urlscan.io logo urlscan.io
SecurityTrails logo

graham-wjxt.zeustechnology.com Open in urlscan Pro
65.9.63.83  Public Scan

Go To Rescan Add Verdict Report
URL: https://graham-wjxt.zeustechnology.com/
Submission: On May 25 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 29 IPs in 5 countries across 20 domains to perform 114 HTTP transactions. The main IP is 65.9.63.83, located in United States and belongs to AMAZON-02, US. The main domain is graham-wjxt.zeustechnology.com. The Cisco Umbrella rank of the primary domain is 351622.
TLS certificate: Issued by Amazon on April 15th 2022. Valid for: a year.
This is the only time graham-wjxt.zeustechnology.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
3 65.9.63.83 16509 (AMAZON-02)
1 2.20.157.55 16625 (AKAMAI-AS)
13 142.250.185.162 15169 (GOOGLE)
4 4 162.248.18.11 62713 (AS-PUBMATIC)
3 3 142.250.184.194 15169 (GOOGLE)
2 2 185.64.190.80 62713 (AS-PUBMATIC)
1 159.122.14.34 36351 (SOFTLAYER)
2 216.52.2.39 30282 (AS-INAPCD...)
2 2a00:1288:80:... 203220 (YAHOO-DEB)
1 37.252.172.37 29990 (ASN-APPNEX)
1 104.92.100.195 16625 (AKAMAI-AS)
1 204.237.133.116 62713 (AS-PUBMATIC)
1 2602:803:c004... 26667 (RUBICONPR...)
1 35.71.131.137 16509 (AMAZON-02)
9 2a00:1450:401... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
19 2a00:1450:400... 15169 (GOOGLE)
15 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
4 37.252.173.27 29990 (ASN-APPNEX)
1 2600:9000:231... 16509 (AMAZON-02)
1 151.101.193.108 54113 (FASTLY)
3 2a00:1450:400... 15169 (GOOGLE)
1 5 2a00:1450:400... 15169 (GOOGLE)
1 18.156.107.10 16509 (AMAZON-02)
4 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
8 143.204.98.74 16509 (AMAZON-02)
9 3.67.119.217 16509 (AMAZON-02)
114 29
3    65.9.63.83 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-63-83.fra56.r.cloudfront.net
graham-wjxt.zeustechnology.com
1    2.20.157.55 (Milan, Italy)

ASN16625 (AKAMAI-AS, US)
PTR: a2-20-157-55.deploy.static.akamaitechnologies.com
js-sec.indexww.com
13    142.250.185.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f2.1e100.net
securepubads.g.doubleclick.net
4    162.248.18.11 (United States)

ASN62713 (AS-PUBMATIC, US)
image8.pubmatic.com
3    142.250.184.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f2.1e100.net
cm.g.doubleclick.net
2    185.64.190.80 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image2.pubmatic.com
1    159.122.14.34 (United States)

ASN36351 (SOFTLAYER, US)
PTR: 22.0e.7a9f.ip4.static.sl-reverse.com
um.simpli.fi
2    216.52.2.39 (United States)

ASN30282 (AS-INAPCDN-OCY, US)
ap.lijit.com
2    2a00:1288:80:807::1 (United Kingdom)

ASN203220 (YAHOO-DEB, GB)
webc2s.pubgw.yahoo.com
1    37.252.172.37 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 691.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
ib.adnxs.com
1    104.92.100.195 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-92-100-195.deploy.static.akamaitechnologies.com
htlb.casalemedia.com
1    204.237.133.116 (West Chester, United States)

ASN62713 (AS-PUBMATIC, US)
hbopenbid.pubmatic.com
1    2602:803:c004:200::141 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
1    35.71.131.137 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
match.adsrvr.org
9    2a00:1450:4014:80e::2002 (Ireland)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
1    2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
1    2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
1    2a00:1450:4001:811::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
3d56026a4609568943187b9a88d1e075.safeframe.googlesyndication.com
19    2a00:1450:4001:812::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
15    2a00:1450:4001:829::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
cdn.ampproject.org
4    2a00:1450:4001:82b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
4    37.252.173.27 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
fra1-ib.adnxs.com
1    2600:9000:2315:da00:11:99d8:dfc0:21 (United States)

