hornex.pro Open in urlscan Pro
2606:4700:20::681a:d82 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://hornex.pro/
Effective URL:
https://hornex.pro/
Submission: On December 11 via api (December 11th 2023, 11:56:20 am UTC) from US — Scanned from DE

Summary HTTP 127 Redirects Behaviour Indicators

Summary

This website contacted 55 IPs in 8 countries across 47 domains to perform 127 HTTP transactions. The main IP is 2606:4700:20::681a:d82, located in United States and belongs to CLOUDFLARENET, US. The main domain is hornex.pro.
TLS certificate: Issued by E1 on October 16th 2023. Valid for: 3 months.

This is the only time hornex.pro was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2606:4700:20:... 2606:4700:20::681a:c82	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2606:4700:20:... 2606:4700:20::681a:d82	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:82f::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::2008	15169 (GOOGLE) (GOOGLE)
2	2606:4700:20:... 2606:4700:20::681a:2e8	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:811::2016	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:812::2003	15169 (GOOGLE) (GOOGLE)
1	2606:4700:20:... 2606:4700:20::ac43:45e2	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6812:1791	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700::68... 2606:4700::6810:5714	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:813::200a	15169 (GOOGLE) (GOOGLE)
1	2606:4700:10:... 2606:4700:10::6816:4bd8	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	130.211.23.194 130.211.23.194	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	2606:4700:20:... 2606:4700:20::681a:246	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	142.250.181.230 142.250.181.230	15169 (GOOGLE) (GOOGLE)
2	34.95.69.49 34.95.69.49	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	2606:4700:20:... 2606:4700:20::681a:8a9	13335 (CLOUDFLAR...) (CLOUDFLARENET)
9	104.18.43.178 104.18.43.178	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2602:803:c003... 2602:803:c003:200::21	26667 (RUBICONPR...) (RUBICONPROJECT)
1 6	185.89.210.82 185.89.210.82	29990 (ASN-APPNEX) (ASN-APPNEX)
1 4	51.89.9.251 51.89.9.251	16276 (OVH) (OVH)
1	34.102.146.192 34.102.146.192	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2a02:2638:3::3 2a02:2638:3::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2606:4700:10:... 2606:4700:10::6816:3556	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	34.96.70.87 34.96.70.87	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	65.9.66.68 65.9.66.68	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:225... 2600:9000:2250:a200:a:e047:753:a221	16509 (AMAZON-02) (AMAZON-02)
1	52.212.5.247 52.212.5.247	16509 (AMAZON-02) (AMAZON-02)
1 3	2a02:2638:3::c 2a02:2638:3::c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	162.19.138.82 162.19.138.82	16276 (OVH) (OVH)
1 2	34.120.135.53 34.120.135.53	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
7	2a00:1450:400... 2a00:1450:4001:82f::2001	15169 (GOOGLE) (GOOGLE)
1	151.101.1.108 151.101.1.108	54113 (FASTLY) (FASTLY)
2	104.84.57.247 104.84.57.247	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2606:4700::68... 2606:4700::6810:3965	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
11	2a00:1450:400... 2a00:1450:4001:806::2002	15169 (GOOGLE) (GOOGLE)
3 5	172.64.151.101 172.64.151.101	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
13	2a00:1450:400... 2a00:1450:4001:827::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:811::2006	15169 (GOOGLE) (GOOGLE)
1 1	20.127.253.7 20.127.253.7	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
3 4	142.250.184.194 142.250.184.194	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:813::2004	15169 (GOOGLE) (GOOGLE)
1	2a02:fa8:8806... 2a02:fa8:8806:21::1690	41041 (VCLK-EU-SE) (VCLK-EU-SE)
1	54.246.157.113 54.246.157.113	16509 (AMAZON-02) (AMAZON-02)
1	23.53.232.23 23.53.232.23	16625 (AKAMAI-AS) (AKAMAI-AS)
1	3.71.149.231 3.71.149.231	16509 (AMAZON-02) (AMAZON-02)
1	18.196.74.146 18.196.74.146	16509 (AMAZON-02) (AMAZON-02)
1	54.246.168.82 54.246.168.82	16509 (AMAZON-02) (AMAZON-02)
1 1	81.17.55.109 81.17.55.109	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
1	168.119.146.39 168.119.146.39	24940 (HETZNER-AS) (HETZNER-AS)
2 2	52.210.96.209 52.210.96.209	16509 (AMAZON-02) (AMAZON-02)
1	46.228.174.117 46.228.174.117	56396 (AMOBEE) (AMOBEE)
127	55

1 2606:4700:20::681a:c82 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

hornex.pro	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:20::681a:d82 (United States)

ASN13335 (CLOUDFLARENET, US)

hornex.pro	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
stats.hornex.pro	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::681a:2e8 (United States)

ASN13335 (CLOUDFLARENET, US)

api.adinplay.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2016 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

i.ytimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::ac43:45e2 (United States)

ASN13335 (CLOUDFLARENET, US)

ipapi.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:1791 (United States)

ASN13335 (CLOUDFLARENET, US)

cadmus.script.ac	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:5714 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:4bd8 (United States)

ASN13335 (CLOUDFLARENET, US)

btloader.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 130.211.23.194 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 194.23.211.130.bc.googleusercontent.com

api.btloader.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::681a:246 (United States)

ASN13335 (CLOUDFLARENET, US)

ad-delivery.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.181.230 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.95.69.49 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 49.69.95.34.bc.googleusercontent.com

i.clean.gg	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::681a:8a9 (United States)

ASN13335 (CLOUDFLARENET, US)

script.4dex.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 104.18.43.178 (None, )

ASN13335 (CLOUDFLARENET, US)

elb.the-ozone-project.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2602:803:c003:200::21 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 185.89.210.82 (Frankfurt am Main, Germany) 1 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 51.89.9.251 (London, United Kingdom) 1 redirects

ASN16276 (OVH, FR)
PTR: ip251.ip-51-89-9.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.102.146.192 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 192.146.102.34.bc.googleusercontent.com

oa.openxcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:3::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:3556 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.96.70.87 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 87.70.96.34.bc.googleusercontent.com

invstatic101.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.66.68 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-68.fra56.r.cloudfront.net

tags.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2250:a200:a:e047:753:a221 (United States)

ASN16509 (AMAZON-02, US)

cdn.prod.uidapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.212.5.247 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-212-5-247.eu-west-1.compute.amazonaws.com

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:2638:3::c (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 162.19.138.82 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: ns31532337.ip-162-19-138.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.120.135.53 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 53.135.120.34.bc.googleusercontent.com

oajs.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:82f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

f6f4a0d07256345d3fd02984b368e884.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.1.108 (United States)

ASN54113 (FASTLY, US)

acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.84.57.247 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-84-57-247.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:3965 (United States)

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 172.64.151.101 (United States) 3 redirects

ASN13335 (CLOUDFLARENET, US)

ssum.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com

google-bidout-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:827::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 20.127.253.7 (Tappahannock, United States) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

sync.inmobi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.184.194 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:fa8:8806:21::1690 (Singapore)

ASN41041 (VCLK-EU-SE, US)

prebid-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.246.157.113 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-246-157-113.eu-west-1.compute.amazonaws.com

pbs-cs.yellowblue.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.53.232.23 (Düsseldorf, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-53-232-23.deploy.static.akamaitechnologies.com

hbx.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.71.149.231 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-71-149-231.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.196.74.146 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-196-74-146.eu-central-1.compute.amazonaws.com

crb.kargo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.246.168.82 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-246-168-82.eu-west-1.compute.amazonaws.com

ad2.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 81.17.55.109 (Netherlands) 1 redirects

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

ssbsync-global.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 168.119.146.39 (Berlin, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.39.146.119.168.clients.your-server.de

sync.richaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.210.96.209 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-210-96-209.eu-west-1.compute.amazonaws.com

match.prod.bidr.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 46.228.174.117 (United Kingdom)

ASN56396 (AMOBEE, GB)

usermatch.targeting.unrulymedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
26	googlesyndication.com f6f4a0d07256345d3fd02984b368e884.safeframe.googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 102 tpc.googlesyndication.com — Cisco Umbrella Rank: 148	148 KB
13	doubleclick.net 3 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 196 ad.doubleclick.net — Cisco Umbrella Rank: 139 googleads.g.doubleclick.net — Cisco Umbrella Rank: 33 cm.g.doubleclick.net — Cisco Umbrella Rank: 219	226 KB
9	the-ozone-project.com elb.the-ozone-project.com — Cisco Umbrella Rank: 4765	12 KB
8	btloader.com btloader.com — Cisco Umbrella Rank: 931 api.btloader.com — Cisco Umbrella Rank: 1000	24 KB
7	adnxs.com 1 redirects ib.adnxs.com — Cisco Umbrella Rank: 229 acdn.adnxs.com — Cisco Umbrella Rank: 610	26 KB
5	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 428	104 KB
5	casalemedia.com 3 redirects ssum.casalemedia.com — Cisco Umbrella Rank: 1351 dsum-sec.casalemedia.com — Cisco Umbrella Rank: 578	3 KB
5	rubiconproject.com fastlane.rubiconproject.com — Cisco Umbrella Rank: 537 eus.rubiconproject.com — Cisco Umbrella Rank: 588 token.rubiconproject.com — Cisco Umbrella Rank: 461	16 KB
5	hornex.pro 1 redirects hornex.pro stats.hornex.pro	166 KB
4	onetag-sys.com 1 redirects onetag-sys.com — Cisco Umbrella Rank: 714	1010 B
3	openx.net 1 redirects oajs.openx.net — Cisco Umbrella Rank: 1639 google-bidout-d.openx.net — Cisco Umbrella Rank: 1643	652 B
3	criteo.com 1 redirects gum.criteo.com — Cisco Umbrella Rank: 424 mug.criteo.com — Cisco Umbrella Rank: 2811	7 KB
3	id5-sync.com cdn.id5-sync.com — Cisco Umbrella Rank: 893 id5-sync.com — Cisco Umbrella Rank: 425	35 KB
3	gstatic.com fonts.gstatic.com	47 KB
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 29 imasdk.googleapis.com — Cisco Umbrella Rank: 487	128 KB
2	bidr.io 2 redirects match.prod.bidr.io — Cisco Umbrella Rank: 563	1 KB
2	crwdcntrl.net tags.crwdcntrl.net — Cisco Umbrella Rank: 979 bcp.crwdcntrl.net — Cisco Umbrella Rank: 850	12 KB
2	4dex.io script.4dex.io — Cisco Umbrella Rank: 1628	25 KB
2	clean.gg i.clean.gg — Cisco Umbrella Rank: 1053	104 B
2	ad-delivery.net ad-delivery.net — Cisco Umbrella Rank: 1018	1 KB
2	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 313	3 KB
2	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 2189	304 B
2	adinplay.com api.adinplay.com — Cisco Umbrella Rank: 15619	195 KB
1	unrulymedia.com usermatch.targeting.unrulymedia.com — Cisco Umbrella Rank: 4341
1	richaudience.com sync.richaudience.com — Cisco Umbrella Rank: 1727
1	smartadserver.com 1 redirects ssbsync-global.smartadserver.com — Cisco Umbrella Rank: 1332	209 B
1	360yield.com ad2.360yield.com — Cisco Umbrella Rank: 11022	199 B
1	kargo.com crb.kargo.com — Cisco Umbrella Rank: 910	375 B
1	yahoo.com ups.analytics.yahoo.com — Cisco Umbrella Rank: 307	125 B
1	media.net hbx.media.net — Cisco Umbrella Rank: 1215	315 B
1	yellowblue.io pbs-cs.yellowblue.io — Cisco Umbrella Rank: 5403	372 B
1	dotomi.com prebid-match.dotomi.com — Cisco Umbrella Rank: 1982	104 B
1	google.com www.google.com — Cisco Umbrella Rank: 2	1 KB
1	inmobi.com 1 redirects sync.inmobi.com — Cisco Umbrella Rank: 1442	674 B
1	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 300	105 KB
1	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 206	64 KB
1	cloudflareinsights.com static.cloudflareinsights.com — Cisco Umbrella Rank: 864	7 KB
1	uidapi.com cdn.prod.uidapi.com — Cisco Umbrella Rank: 2789	3 KB
1	creativecdn.com invstatic101.creativecdn.com — Cisco Umbrella Rank: 2133	1 KB
1	criteo.net static.criteo.net — Cisco Umbrella Rank: 631	13 KB
1	openxcdn.net oa.openxcdn.net — Cisco Umbrella Rank: 1740	8 KB
1	script.ac cadmus.script.ac — Cisco Umbrella Rank: 1814	46 KB
1	ipapi.co ipapi.co — Cisco Umbrella Rank: 15570	905 B
1	ytimg.com i.ytimg.com — Cisco Umbrella Rank: 89	38 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 36	91 KB
0	servenobid.com Failed ads.servenobid.com — Cisco Umbrella Rank: 2371 Failed
0	workers.dev Failed country.adinplay-venatus.workers.dev Failed
127	47

	Domain	Requested by
13	tpc.googlesyndication.com	cadmus.script.ac hornex.pro f6f4a0d07256345d3fd02984b368e884.safeframe.googlesyndication.com
11	pagead2.googlesyndication.com	securepubads.g.doubleclick.net hornex.pro f6f4a0d07256345d3fd02984b368e884.safeframe.googlesyndication.com tpc.googlesyndication.com
9	elb.the-ozone-project.com	api.adinplay.com cadmus.script.ac elb.the-ozone-project.com static.cloudflareinsights.com
7	api.btloader.com	btloader.com cadmus.script.ac
6	ib.adnxs.com	1 redirects api.adinplay.com acdn.adnxs.com googleads.g.doubleclick.net
5	cdn.ampproject.org	cadmus.script.ac
5	securepubads.g.doubleclick.net	api.adinplay.com cadmus.script.ac
4	cm.g.doubleclick.net	3 redirects googleads.g.doubleclick.net
4	onetag-sys.com	1 redirects api.adinplay.com cadmus.script.ac
4	hornex.pro	1 redirects hornex.pro
3	dsum-sec.casalemedia.com	1 redirects googleads.g.doubleclick.net
3	ad.doubleclick.net	hornex.pro
3	fonts.gstatic.com	fonts.googleapis.com
2	match.prod.bidr.io	2 redirects
2	ssum.casalemedia.com	2 redirects
2	eus.rubiconproject.com	cadmus.script.ac eus.rubiconproject.com
2	f6f4a0d07256345d3fd02984b368e884.safeframe.googlesyndication.com	cadmus.script.ac
2	oajs.openx.net	1 redirects hornex.pro
2	id5-sync.com	cdn.id5-sync.com elb.the-ozone-project.com
2	gum.criteo.com	1 redirects cadmus.script.ac
2	fastlane.rubiconproject.com	api.adinplay.com
2	script.4dex.io	cadmus.script.ac
2	i.clean.gg	cadmus.script.ac
2	ad-delivery.net	hornex.pro
2	cdn.jsdelivr.net	api.adinplay.com cadmus.script.ac
2	region1.google-analytics.com	www.googletagmanager.com
2	api.adinplay.com	hornex.pro api.adinplay.com
2	fonts.googleapis.com	hornex.pro cadmus.script.ac
1	usermatch.targeting.unrulymedia.com	elb.the-ozone-project.com
1	sync.richaudience.com
1	ssbsync-global.smartadserver.com	1 redirects
1	ad2.360yield.com
1	crb.kargo.com
1	ups.analytics.yahoo.com
1	hbx.media.net
1	pbs-cs.yellowblue.io	elb.the-ozone-project.com
1	prebid-match.dotomi.com
1	www.google.com	cadmus.script.ac
1	sync.inmobi.com	1 redirects
1	s0.2mdn.net	f6f4a0d07256345d3fd02984b368e884.safeframe.googlesyndication.com
1	www.googletagservices.com	f6f4a0d07256345d3fd02984b368e884.safeframe.googlesyndication.com
1	googleads.g.doubleclick.net	f6f4a0d07256345d3fd02984b368e884.safeframe.googlesyndication.com
1	google-bidout-d.openx.net	cadmus.script.ac
1	token.rubiconproject.com	eus.rubiconproject.com
1	static.cloudflareinsights.com	elb.the-ozone-project.com
1	acdn.adnxs.com	cadmus.script.ac
1	mug.criteo.com	hornex.pro
1	bcp.crwdcntrl.net	tags.crwdcntrl.net
1	cdn.prod.uidapi.com	cadmus.script.ac
1	tags.crwdcntrl.net	cadmus.script.ac
1	invstatic101.creativecdn.com	cadmus.script.ac
1	cdn.id5-sync.com	cadmus.script.ac
1	static.criteo.net	cadmus.script.ac
1	oa.openxcdn.net	cadmus.script.ac
1	btloader.com	api.adinplay.com
1	imasdk.googleapis.com	api.adinplay.com
1	cadmus.script.ac	api.adinplay.com
1	ipapi.co	hornex.pro
1	stats.hornex.pro	hornex.pro
1	i.ytimg.com	hornex.pro
1	www.googletagmanager.com	hornex.pro
0	ads.servenobid.com Failed	elb.the-ozone-project.com
0	country.adinplay-venatus.workers.dev Failed	api.adinplay.com
127	63

This site contains no links.

Subject Issuer	Validity	Valid
hornex.pro E1	`2023-10-16` - `2024-01-14`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
adinplay.com GTS CA 1P5	`2023-10-19` - `2024-01-15`	3 months	crt.sh
edgestatic.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-04-16` - `2024-04-15`	a year	crt.sh
script.ac E1	`2023-10-31` - `2024-01-29`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
btloader.com GTS CA 1P5	`2023-10-19` - `2024-01-17`	3 months	crt.sh
api.btloader.com GTS CA 1D4	`2023-12-08` - `2024-03-07`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
i.clean.gg GTS CA 1D4	`2023-11-14` - `2024-02-12`	3 months	crt.sh
script.4dex.io Cloudflare Inc ECC CA-3	`2023-10-23` - `2024-10-22`	a year	crt.sh
the-ozone-project.com E1	`2023-10-26` - `2024-01-24`	3 months	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-05` - `2024-04-03`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2023-02-13` - `2024-03-15`	a year	crt.sh
*.onetag-sys.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-12-28` - `2024-01-28`	a year	crt.sh
oa.openxcdn.net GTS CA 1D4	`2023-11-24` - `2024-02-22`	3 months	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-10-09` - `2024-01-06`	3 months	crt.sh
invstatic101.creativecdn.com GTS CA 1D4	`2023-10-24` - `2024-01-22`	3 months	crt.sh
*.crwdcntrl.net Amazon RSA 2048 M01	`2023-10-08` - `2024-11-05`	a year	crt.sh
cdn.prod.uidapi.com R3	`2023-11-02` - `2024-01-31`	3 months	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-12-01` - `2024-03-01`	3 months	crt.sh
*.id5-sync.com R3	`2023-11-01` - `2024-01-30`	3 months	crt.sh
cdn.adnxs.com GeoTrust TLS RSA CA G1	`2023-03-27` - `2024-04-26`	a year	crt.sh
*.openx.net RapidSSL TLS RSA CA G1	`2023-08-18` - `2024-08-18`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
misc-sni.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.dotomi.com GlobalSign RSA OV SSL CA 2018	`2023-08-15` - `2024-09-15`	a year	crt.sh
*.yellowblue.io Amazon ECDSA 256 M02	`2023-04-19` - `2024-05-17`	a year	crt.sh
*.media.net DigiCert TLS RSA SHA256 2020 CA1	`2023-02-10` - `2024-02-18`	a year	crt.sh
ups.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-08-03` - `2024-01-24`	6 months	crt.sh
*.prod.euc1.green.ops.kargo.com Amazon RSA 2048 M01	`2022-11-13` - `2023-12-12`	a year	crt.sh
*.360yield.com Amazon RSA 2048 M01	`2023-05-29` - `2024-06-26`	a year	crt.sh
*.richaudience.com RapidSSL Global TLS RSA4096 SHA256 2022 CA1	`2023-02-27` - `2024-02-26`	a year	crt.sh
*.targeting.unrulymedia.com Sectigo RSA Domain Validation Secure Server CA	`2023-05-10` - `2024-05-10`	a year	crt.sh

This page contains 19 frames:

Primary Page: https://hornex.pro/
Frame ID: 9D0098CBABD6F95790D24EE360F6379A
Requests: 57 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=hornex.pro
Frame ID: 1748EEFB7CFF442CC5E7442D788FA835
Requests: 2 HTTP requests in this frame

Frame: https://f6f4a0d07256345d3fd02984b368e884.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 3917CEEA3243C793CB5A47C0C88256FF
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1702295773408
Frame ID: 9BDD83E694DDE9EC1597C022EC691545
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 7D6591304A7FAED817262DD669BE34DA
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 586A08AE08A0646BF306F862FFB9DE13
Requests: 3 HTTP requests in this frame

