708d5e44c86fc992b02f41d8d521672cf2128e3d10
178cd4cb75c3eee317ae35456a36896c4e25895f8dceb64ec25548bba04b6d81
1b4e2c3b84fe75916b109ac323d0eb39e3881a892f7b7a21970a0cb9e694b3d7
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944
1d1350543f8418a32e0683401e8be6de68568a96ffa6346dfd7c88f3dbcae111
1d13cfeb68d1dd40526d00e29dfa3eaf1c163ad2ac341fe4dc61a3b01c5b1311
2074a344a2a3deaff53edddcdac1961e6502cbf070e67e7284a87d096c994b0e
256b1f1fccbf05b1e87fc637ace69ff9e3e5e840bd03c9e0068e93fdb2525edc
2754a78255bc79d5254c2d7ace586e215c20635a72992e7cdf75556c2c565c81
28d80556a8acc2a4e451869185dbb67d7fb9f5cb5604b53c97570f408d749b18
291ad59350731069a43cb924ae03eba4174c9157dbb1434679298877141e1fbb
2c213c6af5e6b1cacdf2ef6964af8ede5654366f50f7d7c5de0e3184f45946c2
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2f00e84069daffb35ce96c52c2d1e01863755b0428f5f292a5e63ba33d5868a6
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
3331a0486cb3e8a75c8c2fdf02bf80fd8fe2b811dfe5c7b4aa892d38bfcf604a
35f50e3bc213d7b1619bdee53fb7370ba3082030bfe0cbeebf1ff8ffe39260ac
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
37c813e5c95a107d3992c300f1b03a488e70570166eb45687fedab8d1f3b6c7b
3a035c080974644fa259d9445e1af9dbcd44985aa1021a7363ff950dd9042597
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
3dd5bb9fda081a3cb1bd6d513edb1a71746031bec07d8c646abe5813ba9dd4c4
40803f6727061b25fdffeca62b391f51e86f4656ec71f6748e70adb24e4ef2a7
40df2b78182e4ea8c29b45c73a0e7bef10dc5ab61798ce22238d039d2bd81b92
41b7634da95f59f9dc2d90f9c88296919cfe305be283d069a526dd5abe86234e
4275ee4b58a39dcbd59ebeb2c806cb7afc45bde82e90daf14808b64702ad40b7
430681306eafa87904d1712cc6f0a0365d5264e929c81c7d34f16c639752fc55
453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22
4655a18b5bf12b5b4a64385faa037b6505df07961fa44457c99f00789e58a3d0
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
4803fb9ad425e3d59451441ac6a7c901a4392f78f7732f07aa2a5292503460bb
483600dac45a0560e87d8f10fc182b124b03b97a18a0eca2aa0ad0e83a60b9fa
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
48c851642ddc61a2093c2445e17251c1b7465d979185267312ddc5b496828813
4b1199f6a41bb0360e68313cdf311db55f1b991ed990ccc6948f0b36cb319944
4d458a5a8a0a9f0d5b5ac8020f47e4ede140c76b6237318b86a5c3afa38c9ab0
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230
50bd0eae9d0f653d9d5754141d9c0920f9854a350ddbd7b6033ae2f3defc9719
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
550bd676776eb6066ff0e70ceef5deadd10a64646530a69eaa475d623755044a
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5ac7aebda51f2557584ca302719b79e692445bf8a19e4941403e4f50c51d2e9e
5c6a31c295e712e8e9e0875189171f743c70a2da3d2b3f975ed577844698fc5f
5c8aaf3a0a4a9840eef8109904bf9d8ca3cf0933567fc63c82f239b7bd344ce3
5ca4b5260e5b7a45b242e3c117e96451cb1d43563baee057f0d609548a112db7
5f5a0db09b2c7d59fce00d749f6b857d80edafcca6897c038c5b77fb942f1393
60b19e5da6a9234ff9220668a5ec1125c157a268513256188ee80f2d2c8d8d36
60bf02832688d14251ec1c7b8acfda233a91f927f26c7202bdaba781a1f0fcdf
61014388004a3cc2e5629a70f509ede40cd31850c7939d7d7c27aa6776d4e944
6104d0783c071235a2a03ca73bf6ec082544b8fb8a6bbff401526185903d2a70
613603afe8c5203c59d7f9df1cbac87109df7ffdf245fd20becfa6bd95b92155
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62b8ebbefeed3d193f39cd2923b9ae9f5c1371f660962acc238dfba43ffafe55
68b2587e73b69f13ea9ba495d677fb30d13d1e856e397362214bdcb3e784c750
698b89c0da3d319754d6a837b5e6d4e6a42dc402d9ffd7559b8c4cb29c644340
69c32d8650b1e5f0bcb76d787972b68a1ba327ea5bd8da7ab8ca1a04336735c0
69c7c279db33f11857ec10fc2748e965d47d011f7df6ffc9a53d9da7ab25df6f