ASN16509 (AMAZON-02, US)
do69ll745l27z.cloudfront.net
1    151.101.193.108 (United States)

ASN54113 (FASTLY, US)
cdn.adnxs.com
3    2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
5    2a00:1450:4001:811::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    18.156.107.10 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-107-10.eu-central-1.compute.amazonaws.com
ads.celtra.com
4    2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
8    143.204.98.74 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-74.fra50.r.cloudfront.net
cache-ssl.celtra.com
9    3.67.119.217 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-67-119-217.eu-central-1.compute.amazonaws.com
track.celtra.com
Apex Domain
Subdomains		 Transfer
29 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 95
3d56026a4609568943187b9a88d1e075.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 130
184 KB
18 celtra.com
ads.celtra.com — Cisco Umbrella Rank: 3795
cache-ssl.celtra.com — Cisco Umbrella Rank: 4530
track.celtra.com — Cisco Umbrella Rank: 4343
167 KB
17 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 187
cm.g.doubleclick.net — Cisco Umbrella Rank: 212
googleads.g.doubleclick.net — Cisco Umbrella Rank: 44
188 KB
15 ampproject.org
cdn.ampproject.org — Cisco Umbrella Rank: 344
325 KB
7 pubmatic.com
image8.pubmatic.com — Cisco Umbrella Rank: 609
image2.pubmatic.com — Cisco Umbrella Rank: 932
hbopenbid.pubmatic.com — Cisco Umbrella Rank: 446
2 KB
6 google.com
adservice.google.com — Cisco Umbrella Rank: 74
www.google.com — Cisco Umbrella Rank: 7
1 KB
6 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 240
fra1-ib.adnxs.com — Cisco Umbrella Rank: 7769
cdn.adnxs.com — Cisco Umbrella Rank: 1420
39 KB
4 gstatic.com
fonts.gstatic.com
87 KB
4 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 46
4 KB
3 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 175
125 KB
3 zeustechnology.com
graham-wjxt.zeustechnology.com — Cisco Umbrella Rank: 351622
77 KB
2 yahoo.com
webc2s.pubgw.yahoo.com — Cisco Umbrella Rank: 416836
662 B
2 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 615
5 KB
1 cloudfront.net
do69ll745l27z.cloudfront.net
44 KB
1 google.de
adservice.google.de — Cisco Umbrella Rank: 7678
792 B
1 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 338
401 B
1 rubiconproject.com
fastlane.rubiconproject.com — Cisco Umbrella Rank: 471
2 KB
1 casalemedia.com
htlb.casalemedia.com — Cisco Umbrella Rank: 477
362 B
1 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 826
612 B
1 indexww.com
js-sec.indexww.com — Cisco Umbrella Rank: 658
26 KB
114 20
Domain Requested by
19 tpc.googlesyndication.com securepubads.g.doubleclick.net
graham-wjxt.zeustechnology.com
tpc.googlesyndication.com
cdn.ampproject.org
15 cdn.ampproject.org securepubads.g.doubleclick.net
13 securepubads.g.doubleclick.net graham-wjxt.zeustechnology.com
securepubads.g.doubleclick.net
www.googletagservices.com
9 track.celtra.com
9 pagead2.googlesyndication.com graham-wjxt.zeustechnology.com
securepubads.g.doubleclick.net
tpc.googlesyndication.com
www.googletagservices.com
8 cache-ssl.celtra.com ads.celtra.com
5 www.google.com 1 redirects graham-wjxt.zeustechnology.com
securepubads.g.doubleclick.net
tpc.googlesyndication.com
4 fonts.gstatic.com fonts.googleapis.com
4 fra1-ib.adnxs.com graham-wjxt.zeustechnology.com
cdn.adnxs.com
4 fonts.googleapis.com securepubads.g.doubleclick.net
4 image8.pubmatic.com 4 redirects
3 www.googletagservices.com securepubads.g.doubleclick.net
3 cm.g.doubleclick.net 3 redirects
3 graham-wjxt.zeustechnology.com graham-wjxt.zeustechnology.com
2 webc2s.pubgw.yahoo.com graham-wjxt.zeustechnology.com
2 ap.lijit.com graham-wjxt.zeustechnology.com
2 image2.pubmatic.com 2 redirects
1 googleads.g.doubleclick.net graham-wjxt.zeustechnology.com
1 ads.celtra.com graham-wjxt.zeustechnology.com
1 cdn.adnxs.com graham-wjxt.zeustechnology.com
1 do69ll745l27z.cloudfront.net graham-wjxt.zeustechnology.com
1 3d56026a4609568943187b9a88d1e075.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 adservice.google.com securepubads.g.doubleclick.net
1 adservice.google.de securepubads.g.doubleclick.net
1 match.adsrvr.org js-sec.indexww.com
1 fastlane.rubiconproject.com graham-wjxt.zeustechnology.com
1 hbopenbid.pubmatic.com graham-wjxt.zeustechnology.com
1 htlb.casalemedia.com graham-wjxt.zeustechnology.com
1 ib.adnxs.com graham-wjxt.zeustechnology.com
1 um.simpli.fi graham-wjxt.zeustechnology.com
1 js-sec.indexww.com graham-wjxt.zeustechnology.com
114 31