Frame: https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=&publisherId=OZONEAIP0001&siteId=1500000135&cb=1702295773499&bidder=ozone
Frame ID: FE708CCA894B0769483761CD3AA1BA77
Requests: 13 HTTP requests in this frame

Frame: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Frame ID: 3420CEC7A0FB09FD41257B15741A06B9
Requests: 1 HTTP requests in this frame

Frame: https://f6f4a0d07256345d3fd02984b368e884.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: AA8589FF7D8D30DA16ED8BB86297894A
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMD3swEQyrfz-QEYkbSp_wEwAQ&v=APEucNWSs4IyQFZpLSIJEnTZdfTy9bsVV3SKoC03bGXVKgIjBmgobnmaH6kLPIVS5YvihMZuYz4UBB2IjHY-uO-DxA8Ht28CsILzjCbroATswBo6_rZ7wwel93zB-a1On3wtGTQ6-AEuzcKkpoBx18PN9mzVAhG7m3L0ANeBiH119x6yDjQVNLzH8XBAuOQQRKbJiWNWY7BOcmwTit6UTaTBFmL3BhwVLg
Frame ID: 3C704FCBFD920C95B2C1AF020C24351A
Requests: 5 HTTP requests in this frame

Frame: https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=0&us_privacy=pbs-ozone&callback=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dinmobi%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D
Frame ID: 5A37A45AC97A5FFE770BA2FCAEDEA531
Requests: 1 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012310301456000/amp4ads-v0.mjs
Frame ID: 150D6D8756F04C11F9833C5235414F84
Requests: 18 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: DF7F66065C70A9959F982904E784DA71
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 6A1E4754EDA822864FCE8BE3125FDAB8
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: A7186389AB0CC5157FD92C53904843EF
Requests: 2 HTTP requests in this frame

Frame: https://elb.the-ozone-project.com/setuid?bidder=onetag&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&uid=
Frame ID: 1A47A3E8269E78293D277F7355A45D54
Requests: 1 HTTP requests in this frame

Frame: https://pbs-cs.yellowblue.io/pbs-iframe?gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&redirect=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Drise%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D[PBS_UID]
Frame ID: EE3B1DCEBBF2E67FE2C6BA5531E9386A
Requests: 1 HTTP requests in this frame

Frame: https://ads.servenobid.com/sync?pid=310&uid=HzZMrRZHEmfv8HVvSIyd-c1x&redirect=https%3A%2F%2Fads.servenobid.com%2Fgetsync%3Fjp%3D5%26redirect%3Dhttps%253A%252F%252Felb.the-ozone-project.com%252Fsetuid%253Fbidder%253Dnobid%2526gdpr%253D0%2526gdpr_consent%253D%2526us_privacy%253Dpbs-ozone%2526uid%253D%2524UID
Frame ID: 251E9C09BA928C76A5C5E65526F94924
Requests: 1 HTTP requests in this frame

Frame: https://usermatch.targeting.unrulymedia.com/pbsync?gdpr=0&consent=&us_privacy=pbs-ozone&rurl=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dunruly%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26%24UID
Frame ID: F0A646784F7C6EA68546A48346EDFCF9
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Hornex.PRO

Page URL History Show full URLs

http://hornex.pro/ HTTP 301
https://hornex.pro/ Page URL

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.com/[^"]*(?:prebid|/pb\.js)

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

127
Requests

91 %
HTTPS

52 %
IPv6

47
Domains

63
Subdomains

55
IPs

8
Countries

1556 kB
Transfer

5125 kB
Size

35
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://hornex.pro/ HTTP 301
https://hornex.pro/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 50

https://oajs.openx.net/esp?url=https%3A%2F%2Fhornex.pro%2F&rid=esp HTTP 302
https://oajs.openx.net/esp?url=https%3A%2F%2Fhornex.pro%2F&rid=esp&cc=1

Request Chain 54

https://gum.criteo.com/sid/json?origin=publishertagids&domain=hornex.pro&sn=ChromeSyncframe&so=0&topUrl=hornex.pro&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=ugMs3nxHUXNSUG5WTDVOMmN1NndySDNFZjdYbFN4UnVsZHB6YTRhb1dud3gxMUlsKzVtQkxBaFZmNW16cVY0aE9VRG9mbzZHdHNYbGVyWlJmUElOdDF2S29OWk1teG9HQzB0M1RuVWQzbTZoYWloTE1sS1Zsd1BvaW5YVWRZTXZTMXJmdi8yaTExZTh1c3BNbThOcVJISmY0QXUyVlU0b3puY0pYUUdOVE5LVDJjR3RvZVA2RVFXRDZhdlIyN0FLMEJtSkg3MElob2p2SHUyTHVCbjQxbmRKY3FZd21rRjIyOWxZZEk1TUlUakRMQWRZbXBuUVcvUXBzdUZGUzZDVFk1Z0RnaE43VDgxK1pBTjBMZ3krd3lLbW5JRVRkSjRvSWV3VjBFWVJKeUlBT094TT18&cppv=2

Request Chain 67

https://ssum.casalemedia.com/usermatchredir?us_privacy=pbs-ozone&gdpr=0&gdpr_consent=&s=189937&cb=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dix%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D HTTP 302
https://ssum.casalemedia.com/usermatchredir?cb=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dix%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D&gdpr=0&gdpr_consent=&s=189937&us_privacy=pbs-ozone&C=1 HTTP 302
https://elb.the-ozone-project.com/setuid?bidder=ix&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&uid=ZXb43ckwdrB1SQxzmE8S2gAA%265199

Request Chain 81

https://sync.inmobi.com/prebid?gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&redirect=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dinmobi%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D HTTP 302
https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=0&us_privacy=pbs-ozone&callback=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dinmobi%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D

Request Chain 95

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDjnZRplGisldohkn6zG31E&google_cver=1

Request Chain 96

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZXb43ckwdrB1SQxzmE8S2gAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDjnZRplGisldohkn6zG31E&google_cver=1

Request Chain 97

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESELCFVpFHPN-q69Zx7x-i55g&google_cver=1

Request Chain 98

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTY4NjI0NjY3ODIyMjI5Mw%3D%3D

Request Chain 115

https://onetag-sys.com/usync/?gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&redir=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Donetag%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D${USER_TOKEN} HTTP 302
https://elb.the-ozone-project.com/setuid?bidder=onetag&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&uid=

Request Chain 124

https://ads.servenobid.com/getsync?tek=pbs&ver=1&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&redirect=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dnobid%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D$UID HTTP 302
https://ib.adnxs.com/getuid?https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D312%26uid%3D%24UID%26redirect%3Dhttps%253A%252F%252Fads.servenobid.com%252Fgetsync%253Fjp%253D1%2526redirect%253Dhttps%25253A%25252F%25252Felb.the-ozone-project.com%25252Fsetuid%25253Fbidder%25253Dnobid%252526gdpr%25253D0%252526gdpr_consent%25253D%252526us_privacy%25253Dpbs-ozone%252526uid%25253D%252524UID HTTP 302
https://ads.servenobid.com/sync?pid=312&uid=5686246678222293&redirect=https%3A%2F%2Fads.servenobid.com%2Fgetsync%3Fjp%3D1%26redirect%3Dhttps%253A%252F%252Felb.the-ozone-project.com%252Fsetuid%253Fbidder%253Dnobid%2526gdpr%253D0%2526gdpr_consent%253D%2526us_privacy%253Dpbs-ozone%2526uid%253D%2524UID HTTP 302
https://ads.servenobid.com/getsync?jp=1&redirect=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dnobid%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D%24UID HTTP 302
https://sync.1rx.io/usersync2/rmpssp?sub=duration&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D%26redirect%3Dhttps%253A%252F%252Fads.servenobid.com%252Fgetsync%253Fjp%253D2%2526redirect%253Dhttps%25253A%25252F%25252Felb.the-ozone-project.com%25252Fsetuid%25253Fbidder%25253Dnobid%252526gdpr%25253D0%252526gdpr_consent%25253D%252526us_privacy%25253Dpbs-ozone%252526uid%25253D%252524UID HTTP 302
https://sync.1rx.io/usersync2/rmpssp?sub=duration&zcc=1&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D%26redirect%3Dhttps%253A%252F%252Fads.servenobid.com%252Fgetsync%253Fjp%253D2%2526redirect%253Dhttps%25253A%25252F%25252Felb.the-ozone-project.com%25252Fsetuid%25253Fbidder%25253Dnobid%252526gdpr%25253D0%252526gdpr_consent%25253D%252526us_privacy%25253Dpbs-ozone%252526uid%25253D%252524UID&cb=1702295776079 HTTP 302
https://ad.turn.com/r/cs?pid=45&rndcb=3786591253 HTTP 302
https://sync.1rx.io/usersync/turn/4413469266288474458?dspret=1&gdpr=&gdpr_consent=&us_privacy= HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-978cfffd-c220-455a-98ea-02f4974d1366-003?redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3DRX-978cfffd-c220-455a-98ea-02f4974d1366-003%26redirect%3Dhttps%253A%252F%252Fads.servenobid.com%252Fgetsync%253Fjp%253D2%2526redirect%253Dhttps%25253A%25252F%25252Felb.the-ozone-project.com%25252Fsetuid%25253Fbidder%25253Dnobid%252526gdpr%25253D0%252526gdpr_consent%25253D%252526us_privacy%25253Dpbs-ozone%252526uid%25253D%252524UID HTTP 302
https://ads.servenobid.com/sync?pid=321&uid=RX-978cfffd-c220-455a-98ea-02f4974d1366-003&redirect=https%3A%2F%2Fads.servenobid.com%2Fgetsync%3Fjp%3D2%26redirect%3Dhttps%253A%252F%252Felb.the-ozone-project.com%252Fsetuid%253Fbidder%253Dnobid%2526gdpr%253D0%2526gdpr_consent%253D%2526us_privacy%253Dpbs-ozone%2526uid%253D%2524UID HTTP 302
https://ads.servenobid.com/getsync?jp=2&redirect=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dnobid%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D%24UID HTTP 302
https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=0&gdpr_consent=&us_privacy=1YN-&redirectUri=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%5Bssb_sync_pid%5D%26redirect%3Dhttps%253A%252F%252Fads.servenobid.com%252Fgetsync%253Fjp%253D3%2526redirect%253Dhttps%25253A%25252F%25252Felb.the-ozone-project.com%25252Fsetuid%25253Fbidder%25253Dnobid%252526gdpr%25253D0%252526gdpr_consent%25253D%252526us_privacy%25253Dpbs-ozone%252526uid%25253D%252524UID HTTP 302
https://ads.servenobid.com/sync?pid=317&uid=2936534965475003591&redirect=https%3A%2F%2Fads.servenobid.com%2Fgetsync%3Fjp%3D3%26redirect%3Dhttps%253A%252F%252Felb.the-ozone-project.com%252Fsetuid%253Fbidder%253Dnobid%2526gdpr%253D0%2526gdpr_consent%253D%2526us_privacy%253Dpbs-ozone%2526uid%253D%2524UID HTTP 302
https://ads.servenobid.com/getsync?jp=3&redirect=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dnobid%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D%24UID HTTP 302
https://hbx.media.net/cksync.php?cs=1&type=pbs&ovsid=setstatuscode&bidder=medianet&gdpr=0&gdpr_consent=&us_privacy=1YN-&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D353%26uid%3D%3Cvsid%3E%26redirect%3Dhttps%253A%252F%252Fads.servenobid.com%252Fgetsync%253Fjp%253D4%2526redirect%253Dhttps%25253A%25252F%25252Felb.the-ozone-project.com%25252Fsetuid%25253Fbidder%25253Dnobid%252526gdpr%25253D0%252526gdpr_consent%25253D%252526us_privacy%25253Dpbs-ozone%252526uid%25253D%252524UID HTTP 302
https://ads.servenobid.com/sync?pid=353&uid=0000EEA&redirect=https%3A%2F%2Fads.servenobid.com%2Fgetsync%3Fjp%3D4%26redirect%3Dhttps%253A%252F%252Felb.the-ozone-project.com%252Fsetuid%253Fbidder%253Dnobid%2526gdpr%253D0%2526gdpr_consent%253D%2526us_privacy%253Dpbs-ozone%2526uid%253D%2524UID HTTP 302
https://ads.servenobid.com/getsync?jp=4&redirect=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dnobid%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D%24UID HTTP 302
https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D%26redirect%3Dhttps%253A%252F%252Fads.servenobid.com%252Fgetsync%253Fjp%253D5%2526redirect%253Dhttps%25253A%25252F%25252Felb.the-ozone-project.com%25252Fsetuid%25253Fbidder%25253Dnobid%252526gdpr%25253D0%252526gdpr_consent%25253D%252526us_privacy%25253Dpbs-ozone%252526uid%25253D%252524UID HTTP 302
https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D%26redirect%3Dhttps%253A%252F%252Fads.servenobid.com%252Fgetsync%253Fjp%253D5%2526redirect%253Dhttps%25253A%25252F%25252Felb.the-ozone-project.com%25252Fsetuid%25253Fbidder%25253Dnobid%252526gdpr%25253D0%252526gdpr_consent%25253D%252526us_privacy%25253Dpbs-ozone%252526uid%25253D%252524UID&dnr=1 HTTP 302
https://ads.servenobid.com/sync?pid=310&uid=HzZMrRZHEmfv8HVvSIyd-c1x&redirect=https%3A%2F%2Fads.servenobid.com%2Fgetsync%3Fjp%3D5%26redirect%3Dhttps%253A%252F%252Felb.the-ozone-project.com%252Fsetuid%253Fbidder%253Dnobid%2526gdpr%253D0%2526gdpr_consent%253D%2526us_privacy%253Dpbs-ozone%2526uid%253D%2524UID

Request Chain 125

https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&redirectUri=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dsmart%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D%5Bssb_sync_pid%5D HTTP 302
https://elb.the-ozone-project.com/setuid?bidder=smart&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&uid=2936534965475003591

Request Chain 127

https://match.prod.bidr.io/cookie-sync/ozo?url=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dbeeswax%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID HTTP 303
https://match.prod.bidr.io/cookie-sync/ozo?url=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dbeeswax%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID&_bee_ppp=1 HTTP 303
https://elb.the-ozone-project.com/setuid?uid=AABQ2U7K7fIAABaF2t95UA&bidder=beeswax

127 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
hornex.pro/
Redirect Chain

http://hornex.pro/
https://hornex.pro/

49 KB
13 KB

89ms
68ms

Document
text/html

2606:4700:20::681a:d82
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://hornex.pro/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:d82 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ee723c09fbee7c8fcf5a3afe8b3c1af028fe9f148cd0dc78ebe4497c3250db9e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 833d8b027ee8bbcd-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Mon, 11 Dec 2023 11:56:12 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sNLyoinTpkATLIGeDUefv7T%2Fl8Mosa6D6ptVbgGxCVEGOB%2BUiH0NNLhIcOoQd3ZbC%2BLTgbDd8B0Pmsot8xHe0SGa4nPPFrv8YbSJrIE%2FKGLwnpgNDP67pYi4X4c362mJAaaZw6Q3bXID"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-content-type-options: nosniff

Redirect headers

CF-Cache-Status: DYNAMIC
CF-RAY: 833d8b02183a5cb0-FRA
Cache-Control: max-age=3600
Connection: keep-alive
Date: Mon, 11 Dec 2023 11:56:12 GMT
Expires: Mon, 11 Dec 2023 12:56:12 GMT
Location: https://hornex.pro/
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=URX%2Bfl6KWpK%2Fs5lCNWU7uN7TKLj81knh7mjzldY6UAGHaFE5cPvUD8zFLGKCkkHVd4RBvNHCwc6quvfrQyF%2B9g990Uo25ypKH9Tp3B%2FEotV2NZaiF20kXLqmuQjqbZNbsZntdCLDoLem"}],"group":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding

GET
H2 200 css
fonts.googleapis.com/ 402 B
721 B 61ms
24ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Fredoka+One

Requested by

Host: hornex.pro
URL: https://hornex.pro/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ca76180c2133d7d13de82a1b213bb4d0d1556d2cfd8c5fea78032f3724ec951f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hornex.pro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 11 Dec 2023 11:56:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 11 Dec 2023 11:50:52 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 11 Dec 2023 11:56:12 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 274 KB
91 KB 65ms
28ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-YEF7XWRCWL

Requested by

Host: hornex.pro
URL: https://hornex.pro/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

424eaae686fe6a5dd0a4db4a43b8872d1bf94eac8489c2a80af74fbc8f722ee1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hornex.pro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 11:56:12 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 93130
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 11 Dec 2023 11:56:12 GMT

GET
H2 200 tag.min.js Show response
api.adinplay.com/libs/aiptag/pub/AMF/hornex.pro/ 617 KB
195 KB 248ms
89ms Script
application/javascript 2606:4700:20::681a:2e8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.adinplay.com/libs/aiptag/pub/AMF/hornex.pro/tag.min.js
Requested by: Host: hornex.pro
URL: https://hornex.pro/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:2e8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7671af12193bc0e69b064be9f72c7f9575e100c5dada590e3ad84f35fa6c9197

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hornex.pro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 11:56:12 GMT
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Mon, 11 Dec 2023 10:06:17 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"6576df19-9a34e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aWyWpkyTU%2FOcEeJC3AIP%2FaQAZYtr1g61r0FdsHfwTelMYcfLM4h%2B1P11N0geemUnoEvs4sJ%2Bn7TLhWhkIiZAHa9u4SU4RdP6JAI86ZhratXtD1FvZWI3YN1Ut839KMt%2BAOUwLK8Kg7MpWNAMPJE%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=1800
access-control-allow-credentials: true
x-host: adinplay-2
cf-ray: 833d8b045a4e038e-FRA

GET
H2 200 3ac835fb86f14adcc14fc08e15efe7d0.js Show response
hornex.pro/ 532 KB
139 KB 38ms
37ms Script
application/javascript 2606:4700:20::681a:d82
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://hornex.pro/3ac835fb86f14adcc14fc08e15efe7d0.js

Requested by

Host: hornex.pro
URL: https://hornex.pro/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:d82 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

abcd202cecd6086c73fa490c63f2e7abc40891b96ab9a4218a1e7ae0587076c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://hornex.pro/
Origin: https://hornex.pro
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 11:56:12 GMT
content-encoding: br
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-cache-status: HIT
age: 4239
etag: W/"720f3830890b3d6d48ec9325298b73a0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iUNkMTi550BM5aDBQ6VJsW5HP2rXE1ulZaGpL%2BfV18jmx%2BLULwB8E0MSdwNC8jgrUzz%2FYDDyOgQGe8vdSYFKgv2gtTjVJDsB3d6ThBZy1gQd2DW%2B%2FfAXxolm6Fgn"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=14400, must-revalidate
cf-ray: 833d8b02ff70bbcd-FRA

GET
H2 200 weborama.js Show response
hornex.pro/ 49 KB
13 KB 30ms
29ms Fetch
text/html 2606:4700:20::681a:d82
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://hornex.pro/weborama.js

Requested by

Host: hornex.pro
URL: https://hornex.pro/3ac835fb86f14adcc14fc08e15efe7d0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:d82 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ee723c09fbee7c8fcf5a3afe8b3c1af028fe9f148cd0dc78ebe4497c3250db9e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hornex.pro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 11:56:12 GMT
content-encoding: br
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-cache-status: HIT
age: 4238
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WlFRYklYoKTtZrfo6JLb04UBF3h1oRFXEqTRjuzAKUPFEU%2Bths6cYZlVSMLlRBq4ochw3fyjIiyK2W4wBt%2BCxmcxZwerIa21C5wjGYY0EN%2FbZmlzuOW9bQ7GWxLnvaawavfO9Dj9ifvU"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=14400, must-revalidate
cf-ray: 833d8b03c898bbcd-FRA

GET
H2 200 hqdefault.jpg
i.ytimg.com/vi/8tbvq_gUC4Y/ 38 KB
38 KB 59ms
23ms Image
image/jpeg 2a00:1450:4001:811::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/8tbvq_gUC4Y/hqdefault.jpg

Requested by

Host: hornex.pro
URL: https://hornex.pro/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92b7e42f51c6ebceb5e2e887f859c8389e4fc16444489532cd075c61e12855b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hornex.pro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 11:56:12 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 38731
x-xss-protection: 0
server: sffe
etag: "1697241064"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Mon, 11 Dec 2023 13:56:12 GMT

GET
H2 200 k3kUo8kEI-tA1RRcTZGmTlHGCac.woff2
fonts.gstatic.com/s/fredokaone/v14/ 15 KB
16 KB 47ms
14ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/fredokaone/v14/k3kUo8kEI-tA1RRcTZGmTlHGCac.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Fredoka+One