6abe94c8db415593d42b093301152b1e9c727364c2b5ed05b5ca2f163d8aa747
6cafb0d1bfff644a5a128db7c816c597d42ef730b0f5a30af6d0e4bed4dd5ec3
6ea0709e076a8dd6569a1d148aabce6669d3bb30087be54fd8368ac1293bd771
7508b103c9922511dfd5371763b291290112b7b1dbdfbbeafc0fe674e345d752
7bf41835f02697343889bbdf639c3332105a1fcaf064fd55025d16ac1f64efb1
7c73078a13c886962bb3111e88db6906e6ce61ba2c58b599d6689c6cf9debe3a
7c735610034ba963fcf6d8f6eeff2e6ac16c7d610661c7321ffed9c74172b8c3
7df956c080a1bb3ed36decdc5b978505ddf07aa8d4b1b69e6ded3a9773464a2b
7e510e61c497d334da21eccda06df5d3a428c9ea94d6903b6138e7c7255aba0f
7f53f1095aaab8368e4f9ab56be883a5c706dee5d734fd384884c8e3fa6c69ee
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
80e7bfe2aaa1b8be1ff5792cf190eb4b9e7d922240eea9ccc0a835b2bbde9f56
80f50929d3405fe521ed603dc6bb8fae7967b1cc0c527d07f9e1f32cd1e54d35
8379dad3533a173c1a5b6ceb8e4da35e6fb5d015b753e32eab9b89023dce8412
8607174d3d088f052b51d21b06563c07c25228386b8b8a9e3cd8bcc2bd3a959b
8709e26d61bab50cdc652883fa5428c94fd2a23b41deed8901c12902da97355a
87664d848161d3a5bf83a511f4f483dc05e8472d06aedd5111488d267af298bb
87cecba5a042d5cbdadc113c4d8401dd30cb8d6dbc3e5f8140d68f7e6a859864
87d0438995fd444c364e48bf9cc31a8183d65144af870e4f6930f15f215aca0c
89963638c07564b104ce9c9a6292bb49dfb771440c883aee86f97701dae23c90
8be82f349b2994d7f0ed7fcba5e50ffb8a960f135e513b34730af4578cab9883
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8dc0b8445f80ad134748d7c83953db4326302247a34ba6fa2239b61836930842
8eb063dd5efc39b1b3492ea35f77a7fa157fbdbd8ef1dcbeb885d9349066f3c4
91f0d9d88416091ea5abea9e8b75e2de54f565a9e72a080b4265de8f5d2549b7
9341de86e937a45a93d5120d0a9d94cdfdbfcbd2e4da2a1c529fdc69d6b4d2e0
9480d3a99e72b762ee44a42e38dc37cd13b48e3551827e7b07140aa076be8761
94aa7bf7f0d9660bb348ed4ed7faaa42c63f1a40f591dab32ce5046765df3615
961b940c831253cc6e4f3fb7d3f3e005529914982dbbe93d4d7597ba6e34205b
9a4eb2c9445287c34cb0a9ed5cc673460362483f0855bc91f8230dfa46a955e1
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9ae3783ba2167285a8cf896a541a47627ae4a0d79df8557c39ad9e2d1fd4c0d2
9c75069ef64946c381aaf8e3c28175a55e6fb860c5250fe53f6010cbbfe3be58
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a7593f23d5c06e008d1a30e09bba6a4b76e7fb5086976214fcebc483ae4caf54
a8be01a70682675269c526a5567af7e03adf127ae3e7a8ce81c04dac2f7c77e5
adc779f9d8966bb3812b50257f14100924bd44c463b41eb43e8eb8a2195fb335
b12499da5db19098d013673189451de343583c60be315696dabbe3c0bf224543
b1e0b042c6687b43b8b198a8df0cc2ac9b579a336577c152a992bef6d9c37f25
b2c78c910f5ea29e3a9d223dabc203c055c8708b1fe7d83788b490638126db4d
b3222bfa95a46c6088aadf2d56df60205dc04d967114a8d3c0e530152bff291a
b3d1b1603ea0679f35d5e1007a9b2dd2aea06f71a7a693f4d75e446bbfb703b6
b5cbed9147f88e081848cdd63a0791004ad19c85d075033508db726df783c558
bbacc461bccfcae3096c7ece3b43a0c0ff67bf64d6b244da0df6dd9e4c49c606
c05c54aa15d874022336a592693c3e3cc6aea79a86a50bd03193ec4aaf1f9e93
c1a5a879bb4f56f45ca19792d673c18b56560823ab43b5d1d779e287f740dd2e
c3c96cceafde14a4669c2114ee0d10bce6ec0163064151a98824a2575d97eaf7
c50cef0534fcc9f901046ad6c0dffe00209ffbe4319e019fb960a262a6b2ec71
c5165d0c249f0306e973f02db6a59d8d85df824dab702001bda8af66ba5a7bd4
c57e30f3e3440754bfd9c14304db0781d0d1226d5a3b093a4ed015f5007d5c62
c7e76d44c88e8c172f66eb413a359494fdc7569ebac417ac2de0c2a232152dd8
c7f7f5265aeb0202ce88e8a6dfcc0ca25a7b990bb9ffac2f9e430ae6af2b6154
c90cff659645a312a28804965f3dbc34061338f7234ff5d6ddb2c57e9eadec15
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
c9db74dade6c6ed3f40fccc1c9353e1f00eaf20f3868171730e7d1c9b92848cb
ca848bb459064d2d0a527bd0840ec4cbdea5545ab07b8dc7ebb61c8d0cb1a954