This site contains no links.

Subject Issuer Validity Valid
*.zeustechnology.com
Amazon		 2022-04-15 -
2023-05-14		 a year crt.sh
san.casalemedia.com
GeoTrust RSA CA 2018		 2021-12-12 -
2022-12-13		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-05-04 -
2022-07-27		 3 months crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2022-03-11 -
2023-04-12		 a year crt.sh
ui.aps.ads.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-05-02 -
2022-06-22		 2 months crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2022-02-11 -
2023-03-14		 a year crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1		 2021-08-04 -
2022-09-04		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-03-08 -
2023-04-04		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2022-03-31 -
2023-05-02		 a year crt.sh
*.google.de
GTS CA 1C3		 2022-05-04 -
2022-07-27		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-05-04 -
2022-07-27		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2022-05-04 -
2022-07-27		 3 months crt.sh
misc-sni.google.com
GTS CA 1C3		 2022-05-04 -
2022-07-27		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2022-05-04 -
2022-07-27		 3 months crt.sh
*.cloudfront.net
Amazon		 2022-02-01 -
2023-01-31		 a year crt.sh
cdn.adnxs.com
GeoTrust TLS RSA CA G1		 2022-03-11 -
2023-04-11		 a year crt.sh
www.google.com
GTS CA 1C3		 2022-05-04 -
2022-07-27		 3 months crt.sh
celtra.com
Amazon		 2022-02-09 -
2023-03-10		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2022-05-04 -
2022-07-27		 3 months crt.sh

This page contains 11 frames:

Primary Page: https://graham-wjxt.zeustechnology.com/
Frame ID: 274C680198AAD64FD7D74A3BB3D1146D
Requests: 34 HTTP requests in this frame