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e9986c62b19bce3791c4c103a4aa87c91d22d9e1c9f252f7f802ea26d3405769

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://hornex.pro
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 20:40:07 GMT
x-content-type-options: nosniff
age: 227765
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15596
x-xss-protection: 0
last-modified: Mon, 20 Mar 2023 20:35:18 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 07 Dec 2024 20:40:07 GMT

GET
H2 200 userCount Show response
stats.hornex.pro/api/ 79 B
535 B 95ms
57ms Fetch
application/json 2606:4700:20::681a:d82
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.hornex.pro/api/userCount
Requested by: Host: hornex.pro
URL: https://hornex.pro/3ac835fb86f14adcc14fc08e15efe7d0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:d82 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 41d0c74da6c47246a8fc559fa8fcdd92c0a4717e568dc490f65a4e6436eb7549

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hornex.pro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 11:56:12 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: Express
etag: W/"4f-ZFiYQhL0Lz+/03M64JpZ+97AJzY"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FXpZqca76ylL%2BW5VxN1dHQ0BJEcKKLTLYmkf6jJzKvRq0Ybc5uRCUqIt08JUGKlJsa6yxEF6ormt9DgXFLOGICBQWzTvmbij3%2B%2BNDYh2XUw3QzdS2L8k67b%2Bv2w5sOY7lP8Z%2BS9NsCWPUQgfmTs%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cf-ray: 833d8b04cc57bbf5-FRA

GET
H2 200 / Show response
ipapi.co/json/ 775 B
905 B 243ms
216ms Fetch
application/json 2606:4700:20::ac43:45e2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ipapi.co/json/

Requested by

Host: hornex.pro
URL: https://hornex.pro/3ac835fb86f14adcc14fc08e15efe7d0.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700:20::ac43:45e2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a520038e42ce401183c7d2652049dbd26303969c752b2e7cc96301867231b1e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hornex.pro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 11:56:13 GMT
content-encoding: br
x-content-type-options: nosniff
referrer-policy: same-origin
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Host, origin
allow: OPTIONS, OPTIONS, HEAD, GET, POST
content-type: application/json
access-control-allow-origin: https://hornex.pro
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h4xCRIjPY%2BZJmWeyjx5RELoQkLUbcT5KZMuLYTuyoSm1ss%2FHOy6jkvdSyWr52RYmNrxMo1WUHRxo4z7To%2Bto3S%2F2czoQb680z6H%2BQI6jUt%2ByvuTDEdSvga2JLGxYQLOlG0L%2F1U92"}],"group":"cf-nel","max_age":604800}
x-frame-options: DENY
cf-ray: 833d8b04be883737-FRA

POST
H2 204 collect
region1.google-analytics.com/g/ 0
250 B 46ms
17ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-YEF7XWRCWL&gtm=45je3bt0v9129752430&_p=1702295772689&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=61625368.1702295773&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1702295773&sct=1&seg=0&dl=https%3A%2F%2Fhornex.pro%2F&dt=Hornex.PRO&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=603
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-YEF7XWRCWL
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hornex.pro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Dec 2023 11:56:13 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://hornex.pro
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 script.js Show response
cadmus.script.ac/d1r100yi8pmbig/ 130 KB
46 KB 47ms
19ms Script
application/javascript 2606:4700::6812:1791
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cadmus.script.ac/d1r100yi8pmbig/script.js
Requested by: Host: api.adinplay.com
URL: https://api.adinplay.com/libs/aiptag/pub/AMF/hornex.pro/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1791 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 86472d004fe7402198af480a6921e1ebff5e125fe094b536cefd114a78049947

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hornex.pro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 11:56:13 GMT
content-encoding: gzip
last-modified: Mon, 11 Dec 2023 11:27:27 GMT
server: cloudflare
age: 0
etag: W/"a72801a1e00b2af10ca88a6a2a1deee80ea940cb"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public,max-age=600,stale-while-revalidate=3600,stale-if-error=86400
cf-ray: 833d8b05fa271c79-FRA

GET
H2 200 latest.json Show response
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 2 KB
2 KB 35ms
16ms Fetch
application/json 2606:4700::6810:5714
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20231211

Requested by

Host: api.adinplay.com
URL: https://api.adinplay.com/libs/aiptag/pub/AMF/hornex.pro/tag.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5714 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

eb46a46f643895746cfe3e2e199278b0154edfb75cecb1132df74f47b84d67b5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://hornex.pro/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
content-type: text/plain

Response headers

date: Mon, 11 Dec 2023 11:56:13 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 28521
x-jsd-version: 1.0.1900
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230066-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"636-0aixPJ+F9iGhoT5ok/tLvIFCVz0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=c3hqifO4wauDp7kL0MWm9ajJXCCnMeVQIk3d6xi974o6TQ%2FOAXlcgJwuTbRZrhnc2gPqNvsjljrB19V9IyvZiirx2Na4neM%2BI84hEwjpIskT4hfbyXyZngagg%2FIZOzEgGQ56O5G01fzL66m%2FfYg%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cf-ray: 833d8b05ee9865ab-FRA

GET /
country.adinplay-venatus.workers.dev/ 0
0

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 92 KB
30 KB 109ms
71ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: api.adinplay.com
URL: https://api.adinplay.com/libs/aiptag/pub/AMF/hornex.pro/tag.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3e915ffbedc6ae01ab56af4efd2a95490d633e0405e1c0718c7817f6937118d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hornex.pro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 11:56:13 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30240
x-xss-protection: 0
server: cafe
etag: 56 / 19702 / m202312040101 / config-hash: 18041799505519846586
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 11 Dec 2023 11:56:13 GMT

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ 367 KB
126 KB 62ms
24ms Script
text/javascript 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: api.adinplay.com
URL: https://api.adinplay.com/libs/aiptag/pub/AMF/hornex.pro/tag.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bda9ec230e9fd779256cde4a4b7687c6fbfab102624bed226faca3e27d255716

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hornex.pro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 11:56:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 128901
x-xss-protection: 0
expires: Mon, 11 Dec 2023 11:56:13 GMT

GET
H2 200 tag Show response
btloader.com/ 76 KB
24 KB 35ms
16ms Script
application/javascript 2606:4700:10::6816:4bd8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://btloader.com/tag?o=5130683165442048&upapi=true
Requested by: Host: api.adinplay.com
URL: https://api.adinplay.com/libs/aiptag/pub/AMF/hornex.pro/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4bd8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0713adb0392ce6dcf82357b62027b0e9caae4b4f6f657aeaf7b70536943d2044

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hornex.pro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 11:56:13 GMT
content-encoding: gzip
via: 1.1 google
cf-cache-status: HIT
last-modified: Mon, 11 Dec 2023 11:21:31 GMT
server: cloudflare
age: 2036
etag: "e6bda6cc832cb5b884ef584ecf03ccaa"
vary: Origin, Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=300, must-revalidate, stale-if-error=3600, stale-while-revalidate=300
accept-ranges: bytes
cf-ray: 833d8b05e813bbf8-FRA
content-length: 24282

GET
H2 200 adsbygoogle.js Show response
api.adinplay.com/libs/aiptag/assets/ 16 B
393 B 18ms
17ms Script
application/javascript 2606:4700:20::681a:2e8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.adinplay.com/libs/aiptag/assets/adsbygoogle.js
Requested by: Host: api.adinplay.com
URL: https://api.adinplay.com/libs/aiptag/pub/AMF/hornex.pro/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:2e8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 351b4bae56595d6878b3ffd7940ac231a0a85427f4cb1e5adb1952b71998f35a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hornex.pro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 11:56:13 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6456
x-host: adinplay-1
content-length: 16
last-modified: Wed, 04 Apr 2018 16:13:25 GMT
server: cloudflare
etag: "5ac4f9a5-10"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1OUjOrQ4lTTI%2Bn6ASS8UrlqnYwxlSp67Ep9%2BuoOJxmXH%2BwW8cczplTsjBnaIRtr1fllAKQ%2FVLQQY0zCgEMMVkQdQh1%2Fo3Y5NkUjZlsfEfiXxCj6l4eHRZrzbWg%2Flj%2B7x88nokePvOllZEbgWQMQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=1800
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 833d8b05dc40038e-FRA

GET
H2 204 state Show response
api.btloader.com/mw/ 0
39 B 153ms
118ms Fetch 130.211.23.194
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.btloader.com/mw/state?bt_env=prod
Requested by: Host: btloader.com
URL: https://btloader.com/tag?o=5130683165442048&upapi=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.23.194 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 194.23.211.130.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hornex.pro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 11 Dec 2023 11:56:13 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
vary: Origin

POST
H2 204 log
api.btloader.com/ 0
0 151ms
116ms Fetch 130.211.23.194
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.btloader.com/log?tid=dwXmZq0O&cv=2.1.26&sid=eaMv9S5Fk&upapi=true
Requested by: Host: btloader.com
URL: https://btloader.com/tag?o=5130683165442048&upapi=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.23.194 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 194.23.211.130.bc.googleusercontent.com
Software: /
Resource Hash

Request headers

Referer: https://hornex.pro/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Mon, 11 Dec 2023 11:56:13 GMT
cache-control: no-cache, no-store, must-revalidate
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
vary: Origin

POST
H2 204 log
api.btloader.com/ 0
0 150ms
115ms Fetch 130.211.23.194
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.btloader.com/log?tid=dwXmZq0O&cv=2.1.26&sid=eaMv9S5Fk&upapi=true
Requested by: Host: btloader.com
URL: https://btloader.com/tag?o=5130683165442048&upapi=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.23.194 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 194.23.211.130.bc.googleusercontent.com
Software: /
Resource Hash

Request headers

Referer: https://hornex.pro/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Mon, 11 Dec 2023 11:56:13 GMT
cache-control: no-cache, no-store, must-revalidate
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
vary: Origin

GET
H2 200 px.gif
ad-delivery.net/ 43 B
337 B 33ms
16ms Image
image/gif 2606:4700:20::681a:246
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad-delivery.net/px.gif?ch=2
Requested by: Host: hornex.pro
URL: https://hornex.pro/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:246 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hornex.pro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 11:56:13 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1688173
x-guploader-uploadid: ABPtcPrXA0PmdMT7yuaCkFgx8Sq8EASHWx9VryAl7ICr3sOGCvXIxcoLbV_WYZ-uwlFtclgep1_F9rhtgg
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 5
x-goog-stored-content-encoding: identity
content-length: 43
last-modified: Wed, 05 May 2021 19:25:32 GMT
server: cloudflare
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3"
vary: Accept-Encoding
x-goog-generation: 1620242732037093
content-type: image/gif
access-control-allow-origin: *
x-goog-hash: crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
access-control-expose-headers: *, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=86400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hig7mH2XQ3RyJYFp%2FVo%2B71nqo9ce4hoUNIT1qbOK%2BewGQko9xWKcXG8oFOrNcNbwOqPA61a8rmoky9QZUxW06b8nSi0E7vNsNdnRXMpPvQBY9sazqf2LuU45wlItdTAs0csBvbESNhM6lz%2Folg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 43
accept-ranges: bytes
cf-ray: 833d8b063ef33673-FRA
expires: Tue, 21 Nov 2023 23:44:24 GMT

GET
H2 200 favicon.ico
ad.doubleclick.net/ 1 KB
570 B 54ms
14ms Image
image/x-icon 142.250.181.230
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250

Requested by

Host: hornex.pro
URL: https://hornex.pro/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.230 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f6.1e100.net

Software

sffe /

Resource Hash

d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hornex.pro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 10:51:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3883
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 104
x-xss-protection: 0
last-modified: Tue, 08 May 2012 13:08:06 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/x-icon
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 12 Dec 2023 10:51:30 GMT

GET
H2 200 px.gif
ad-delivery.net/ 43 B
922 B 31ms
14ms Image
image/gif 2606:4700:20::681a:246
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad-delivery.net/px.gif?ch=1&e=0.5870237456047034
Requested by: Host: hornex.pro
URL: https://hornex.pro/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:246 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hornex.pro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 11:56:13 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1688173
x-guploader-uploadid: ABPtcPrXA0PmdMT7yuaCkFgx8Sq8EASHWx9VryAl7ICr3sOGCvXIxcoLbV_WYZ-uwlFtclgep1_F9rhtgg
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 5
x-goog-stored-content-encoding: identity
content-length: 43
last-modified: Wed, 05 May 2021 19:25:32 GMT
server: cloudflare
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3"
vary: Accept-Encoding
x-goog-generation: 1620242732037093
content-type: image/gif
access-control-allow-origin: *
x-goog-hash: crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
access-control-expose-headers: *, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=86400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oipJO3mFvrifjmk2ZK%2FadUMWg6AeWeVLu9uEsGFy6K7mDH0gofcVxDDHuj8P%2B4ZL%2FDS528CvWAr1pkGZ4TS5b8Uf0QMM1HL4ClQiYAO3FjtC48jfOy5Zx3H5SisuXgbF%2BiZrP%2BRsxKrGFIddnw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 43
accept-ranges: bytes
cf-ray: 833d8b063ef13673-FRA
expires: Tue, 21 Nov 2023 23:44:24 GMT

POST
H2 200 1a Show response
i.clean.gg/ 0
104 B 103ms
102ms XHR
application/octet-stream 34.95.69.49
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://i.clean.gg/1a
Requested by: Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1r100yi8pmbig/script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.95.69.49 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 49.69.95.34.bc.googleusercontent.com
Software: nginx/1.21.6 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://hornex.pro/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 11 Dec 2023 11:56:13 GMT
via: 1.1 google
server: nginx/1.21.6
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/octet-stream
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Range
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Origin,Accept,X-API-Key
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

OPTIONS
H2 204 1a
i.clean.gg/ Frame 0
0 179ms
99ms Preflight
text/plain 34.95.69.49
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://i.clean.gg/1a
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.95.69.49 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 49.69.95.34.bc.googleusercontent.com
Software: nginx/1.21.6 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://hornex.pro
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Origin,Accept,X-API-Key
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1728000
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/plain; charset=utf-8
date: Mon, 11 Dec 2023 11:56:13 GMT
server: nginx/1.21.6
via: 1.1 google

POST
H2 204 log
api.btloader.com/ 0
0 115ms
115ms Fetch 130.211.23.194
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.btloader.com/log?tid=dwXmZq0O&cv=2.1.26&sid=eaMv9S5Fk&upapi=true
Requested by: Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1r100yi8pmbig/script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.23.194 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 194.23.211.130.bc.googleusercontent.com
Software: /
Resource Hash

Request headers

Referer: https://hornex.pro/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Mon, 11 Dec 2023 11:56:13 GMT
cache-control: no-cache, no-store, must-revalidate
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
vary: Origin

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312040101/ 432 KB
135 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312040101/pubads_impl.js

Requested by

Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1r100yi8pmbig/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c417bdd5756646f7102a004458c6aa90e7a4c7ff04631494f0a9b8099619343d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hornex.pro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 15:57:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 71923
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 138293
x-xss-protection: 0
server: cafe
etag: 11350998454379829730
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Mon, 09 Dec 2024 15:57:30 GMT

GET
H/1.1 200
OK localstore.js Show response
script.4dex.io/ 483 B
1 KB 52ms
25ms Script
application/javascript 2606:4700:20::681a:8a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.4dex.io/localstore.js
Requested by: Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1r100yi8pmbig/script.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:8a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hornex.pro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Mon, 11 Dec 2023 11:56:13 GMT
Content-Encoding: br
CF-Cache-Status: HIT
Last-Modified: Mon, 27 Nov 2023 07:14:08 GMT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Age: 1226485
ETag: W/"922cffdd75f7192f75231d92684885aa"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vzXGqXjr5oDDY2h09ApORCORCLhwf%2FfSIMWG36MDotM%2BIGATSm87PEIPEFP%2BgwXo3VxC4rv%2F5CLttOZ50KMv1h7YIZxOU7gEfhR7v838JAB%2BnzI%2Bznoru9cQKBaaER574lyge8sMCa3Ixseq"}],"group":"cf-nel","max_age":604800}
Cache-Control: public, max-age=1800
Connection: keep-alive
CF-RAY: 833d8b0748114d6e-FRA

POST
H2 200 auction Show response
elb.the-ozone-project.com/openrtb2/ 223 B
1018 B 132ms
101ms Fetch
application/json 104.18.43.178
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://elb.the-ozone-project.com/openrtb2/auction
Requested by: Host: api.adinplay.com
URL: https://api.adinplay.com/libs/aiptag/pub/AMF/hornex.pro/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.43.178 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7ecf140c458e9124565e23c9120390f5345374235be46c5d31f2b07ecda95ca1

Request headers

Referer: https://hornex.pro/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Mon, 11 Dec 2023 11:56:13 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
vary: Origin, Accept-Encoding
content-type: application/json
access-control-allow-origin: https://hornex.pro
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 833d8b07587e18d6-FRA
expires: 0

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 355 B
864 B 115ms
71ms Fetch
application/json 2602:803:c003:200::21
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=23042&site_id=360062&zone_id=2685800&size_id=57&rp_schain=1.0,1!adinplay.com,AMF,1,,,&rf=https%3A%2F%2Fhornex.pro%2F&kw=florr.io%2Cflorr%2Chornex%2Chornex.io%2Chornex.pro%2Cflorr2%2Ciogames%2Cflorrlikegame%2Csurvivaliogame%2Cfreegames%2Conlinegames%2Cflorr.io2&tg_i.domain=hornex.pro&tg_i.page=https%3A%2F%2Fhornex.pro%2F&tg_i.pbadslot=%2F421469808%2C22693443984%2Fhornex.pro_970x250&tk_flint=pbjs_lite_v8.10.0&l_pb_bid_id=420a07cd61bc9d&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F421469808%2C22693443984%2Fhornex.pro_970x250&slots=1&rand=0.7577392361822677
Requested by: Host: api.adinplay.com
URL: https://api.adinplay.com/libs/aiptag/pub/AMF/hornex.pro/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: d109d3914f759c9fbafffe4921cca53ad7f2fecc3d7fb6f5d9d4b4d1a80019ab

Request headers

Referer: https://hornex.pro/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Mon, 11 Dec 2023 11:56:13 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://hornex.pro
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 355
expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 200 prebid Show response
ib.adnxs.com/ut/v3/ 138 B
696 B 80ms
49ms Fetch
application/json 185.89.210.82
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: api.adinplay.com
URL: https://api.adinplay.com/libs/aiptag/pub/AMF/hornex.pro/tag.min.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.82 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

dbaf971b1bc3869a191bb58647799399a802a0806f6f2fd14b04050ba018477e

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://hornex.pro/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Mon, 11 Dec 2023 11:56:13 GMT
an-x-request-uuid: 871e95e3-acc3-4077-8e51-bac825198c5a
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/json; charset=utf-8
access-control-allow-origin: https://hornex.pro
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 37.58.58.246; 37.58.58.246; 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 138
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
DATA 200
OK truncated
/ 787 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8fa4687da10344e6c984c1abb942c88a69eeedadddde533eda898082a1b43871

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type: image/png

POST
H2 200 prebid-request Show response
onetag-sys.com/ 15 B
407 B 34ms
9ms Fetch
application/json 51.89.9.251
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/prebid-request

Requested by

Host: api.adinplay.com
URL: https://api.adinplay.com/libs/aiptag/pub/AMF/hornex.pro/tag.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.251 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip251.ip-51-89-9.eu

Software

Resource Hash

663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://hornex.pro/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
content-type: text/plain

Response headers

strict-transport-security: max-age=15552000
content-encoding: gzip
content-type: application/json
access-control-allow-origin: https://hornex.pro
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control: no-transform, no-cache
access-control-allow-credentials: true
access-control-allow-headers: content-type, origin, referer, user-agent
content-length: 41
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900

POST
H2 200 prebid Show response
ib.adnxs.com/ut/v3/ 10 KB
5 KB 236ms
227ms Fetch
application/json 185.89.210.82
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: api.adinplay.com
URL: https://api.adinplay.com/libs/aiptag/pub/AMF/hornex.pro/tag.min.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.82 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

379f5b71ef542c340cee93163186121138f8279d0441c34727dcc4d974a1a66e

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://hornex.pro/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Mon, 11 Dec 2023 11:56:13 GMT
content-encoding: gzip
an-x-request-uuid: 5a4b1e75-117e-4d18-beb4-92e2993c1c6a
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
vary: Accept-Encoding
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/json; charset=utf-8
access-control-allow-origin: https://hornex.pro
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 37.58.58.246; 37.58.58.246; 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 prebid-request Show response
onetag-sys.com/ 15 B
406 B 31ms
9ms Fetch
application/json 51.89.9.251
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/prebid-request