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
cfafc84f4234da01095679999f4d9d76c22815a0f377c581cdc8873df2847a1c
d276da068fea1049fbb29d0aaeda5b9fa8a38e50b3f55741ffe2899cd52e6d5d
d41dc07aed30cb54de661289691254b1288a52bcf4d121cec3acb89d4aa872a8
d450ff9965bc91994f26a82ea0b7da511502480b1e7e655985396afeaac8aefb
d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae
d5ef37381138e5c82aba1b09a5e9cb76a193c998e80f09e9ec9cdb8c0eac8e17
d65c87fba6ed88b60faae41c5eb5cba21bece1bdc39956222630500b964c6621
d68009b85b0825d61312d677ad178f16343111eeaf768aac7ad3293540ee0438
d87ddf917b7a1449ab45e2b8e3c98354629bdd65b6659c37e6023bbea1ce1386
d978f3bea3c4b7f772b7a2a66fe1af0d86e36939148993ca8cd9f4c3fbc937bb
d9d687403a888b690e8483af6169d3de1f0f052396edf8fc25078eae056e6180
dc689ad2e054fda57bdeeb437a437964bc6617d91160a9c80d9de443c8519007
dd0e2d6e571ef909917095b234a8983e8314a4bd86d3cd49fd9cff813edc4641
e0549bbfafcffd0f0fd35559311be2a9729ad73e67c8fdb675522d37feac404f
e174a58a503ab84b3d1b9de12fd3895788204485170f1289e445f7b5b98ec789
e36351759989c37551782cb35d881b6a420c5599c0131fce8a6865b165a68ca9
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e43eb209e812b75c5ee9d22299521c3978339abea3a64a269bb608e053db8bc9
e4c1ac1513adc273cad8f8c65f367b6fe70a779c9e267999e332be8bd3169f69
e4efcd6ec7d1fc476d9d3f43480ec9fb2b37ebcca255edefd2cfad8d2a96c27a
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e708b56e8195853ece5240160435d3e93af08262242af41d49e5ad80c728ec40
e7af9d60d875eb1c1b1037bbbfdec41fcb096d0ebcf98a48717ad8b07906ced6
e81e6b638202bbdf9e2ebe46b4137db06f58c43baa9f35b3e79d98108001a212
e9782305ac1ac2c9e43f214662ce6690d3faab48560614ee888e6caed88cc913
ebe7e3fa4af0973deaed13873a8c9949bfb7483d7ee021876f20168a7655ac33
ebe9efa390e2f7209615be555c6b9284ec76bd57815bc18079cc91dd4909afa8
ecd80aec7efa6bebc787c571235a0572c88bf0eb0f6878b3829a817c46eb9751
edf1f567fd0e29d5899e287541a1623601c1b33cea621dbe80eaefbbaea28ff1
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f07cc098907fa64c4d6fd736ed406668edf93905ff6b038470cdd544f675bc29
f1065ec598bc710a1f1207875c7ca55fc36320df50754bdf3b5c10a1fbf23560
f121a336589baa8e4e36ff8e08c70847b57ad8545b693a2e4e96a0fbda38e42a
f2059abd62958a07b415390e21f5036e2bb0e868d822d2604b1a376266476597
f3b100ec03aa4567ac9bba5b48b0d14b29801960b01518f8033d671ccd9d20b2
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f69ebf9ca7ae850e32198a052f55963edf2902c4c59db49df9bfa7a00e1cbca3
f6f7ad1d4aeb7ade3d0da90e6dfa419b365be9ad3827b069df4d0c8ca88f4a54
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
f91e10a47eee634aa17de5148caac8619aa13b76bcd09ed5798d02ab2c1e4e53
fa0a218b0597543ce5a78b7cbbd35b81570c1561ca15e57db9270ee08ab0d49a
febaf4a1ace567d9e1c2a64b9721eaa47cb418db39c8869b38ecd480bdfde322
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e
ff5706156b937966c47a52d5873c07cf075bc1776be002f5d1ed8a176776a286
ff7ed3172bf6f2983b2bf16cfae48c6967d821d9732df677ccad185dfc6a399c

forexone.alghtas.xyz Open in urlscan Pro 2a06:98c1:3121::3 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

455 Requests

84 %HTTPS

42 %IPv6

60 Domains

71 Subdomains

50 IPs

10 Countries

4356 kBTransfer

12445 kBSize

60 Cookies

1 Outgoing links

Page URL History

Redirected requests

455 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 17 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

forexone.alghtas.xyz Open in urlscan Pro
2a06:98c1:3121::3 Public Scan

Screenshot
Live screenshot

Full Image

455
Requests

84 %
HTTPS

42 %
IPv6

60
Domains

71
Subdomains

50
IPs

10
Countries

4356 kB
Transfer

12445 kB
Size

60
Cookies

455 HTTP transactions
17 data transactions