Frame: https://3d56026a4609568943187b9a88d1e075.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: F565DEF50F380EC9163B4FC9AA36DAF9
Requests: 1 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012205161914000/amp4ads-v0.mjs
Frame ID: C091D421BBA370F62CD4FC0BFACED63C
Requests: 18 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsumX5yMFoFWZGCLyTULZWjPNfkGkF5YZSep00YcsW-EUOVRsaN72dlMLv484M6P7CSfwyPHvs-97LdJiS-JBPiIdx5sGP19hJAt8HEALuo0aWZVJEp02tq-IKDZUaclwApQ3XWtHZmN_1ZKidpNoKQkvAn1vm_TuAfuMXVnMsI2eGuBM_sZO1XFTdQV3k9U4RnOSxTNAG1ZttU_wROehBHIEL5GuyjkA-E_F778PGpyxIPMHd05OfIy6EVRfyHskgZ0oN4bhliwHPabr6jauv8bO3_6-IBae7H0fqU5AYkSURgdOTPKo36YLAOrUqU5fN6HmsGQyo3zeDEaBHFJzq0J-A&sig=Cg0ArKJSzFQ5rM-TKp6VEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: DE62285755BE365933210AAE19845361
Requests: 11 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012205161914000/amp4ads-v0.mjs
Frame ID: 9FB0239C96E63A2B51D3AB7758D6B0EF
Requests: 18 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssbrsBdPsVzwN5xL-wIstv-HyYWCD-vuWb7JMluXrd4dJIsAA3V6qJxAWKrlCMIHhBCmGb67fX92tCCq12vTLwrKa4ZjjaE-TGDrcCAa3y2NQFWqsNbEc1mrSHmZdTXVnLh6c7yTv76WUMqbeszFwzJhBfyuQis3sHXirnAm-urn1LBJPZfipQ5I0vNsa2CKbinplJ5uBcmYRMKYQKUyF4AHMLJzzyqaq7VCNOjokKAYHf-m5Vzcj-Iwb2RhQItF3aNdhTYtobsYmJ6ZlLQuweDGtJIBqoyy1l-aTIKmuHr7PoAeyj9q61-5ge6rpm-s_t0QJqHkz2GiGOQxjYhKQ&sig=Cg0ArKJSzA366bkpEnOrEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 9D374796F91ED1910DD56823D7EC2846
Requests: 8 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012205161914000/amp4ads-v0.mjs
Frame ID: B8D9316D91B0AF60DBFFE004D63E71E7
Requests: 16 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsscrOdzkomM7PDS5OA2w9FE3rJ7oI11gPWA8etdlVnFCKaxYi6NPn0eqbN4l7E2UHsf2t3sS9agiMBMC_lqEkdVPgM2f-7OXCh_q_6Pvl5M3HR73sJddhlZNKDEeYZFAtjM7yJkJoTzv0ScXc9xumKBRj-zSBfgOrl8oIaZkCgNK0jXa3b9exuQYrRcMgmhRTfB1jhBzYWLtLZcXCfVs6ixcE6KsaKeteaPc9-vIW4uh2MzgyFxTWUn-kI3mLK-ovCbciU_K04TcYfZT8R9b9tX86666z9rEGX1wUwc6vOwZqpH6SAKgyo7vSfqc8M-kuHsU5ZAbwwQA_6EjC_blg&sig=Cg0ArKJSzLy9Fg5yghaUEAE&uach_m=[UACH]&adurl=
Frame ID: 06E51104C1A38B8FBB45F4C69ECBA05C
Requests: 7 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 9C41E808DC513FD98D0A4E8BC6FF44F9
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: A7AEAB0CD6D86D1BE27F3154B661054E
Requests: 2 HTTP requests in this frame

Frame: https://cache-ssl.celtra.com/api/fonts/google/Roboto:300/3_webfont.woff2?subset=ADENPX
Frame ID: 7FA09E51A2F37C0B1B4B7D965817526C
Requests: 5 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

graham-wjxt Test Index Page

Detected technologies

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com

Page Statistics

114
Requests

97 %
HTTPS

45 %
IPv6

20
Domains

31
Subdomains

29
IPs

5
Countries

1277 kB
Transfer

3638 kB
Size

16
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 4
  • https://image8.pubmatic.com/AdServer/ImgSync?p=161044&mpc=4&fp=1 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?p=161044&mpc=4&fp=1&rdf=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NTQ3QkEwOTYtRDRDNi00MjFBLTlDOTYtRDY1QjU4MzhFQjcw&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NTQ3QkEwOTYtRDRDNi00MjFBLTlDOTYtRDY1QjU4MzhFQjcw&gdpr=0&gdpr_consent=&google_tc= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEFfXIYWhXw7oyOfH2DXFGMo&google_cver=1 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Request Chain 88
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

114 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
graham-wjxt.zeustechnology.com/ 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://graham-wjxt.zeustechnology.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.63.83 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-63-83.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
77127ee6b7169577d071cc806cc157598e7d86b1d4d99835d6c69558aa02808c

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
max-age=600,s-maxage=3600
content-encoding
gzip
content-type
text/html
date
Wed, 25 May 2022 18:09:17 GMT
etag
W/"8c4377f2727b00878ef67c11b4730999"
last-modified
Mon, 23 May 2022 16:51:03 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 29d33c5cd70a6501fde7bc2dba557906.cloudfront.net (CloudFront)
x-amz-cf-id
VcCdYzSa9DCmb0Iae5f36xbpeapq17hza42S2Hg_Z0-qoTgTJo-iiw==
x-amz-cf-pop
FRA56-C1
x-amz-version-id
N9ltI9yMxC0yIy6rWai.qTjquicsLnSW
x-cache
RefreshHit from cloudfront
main.js
graham-wjxt.zeustechnology.com/ 		236 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://graham-wjxt.zeustechnology.com/main.js
Requested by
Host: graham-wjxt.zeustechnology.com
URL: https://graham-wjxt.zeustechnology.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.63.83 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-63-83.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
adf2e17fca13bd3d731209ed1aedc8f33eda350e8456ce2a32e62577d776d574