Requested by

Host: api.adinplay.com
URL: https://api.adinplay.com/libs/aiptag/pub/AMF/hornex.pro/tag.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.251 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip251.ip-51-89-9.eu

Software

Resource Hash

663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://hornex.pro/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
content-type: text/plain

Response headers

strict-transport-security: max-age=15552000
content-encoding: gzip
content-type: application/json
access-control-allow-origin: https://hornex.pro
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control: no-transform, no-cache
access-control-allow-credentials: true
access-control-allow-headers: content-type, origin, referer, user-agent
content-length: 41
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 355 B
692 B 152ms
133ms Fetch
application/json 2602:803:c003:200::21
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=23042&site_id=360062&zone_id=2685800&size_id=10&rp_schain=1.0,1!adinplay.com,AMF,1,,,&rf=https%3A%2F%2Fhornex.pro%2F&kw=florr.io%2Cflorr%2Chornex%2Chornex.io%2Chornex.pro%2Cflorr2%2Ciogames%2Cflorrlikegame%2Csurvivaliogame%2Cfreegames%2Conlinegames%2Cflorr.io2&tg_i.domain=hornex.pro&tg_i.page=https%3A%2F%2Fhornex.pro%2F&tg_i.pbadslot=%2F421469808%2C22693443984%2Fhornex.pro_300x600&tk_flint=pbjs_lite_v8.10.0&l_pb_bid_id=14dd5850e934836&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F421469808%2C22693443984%2Fhornex.pro_300x600&slots=1&rand=0.5485862251956897
Requested by: Host: api.adinplay.com
URL: https://api.adinplay.com/libs/aiptag/pub/AMF/hornex.pro/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: af56386ff5ca5ee0b899fd920bb755532c5cf99b0eda9aff71dc74a8d118da27

Request headers

Referer: https://hornex.pro/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Mon, 11 Dec 2023 11:56:13 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://hornex.pro
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 355
expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 200 auction Show response
elb.the-ozone-project.com/openrtb2/ 223 B
852 B 110ms
107ms Fetch
application/json 104.18.43.178
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://elb.the-ozone-project.com/openrtb2/auction
Requested by: Host: api.adinplay.com
URL: https://api.adinplay.com/libs/aiptag/pub/AMF/hornex.pro/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.43.178 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e43bf32c9b4316bee1b3bb3fedea842d4dae232a00978b77d7209a2fc620f3d0

Request headers

Referer: https://hornex.pro/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Mon, 11 Dec 2023 11:56:13 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
vary: Origin, Accept-Encoding
content-type: application/json
access-control-allow-origin: https://hornex.pro
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 833d8b07588018d6-FRA
expires: 0

GET
H2 200 esp.js Show response
oa.openxcdn.net/ 24 KB
8 KB 54ms
16ms Script
application/javascript 34.102.146.192
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://oa.openxcdn.net/esp.js
Requested by: Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1r100yi8pmbig/script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.146.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 192.146.102.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hornex.pro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 12 Nov 2023 06:38:57 GMT
content-encoding: gzip
age: 2524636
x-guploader-uploadid: ABPtcPqNl0_c7mOVHVehFbpvBDCYrlpMq3zlKY0iT8ZNCSTUmKqOFKvvyge5cYXvjpEp3qctN1IhbOKtoVDeGx23F8-Q
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7927
last-modified: Thu, 27 May 2021 18:30:51 GMT
server: UploadServer
etag: "df5542b88bc0e368c6999754a5b9e2ba"
x-goog-generation: 1622140251693895
x-goog-hash: crc32c=f21hYg==, md5=31VCuIvA42jGmZdUpbniug==
content-type: application/javascript
cache-control: no-transform
x-goog-stored-content-length: 7927
accept-ranges: bytes
expires: Mon, 11 Nov 2024 06:38:57 GMT

GET
H2 200 publishertag.ids.js Show response
static.criteo.net/js/ld/ 43 KB
13 KB 47ms
17ms Script
text/javascript 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.ids.js

Requested by

Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1r100yi8pmbig/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

2f1ad4ec7176f493b16e0d186f222e3484248cbb48f82289c736a0877f2d5894

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hornex.pro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 11:56:13 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 05 Dec 2023 05:12:22 GMT
server: nginx
etag: W/"656eb136-aa2f"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Tue, 12 Dec 2023 11:56:13 GMT

GET
H3 200 pubcid.min.js Show response
cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/ 732 B
1 KB 26ms
16ms Script
application/javascript 2606:4700::6810:5714
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/pubcid.min.js

Requested by

Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1r100yi8pmbig/script.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5714 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hornex.pro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 11:56:13 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 15226
x-jsd-version: master
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230088-FRA
x-jsd-version-type: branch
server: cloudflare
etag: W/"2dc-IrZxm/sP4aqtIfs1EfEw6Dg5q1Y"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Vo09CBZqRgQaqQtZda5AEPhybhUO1V16JJqHoGffDkUqpALeXMMi09HtwQrh7H6wEYYFuLPvVexP8ylbh6Wz5s5T7FNywZSLHctuMdISIBXQUqQVVq%2BINeXRc1UHcWHDC8Kfv81GPQyH8Sr1MfQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cf-ray: 833d8b077e1a71d0-FRA

GET
H2 200 esp.js Show response
cdn.id5-sync.com/api/1.0/ 152 KB
34 KB 48ms
21ms Script
text/javascript 2606:4700:10::6816:3556
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/esp.js

Requested by

Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1r100yi8pmbig/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3556 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

65d03eb82a79a732d7c0180593c4f5dc98a8fac5c20c3a5446c4f14bf93d280a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hornex.pro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 11:56:13 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 07 Dec 2023 12:57:20 GMT
server: cloudflare
x-amz-request-id: A1NQNZWYYD8RDPVZ
age: 2123
etag: W/"5fcefeebf5ddc7b2ddf2435967e63de9"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
cf-ray: 833d8b078e3d1c2e-FRA
x-amz-id-2: uPJIzcgfcqFH+YgEf4wMWt8G4wxOM1qewTig3jxzXzhPxlApJLSAQY3FLpXys8LRgrAOVdUehKfW9g51wad6xg==

GET
H2 200 encrypted-tag-g.js Show response
invstatic101.creativecdn.com/encrypted-signals/ 1 KB
1 KB 80ms
33ms Script
text/javascript 34.96.70.87
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Requested by: Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1r100yi8pmbig/script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.70.87 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 87.70.96.34.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: b04a268fbd6ac543dcd653b1c529871767a5b78cb2a2f40e54bcb0bfe2daa154

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hornex.pro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 11:56:13 GMT
via: 1.1 google, 1.1 google
last-modified: Thu, 03 Aug 2023 03:28:51 GMT
server: Google Frontend
etag: fc4e6bfe266081c4873c6f08c8298e5c
content-type: text/javascript; charset=utf-8
x-cloud-trace-context: 9de9ddb3d5d302d80142e1ae62b3a0e4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1207

GET
H2 200 sync.min.js Show response
tags.crwdcntrl.net/lt/c/16589/ 39 KB
12 KB 37ms
8ms Script
text/javascript 65.9.66.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Requested by: Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1r100yi8pmbig/script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.68 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-68.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e885badff253144e188588b5657e13cfa1135d4cd682053c9cca02b83baf1ef2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hornex.pro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 04:16:06 GMT
content-encoding: gzip
via: 1.1 b8fb5d47d5536b63dd25111404e6e2e4.cloudfront.net (CloudFront)
last-modified: Wed, 06 Sep 2023 15:56:57 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
age: 27608
x-amz-server-side-encryption: AES256
etag: W/"e073e71ed7a44e6f9cdd72904fda5940"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public, max-age=86400
x-amz-cf-id: d_BwPuqYNV2H5XeKsTacDhTyHkaQj-u9bBp8R-3l1Lb7urIMwD6-iQ==

GET
H/1.1 200
OK uid2SecureSignal.js Show response
cdn.prod.uidapi.com/ 3 KB
3 KB 44ms
8ms Script
text/javascript 2600:9000:2250:a200:a:e047:753:a221
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.prod.uidapi.com/uid2SecureSignal.js
Requested by: Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1r100yi8pmbig/script.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:a200:a:e047:753:a221 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 72e960baa80ec819264a604f2f8a8e5c21f81b785ebc17595211ad170d8b1bdc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hornex.pro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id: KP_OVZMS6roEW_XJdOd.KnSEmM8GWiP3
Date: Mon, 11 Dec 2023 06:24:16 GMT
Via: 1.1 d4f777a2d5a6d5aeb7eb6201b41775ea.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA60-P2
Age: 20200
x-amz-server-side-encryption: AES256
X-Cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
Connection: keep-alive
Content-Length: 2776
Last-Modified: Thu, 19 Oct 2023 06:40:11 GMT
Server: AmazonS3
ETag: "a3a9a9ee8e72db69d54e805f0586c651"
Content-Type: text/javascript
Accept-Ranges: bytes
X-Amz-Cf-Id: xFMpi-GTpxXUYl6SQznVXlAkfQufK5uLsiI-y85SZmvtEtBloz-VJg==

GET
H2 200 country Show response
api.btloader.com/ 16 B
132 B 117ms
117ms Fetch
application/json 130.211.23.194
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.btloader.com/country
Requested by: Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1r100yi8pmbig/script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.23.194 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 194.23.211.130.bc.googleusercontent.com
Software: /
Resource Hash: a04a64eb55c4a16ed352d149385a8ac8d8c2d3291f0e5b59b0f48375443b5f24

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hornex.pro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 11:56:13 GMT
via: 1.1 google
vary: Origin
content-type: application/json
access-control-allow-origin: *
cache-control: private, max-age=300, stale-while-revalidate=600, stale-if-error=600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16

GET
H2 204 pv Show response
api.btloader.com/ 0
40 B 115ms
115ms XHR
text/plain 130.211.23.194
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.btloader.com/pv?tid=dwXmZq0O&w=5199475728973824&o=5130683165442048&cv=2.1.26&widget=false&r=false&vr=1600x1200&pageURL=https%3A%2F%2Fhornex.pro%2F&sid=eaMv9S5Fk&pm=false&upapi=true
Requested by: Host: btloader.com
URL: https://btloader.com/tag?o=5130683165442048&upapi=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.23.194 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 194.23.211.130.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hornex.pro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 11 Dec 2023 11:56:13 GMT
cache-control: no-cache, no-store, must-revalidate
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
vary: Origin

GET
H/1.1 200
OK adagio.js Show response
script.4dex.io/ 75 KB
24 KB 36ms
21ms Fetch
application/javascript 2606:4700:20::681a:8a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.4dex.io/adagio.js
Requested by: Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1r100yi8pmbig/script.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:8a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 26305a08644b4f51b55812cf0ecf879c22da303a365b3d2769baa1b54c028c4d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hornex.pro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Mon, 11 Dec 2023 11:56:13 GMT
Content-Encoding: br
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 940203
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 27 Nov 2023 07:14:07 GMT
Server: cloudflare
ETag: W/"6faf3acfde3bb82adada71be4fc1deb0"
Vary: Origin, Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cgLP7BI9vSjS7gQiziIIuH%2F5HpSxCPhvl49HkL49fcRguTJub7TuMBp2DdcHzfFH6%2FXttyVRBp%2B3304Do7Pj9nmFiY%2B38ZNtL8qRnurYoARloZgQLvuEvr%2BNhwS4aKeAJ2n7se5ehQZuxRPX"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers
Cache-Control: public, max-age=1800
CF-RAY: 833d8b07dc3d364b-FRA

POST
H2 200 map Show response
bcp.crwdcntrl.net/6/ 60 B
330 B 121ms
30ms XHR
application/json 52.212.5.247
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/6/map
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.212.5.247 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-212-5-247.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: e637b439357118ab22219a67b0b238cce9308c0d932abc5e4fc1671fe88614e5

Request headers

Referer: https://hornex.pro/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 11 Dec 2023 11:56:13 GMT
server: Jetty(9.4.38.v20210224)
content-type: application/json;charset=utf-8
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://hornex.pro
cache-control: no-cache
x-server: 10.45.9.99
access-control-allow-credentials: true
content-length: 60
expires: 0

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 1748 15 KB
6 KB 43ms
15ms Document
text/html 2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=hornex.pro

Requested by

Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1r100yi8pmbig/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4563823fd629a48517c7feb8bf33640e12440e08bdde7a172ce477c2ddfc9c4d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://hornex.pro/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 11 Dec 2023 11:56:13 GMT
server: Kestrel
server-processing-duration-in-ticks: 350599
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
x-robots-tag: noindex

GET
H2 204 increment Show response
id5-sync.com/api/esp/ 0
226 B 89ms
9ms XHR
text/plain 162.19.138.82
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/api/esp/increment?counter=no-config

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/esp.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.82 Frankfurt am Main, Germany, ASN16276 (OVH, FR),

Reverse DNS

ns31532337.ip-162-19-138.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://hornex.pro/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://hornex.pro
date: Mon, 11 Dec 2023 11:56:12 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin

GET
H2

200

esp Show response
oajs.openx.net/
Redirect Chain

https://oajs.openx.net/esp?url=https%3A%2F%2Fhornex.pro%2F&rid=esp
https://oajs.openx.net/esp?url=https%3A%2F%2Fhornex.pro%2F&rid=esp&cc=1

85 B
195 B

116ms
115ms

Fetch
application/json

34.120.135.53
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://oajs.openx.net/esp?url=https%3A%2F%2Fhornex.pro%2F&rid=esp&cc=1
Requested by: Host: hornex.pro
URL: https://hornex.pro/
Protocol: H2
Server: 34.120.135.53 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 53.135.120.34.bc.googleusercontent.com
Software: / Express
Resource Hash: 8873a594d4a5ce6846ccc9314add051589047aa7433702f93e7ce89893ba3731

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hornex.pro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 11:56:13 GMT
via: 1.1 google
x-powered-by: Express
etag: W/"55-4+33lMpy0y3Qw5J4WSK3z+fxUBY"
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://hornex.pro
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 85

Redirect headers

date: Mon, 11 Dec 2023 11:56:13 GMT
via: 1.1 google
x-powered-by: Express
vary: Origin
access-control-allow-origin: https://hornex.pro
location: /esp?url=https%3A%2F%2Fhornex.pro%2F&rid=esp&cc=1
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 91 KB
42 KB 360ms
359ms Fetch
text/plain 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=339537812284755&correlator=2521700964275675&eid=31077978%2C31079233%2C31079575&output=ldjh&gdfp_req=1&vrg=202312040101&ptt=17&impl=fif&iu_parts=421469808%3A22693443984%2Chornex.pro_970x250&enc_prev_ius=%2F0%2F1&prev_iu_szs=970x250&ifi=1&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1702295773503&lmt=1702295773&adxs=352&adys=1182&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&bz=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fhornex.pro%2F&vis=1&psz=-1x-1&msz=-1x-1&fws=4&ohw=1600&ga_vid=61625368.1702295773&ga_sid=1702295774&ga_hid=1059023432&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQYmcHwxcUxSABSAghkEhkKCnB1YmNpZC5vcmcY4sHwxcUxSABSAghqEh0KDmVzcC5jcml0ZW8uY29tGJnB8MXFMUgAUgIIZBIUCgVvcGVueBiZwfDFxTFIAFICCGQSGQoKdWlkYXBpLmNvbRiZwfDFxTFIAFICCGQSFwoIcnRiaG91c2UYp8LwxcUxSABSAghqEhsKDGlkNS1zeW5jLmNvbRiZwfDFxTFIAFICCGQ.&dlt=1702295772626&idt=665&prev_scp=CDT%3Dno%26richmedia%3Dno%26GS%3DNo%26update_id%3D7.0%252011%252F12%252F23%252011%253A06%25206576df1957745%26FC%3D1%26OS%3DOther%26Conc%3DNo&adks=1505619942&frm=20

Requested by

Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1r100yi8pmbig/script.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

aa4222263ae138931236badd5c5be305eb6bbc72c73baa677c4f0c01c6cfb817

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hornex.pro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 11:56:13 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43208
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://hornex.pro
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
f6f4a0d07256345d3fd02984b368e884.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 3917 6 KB
3 KB 107ms
49ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://f6f4a0d07256345d3fd02984b368e884.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1r100yi8pmbig/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hornex.pro/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 11 Dec 2023 11:56:13 GMT
expires: Tue, 10 Dec 2024 11:56:13 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H3 204 log
api.btloader.com/ 0
0 117ms
116ms Fetch 130.211.23.194
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.btloader.com/log?tid=dwXmZq0O&cv=2.1.26&sid=eaMv9S5Fk&upapi=true
Requested by: Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1r100yi8pmbig/script.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 130.211.23.194 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 194.23.211.130.bc.googleusercontent.com
Software: /
Resource Hash

Request headers

Referer: https://hornex.pro/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Mon, 11 Dec 2023 11:56:13 GMT
cache-control: no-cache, no-store, must-revalidate
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
vary: Origin

GET
H2

200

sid Show response
mug.criteo.com/ Frame 1748
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertagids&domain=hornex.pro&sn=ChromeSyncframe&so=0&topUrl=hornex.pro&cw=1&lsw=1&topicsavail=0&fledgeavail=0
https://mug.criteo.com/sid?cpp=ugMs3nxHUXNSUG5WTDVOMmN1NndySDNFZjdYbFN4UnVsZHB6YTRhb1dud3gxMUlsKzVtQkxBaFZmNW16cVY0aE9VRG9mbzZHdHNYbGVyWlJmUElOdDF2S29OWk1teG9HQzB0M1RuVWQzbTZoYWloTE1sS1Zsd1BvaW5YVW...

412 B
645 B

15ms
14ms

Fetch
application/json

2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=ugMs3nxHUXNSUG5WTDVOMmN1NndySDNFZjdYbFN4UnVsZHB6YTRhb1dud3gxMUlsKzVtQkxBaFZmNW16cVY0aE9VRG9mbzZHdHNYbGVyWlJmUElOdDF2S29OWk1teG9HQzB0M1RuVWQzbTZoYWloTE1sS1Zsd1BvaW5YVWRZTXZTMXJmdi8yaTExZTh1c3BNbThOcVJISmY0QXUyVlU0b3puY0pYUUdOVE5LVDJjR3RvZVA2RVFXRDZhdlIyN0FLMEJtSkg3MElob2p2SHUyTHVCbjQxbmRKY3FZd21rRjIyOWxZZEk1TUlUakRMQWRZbXBuUVcvUXBzdUZGUzZDVFk1Z0RnaE43VDgxK1pBTjBMZ3krd3lLbW5JRVRkSjRvSWV3VjBFWVJKeUlBT094TT18&cppv=2

Requested by

Host: hornex.pro
URL: https://hornex.pro/

Protocol

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

a58569151f5977c353d504872de432189959fe95a06f1d25db0635143605ab3f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Dec 2023 11:56:12 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1057203
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 11 Dec 2023 11:56:13 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=ugMs3nxHUXNSUG5WTDVOMmN1NndySDNFZjdYbFN4UnVsZHB6YTRhb1dud3gxMUlsKzVtQkxBaFZmNW16cVY0aE9VRG9mbzZHdHNYbGVyWlJmUElOdDF2S29OWk1teG9HQzB0M1RuVWQzbTZoYWloTE1sS1Zsd1BvaW5YVWRZTXZTMXJmdi8yaTExZTh1c3BNbThOcVJISmY0QXUyVlU0b3puY0pYUUdOVE5LVDJjR3RvZVA2RVFXRDZhdlIyN0FLMEJtSkg3MElob2p2SHUyTHVCbjQxbmRKY3FZd21rRjIyOWxZZEk1TUlUakRMQWRZbXBuUVcvUXBzdUZGUzZDVFk1Z0RnaE43VDgxK1pBTjBMZ3krd3lLbW5JRVRkSjRvSWV3VjBFWVJKeUlBT094TT18&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 330941
content-length: 0
expires: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 67 KB
16 KB 467ms
467ms Fetch
text/plain 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=339537812284755&correlator=1473393361778029&eid=31077978%2C31079233%2C31079575&output=ldjh&gdfp_req=1&vrg=202312040101&ptt=17&impl=fif&iu_parts=421469808%3A22693443984%2Chornex.pro_300x600&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x600&ifi=2&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1702295773599&lmt=1702295773&adxs=18&adys=111&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&bz=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fhornex.pro%2F&vis=1&psz=-1x-1&msz=-1x-1&fws=4&ohw=1600&ga_vid=61625368.1702295773&ga_sid=1702295774&ga_hid=1059023432&ga_fc=true&a3p=EhkKCnVpZGFwaS5jb20YmcHwxcUxSABSAghkEhsKDGlkNS1zeW5jLmNvbRjzwvDFxTFIAFICCGoSHAoNY3J3ZGNudHJsLm5ldBiZwfDFxTFIAFICCGQSGQoKcHViY2lkLm9yZxjiwfDFxTFIAFICCGoSHQoOZXNwLmNyaXRlby5jb20YmcHwxcUxSABSAghkEhQKBW9wZW54GJnB8MXFMUgAUgIIZBIXCghydGJob3VzZRinwvDFxTFIAFICCGo.&dlt=1702295772626&idt=665&prev_scp=CDT%3Dno%26richmedia%3Dno%26GS%3DNo%26update_id%3D7.0%252011%252F12%252F23%252011%253A06%25206576df1957745%26FC%3D1%26OS%3DOther%26Conc%3DNo%26hb_format_appnexus%3Dbanner%26hb_size_appnexus%3D300x600%26hb_pb_appnexus%3D0.05%26hb_adid_appnexus%3D1714474607768aa%26hb_bidder_appnexus%3Dappnexus%26hb_format%3Dbanner%26hb_size%3D300x600%26hb_pb%3D0.05%26hb_adid%3D1714474607768aa%26hb_bidder%3Dappnexus&adks=2888201271&frm=20