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://graham-wjxt.zeustechnology.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-amz-version-id
C5tfS465qXVCyJ1MHnzwJRzLQ0uLAdow
content-encoding
br
last-modified
Mon, 23 May 2022 16:51:02 GMT
server
AmazonS3
age
61
etag
W/"e6daa7edd4fa8ac417bd0cc161c25c02"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 29d33c5cd70a6501fde7bc2dba557906.cloudfront.net (CloudFront)
cache-control
max-age=600,s-maxage=3600
date
Wed, 25 May 2022 18:09:16 GMT
x-amz-cf-pop
FRA56-C1
x-amz-cf-id
WhtJ5atvnHkTYqzNuyL6fZSRXn2kODO0g6Zl9sbGVySdOjpPORLYIA==
192789-135758754412126.js
js-sec.indexww.com/ht/p/ 		85 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/ht/p/192789-135758754412126.js
Requested by
Host: graham-wjxt.zeustechnology.com
URL: https://graham-wjxt.zeustechnology.com/main.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.20.157.55 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-20-157-55.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
035a862ce3d6630dd76876ef5ed7b94d8d24b352317e462faf4e3142dd51b8d0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://graham-wjxt.zeustechnology.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Wed, 25 May 2022 18:09:16 GMT
Content-Encoding
gzip
Last-Modified
Wed, 25 May 2022 17:25:36 GMT
Server
Apache
ETag
"904dab-15466-5dfd95c81be81"
Vary
Accept-Encoding
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=1165
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
text/javascript
Content-Length
26345
Expires
Wed, 25 May 2022 18:28:41 GMT
iris-main.js
graham-wjxt.zeustechnology.com/iris/ 		71 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://graham-wjxt.zeustechnology.com/iris/iris-main.js
Requested by
Host: graham-wjxt.zeustechnology.com
URL: https://graham-wjxt.zeustechnology.com/main.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.63.83 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-63-83.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4cd9dc48f529174f1c5240d963a4a4f3c7e48d9d4908607e02daecfbf1b6f050

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://graham-wjxt.zeustechnology.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-amz-version-id
lwwA3AK6gd3JuGMfu7K.pK4yC8QmDjh.
content-encoding
br
last-modified
Wed, 14 Jul 2021 16:43:06 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C1
etag
W/"d7ffba33d9d2044804420cfe39ec5215"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/javascript
via
1.1 29d33c5cd70a6501fde7bc2dba557906.cloudfront.net (CloudFront)
cache-control
max-age=60,s-maxage=60
date
Wed, 25 May 2022 18:09:17 GMT
x-amz-cf-id
vm6w0aPufQZTiGXgKCqjQ9ozlvLQZm7tzqGGh0-AYADpZETlDERBMA==
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		82 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: graham-wjxt.zeustechnology.com
URL: https://graham-wjxt.zeustechnology.com/main.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
sffe /
Resource Hash
db0d710a580dc90764c4f5f253d734e6c8e5f938ebd12a62fb95b34ba1e06535
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://graham-wjxt.zeustechnology.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 25 May 2022 18:09:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28686
x-xss-protection
0
server
sffe
etag
"1226 / 895 of 1000 / last-modified: 1653493294"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 25 May 2022 18:09:16 GMT
pubmatic
um.simpli.fi/
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?p=161044&mpc=4&fp=1
  • https://image8.pubmatic.com/AdServer/ImgSync?p=161044&mpc=4&fp=1&rdf=1
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NTQ3QkEwOTYtRDRDNi00MjFBLTlDOTYtRDY1QjU4MzhFQjcw&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NTQ3QkEwOTYtRDRDNi00MjFBLTlDOTYtRDY1QjU4MzhFQjcw&gdpr=0&gdpr_consent=&google_tc=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEFfXIYWhXw7oyOfH2DXFGMo&google_cver=1
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
43 B
612 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Requested by
Host: graham-wjxt.zeustechnology.com
URL: https://graham-wjxt.zeustechnology.com/
Protocol
H2
Server
159.122.14.34 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
22.0e.7a9f.ip4.static.sl-reverse.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://graham-wjxt.zeustechnology.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 25 May 2022 18:09:17 GMT
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Tue, 24 May 2022 18:09:17 GMT

Redirect headers

location
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
date
Wed, 25 May 2022 18:09:16 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
207
content-type
text/html; charset=utf-8
pubads_impl_2022051901.js
securepubads.g.doubleclick.net/gpt/ 		367 KB
125 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051901.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
sffe /
Resource Hash
b2b1dec112659f4ebebe1b62a838d3fb57a67fb0d31baa1371c3fe5420643120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://graham-wjxt.zeustechnology.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 25 May 2022 14:46:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
12149
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
127573
x-xss-protection
0
last-modified
Thu, 19 May 2022 08:36:34 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 25 May 2023 14:46:47 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		52 B
91 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=graham-wjxt.zeustechnology.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
e9fbcdf651a938d0c3ddfe6a72dc73cb13473ef40fc9783d7f470981324b2294
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://graham-wjxt.zeustechnology.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 25 May 2022 18:09:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
66
x-xss-protection
0
expires
Wed, 25 May 2022 18:09:16 GMT
bid
ap.lijit.com/rtb/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.39 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://graham-wjxt.zeustechnology.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Access-Control-Allow-Origin
https://graham-wjxt.zeustechnology.com
Allow
HEAD,POST,GET,OPTIONS
Content-Length
24
Content-Type
text/plain
Date
Wed, 25 May 2022 18:09:16 GMT
X-Sovrn-Pod
ad_ap7ams1
zeus
webc2s.pubgw.yahoo.com/pubgw/v1/hb/web/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://webc2s.pubgw.yahoo.com/pubgw/v1/hb/web/zeus
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1288:80:807::1 , United Kingdom, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
Software
ATS /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://graham-wjxt.zeustechnology.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
x-openrtb-version,Content-Type
access-control-allow-methods
OPTIONS,POST
access-control-allow-origin
https://graham-wjxt.zeustechnology.com
access-control-max-age
600
age
0
content-length
0
date
Wed, 25 May 2022 18:09:16 GMT
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
referrer-policy
no-referrer-when-downgrade
server
ATS
strict-transport-security
max-age=15552000
vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers
x-content-type-options
nosniff
x-envoy-upstream-service-time
0
x-request-id
b182df7a-6188-4392-869f-7b2bdb73e704
x-xss-protection
1; mode=block
prebid
ib.adnxs.com/ut/v3/ 		21 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: graham-wjxt.zeustechnology.com
URL: https://graham-wjxt.zeustechnology.com/main.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.37 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
691.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
0c47e2e777f3111599b220688e217c8dcb5cea4f8b06dc19dc70cc2034823d7c
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://graham-wjxt.zeustechnology.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
content-type
text/plain;charset=UTF-8