Requested by

Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1r100yi8pmbig/script.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

038e4ef2a3538842e16b6955c361fd834f32679559a2c890bf1a55dc0d6446a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hornex.pro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 11:56:14 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16672
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://hornex.pro
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 /
onetag-sys.com/usync/ Frame 9BDD 0
0 8ms
8ms Document
text/plain 51.89.9.251
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?cb=1702295773408

Requested by

Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1r100yi8pmbig/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.251 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip251.ip-51-89-9.eu

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://hornex.pro/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control: no-store
strict-transport-security: max-age=15552000

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 7D65 52 KB
17 KB 29ms
6ms Document
text/html 151.101.1.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1r100yi8pmbig/script.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.1.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://hornex.pro/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Age: 11867
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Mon, 11 Dec 2023 11:56:13 GMT
ETag: W/"623de86a-cf34"
Expires: Thu, 16 Nov 2023 08:37:34 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Vary: Accept-Encoding
Via: 1.1 varnish, 1.1 varnish
X-Cache: HIT, HIT
X-Cache-Hits: 494, 105801
X-Served-By: cache-lga13626-LGA, cache-fra-eddf8230091-FRA
X-Timer: S1702295774.641414,VS0,VE0

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame 586A 281 B
555 B 52ms
16ms Document
text/html 104.84.57.247
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html
Requested by: Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1r100yi8pmbig/script.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.84.57.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-84-57-247.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://hornex.pro/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Mon, 11 Dec 2023 11:56:13 GMT
ETag: "280525-119-60930cbd3cec0"
Last-Modified: Thu, 02 Nov 2023 19:57:23 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

GET
H2 200 load-cookie.html Show response
elb.the-ozone-project.com/static/ Frame FE70 12 KB
5 KB 47ms
47ms Document
text/html 104.18.43.178
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=&publisherId=OZONEAIP0001&siteId=1500000135&cb=1702295773499&bidder=ozone
Requested by: Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1r100yi8pmbig/script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.43.178 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b870075f71120ac8016dc16fdb3dd48e648383de13949ef9bddb4dd3bf65f04f

Request headers

Referer: https://hornex.pro/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-cache, no-store, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 833d8b092a9818d6-FRA
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Mon, 11 Dec 2023 11:56:13 GMT
expires: 0
last-modified: Thu, 07 Dec 2023 11:55:37 GMT
pragma: no-cache
server: cloudflare
vary: Origin, Accept-Encoding

GET
H2 200 async_usersync Show response
ib.adnxs.com/ Frame 7D65 0
592 B 53ms
52ms Script
text/html 185.89.210.82
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.82 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Dec 2023 11:56:13 GMT
an-x-request-uuid: 02cd725a-3d6b-4f7f-a4f1-113709daa7ab
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
cache-control: no-store, no-cache, private
x-proxy-origin: 37.58.58.246; 37.58.58.246; 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 v84a3a4012de94ce1a686ba8c167c359c1696973893317 Show response
static.cloudflareinsights.com/beacon.min.js/ Frame FE70 20 KB
7 KB 62ms
45ms Script
text/javascript 2606:4700::6810:3965
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/v84a3a4012de94ce1a686ba8c167c359c1696973893317
Requested by: Host: elb.the-ozone-project.com
URL: https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=&publisherId=OZONEAIP0001&siteId=1500000135&cb=1702295773499&bidder=ozone
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:3965 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6153d13804862b0fc1c016cf1129f34cb7c6185f2cf4bf1a3a862eecdab50101

Request headers

Referer: https://elb.the-ozone-project.com/
Origin: https://elb.the-ozone-project.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 11:56:13 GMT
content-encoding: gzip
last-modified: Tue, 10 Oct 2023 21:38:13 GMT
server: cloudflare
etag: W/"2023.10.0"
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 833d8b09ab3f6955-FRA

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 586A 46 KB
13 KB 18ms
18ms Script
text/html 104.84.57.247
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.84.57.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-84-57-247.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: bf55a1da3ec66a5b28ef68a83c065f86d874ef2d91fb4cfc655a0383235ef5c9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Mon, 11 Dec 2023 11:56:13 GMT
Content-Encoding: gzip
Last-Modified: Sun, 10 Dec 2023 21:40:29 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=34961
Connection: keep-alive
Content-Length: 13232
Expires: Mon, 11 Dec 2023 21:38:54 GMT

POST
H2 200 cookie_sync Show response
elb.the-ozone-project.com/ Frame FE70 8 KB
2 KB 54ms
52ms XHR
text/plain 104.18.43.178
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://elb.the-ozone-project.com/cookie_sync
Requested by: Host: elb.the-ozone-project.com
URL: https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=&publisherId=OZONEAIP0001&siteId=1500000135&cb=1702295773499&bidder=ozone
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.43.178 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 53385ba76339b91a13cfbaf17e61f493953d58e74036195e434b8900648ad7bc

Request headers

Referer: https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=&publisherId=OZONEAIP0001&siteId=1500000135&cb=1702295773499&bidder=ozone
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 11 Dec 2023 11:56:13 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
vary: Origin, Accept-Encoding
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://elb.the-ozone-project.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 833d8b09ab3e18d6-FRA
expires: 0

GET
H/1.1 200
OK khaos.json Show response
token.rubiconproject.com/ Frame 586A 7 B
380 B 42ms
9ms XHR
application/json 69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://token.rubiconproject.com/khaos.json?
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://eus.rubiconproject.com
Cache-Control: no-cache,no-store,must-revalidate
access-control-allow-credentials: true
content-length: 7
X-RPHost: 611afce88997db6fdd35eb213e662871
Expires: 0

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 120ms
64ms XHR
application/json 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202312040101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312040101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

76e4feb3bc74ab587e5f399aec552eb7a1e81c16cd2d6482ba3b016de75e3ccd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hornex.pro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 11:56:13 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12082
x-xss-protection: 0

POST
H2 204 rum Show response
elb.the-ozone-project.com/cdn-cgi/ Frame FE70 0
160 B 14ms
13ms XHR
text/plain 104.18.43.178
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://elb.the-ozone-project.com/cdn-cgi/rum?

Requested by

Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/v84a3a4012de94ce1a686ba8c167c359c1696973893317

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.43.178 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=&publisherId=OZONEAIP0001&siteId=1500000135&cb=1702295773499&bidder=ozone
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
content-type: application/json

Response headers

date: Mon, 11 Dec 2023 11:56:13 GMT
x-content-type-options: nosniff
server: cloudflare
vary: Origin
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://elb.the-ozone-project.com
x-frame-options: DENY
access-control-allow-credentials: true
cf-ray: 833d8b09fba718d6-FRA

GET
H2

200

setuid
elb.the-ozone-project.com/ Frame FE70
Redirect Chain

https://ssum.casalemedia.com/usermatchredir?us_privacy=pbs-ozone&gdpr=0&gdpr_consent=&s=189937&cb=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dix%26gdpr%3D0%26gdpr_consent%3D%26us_pr...
https://ssum.casalemedia.com/usermatchredir?cb=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dix%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D&gdpr=0&gdpr_consent=&s=1...
https://elb.the-ozone-project.com/setuid?bidder=ix&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&uid=ZXb43ckwdrB1SQxzmE8S2gAA%265199

0
784 B

45ms
45ms

Image
text/plain

104.18.43.178
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://elb.the-ozone-project.com/setuid?bidder=ix&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&uid=ZXb43ckwdrB1SQxzmE8S2gAA%265199
Protocol: H2
Server: 104.18.43.178 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://elb.the-ozone-project.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Dec 2023 11:56:14 GMT
cf-cache-status: DYNAMIC
server: cloudflare
vary: Origin, Accept-Encoding
cache-control: no-cache, no-store, must-revalidate
cf-ray: 833d8b0b7dc118d6-FRA
content-length: 0
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 11 Dec 2023 11:56:13 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cBttH2926trF1xkMzh%2FMX%2F2%2BuWtgNZ9LdwQ%2FRzzs%2BSjqsW60D2dZjJwfREvJoigoqcDtFnD4HEkkTboDKSjw1xQlpTzLhW8tM%2FsG2JZdM%2BFyjkMESp0i7J8LeZ0Pp2bIOksKowYS"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: https://elb.the-ozone-project.com/setuid?bidder=ix&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&uid=ZXb43ckwdrB1SQxzmE8S2gAA%265199
cache-control: no-cache
cf-ray: 833d8b0b49561e4b-FRA
alt-svc: h3=":443"; ma=86400
content-length: 0
expires: 0

GET
H2 200 pd Show response
google-bidout-d.openx.net/w/1.0/ Frame 3420 0
167 B 56ms
20ms Document
text/html 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Requested by: Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1r100yi8pmbig/script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://hornex.pro/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-length: 20
content-type: text/html
date: Mon, 11 Dec 2023 11:56:13 GMT
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
via: 1.1 google

GET
H2 200 container.html Show response
f6f4a0d07256345d3fd02984b368e884.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame AA85 6 KB
3 KB 14ms
14ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://f6f4a0d07256345d3fd02984b368e884.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1r100yi8pmbig/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hornex.pro/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 11 Dec 2023 11:56:13 GMT
expires: Tue, 10 Dec 2024 11:56:13 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 119ms
77ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1r100yi8pmbig/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hornex.pro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 11:56:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 11 Dec 2023 11:56:14 GMT

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 3C70 624 B
825 B 91ms
54ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CMD3swEQyrfz-QEYkbSp_wEwAQ&v=APEucNWSs4IyQFZpLSIJEnTZdfTy9bsVV3SKoC03bGXVKgIjBmgobnmaH6kLPIVS5YvihMZuYz4UBB2IjHY-uO-DxA8Ht28CsILzjCbroATswBo6_rZ7wwel93zB-a1On3wtGTQ6-AEuzcKkpoBx18PN9mzVAhG7m3L0ANeBiH119x6yDjQVNLzH8XBAuOQQRKbJiWNWY7BOcmwTit6UTaTBFmL3BhwVLg

Requested by

Host: f6f4a0d07256345d3fd02984b368e884.safeframe.googlesyndication.com
URL: https://f6f4a0d07256345d3fd02984b368e884.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://f6f4a0d07256345d3fd02984b368e884.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 11 Dec 2023 11:56:14 GMT
expires: Mon, 11 Dec 2023 11:56:14 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 abg_lite_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20231206/r20110914/ Frame AA85 24 KB
9 KB 50ms
15ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231206/r20110914/abg_lite_fy2021.js

Requested by

Host: hornex.pro
URL: https://hornex.pro/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c8fffb0b438b7f9403ccd47fddc2de355f2f685fe2f59ac9d4c15f82854d79b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f6f4a0d07256345d3fd02984b368e884.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 19:00:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 60974
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9318
x-xss-protection: 0
server: cafe
etag: 3562968281324141506
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 24 Dec 2023 19:00:00 GMT

GET
H3 200 omrhp_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20231206/r20110914/elements/html/ Frame AA85 7 KB
3 KB 51ms
17ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231206/r20110914/elements/html/omrhp_fy2021.js

Requested by

Host: hornex.pro
URL: https://hornex.pro/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f6f4a0d07256345d3fd02984b368e884.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 19:08:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 60485
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3071
x-xss-protection: 0
server: cafe
etag: 10674441169935035545
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 24 Dec 2023 19:08:09 GMT

GET
H2 200 view
ad.doubleclick.net/pcs/ Frame AA85 0
0 57ms
56ms Fetch
image/gif 142.250.181.230
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/pcs/view?xai=AKAOjsvvYpNVSq0Z_T59zoaCkL7doyrFaZGi61oFjyk9K4kO4Y9UiuYSMPd1zOJPRftXLSKh1sJbk8YFGyOhjmlDmTWNU68zg24Pzw1Ig4MFP0-o-2FiO3ysw-os3FgOrRP9ooU3lIbOp57bv4W6cAkKJZjSov_EQlWZkhwtQKKqCg5GayyRGMWg8OylkxdVYIHxY5gzPVyCgP5ngq1Du2Q_CoXULLfbtv78ASloLyw9qDbWTSuyYxYlnwcWHAan3NCH8pJqyzUiWr1Gw_PWPG2feYQZBfBC2PlX-pQTHdj5i2g5xdURZbmzIBAbpJj1GOm9lWj-J3qnfdX4pG7TA_nlWae46BvvoR44LzWnbGQIIZkrS6H49YdfK_XyfjWVDtwtI6SoXelR6F1TQer3nB69pO5Fr_eripXltM5I0JrLPpvNYv0jfO0B3QimlBY0N2MY7WzzFujZwObOJsDwoyWj2pxuF6lJwHIrmRsGPg0E9vy8WIMfdPIFBj8M5xps8D7u70jIncRJL3Rt2YJi1rCXmhR1ULYubHFoTHR04YyLMzAsgKrm6FkaV9SJuTf7Z2eheTP9GQapWIyRPDjfgB_YA3k6DC8d1QHfD_Uok2NB6QRlolV_n_feo2LBuR3mO7N5pWg012E6f4xl0lT68bsCabo_AuEnt0nHrywi5HlbzWP9F2gWcB9G_QtPSgwKinrJFSAFLxRgAs4e2-J-6J6NAbmdD7pnKvHKe4mnS7tLlFuqG06pfa4kpBXJlN5_8GlPVVWWo79JN6c3aOOZ6FJ37nkT_Nz3TuarjJ8W2W1Z-4Fo7VhLhcxtJKagTspuphSumQSNkn_byIB_-lTlZPow59zyCoVH3Ofh_XvUCD-mjLgU4tB3Oq-v3Jg4gyPUJjuJdQrI7xo9wVdIQTadfq0F0BVI4LGfjbla_Kfd9TtFS09G2Xs9HSwUpA7fXyAs0O1HAaGW30bWp4Q-rrzoH67FSQg6G9a630FGHaxsKJaS1H9SD0rZH4TVipc9MHjsWqNkTEp4o76Q0xuEWep7G3Dfm-lDA76qK3d72ouLI-i1zExM9cjW_ECXG47R-42AFAL_60yN9z7QkFQx4-HF-O2vYyQZbyewMW3-ZutAd_E1urPOqtsVYAwcEQFkrCkD9df_HonsJvCacOIj3E1ddVsXRxuNq6TW_h_smdob4TRXW58-xmszPYAVkx4NFKVclnw47Uw22hiN1s3vYWKf8m7oX7iO8NPcyRBJcc0uJ-q7-02KNPZa1Rj6M5p8NZexiFmuBHS4s6ax2bskVyPTN_Y1UhqWOmCKPmyru07QI2QNZrNKwxa_zT1a4GJnNRBW_MLpBWNzZFWYoCASr58t-zqSrOb_t7KSEu7ZAH703ECSkd2ao-Jb4GcV7PJaq9NPYfPmS09kOg&sai=AMfl-YTV5ldT1WtjZxwRQkc6cMK2pjsdIJoa7mB-IeITgaQ0YW9U7DLg-kjGOTkStusQ7It3sKaB4NJay_40clEHga0YFsuFvbN6HGKxKs0-y5kuRHL6-uFP5mrqnf2aJ0VziQf8X_8G_bkLdIjKpMNp8bbYhBqQ2Cjgi5LIvyHaIWUaBUEfy8S1LJv2XZZPD0Gzju6Cnsc3KRLztwQbsmoJKuB7QpEfdBaJJgZl7vLlYjCidxB8bssc-8AV5xL3q9U7rdWsSqTODibsYHnYxk-_G0NwWe7TEJ3jjqAFwMRKG-CuEr_IYYR_j5EhTYG8-pAewwFXc8jzCoG9mCTSDAu1xWCFr831XQ9ZRCgIUaOMHZ-JX2D1zvip6TYHylWnaZfgBT5mJLkdVgm2uO58XwrCyHxaqZreuYXoq8hchuhUTdkEXuO8IvJQvyyfpwGxsGAfNoI4pf_UIKgOBf2TS1rbffMsLVXP2RPeG2CCGE7WmbskbUglLF6_YpwwCklI5GfYiDgGef9BEMjWCw&sig=Cg0ArKJSzADk6CsAGVFSEAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly92b3guZGU&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=2&cbvp=1&cstd=0&cisv=r20231206.51216&arae=0&ftch=1&adurl=

Requested by

Host: hornex.pro
URL: https://hornex.pro/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.230 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f6f4a0d07256345d3fd02984b368e884.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 11 Dec 2023 11:56:14 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
expires: Mon, 11 Dec 2023 11:56:14 GMT

GET
H2 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame AA85 41 KB
14 KB 17ms
17ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: hornex.pro
URL: https://hornex.pro/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f6f4a0d07256345d3fd02984b368e884.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 01:45:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 209421
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 08 Dec 2024 01:45:53 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/ Frame AA85 3 KB
1 KB 30ms
29ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/window_focus_fy2021.js

Requested by

Host: f6f4a0d07256345d3fd02984b368e884.safeframe.googlesyndication.com
URL: https://f6f4a0d07256345d3fd02984b368e884.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f6f4a0d07256345d3fd02984b368e884.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 09:21:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 9271
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 25 Dec 2023 09:21:43 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/ Frame AA85 20 KB
9 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: f6f4a0d07256345d3fd02984b368e884.safeframe.googlesyndication.com
URL: https://f6f4a0d07256345d3fd02984b368e884.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

21602d46c4e666495bdd0f84c3dfe552b57dd5111b4f1aa970a637c747635b81

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f6f4a0d07256345d3fd02984b368e884.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 23:43:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 43954
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8581
x-xss-protection: 0
server: cafe
etag: 5638635208567908330
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 24 Dec 2023 23:43:40 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame AA85 42 B
63 B 80ms
50ms Image
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AJVe5mcOefhU6oOHO2yfy2I2ZlI3u7jvTRfn2MCpk9rWwL7krlPG5zLIVb5Qb3pcyOPOEmrRJIY8zFQqFBc2uE0-Ws0uT5e4X0syoBIiLSxlEivFg

Requested by

Host: f6f4a0d07256345d3fd02984b368e884.safeframe.googlesyndication.com
URL: https://f6f4a0d07256345d3fd02984b368e884.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f6f4a0d07256345d3fd02984b368e884.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Dec 2023 11:56:14 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame AA85 202 KB
64 KB 96ms
36ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: f6f4a0d07256345d3fd02984b368e884.safeframe.googlesyndication.com
URL: https://f6f4a0d07256345d3fd02984b368e884.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a04fa6af32e77548f1c3e27b7014f3520c7494f317fa80b58f8704de83e4b821

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f6f4a0d07256345d3fd02984b368e884.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 11:56:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65145
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1701866768669483"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 11 Dec 2023 11:56:14 GMT

GET
H2 200 4320923307510298212
s0.2mdn.net/simgad/ Frame AA85 105 KB
105 KB 58ms
16ms Image
image/jpeg 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/4320923307510298212

Requested by

Host: f6f4a0d07256345d3fd02984b368e884.safeframe.googlesyndication.com
URL: https://f6f4a0d07256345d3fd02984b368e884.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

210e44cc20f0171336eb0ba7dcd62664b5d3059dc632c75458d040815069f017

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f6f4a0d07256345d3fd02984b368e884.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 12:49:01 GMT
x-content-type-options: nosniff
age: 169633
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 107334
x-xss-protection: 0
last-modified: Thu, 23 Nov 2023 12:15:25 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 08 Dec 2024 12:49:01 GMT

GET
H2

200

0.gif Show response
id5-sync.com/i/495/ Frame 5A37
Redirect Chain

https://sync.inmobi.com/prebid?gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&redirect=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dinmobi%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-...
https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=0&us_privacy=pbs-ozone&callback=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dinmobi%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpb...