Response headers

Date
Wed, 25 May 2022 18:09:16 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
217.64.151.3; 217.64.151.3; 691.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
8d5f01d4-d63f-40d7-9e1e-dcd5e10adbd4
Server
nginx/1.21.3
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://graham-wjxt.zeustechnology.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
cygnus
htlb.casalemedia.com/ 		58 B
362 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?ac=j&s=661808&v=7.2&sd=1&r=%7B%22id%22%3A%22c79a6f13-6b15-49b7-841e-af9a4272ab6a%22%2C%22imp%22%3A%5B%7B%22id%22%3A%22b782ea3fb7b52d49%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22661821%22%7D%7D%5D%2C%22ext%22%3A%7B%22gpid%22%3A%2215466288%2Fzeus_AUTO_INCREASE1%22%7D%7D%7D%2C%7B%22id%22%3A%22df21c392c27570d0%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A600%2C%22ext%22%3A%7B%22siteID%22%3A%22661822%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22661822%22%7D%7D%5D%2C%22ext%22%3A%7B%22gpid%22%3A%2215466288%2Fzeus_DISPLAY1%22%7D%7D%7D%2C%7B%22id%22%3A%22c94dcb3636dbd1d3%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A600%2C%22ext%22%3A%7B%22siteID%22%3A%22661822%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22661822%22%7D%7D%5D%2C%22ext%22%3A%7B%22gpid%22%3A%2215466288%2Fzeus_DISPLAY1%22%7D%7D%7D%2C%7B%22id%22%3A%22029c3004eec04bb8%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22661823%22%7D%7D%2C%7B%22w%22%3A970%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22661823%22%7D%7D%2C%7B%22w%22%3A970%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22661823%22%7D%7D%2C%7B%22w%22%3A1000%2C%22h%22%3A300%2C%22ext%22%3A%7B%22siteID%22%3A%22661823%22%7D%7D%2C%7B%22w%22%3A1000%2C%22h%22%3A40%2C%22ext%22%3A%7B%22siteID%22%3A%22661823%22%7D%7D%5D%2C%22ext%22%3A%7B%22gpid%22%3A%2215466288%2Fzeus_LEADER_BOARD1%22%7D%7D%7D%2C%7B%22id%22%3A%2225473cc8a3531a13%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22661823%22%7D%7D%2C%7B%22w%22%3A970%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22661823%22%7D%7D%2C%7B%22w%22%3A970%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22661823%22%7D%7D%2C%7B%22w%22%3A1000%2C%22h%22%3A300%2C%22ext%22%3A%7B%22siteID%22%3A%22661823%22%7D%7D%2C%7B%22w%22%3A1000%2C%22h%22%3A40%2C%22ext%22%3A%7B%22siteID%22%3A%22661823%22%7D%7D%5D%2C%22ext%22%3A%7B%22gpid%22%3A%2215466288%2Fzeus_LEADER_BOARD1%22%7D%7D%7D%2C%7B%22id%22%3A%229358ca614c09f622%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22661823%22%7D%7D%2C%7B%22w%22%3A970%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22661823%22%7D%7D%2C%7B%22w%22%3A970%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22661823%22%7D%7D%2C%7B%22w%22%3A1000%2C%22h%22%3A300%2C%22ext%22%3A%7B%22siteID%22%3A%22661823%22%7D%7D%2C%7B%22w%22%3A1000%2C%22h%22%3A40%2C%22ext%22%3A%7B%22siteID%22%3A%22661823%22%7D%7D%5D%2C%22ext%22%3A%7B%22gpid%22%3A%2215466288%2Fzeus_LEADER_BOARD1%22%7D%7D%7D%2C%7B%22id%22%3A%22bf0a6e026cbc5cd2%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22661823%22%7D%7D%2C%7B%22w%22%3A970%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22661823%22%7D%7D%2C%7B%22w%22%3A970%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22661823%22%7D%7D%2C%7B%22w%22%3A1000%2C%22h%22%3A300%2C%22ext%22%3A%7B%22siteID%22%3A%22661823%22%7D%7D%2C%7B%22w%22%3A1000%2C%22h%22%3A40%2C%22ext%22%3A%7B%22siteID%22%3A%22661823%22%7D%7D%5D%2C%22ext%22%3A%7B%22gpid%22%3A%2215466288%2Fzeus_LEADER_BOARD1%22%7D%7D%7D%2C%7B%22id%22%3A%2252c8a3ffe51ff30b%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22661823%22%7D%7D%2C%7B%22w%22%3A970%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22661823%22%7D%7D%2C%7B%22w%22%3A970%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22661823%22%7D%7D%2C%7B%22w%22%3A1000%2C%22h%22%3A300%2C%22ext%22%3A%7B%22siteID%22%3A%22661823%22%7D%7D%2C%7B%22w%22%3A1000%2C%22h%22%3A40%2C%22ext%22%3A%7B%22siteID%22%3A%22661823%22%7D%7D%5D%2C%22ext%22%3A%7B%22gpid%22%3A%2215466288%2Fzeus_LEADER_BOARD1%22%7D%7D%7D%5D%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fgraham-wjxt.zeustechnology.com%2F%22%2C%22ref%22%3A%22%22%7D%7D
Requested by
Host: graham-wjxt.zeustechnology.com
URL: https://graham-wjxt.zeustechnology.com/main.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.92.100.195 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-92-100-195.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
88ddf9583a3464bbc090bc64d9c9b82f0d837876105de35231fcacd9adced8af