43 B
921 B

26ms
10ms

Document
image/gif

162.19.138.82
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=0&us_privacy=pbs-ozone&callback=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dinmobi%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D

Requested by

Host: elb.the-ozone-project.com
URL: https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=&publisherId=OZONEAIP0001&siteId=1500000135&cb=1702295773499&bidder=ozone

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.82 Frankfurt am Main, Germany, ASN16276 (OVH, FR),

Reverse DNS

ns31532337.ip-162-19-138.eu

Software

Resource Hash

d346801abbf9bb4e9e9a055239053d4ab5596514304f601a6c70604187acb744

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-type: image/gif;charset=UTF-8
date: Mon, 11 Dec 2023 11:56:14 GMT
p3p: CP="CAO PSA OUR"
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers

Redirect headers

content-length: 494
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
content-type: text/html; charset=utf-8
date: Mon, 11 Dec 2023 11:56:14 GMT
expect-ct: max-age=0
location: https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=0&us_privacy=pbs-ozone&callback=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dinmobi%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D
referrer-policy: no-referrer
strict-transport-security: max-age=15552000; includeSubDomains
vary: Accept
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-xss-protection: 0

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012310301456000/ Frame 150D 196 KB
56 KB 65ms
15ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012310301456000/amp4ads-v0.mjs

Requested by

Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1r100yi8pmbig/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c6077711ce3174050ccebe6559eb5f0e251942c2cad21900d1c3ef316065565b

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hornex.pro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 08 Dec 2023 15:27:25 GMT
age: 246529
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56081
x-xss-protection: 0
server: sffe
etag: "6a17d296884b026a"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 07 Dec 2024 15:27:25 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012310301456000/v0/ Frame 150D 15 KB
5 KB 87ms
38ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012310301456000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1r100yi8pmbig/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b53b6ad23b258ce11eed97786741510819a369348afcf1260856fe3041fc33de

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hornex.pro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 08 Dec 2023 20:29:39 GMT
age: 228395
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5225
x-xss-protection: 0
server: sffe
etag: "0b7142e00666043e"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 07 Dec 2024 20:29:39 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012310301456000/v0/ Frame 150D 95 KB
29 KB 89ms
40ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012310301456000/v0/amp-analytics-0.1.mjs

Requested by

Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1r100yi8pmbig/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3907cc5ed9d4a0cdb316d069614220b55fccd5624ac173592a7a4c2c3aae0636

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hornex.pro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sat, 09 Dec 2023 01:47:30 GMT
age: 209324
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29077
x-xss-protection: 0
server: sffe
etag: "7b1f1965b6cd6fda"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sun, 08 Dec 2024 01:47:30 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012310301456000/v0/ Frame 150D 5 KB
2 KB 95ms
45ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012310301456000/v0/amp-fit-text-0.1.mjs

Requested by

Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1r100yi8pmbig/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

516f5e4c2dc5c69f3e1707e76695f866f8e62468aca15c1a9ddb165eb684f6f0

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hornex.pro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 08 Dec 2023 20:42:11 GMT
age: 227643
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1911
x-xss-protection: 0
server: sffe
etag: "5b0a82507b260c6e"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 07 Dec 2024 20:42:11 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012310301456000/v0/ Frame 150D 40 KB
13 KB 96ms
47ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012310301456000/v0/amp-form-0.1.mjs

Requested by

Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1r100yi8pmbig/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18ebc36644e10f87e20812c15e329c1b25848c62cd6cdfe74427cdf8995bc3a9

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hornex.pro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sat, 09 Dec 2023 10:33:30 GMT
age: 177764
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12952
x-xss-protection: 0
server: sffe
etag: "9817e561a46c70fa"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sun, 08 Dec 2024 10:33:30 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 150D 6 KB
802 B 23ms
23ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1r100yi8pmbig/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9a4eb2c9445287c34cb0a9ed5cc673460362483f0855bc91f8230dfa46a955e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hornex.pro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 11 Dec 2023 11:56:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 11 Dec 2023 11:38:08 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 11 Dec 2023 11:56:14 GMT

GET
H2 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 150D 2 KB
3 KB 17ms
17ms Image
image/png 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: hornex.pro
URL: https://hornex.pro/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hornex.pro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 20:42:23 GMT
x-content-type-options: nosniff
server: cafe
age: 54831
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2502
x-xss-protection: 0
expires: Mon, 11 Dec 2023 20:42:23 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 150D 295 B
399 B 18ms
18ms Image
image/png 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: hornex.pro
URL: https://hornex.pro/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hornex.pro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 20:48:55 GMT
x-content-type-options: nosniff
server: cafe
age: 54439
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Mon, 11 Dec 2023 20:48:55 GMT

GET
H2 200 2076313506083323656
tpc.googlesyndication.com/simgad/2442379733387834034/ Frame 150D 32 KB
32 KB 15ms
15ms Image
image/jpeg 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/2442379733387834034/2076313506083323656

Requested by

Host: hornex.pro
URL: https://hornex.pro/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

938dcb2d5aa46e24cdb337ef1540b0a81e27e44157e344399e49047d7a0c0ddd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hornex.pro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 09:10:44 GMT
x-content-type-options: nosniff
age: 9930
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32325
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 09:13:54 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 10 Dec 2024 09:10:44 GMT

GET
H2 200 14763004658117789537
tpc.googlesyndication.com/simgad/9318615762696369965/ Frame 150D 2 KB
2 KB 21ms
20ms Image
image/jpeg 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/9318615762696369965/14763004658117789537?w=100&h=100&tw=1&q=75

Requested by

Host: hornex.pro
URL: https://hornex.pro/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

633e94ce5d4b4da503b5dddc34e28b794444c1b3ada4476445084e7f8ec7a0f1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hornex.pro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 02:49:24 GMT
x-content-type-options: nosniff
age: 205610
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1780
x-xss-protection: 0
last-modified: Mon, 01 Aug 2022 13:18:52 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 08 Dec 2024 02:49:24 GMT

GET
DATA 200
OK truncated
/ Frame 150D 221 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 613603afe8c5203c59d7f9df1cbac87109df7ffdf245fd20becfa6bd95b92155

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 150D 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 316c0e205eee79f5863f6fdae5b82470fbff1ae2a3789aae794f588bcb62a820

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame DF7F 38 KB
13 KB 13ms
13ms Document
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: hornex.pro
URL: https://hornex.pro/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://f6f4a0d07256345d3fd02984b368e884.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 183871
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 09 Dec 2023 08:51:43 GMT
expires: Sun, 08 Dec 2024 08:51:43 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 3C70
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDjnZRplGisldohkn6zG31E&google_cver=1

43 B
766 B

24ms
23ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDjnZRplGisldohkn6zG31E&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMD3swEQyrfz-QEYkbSp_wEwAQ&v=APEucNWSs4IyQFZpLSIJEnTZdfTy9bsVV3SKoC03bGXVKgIjBmgobnmaH6kLPIVS5YvihMZuYz4UBB2IjHY-uO-DxA8Ht28CsILzjCbroATswBo6_rZ7wwel93zB-a1On3wtGTQ6-AEuzcKkpoBx18PN9mzVAhG7m3L0ANeBiH119x6yDjQVNLzH8XBAuOQQRKbJiWNWY7BOcmwTit6UTaTBFmL3BhwVLg
Protocol: H3
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Dec 2023 11:56:14 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KbHE4rxAbPOnRSz8gijjANZ4tItcuJeVVsm7vP8NtAEUjuf8hKwj9HgTRB%2BVpOkVpzUkO80yWPcACceww5Z8hJrj%2FJIhGi6bA6VsPpUZMb2nkcvPfOhyhVc3wHyAhBfQjU5H5btbkNle9Q%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 833d8b0cdeea2c2e-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 11 Dec 2023 11:56:14 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDjnZRplGisldohkn6zG31E&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 3C70
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZXb43ckwdrB1SQxzmE8S2gAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDjnZRplGisldohkn6zG31E&google_cver=1

43 B
738 B

31ms
30ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDjnZRplGisldohkn6zG31E&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMD3swEQyrfz-QEYkbSp_wEwAQ&v=APEucNWSs4IyQFZpLSIJEnTZdfTy9bsVV3SKoC03bGXVKgIjBmgobnmaH6kLPIVS5YvihMZuYz4UBB2IjHY-uO-DxA8Ht28CsILzjCbroATswBo6_rZ7wwel93zB-a1On3wtGTQ6-AEuzcKkpoBx18PN9mzVAhG7m3L0ANeBiH119x6yDjQVNLzH8XBAuOQQRKbJiWNWY7BOcmwTit6UTaTBFmL3BhwVLg
Protocol: H3
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Dec 2023 11:56:14 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fA5oaqs1MnFmGynlbqqVhSt0RO3BU35G1zQfUcuu3YQDaHtguLihHjc4ckxO%2Fv%2FAKVQhg875sVAyzm43oGqeMB68pD6UA6vyal69LdJns%2BZrb%2FxxbYGn%2FV%2BwAB7%2BCKU%2FbFyzlfb4NBOo7w%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 833d8b0cfefb2c2e-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 11 Dec 2023 11:56:14 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDjnZRplGisldohkn6zG31E&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

setuid
ib.adnxs.com/ Frame 3C70
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESELCFVpFHPN-q69Zx7x-i55g&google_cver=1

43 B
839 B

36ms
35ms

Image
image/gif

185.89.210.82
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESELCFVpFHPN-q69Zx7x-i55g&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMD3swEQyrfz-QEYkbSp_wEwAQ&v=APEucNWSs4IyQFZpLSIJEnTZdfTy9bsVV3SKoC03bGXVKgIjBmgobnmaH6kLPIVS5YvihMZuYz4UBB2IjHY-uO-DxA8Ht28CsILzjCbroATswBo6_rZ7wwel93zB-a1On3wtGTQ6-AEuzcKkpoBx18PN9mzVAhG7m3L0ANeBiH119x6yDjQVNLzH8XBAuOQQRKbJiWNWY7BOcmwTit6UTaTBFmL3BhwVLg

Protocol

Server

185.89.210.82 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Dec 2023 11:56:14 GMT
an-x-request-uuid: c2e72af7-263d-4b41-927b-1f79cc988b01
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 37.58.58.246; 37.58.58.246; 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 11 Dec 2023 11:56:14 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESELCFVpFHPN-q69Zx7x-i55g&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 3C70
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTY4NjI0NjY3ODIyMjI5Mw%3D%3D

170 B
243 B

36ms
25ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTY4NjI0NjY3ODIyMjI5Mw%3D%3D

Requested by

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Dec 2023 11:56:14 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 11 Dec 2023 11:56:14 GMT
an-x-request-uuid: 06d9b2f3-9e2c-4e5c-9da7-41048fa49549
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTY4NjI0NjY3ODIyMjI5Mw%3D%3D
x-proxy-origin: 37.58.58.246; 37.58.58.246; 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
DATA 200
OK truncated
/ Frame AA85 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 18be4487612bb3a7d97a13c58f8e75f1c6906b2aeafdde43868351fc27337432

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 view
ad.doubleclick.net/pcs/ Frame AA85 0
0 52ms
52ms Fetch
image/gif 142.250.181.230
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/pcs/view?xai=AKAOjsvvYpNVSq0Z_T59zoaCkL7doyrFaZGi61oFjyk9K4kO4Y9UiuYSMPd1zOJPRftXLSKh1sJbk8YFGyOhjmlDmTWNU68zg24Pzw1Ig4MFP0-o-2FiO3ysw-os3FgOrRP9ooU3lIbOp57bv4W6cAkKJZjSov_EQlWZkhwtQKKqCg5GayyRGMWg8OylkxdVYIHxY5gzPVyCgP5ngq1Du2Q_CoXULLfbtv78ASloLyw9qDbWTSuyYxYlnwcWHAan3NCH8pJqyzUiWr1Gw_PWPG2feYQZBfBC2PlX-pQTHdj5i2g5xdURZbmzIBAbpJj1GOm9lWj-J3qnfdX4pG7TA_nlWae46BvvoR44LzWnbGQIIZkrS6H49YdfK_XyfjWVDtwtI6SoXelR6F1TQer3nB69pO5Fr_eripXltM5I0JrLPpvNYv0jfO0B3QimlBY0N2MY7WzzFujZwObOJsDwoyWj2pxuF6lJwHIrmRsGPg0E9vy8WIMfdPIFBj8M5xps8D7u70jIncRJL3Rt2YJi1rCXmhR1ULYubHFoTHR04YyLMzAsgKrm6FkaV9SJuTf7Z2eheTP9GQapWIyRPDjfgB_YA3k6DC8d1QHfD_Uok2NB6QRlolV_n_feo2LBuR3mO7N5pWg012E6f4xl0lT68bsCabo_AuEnt0nHrywi5HlbzWP9F2gWcB9G_QtPSgwKinrJFSAFLxRgAs4e2-J-6J6NAbmdD7pnKvHKe4mnS7tLlFuqG06pfa4kpBXJlN5_8GlPVVWWo79JN6c3aOOZ6FJ37nkT_Nz3TuarjJ8W2W1Z-4Fo7VhLhcxtJKagTspuphSumQSNkn_byIB_-lTlZPow59zyCoVH3Ofh_XvUCD-mjLgU4tB3Oq-v3Jg4gyPUJjuJdQrI7xo9wVdIQTadfq0F0BVI4LGfjbla_Kfd9TtFS09G2Xs9HSwUpA7fXyAs0O1HAaGW30bWp4Q-rrzoH67FSQg6G9a630FGHaxsKJaS1H9SD0rZH4TVipc9MHjsWqNkTEp4o76Q0xuEWep7G3Dfm-lDA76qK3d72ouLI-i1zExM9cjW_ECXG47R-42AFAL_60yN9z7QkFQx4-HF-O2vYyQZbyewMW3-ZutAd_E1urPOqtsVYAwcEQFkrCkD9df_HonsJvCacOIj3E1ddVsXRxuNq6TW_h_smdob4TRXW58-xmszPYAVkx4NFKVclnw47Uw22hiN1s3vYWKf8m7oX7iO8NPcyRBJcc0uJ-q7-02KNPZa1Rj6M5p8NZexiFmuBHS4s6ax2bskVyPTN_Y1UhqWOmCKPmyru07QI2QNZrNKwxa_zT1a4GJnNRBW_MLpBWNzZFWYoCASr58t-zqSrOb_t7KSEu7ZAH703ECSkd2ao-Jb4GcV7PJaq9NPYfPmS09kOg&sai=AMfl-YTV5ldT1WtjZxwRQkc6cMK2pjsdIJoa7mB-IeITgaQ0YW9U7DLg-kjGOTkStusQ7It3sKaB4NJay_40clEHga0YFsuFvbN6HGKxKs0-y5kuRHL6-uFP5mrqnf2aJ0VziQf8X_8G_bkLdIjKpMNp8bbYhBqQ2Cjgi5LIvyHaIWUaBUEfy8S1LJv2XZZPD0Gzju6Cnsc3KRLztwQbsmoJKuB7QpEfdBaJJgZl7vLlYjCidxB8bssc-8AV5xL3q9U7rdWsSqTODibsYHnYxk-_G0NwWe7TEJ3jjqAFwMRKG-CuEr_IYYR_j5EhTYG8-pAewwFXc8jzCoG9mCTSDAu1xWCFr831XQ9ZRCgIUaOMHZ-JX2D1zvip6TYHylWnaZfgBT5mJLkdVgm2uO58XwrCyHxaqZreuYXoq8hchuhUTdkEXuO8IvJQvyyfpwGxsGAfNoI4pf_UIKgOBf2TS1rbffMsLVXP2RPeG2CCGE7WmbskbUglLF6_YpwwCklI5GfYiDgGef9BEMjWCw&sig=Cg0ArKJSzADk6CsAGVFSEAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly92b3guZGU&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=124&vt=11&dtpt=122&dett=2&cstd=0&cisv=r20231206.51216&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: hornex.pro
URL: https://hornex.pro/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.230 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f6f4a0d07256345d3fd02984b368e884.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 11:56:14 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 6A1E 13 KB
5 KB 13ms
13ms Document
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1r100yi8pmbig/script.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hornex.pro/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 4457
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 11 Dec 2023 10:41:57 GMT
expires: Tue, 10 Dec 2024 10:41:57 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame A718 829 B
1 KB 59ms
24ms Document
text/html 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1r100yi8pmbig/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

949f82402eff95ed4da04bb5949a715e8d23a4fbf7ba4183a598a0e0bae75c97

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-RSlS2rDrazvVUAqSAcVDhw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://hornex.pro/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-RSlS2rDrazvVUAqSAcVDhw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 11 Dec 2023 11:56:14 GMT
expires: Mon, 11 Dec 2023 11:56:14 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 150D 15 KB
16 KB 13ms
13ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://hornex.pro
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 16:39:21 GMT
x-content-type-options: nosniff
age: 242213
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 07 Dec 2024 16:39:21 GMT

GET
H2 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 150D 15 KB
15 KB 17ms
17ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://hornex.pro
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 05:19:43 GMT
x-content-type-options: nosniff
age: 196591
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15740
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 08 Dec 2024 05:19:43 GMT

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame DF7F 39 KB
15 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 11:45:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 628
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 10 Dec 2024 11:45:46 GMT

GET
H3 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 150D 2 KB
2 KB 14ms
13ms Image
image/png 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: hornex.pro
URL: https://hornex.pro/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hornex.pro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 20:42:23 GMT
x-content-type-options: nosniff
server: cafe
age: 54831
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2502
x-xss-protection: 0
expires: Mon, 11 Dec 2023 20:42:23 GMT

GET
H3 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 150D 295 B
319 B 14ms
14ms Image
image/png 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: hornex.pro
URL: https://hornex.pro/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hornex.pro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 20:48:55 GMT
x-content-type-options: nosniff
server: cafe
age: 54439
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Mon, 11 Dec 2023 20:48:55 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame A718 0
0 48ms
47ms Image
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202312040101&jk=339537812284755&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame 6A1E 39 KB
15 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 11:45:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 628
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 10 Dec 2024 11:45:46 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 150D 0
0 59ms
59ms Image
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CaIqV3fh2ZdmvJ76_1PIPy_um2Ajd8IThdLfk06ybEqGQ_MIDEAEgkeLkH2CVgoCAtAegAZWXh6UByAEJqQIBtYEMNhCyPuACAKgDAcgDCqoE-wFP0LG4Xkjja0Q-JO8-ePCzZVCImSVDzfvd8naWTpDe84McpsbT4G6wNb50fHyn-JYAKSCA8mRBg3RygoO9jpFEDDbwZ6-S4N98iL64zipEv3JegMKXso20-IBMh-YdO80ij9315MtW85lu_m1xdF0VjQ8yFw18axF4G7Ua7D2DZohUptM9Q07CCkLdP8kRwXaFZDWxaGGgLq2vzaU0w5ZXV9pajwOe8lowDLg_lVd537FzLb55IAMpenAK1ARhHgAN2gTqGh69Lf10YziiTA3tvvdK2sISnenL_a_wZz5GqR84TS_MDtjcX_58hqbs3aVf4BMYPAEWR1MHqsAEvMDa3sUE4AQBiAXEgsvGTaAGLoAH0-j42gKoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G9gHAPIHBBDxySvSCB8IgOGAEBABGB0yAqoCOgKAQEi9_cE6WL_Ljveph4MDmglFaHR0cHM6Ly93d3cucmVuZXdldXJvcGVncm91cC5ldS9ldmVudHMvMjAyMy0xMS0xNC9nbG9iYWwtZXVyb3BlLWZvcnVtgAoDyAsBogwUKhIKEOS0sQLutbECtbixAqy6sQLiDRMIooOP96mHgwMVvh9VCB3LvQmLuBPkA9gTA9AVAZgWAYAXAbIXHgocCAASFHB1Yi0xNTcwNjYxOTYyODY2OTgxGJD9Eg&sigh=mgNJ-5oWvSk&uach_m=%5B%5D&ase=2&nis=5&cid=CAQSTwDICaaNtn_oDxW5saGngWnWuFBsuRVYjSnG92D02q4i-WaejTw3ZrlrPHj4rXvsoL3arvbgS_cHrxX_7pszZmOYyOwJVMheSaLb6N8WN_YYAQ&template_id=484&cbvp=2
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hornex.pro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 6A1E 0
10 B 13ms
13ms Image
text/plain 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?Y_u37g
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 11:56:14 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame DF7F 0
20 B 51ms
50ms Image
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=B54sk3fh2ZaK6IYvN1PIP4oqogAwAAAAAOAHgBAI&bg=!IiGlIW7NAAY3kmNgF5I7ADQBe5WfOKpQFtpaVLoaS9_toDrQa8B94-WpceWNfX0TWERCnFZyfIDyFmIJu0zFVMX4_7UFAgAAAMhSAAAAAmgBB5kDMM2cPORr5RfcDRNU1mbirbsEpMJxQk2USOTH5Q4PO8pHpwCt6nrfjNpumz9MVfL6nDzc3OE-ZAtLBiICqL91_Y3agCgqKuzcOTvvAh3Cq7N-bEBXx2kpO-Ed8B6VNB9KupkP90JDWza1i9IVqB57OH_bD1Qb0l5rgISBond7yn0CxJgBgqLlHe8FZJ8-t2majJ3va9Javp_QsvLT6iHbj_y43mbXMp9x2Dfr_1OEr6N-SpjMHpmGlv_KvXFJBZ8g9iPNQwEUCmoGnoZYJ19c3_ZC2rTUAuYsW1mXd6lVB_EUYXgYSUriRLW5G85CdyGiF-5tJDwygK-MPYKKucNV388WG6TByH4Vsp_rK0msJ-Aj9PjljmFMVzFc9VUWMAYNrfB9G18StZBb6LywZmUVj2eZzYCFO3wC1Rj9BQCuMox8wfioUFOFIXEuMcJgmXlb0PLbVyDNDwgKqR-NxQFn4Ye2MvX_UT3OlFGySmWmJpuClHfi0he-kudxqfKFfgC3ShOtbWTdFox7PuH-J_r4CQva3_c7RDPahPkTNHIYSAgeobxNIRMDelM8QLeAvReJEU8U3GgnPE2VvHSV1w29kfg_s6MzIKb-pqVDv3_5tKR-qGbT0n1vWpyJa9TcJLJRd6HuFsy5UPiExhVWbiP4FZSM9ruPEe6PPPmIF3WtGylvzLlsC1eGbo-NJl1WPg2T7HtQxvFZqLawR8tC90nPoVtxV-l50dRAyMppH1OjIZu4-HSzZF0D4xwOfKrmRyLCw9rYL1-nT0um9IYC2u-J_Ah2Dhz9e2mF_VkeiODrA--TeyH_MOvVMwsIqtYtsGNwKKb1HdH4_HWo2EaS9ozMvLDL124atvRXnNc5eXcGOCkOKHMwgbv4RXCBfjSVfAXuMh6cD18Tro0FbpN4dnCgxH74mI2WZWdAHsI0dBM9w4lADkyX7GeMBMu-dq5CZ4y8GhgqOuUGUVPxKFFf6pH8CX3-921Da5VuO1gXqGocohoqag4vEHzFCJ7dnk6qAK0ah4a_mku1nUJHxsoDYexVG6iPa-kCydQ8gTPbGFGH4vhLDh9e1C68dtf3qdj4AcWkMw

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Dec 2023 11:56:14 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 async_usersync Show response
ib.adnxs.com/ Frame 7D65 0
592 B 15ms
14ms Script
text/html 185.89.210.82
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.82 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Dec 2023 11:56:14 GMT
an-x-request-uuid: 9b88bb9d-97cf-4d23-a622-733ccfabe48b
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
cache-control: no-store, no-cache, private
x-proxy-origin: 37.58.58.246; 37.58.58.246; 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 204 current
prebid-match.dotomi.com/match/bounce/ Frame FE70 0
104 B 190ms
101ms Image
text/plain 2a02:fa8:8806:21::1690
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://prebid-match.dotomi.com/match/bounce/current?version=1&networkId=72582&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&rurl=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dconversant%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:21::1690 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://elb.the-ozone-project.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Dec 2023 11:56:14 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H2

200

setuid Show response
elb.the-ozone-project.com/ Frame 1A47
Redirect Chain

https://onetag-sys.com/usync/?gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&redir=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Donetag%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozon...
https://elb.the-ozone-project.com/setuid?bidder=onetag&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&uid=

0
461 B

50ms
50ms

Document
text/plain

104.18.43.178
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://elb.the-ozone-project.com/setuid?bidder=onetag&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&uid=
Requested by: Host: elb.the-ozone-project.com
URL: https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=&publisherId=OZONEAIP0001&siteId=1500000135&cb=1702295773499&bidder=ozone
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.43.178 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://elb.the-ozone-project.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-cache, no-store, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 833d8b118d5e18d6-FRA
content-length: 0
date: Mon, 11 Dec 2023 11:56:15 GMT
expires: 0
pragma: no-cache
server: cloudflare
vary: Origin, Accept-Encoding

Redirect headers

alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control: no-store
content-length: 0
location: https://elb.the-ozone-project.com/setuid?bidder=onetag&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&uid=
strict-transport-security: max-age=15552000

GET
H2 200 pbs-iframe Show response
pbs-cs.yellowblue.io/ Frame EE3B 0
372 B 278ms
31ms Document
text/html 54.246.157.113
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pbs-cs.yellowblue.io/pbs-iframe?gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&redirect=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Drise%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D[PBS_UID]
Requested by: Host: elb.the-ozone-project.com
URL: https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=&publisherId=OZONEAIP0001&siteId=1500000135&cb=1702295773499&bidder=ozone
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.246.157.113 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-246-157-113.eu-west-1.compute.amazonaws.com
Software: istio-envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://elb.the-ozone-project.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin: https://elb.the-ozone-project.com/
content-length: 0
content-type: text/html
date: Mon, 11 Dec 2023 11:56:15 GMT
server: istio-envoy
x-envoy-upstream-service-time: 0
x-reason: could not perform CS due to GDPR policy: gdpr is not applied

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 162ms
162ms Image
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202312040101&jk=339537812284755&bg=!lpWlldrNAAY3kmNgF5I7ADQBe5WfOOOgbbPLZZYM3VZyBKxGQ_8g83xRKSbR0q-KUoeKvAAn4na8VfLXgJ5oBU-xTvqXAgAAALBSAAAAAmgBB5kC5jpwPOz5BKpgo9SgoA3imXdhRbk6OrS4RAtliZ2TfBo8VH9Nb1cBtedfor3Dzgrl0J92sM_eCCL18j8azWyfxUupMWxTW4ut0pFfrEmtim5CTZT7O9EtwQeQs-dlI9UCoDzvSPYQGUTTR6E4mWdlqS7L3NW0MFlt7CyZUW2tL2tWBybUpjNI5TlyDKcu6pAvFiVPG1p0dLcMYWzYw0Ujj8AiQ4fgGdOobupnFDDH7YWsB9KEuRW5wUQr77RafGWtqi1U2oq4hAlUaJmwGwTCMNRD9kwia7J7REi5Ij3U94JWzqPZ2BVaWznTJo_GRFy5coZCKJ99JqWBp5IsYalMeHEcfSWbrBa3RaOS7YigiooZZVXKlIh8ulc2GPpDQycakEOvHItahh5fBSU1XOf9ACUZnetRcQ8FoEpZ50cSacTFXWlQCQQfnS0mkSMSx9c0iJiIjOWNPS__AfjRlU0PXBV_wqbXXonGzr3THhM_BWUl0DfDGR6hVNBfSTa7gYeuPaw79IHtAROT-qS5iWzh4WZr8JAd46t6i1M_031GMiA7UTk3Key826qmT-PWy5zpPf4YwWFCbygWBKjONChM7e0O5VnvkR3wcaGBwCdFlEfHSWchcYiEkAbgUa6V4np2TMP0LW1jf1-BDpPYV2AHYMQ36jr5LRdO9cgmBJC3VGa_wCZsZzHOyW3qwVogToqEBmK56NOCdf036YPWTUzwZYFqaKVPsjXlefS3a47_8RtFMrqazTIOgHbw-RM0I8diCvZhEKY2L87hMbnKfTVuIRZIT9uYyadJOMYFTRO53ZXmCtymToyfp_bIRgDjN27dPNQ4o5yMH87Fq7O5Pgf8WfUybwI57NF64YeypPEa7sKur3td9H17Z72ADwJ_S6jZVhiVx_KvZDAkqEoYllXZT1MJjkkyMt4gTFj02nxuhHYRaP1Lw3R3KSEe-7gsxLgzoZ7AKoWPlSjUB7S-zFPMh1T9HDcl_mg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hornex.pro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame AA85 42 B
174 B 52ms
52ms Fetch
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjst8cCGqWsFxI0GsTS9kJCB7CRhOibLnXkpeQuPnCT5xW6IqxlDLGSS3eItgmuziyXdiGb9wXHv7_NkFFc9EITFooiUaFjrwHM54nnAq8yiFkqaYVP9Bc8qkSRQpWJZ92hjDEUjsg-YqCHU7&sai=AMfl-YQkCwTsyj68NFnWsKmThlU9iDioiVsgn3hUZBuGm9X0YzuctYLF5jBT0XkCZ26GiqPzT-Vfd6Ot3TDlR04Atc9gXQd6jjx-bE9owha0dh5-v2vQ12XIubCjhEu46zEjqecznhuShZOdeWFu01UhFtIKDZmbJQtHwNNX&sig=Cg0ArKJSzJ5_WVLzJBw1EAE&cid=CAQSTwDICaaN1mRgQRLgMW4uOCl6nIyE8jRvG5z4y86a0E6Gbngjx6suFOUzfBmBnVKIhwe2X9Z-NL2aOqqL9i72bmOkGKT6WHe7GFnefv1BvI0YAQ&id=lidar2&mcvt=1005&p=950,352,1200,1322&mtos=1005,1005,1005,1005,1005&tos=1005,0,0,0,0&v=20231206&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1505619942&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1702295773940&rpt=267&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: hornex.pro
URL: https://hornex.pro/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f6f4a0d07256345d3fd02984b368e884.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Dec 2023 11:56:15 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cksync.php
hbx.media.net/ Frame FE70 52 B
315 B 271ms
234ms Image
image/gif 23.53.232.23
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hbx.media.net/cksync.php?cs=1&type=pbs&ovsid=setstatuscode&bidder=medianet&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&redirect=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dmedianet%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.53.232.23 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-53-232-23.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

5f20338b9aab2f5f33562eb3b0b23d999896ce426cacd2231b4123510571df4e

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400 ; includeSubDomains, max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://elb.the-ozone-project.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=86400 ; includeSubDomains, max-age=604800
date: Mon, 11 Dec 2023 11:56:15 GMT
server: Apache
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
content-length: 52
x-mnet-hl2: E
expires: Mon, 11 Dec 2023 11:56:15 GMT

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 150D 42 B
64 B 52ms
52ms Image
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssei9shjwuWDmnz77t39xorBup_b9acNnVlo5eIha_bRDNso9kR6bfuSY__SRdgO7ziA2EGRQTTvfsXYz7OguePjYINQVAcuh5No3Ba8AXSKm7DvI4b8DveUfbVpamLhtqY0MDMDVV9hnZG4LOeTVM9Z3fkhh_0wNhHTmhERbQL1p3Znkelg68UN97h4JDVPFo_vOGI3HGQYWEXQLcAs0Y_iSUr2VS5_Yc-VQPK63SKjAoDjPIjS9lJCTLuvv5m6CRY6VJseSbQFNDl32VXTOtMWFKIhUHgqKDNgN2BNQMS14DBU1JiJrnwScbNz8qNWLX_mZuBxEs0FoqoDkioYnhu3ncA1C7o-L2PLHs_WiSp0Ivt4XEsMXGdPtIrVsXb3Gpv3aVX7ohilMTy7PjL7xziU5qL3sZPn5uBTOYh7nq_z86DhbLBLJgLnoSfjKtbWNtuQzvnuJiRuX1e-aiElffQ65-JbQgEdqafDjkGZNikNF2mjOS-Vb9hHoA37xAVtK0YqlwAzOm0tbGJutIQl0qVPSAbf1PABt90AFMLZiFCu7Ong9hpzlfM3kwc3efj9PobgNzzA6i-6a-ktf8fkzVScGwHVY9uzZLTX279EYVKLTTRm5WM1pssm4U6aGehtKPcfUp2XAeal9VA5J83jRxvWwMKJcb7u7r3ys492ulIv1i6rLaC4ndHIYLePZNY1UDvQLVwYfLZguExs3d5s_G10Y5SWzVnVQ-6g4ZBfc-xU0maG1sm9opHdODekBAeu0r9jUXBTLq13emhO9Bqa7sj3-q8X6Jjs-mHhODWBMLBN-WNMiw5iGbnY6mfqT6KQQonDHq4bHlLwQRE_7SeVkZDHqSCIwPt5kb7Cc6A0jekSzUGM2ruZ_hJgiZ0AcDEe9Ai0eaQ925IWgMIYx3NN43dCshA8JDuzK69Q1yRtDMabcm3-ZJsgm0qoDznEpmOaff33WvUbA1KoFNmdS2kRLTaIr2LRhZ3WbQ2vAFpROpFUMnO0cwhvkC7Rn_RsV0tIags8-KrM43_AR1GXhMeg4nvDDOEhRh2mwyQZsJVgOMJY8cl5iNozyuzQWNqpKP3Wj-CCo9ZYW4CqeMt9WQVewZ_pktCjK9zVUM_wY2ci9V4XE7iLAGFdxCPlefhz66TOuakCFgO9j9cglgonxmunT2DB45Ik7uxY2AEAfhnNGImiOZolD9YBzYZjoqDkGBE_TcENITlAuE1HOHwY-MQo2jyS-96zkC4N8dUPEESJc8OD7xAHTnBphYUGMPGD4kj_BmOhLXFKRwK82gtGkqJql69MqRjWs3NGw&sai=AMfl-YQFVIOdmhXgHE5mmGt_bVnQXeglV6TcLKOopYtk0EE-LodIu7Hz_JyzxdGYUOdDSi-sABxaabOscLkOpCVxXaaSfqUOVy-cLnwHvRNX5JPw_NLq-ZZnK-1yMGMX7QmsC1t1bLYfHM4IYE8VqsKD0oQXFrMBL9PGOh5Kmg7f04mXsQTGclkyww&sig=Cg0ArKJSzIIsCcvFrVmLEAE&cid=CAQSTwDICaaNtn_oDxW5saGngWnWuFBsuRVYjSnG92D02q4i-WaejTw3ZrlrPHj4rXvsoL3arvbgS_cHrxX_7pszZmOYyOwJVMheSaLb6N8WN_YYAQ&id=ampim&o=18,111&d=300,600&ss=1600,1200&bs=1600,1200&mcvt=1009&mtos=0,0,1009,1009,1009&tos=0,0,1009,0,0&tfs=299&tls=1308&g=100&h=100&tt=1308&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hornex.pro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Dec 2023 11:56:15 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 occ
ups.analytics.yahoo.com/ups/58737/ Frame FE70 0
125 B 37ms
12ms Image
text/plain 3.71.149.231
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/58737/occ?gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&redirect=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dyahoossp%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D%24UID

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.71.149.231 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-71-149-231.eu-central-1.compute.amazonaws.com

Software

ATS/9.1.10.94 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://elb.the-ozone-project.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 11:56:15 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.94
age: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2 200 PrebidServer
crb.kargo.com/api/v1/dsync/ Frame FE70 43 B
375 B 32ms
8ms Image
image/gif 18.196.74.146
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://crb.kargo.com/api/v1/dsync/PrebidServer?gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&r=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dkargo%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.196.74.146 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-196-74-146.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://elb.the-ozone-project.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Dec 2023 11:56:15 GMT
x-accel-expires: 0
vary: Origin
x-rejected: consent
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate, private, max-age=0
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2 200 server_match
ad2.360yield.com/ Frame FE70 43 B
199 B 144ms
31ms Image
image/gif 54.246.168.82
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad2.360yield.com/server_match?r=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dimprovedigital%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%7BPUB_USER_ID%7D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.246.168.82 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-246-168-82.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://elb.the-ozone-project.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 11 Dec 2023 11:56:15 GMT
content-type: image/gif
content-length: 43
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET

sync
ads.servenobid.com/ Frame 251E
Redirect Chain

https://ads.servenobid.com/getsync?tek=pbs&ver=1&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&redirect=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dnobid%26gdpr%3D0%26gdpr_consent%3D%26...
https://ib.adnxs.com/getuid?https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D312%26uid%3D%24UID%26redirect%3Dhttps%253A%252F%252Fads.servenobid.com%252Fgetsync%253Fjp%253D1%2526redirect%253Dhttps%25...
https://ads.servenobid.com/sync?pid=312&uid=5686246678222293&redirect=https%3A%2F%2Fads.servenobid.com%2Fgetsync%3Fjp%3D1%26redirect%3Dhttps%253A%252F%252Felb.the-ozone-project.com%252Fsetuid%253Fb...
https://ads.servenobid.com/getsync?jp=1&redirect=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dnobid%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D%24UID
https://sync.1rx.io/usersync2/rmpssp?sub=duration&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D%26redirect%3Dhttps%253A%252F%252Fads.servenobid.com%252Fgetsync%253...
https://sync.1rx.io/usersync2/rmpssp?sub=duration&zcc=1&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D%26redirect%3Dhttps%253A%252F%252Fads.servenobid.com%252Fgetsy...
https://ad.turn.com/r/cs?pid=45&rndcb=3786591253
https://sync.1rx.io/usersync/turn/4413469266288474458?dspret=1&gdpr=&gdpr_consent=&us_privacy=
https://sync.targeting.unrulymedia.com/csync/RX-978cfffd-c220-455a-98ea-02f4974d1366-003?redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3DRX-978cfffd-c220-455a-98ea-02f4974d1366-00...
https://ads.servenobid.com/sync?pid=321&uid=RX-978cfffd-c220-455a-98ea-02f4974d1366-003&redirect=https%3A%2F%2Fads.servenobid.com%2Fgetsync%3Fjp%3D2%26redirect%3Dhttps%253A%252F%252Felb.the-ozone-p...
https://ads.servenobid.com/getsync?jp=2&redirect=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dnobid%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D%24UID
https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=0&gdpr_consent=&us_privacy=1YN-&redirectUri=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%5Bssb_sync_pid%5D%26redire...
https://ads.servenobid.com/sync?pid=317&uid=2936534965475003591&redirect=https%3A%2F%2Fads.servenobid.com%2Fgetsync%3Fjp%3D3%26redirect%3Dhttps%253A%252F%252Felb.the-ozone-project.com%252Fsetuid%25...
https://ads.servenobid.com/getsync?jp=3&redirect=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dnobid%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D%24UID
https://hbx.media.net/cksync.php?cs=1&type=pbs&ovsid=setstatuscode&bidder=medianet&gdpr=0&gdpr_consent=&us_privacy=1YN-&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D353%26uid%3D%3Cvsid%...
https://ads.servenobid.com/sync?pid=353&uid=0000EEA&redirect=https%3A%2F%2Fads.servenobid.com%2Fgetsync%3Fjp%3D4%26redirect%3Dhttps%253A%252F%252Felb.the-ozone-project.com%252Fsetuid%253Fbidder%253...
https://ads.servenobid.com/getsync?jp=4&redirect=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dnobid%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D%24UID
https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D%26redirect%3Dhttps%253A%25...
https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D%26redirect%3Dhttps%253A%252...
https://ads.servenobid.com/sync?pid=310&uid=HzZMrRZHEmfv8HVvSIyd-c1x&redirect=https%3A%2F%2Fads.servenobid.com%2Fgetsync%3Fjp%3D5%26redirect%3Dhttps%253A%252F%252Felb.the-ozone-project.com%252Fsetu...

0
0

GET
H2

200

setuid
elb.the-ozone-project.com/ Frame FE70
Redirect Chain

https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&redirectUri=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dsmart%26gdpr%3D0%26gdp...
https://elb.the-ozone-project.com/setuid?bidder=smart&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&uid=2936534965475003591

0
780 B

47ms
47ms

Image
text/plain

104.18.43.178
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://elb.the-ozone-project.com/setuid?bidder=smart&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&uid=2936534965475003591
Protocol: H2
Server: 104.18.43.178 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://elb.the-ozone-project.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Dec 2023 11:56:17 GMT
cf-cache-status: DYNAMIC
server: cloudflare
vary: Origin, Accept-Encoding
cache-control: no-cache, no-store, must-revalidate
cf-ray: 833d8b229b4118d6-FRA
content-length: 0
expires: 0

Redirect headers

location: https://elb.the-ozone-project.com/setuid?bidder=smart&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&uid=2936534965475003591
date: Mon, 11 Dec 2023 11:56:17 GMT
content-length: 0

GET
H2 400 /
sync.richaudience.com/f7872c90c5d3791e2b51f7edce1a0a5d/ Frame FE70 0
0 71ms
18ms Image
text/html 168.119.146.39
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.richaudience.com/f7872c90c5d3791e2b51f7edce1a0a5d/?p=pbs&consentString=&r=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Drichaudience%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D[PDID]
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 168.119.146.39 Berlin, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.39.146.119.168.clients.your-server.de
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://elb.the-ozone-project.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

GET
H2

200

setuid
elb.the-ozone-project.com/ Frame FE70
Redirect Chain

https://match.prod.bidr.io/cookie-sync/ozo?url=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dbeeswax%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID
https://match.prod.bidr.io/cookie-sync/ozo?url=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dbeeswax%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID&_bee_ppp=1
https://elb.the-ozone-project.com/setuid?uid=AABQ2U7K7fIAABaF2t95UA&bidder=beeswax

0
875 B

48ms
48ms

Image
text/plain

104.18.43.178
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://elb.the-ozone-project.com/setuid?uid=AABQ2U7K7fIAABaF2t95UA&bidder=beeswax
Protocol: H2
Server: 104.18.43.178 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://elb.the-ozone-project.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Dec 2023 11:56:18 GMT
cf-cache-status: DYNAMIC
server: cloudflare
vary: Origin, Accept-Encoding
cache-control: no-cache, no-store, must-revalidate
cf-ray: 833d8b248dbf18d6-FRA
content-length: 0
expires: 0

Redirect headers

location: https://elb.the-ozone-project.com/setuid?uid=AABQ2U7K7fIAABaF2t95UA&bidder=beeswax
Date: Mon, 11 Dec 2023 11:56:17 GMT
strict-transport-security: max-age=2592000; includeSubDomains
Server: gunicorn
Connection: keep-alive
Content-Length: 0

GET
H2 204 pbsync
usermatch.targeting.unrulymedia.com/ Frame F0A6 0
0 26ms
17ms Document
text/plain 46.228.174.117
AMOBEE

General

Check archive.org

Show headers Download Go to

Full URL: https://usermatch.targeting.unrulymedia.com/pbsync?gdpr=0&consent=&us_privacy=pbs-ozone&rurl=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dunruly%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26%24UID
Requested by: Host: elb.the-ozone-project.com
URL: https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=&publisherId=OZONEAIP0001&siteId=1500000135&cb=1702295773499&bidder=ozone
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 46.228.174.117 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://elb.the-ozone-project.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

date: Mon, 11 Dec 2023 11:56:18 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
54 B 18ms
17ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-YEF7XWRCWL&gtm=45je3bt0v9129752430&_p=1702295772689&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=61625368.1702295773&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEA&_s=2&sid=1702295773&sct=1&seg=0&dl=https%3A%2F%2Fhornex.pro%2F&dt=Hornex.PRO&en=scroll&epn.percent_scrolled=90&_et=18&tfd=5621
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-YEF7XWRCWL
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hornex.pro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Dec 2023 11:56:18 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://hornex.pro
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: country.adinplay-venatus.workers.dev
URL: https://country.adinplay-venatus.workers.dev/

Domain: ads.servenobid.com
URL: https://ads.servenobid.com/sync?pid=310&uid=HzZMrRZHEmfv8HVvSIyd-c1x&redirect=https%3A%2F%2Fads.servenobid.com%2Fgetsync%3Fjp%3D5%26redirect%3Dhttps%253A%252F%252Felb.the-ozone-project.com%252Fsetuid%253Fbidder%253Dnobid%2526gdpr%253D0%2526gdpr_consent%253D%2526us_privacy%253Dpbs-ozone%2526uid%253D%2524UID

Verdicts & Comments Add Verdict or Comment

207 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

35 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.hornex.pro/	1970-01-21 02:27:35	Name: _ga Value: GA1.1.61625368.1702295773
.hornex.pro/	1970-01-21 02:27:35	Name: _ga_YEF7XWRCWL Value: GS1.1.1702295773.1.0.1702295773.0.0.0
.script.ac/	1970-01-20 16:51:37	Name: __cf_bm Value: NB6dKRnYQxKvwUch8yObw_nQjvKS_yl5D89lrq.qvtY-1702295773-1-AUOlFhMghFGqS9yjokr8A3Hm5PnkcLTS0JO7FoLfM58dqNSAgseEThNKGGoyWm8nojGp9pyOePJPUUr+tq/R5Ms=
.the-ozone-project.com/	1970-01-20 16:51:37	Name: __cf_bm Value: 99pkTAUpPuEheTNBTsr5pIDkIzzCcrjCZjMFHN7nCq0-1702295773-1-AanTK/m7zkFmCrVD5MJX4tZ20wpOL86ZWaa0wiaSaGjTLBQ3YmI+s9HnmpicugP/vSBNO9kKvov/8FXJ5dwe/4M=
.rubiconproject.com/	1970-01-21 01:37:11	Name: khaos Value: LQ0UY950-4-GUK4
.rubiconproject.com/	1970-01-21 01:37:11	Name: audit Value: 1\|naVuGyos1qqhEGcWrw3bZbJGe4Ni1ThWK2euPP2lVg3iXIXbtn90w3C/zTLkfTc97aCoY/nACnB8fW91X/LXPxU4akfPlhj4xMlTS3QW8QAijy0RC4Zd8dAPlTu0R9RN
.criteo.com/	1970-01-21 02:13:11	Name: receive-cookie-deprecation Value: 1
.criteo.com/	1970-01-21 02:13:11	Name: uid Value: 4bb73a8b-2b7b-43eb-bda0-49c678dc1dbd
.adnxs.com/	1970-01-20 19:01:11	Name: icu Value: ChgIzYVEEAoYASABKAEw3fHbqwY4AUABSAEQ3fHbqwYYAA..
.adnxs.com/	1970-01-20 19:01:11	Name: uuid2 Value: 5686246678222293
.openx.net/	1970-01-21 01:37:11	Name: i Value: d038dd31-be33-4c53-b074-4242a4e4c8dd\|1702295773
.hornex.pro/	1970-01-21 02:13:11	Name: cto_bundle Value: z_8YO19FaEhlQnpOZGc0RXhybFFtWDhQZGM0Vmtub0dXZUdOamM0TTlGeW5kVmJWVzZLTHE5SlEzbXRHWnVUUTRla1JQUjA1VTY4RFZnczVVT2QzTVFXTzVsTFRGRVpwVk9PcHJUaU5iaGQ5N3B4OGw0eTJVdGdocU52NHVNZEYzT0dpR243blh4SUtNQkFzSk9laklqdU9nY1ElM0QlM0Q
.the-ozone-project.com/	1970-01-20 19:01:11	Name: ozone_uid Value: 2ZOaqw7QnC0M8wouUCWt5IVgOvZ
.casalemedia.com/	1970-01-21 01:37:11	Name: CMID Value: ZXb43ckwdrB1SQxzmE8S2gAA
.casalemedia.com/	1970-01-20 19:01:11	Name: CMPS Value: 5199
.casalemedia.com/	1970-01-20 19:01:11	Name: CMPRO Value: 5199
.hornex.pro/	1970-01-21 02:13:11	Name: __gads Value: ID=901752a545e87001:T=1702295773:RT=1702295773:S=ALNI_MbxZkKD3YS4AQluF1zmJit5vnqsZA
.hornex.pro/	1970-01-21 02:13:11	Name: __gpi Value: UID=00000d1383b96b05:T=1702295773:RT=1702295773:S=ALNI_MYPpwxaBZ4edUGaaWwfsAc1E85PjQ
.doubleclick.net/	1970-01-21 02:13:11	Name: IDE Value: AHWqTUkvPezaqCHp1PmcikgIGiJQIb_xS3nleduQsBLUDGN4Elv7JxNv1AhhIc3i
.adnxs.com/	1970-01-20 19:01:11	Name: anj Value: dTM7k!M41.D>6NRF']wIg2GVNsg5=5!]tbPl1M>e)ZlrFUfJ+tGXxp$_[lSdVs(#%HT@N3@2$YSHToGMb#q#C`tbs03If)y3KL9D3I?+OrQ>[_
.kargo.com/	1970-01-21 01:37:11	Name: ktcid Value: c196f0be-c37b-0283-54e8-07c699a6159a
.servenobid.com/	1970-01-20 17:01:40	Name: pid_312 Value: 5686246678222293
.turn.com/	1970-01-20 21:10:47	Name: uid Value: 4413469266288474458
.1rx.io/	1970-01-21 01:37:11	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-978cfffd-c220-455a-98ea-02f4974d1366-003%22%7D
.targeting.unrulymedia.com/	1970-01-21 01:37:11	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-978cfffd-c220-455a-98ea-02f4974d1366-003%22%7D
.servenobid.com/	1970-01-20 17:01:40	Name: pid_321 Value: RX-978cfffd-c220-455a-98ea-02f4974d1366-003
.smartadserver.com/	1970-01-21 02:21:50	Name: pid Value: 2936534965475003591
.servenobid.com/	1970-01-20 17:01:40	Name: pid_317 Value: 2936534965475003591
.servenobid.com/	1970-01-20 17:01:40	Name: pid_353 Value: 0000EEA
.lijit.com/	1970-01-21 01:37:11	Name: ljt_reader Value: HzZMrRZHEmfv8HVvSIyd-c1x
.lijit.com/	1970-01-21 01:37:11	Name: _ljtrtb_273657 Value: 273657
.servenobid.com/	1970-01-20 17:01:40	Name: pid_310 Value: HzZMrRZHEmfv8HVvSIyd-c1x
.bidr.io/	1970-01-21 02:20:05	Name: bito Value: AABQ2U7K7fIAABaF2t95UA
.bidr.io/	1970-01-21 02:20:05	Name: bitoIsSecure Value: ok
.the-ozone-project.com/	1970-01-20 19:01:11	Name: uids Value: eyJ0ZW1wVUlEcyI6eyJiZWVzd2F4Ijp7InVpZCI6IkFBQlEyVTdLN2ZJQUFCYUYydDk1VUEiLCJleHBpcmVzIjoiMjAyMy0xMi0yNVQxMTo1NjoxOC4wMjY5ODExMDRaIn0sIml4Ijp7InVpZCI6IlpYYjQzY2t3ZHJCMVNReHptRThTMmdBQVx1MDAyNjUxOTkiLCJleHBpcmVzIjoiMjAyMy0xMi0yNVQxMTo1NjoxNC4wMjExMzA0OTFaIn0sInNtYXJ0Ijp7InVpZCI6IjI5MzY1MzQ5NjU0NzUwMDM1OTEiLCJleHBpcmVzIjoiMjAyMy0xMi0yNVQxMTo1NjoxNy43MTg2NTM3NDFaIn19LCJiZGF5IjoiMjAyMy0xMi0xMVQxMTo1NjoxNC4wMjExMjYzOTlaIn0=

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	URL: https://cadmus.script.ac/d1r100yi8pmbig/script.js Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
network	error	URL: https://sync.richaudience.com/f7872c90c5d3791e2b51f7edce1a0a5d/?p=pbs&consentString=&r=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Drichaudience%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D[PDID] Message: Failed to load resource: the server responded with a status of 400 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

acdn.adnxs.com
ad-delivery.net
ad.doubleclick.net
ad2.360yield.com
ads.servenobid.com
api.adinplay.com
api.btloader.com
bcp.crwdcntrl.net
btloader.com
cadmus.script.ac
cdn.ampproject.org
cdn.id5-sync.com
cdn.jsdelivr.net
cdn.prod.uidapi.com
cm.g.doubleclick.net
country.adinplay-venatus.workers.dev
crb.kargo.com
dsum-sec.casalemedia.com
elb.the-ozone-project.com
eus.rubiconproject.com
f6f4a0d07256345d3fd02984b368e884.safeframe.googlesyndication.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
google-bidout-d.openx.net
googleads.g.doubleclick.net
gum.criteo.com
hbx.media.net
hornex.pro
i.clean.gg
i.ytimg.com
ib.adnxs.com
id5-sync.com
imasdk.googleapis.com
invstatic101.creativecdn.com
ipapi.co
match.prod.bidr.io
mug.criteo.com
oa.openxcdn.net
oajs.openx.net
onetag-sys.com
pagead2.googlesyndication.com
pbs-cs.yellowblue.io
prebid-match.dotomi.com
region1.google-analytics.com
s0.2mdn.net
script.4dex.io
securepubads.g.doubleclick.net
ssbsync-global.smartadserver.com
ssum.casalemedia.com
static.cloudflareinsights.com
static.criteo.net
stats.hornex.pro
sync.inmobi.com
sync.richaudience.com
tags.crwdcntrl.net
token.rubiconproject.com
tpc.googlesyndication.com
ups.analytics.yahoo.com
usermatch.targeting.unrulymedia.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
ads.servenobid.com
country.adinplay-venatus.workers.dev
104.18.43.178
104.84.57.247
130.211.23.194
142.250.181.230
142.250.184.194
151.101.1.108
162.19.138.82
168.119.146.39
172.64.151.101
18.196.74.146
185.89.210.82
20.127.253.7
2001:4860:4802:32::36
23.53.232.23
2600:9000:2250:a200:a:e047:753:a221
2602:803:c003:200::21
2606:4700:10::6816:3556
2606:4700:10::6816:4bd8
2606:4700:20::681a:246
2606:4700:20::681a:2e8
2606:4700:20::681a:8a9
2606:4700:20::681a:c82
2606:4700:20::681a:d82
2606:4700:20::ac43:45e2
2606:4700::6810:3965
2606:4700::6810:5714
2606:4700::6812:1791
2a00:1450:4001:806::2002
2a00:1450:4001:811::2006
2a00:1450:4001:811::2016
2a00:1450:4001:812::2003
2a00:1450:4001:813::2004
2a00:1450:4001:813::200a
2a00:1450:4001:827::2001
2a00:1450:4001:827::2008
2a00:1450:4001:828::2002
2a00:1450:4001:829::2002
2a00:1450:4001:82a::2002
2a00:1450:4001:82f::2001
2a00:1450:4001:82f::200a
2a02:2638:3::3
2a02:2638:3::c
2a02:fa8:8806:21::1690
3.71.149.231
34.102.146.192
34.120.135.53
34.95.69.49
34.96.70.87
35.244.159.8
46.228.174.117
51.89.9.251
52.210.96.209
52.212.5.247
54.246.157.113
54.246.168.82
65.9.66.68
69.173.144.165
81.17.55.109
038e4ef2a3538842e16b6955c361fd834f32679559a2c890bf1a55dc0d6446a9
0713adb0392ce6dcf82357b62027b0e9caae4b4f6f657aeaf7b70536943d2044
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
18be4487612bb3a7d97a13c58f8e75f1c6906b2aeafdde43868351fc27337432
18ebc36644e10f87e20812c15e329c1b25848c62cd6cdfe74427cdf8995bc3a9
210e44cc20f0171336eb0ba7dcd62664b5d3059dc632c75458d040815069f017
21602d46c4e666495bdd0f84c3dfe552b57dd5111b4f1aa970a637c747635b81
26305a08644b4f51b55812cf0ecf879c22da303a365b3d2769baa1b54c028c4d
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2f1ad4ec7176f493b16e0d186f222e3484248cbb48f82289c736a0877f2d5894
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
316c0e205eee79f5863f6fdae5b82470fbff1ae2a3789aae794f588bcb62a820
351b4bae56595d6878b3ffd7940ac231a0a85427f4cb1e5adb1952b71998f35a
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
379f5b71ef542c340cee93163186121138f8279d0441c34727dcc4d974a1a66e
3907cc5ed9d4a0cdb316d069614220b55fccd5624ac173592a7a4c2c3aae0636
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3e915ffbedc6ae01ab56af4efd2a95490d633e0405e1c0718c7817f6937118d1
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
41d0c74da6c47246a8fc559fa8fcdd92c0a4717e568dc490f65a4e6436eb7549
424eaae686fe6a5dd0a4db4a43b8872d1bf94eac8489c2a80af74fbc8f722ee1
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
4563823fd629a48517c7feb8bf33640e12440e08bdde7a172ce477c2ddfc9c4d
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
516f5e4c2dc5c69f3e1707e76695f866f8e62468aca15c1a9ddb165eb684f6f0
53385ba76339b91a13cfbaf17e61f493953d58e74036195e434b8900648ad7bc
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5f20338b9aab2f5f33562eb3b0b23d999896ce426cacd2231b4123510571df4e
613603afe8c5203c59d7f9df1cbac87109df7ffdf245fd20becfa6bd95b92155
6153d13804862b0fc1c016cf1129f34cb7c6185f2cf4bf1a3a862eecdab50101
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
633e94ce5d4b4da503b5dddc34e28b794444c1b3ada4476445084e7f8ec7a0f1
65d03eb82a79a732d7c0180593c4f5dc98a8fac5c20c3a5446c4f14bf93d280a
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
72e960baa80ec819264a604f2f8a8e5c21f81b785ebc17595211ad170d8b1bdc
7671af12193bc0e69b064be9f72c7f9575e100c5dada590e3ad84f35fa6c9197
76e4feb3bc74ab587e5f399aec552eb7a1e81c16cd2d6482ba3b016de75e3ccd
7ecf140c458e9124565e23c9120390f5345374235be46c5d31f2b07ecda95ca1
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628
86472d004fe7402198af480a6921e1ebff5e125fe094b536cefd114a78049947
8873a594d4a5ce6846ccc9314add051589047aa7433702f93e7ce89893ba3731
8fa4687da10344e6c984c1abb942c88a69eeedadddde533eda898082a1b43871
92b7e42f51c6ebceb5e2e887f859c8389e4fc16444489532cd075c61e12855b9
938dcb2d5aa46e24cdb337ef1540b0a81e27e44157e344399e49047d7a0c0ddd
949f82402eff95ed4da04bb5949a715e8d23a4fbf7ba4183a598a0e0bae75c97
9a4eb2c9445287c34cb0a9ed5cc673460362483f0855bc91f8230dfa46a955e1
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a04a64eb55c4a16ed352d149385a8ac8d8c2d3291f0e5b59b0f48375443b5f24
a04fa6af32e77548f1c3e27b7014f3520c7494f317fa80b58f8704de83e4b821
a520038e42ce401183c7d2652049dbd26303969c752b2e7cc96301867231b1e0
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
a58569151f5977c353d504872de432189959fe95a06f1d25db0635143605ab3f
aa4222263ae138931236badd5c5be305eb6bbc72c73baa677c4f0c01c6cfb817
abcd202cecd6086c73fa490c63f2e7abc40891b96ab9a4218a1e7ae0587076c3
af56386ff5ca5ee0b899fd920bb755532c5cf99b0eda9aff71dc74a8d118da27
b04a268fbd6ac543dcd653b1c529871767a5b78cb2a2f40e54bcb0bfe2daa154
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b53b6ad23b258ce11eed97786741510819a369348afcf1260856fe3041fc33de
b870075f71120ac8016dc16fdb3dd48e648383de13949ef9bddb4dd3bf65f04f
bda9ec230e9fd779256cde4a4b7687c6fbfab102624bed226faca3e27d255716
bf55a1da3ec66a5b28ef68a83c065f86d874ef2d91fb4cfc655a0383235ef5c9
c417bdd5756646f7102a004458c6aa90e7a4c7ff04631494f0a9b8099619343d
c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146
c6077711ce3174050ccebe6559eb5f0e251942c2cad21900d1c3ef316065565b
c8fffb0b438b7f9403ccd47fddc2de355f2f685fe2f59ac9d4c15f82854d79b1
ca76180c2133d7d13de82a1b213bb4d0d1556d2cfd8c5fea78032f3724ec951f
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d109d3914f759c9fbafffe4921cca53ad7f2fecc3d7fb6f5d9d4b4d1a80019ab
d346801abbf9bb4e9e9a055239053d4ab5596514304f601a6c70604187acb744
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
dbaf971b1bc3869a191bb58647799399a802a0806f6f2fd14b04050ba018477e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e43bf32c9b4316bee1b3bb3fedea842d4dae232a00978b77d7209a2fc620f3d0
e637b439357118ab22219a67b0b238cce9308c0d932abc5e4fc1671fe88614e5
e885badff253144e188588b5657e13cfa1135d4cd682053c9cca02b83baf1ef2
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389
e9986c62b19bce3791c4c103a4aa87c91d22d9e1c9f252f7f802ea26d3405769
eb46a46f643895746cfe3e2e199278b0154edfb75cecb1132df74f47b84d67b5
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
ee723c09fbee7c8fcf5a3afe8b3c1af028fe9f148cd0dc78ebe4497c3250db9e
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

hornex.pro Open in urlscan Pro 2606:4700:20::681a:d82 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

127 Requests

91 %HTTPS

52 %IPv6

47 Domains

63 Subdomains

55 IPs

8 Countries

1556 kBTransfer

5125 kBSize

35 Cookies

0 Outgoing links

Page URL History

Redirected requests

127 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

hornex.pro Open in urlscan Pro
2606:4700:20::681a:d82 Public Scan

Screenshot
Live screenshot

Full Image

127
Requests

91 %
HTTPS

52 %
IPv6

47
Domains

63
Subdomains

55
IPs

8
Countries

1556 kB
Transfer

5125 kB
Size

35
Cookies

127 HTTP transactions
4 data transactions