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://graham-wjxt.zeustechnology.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 25 May 2022 18:09:17 GMT
x-ak-initial-geo
CC:[DE], RC:[HE], CN:[EU], CIP:[217.64.151.3], XFF:[]
server
Apache
content-type
application/json
access-control-allow-origin
https://graham-wjxt.zeustechnology.com
x-cs-client-geo
12
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
58
x-ak-client-geo
12
expires
Wed, 25 May 2022 18:09:17 GMT
translator
hbopenbid.pubmatic.com/ 		0
127 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=zeus_client
Requested by
Host: graham-wjxt.zeustechnology.com
URL: https://graham-wjxt.zeustechnology.com/main.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
204.237.133.116 West Chester, United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://graham-wjxt.zeustechnology.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
content-type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://graham-wjxt.zeustechnology.com
date
Wed, 25 May 2022 18:09:17 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
fastlane.json
fastlane.rubiconproject.com/a/api/ 		507 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=16482&site_id=349420&tk_flint=custom&slots=3&size_id=2%3B15%3B2&alt_size_ids=%3B10%3B55%2C57%2C113&zone_id=1856174%3B1856172%3B1856170&rp_floor=0.01&p_gpid=15466288%2Fzeus_AUTO_INCREASE1%3B15466288%2Fzeus_DISPLAY1%3B15466288%2Fzeus_LEADER_BOARD1
Requested by
Host: graham-wjxt.zeustechnology.com
URL: https://graham-wjxt.zeustechnology.com/main.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
2602:803:c004:200::141 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
98803d362dff83f33ffa04fd5aab706abf7bdde4cc789071559200a0d04570b3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://graham-wjxt.zeustechnology.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 25 May 2022 18:09:16 GMT
Server
nginx/1.21.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://graham-wjxt.zeustechnology.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
507
Expires
Wed, 17 Sep 1975 21:32:10 GMT
bid
ap.lijit.com/rtb/ 		8 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid
Requested by
Host: graham-wjxt.zeustechnology.com
URL: https://graham-wjxt.zeustechnology.com/main.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.39 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash
c8f4fb8fa18fa71de65cc75e58e343c49fa6aed7e75046d1482bb9920c17d51d

Request headers

Referer
https://graham-wjxt.zeustechnology.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
content-type
application/json

Response headers

Date
Wed, 25 May 2022 18:09:16 GMT
Content-Encoding
gzip
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://graham-wjxt.zeustechnology.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap7ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
4132
zeus
webc2s.pubgw.yahoo.com/pubgw/v1/hb/web/ 		0
662 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://webc2s.pubgw.yahoo.com/pubgw/v1/hb/web/zeus
Requested by
Host: graham-wjxt.zeustechnology.com
URL: https://graham-wjxt.zeustechnology.com/main.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1288:80:807::1 , United Kingdom, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
Software
ATS /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://graham-wjxt.zeustechnology.com/
x-openrtb-version
2.5
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 25 May 2022 18:09:17 GMT
x-content-type-options
nosniff
age
1
x-envoy-upstream-service-time
107
strict-transport-security
max-age=15552000
vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers
x-xss-protection
1; mode=block
x-request-id
5c42ef78-007e-453d-8d95-8d521db2f708
referrer-policy
no-referrer-when-downgrade
server
ATS
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
access-control-max-age
600
access-control-allow-methods
OPTIONS,POST
access-control-allow-origin
https://graham-wjxt.zeustechnology.com
access-control-allow-credentials
true
access-control-allow-headers
x-openrtb-version,Content-Type
rid
match.adsrvr.org/track/ 		63 B
401 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=casale&fmt=json&p=192789
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/192789-135758754412126.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
f04c12be1ce18ec284f153f56dddc99cf40dca5440ec6e401359b86a0c90fec3

Request headers

Referer
https://graham-wjxt.zeustechnology.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Wed, 25 May 2022 18:09:16 GMT
x-aspnet-version
4.0.30319
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://graham-wjxt.zeustechnology.com
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
63
expires
Fri, 24 Jun 2022 18:09:16 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
442 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=cmpMet&pvsid=4472039380596488&vrg=2022051901&nw_id=15466288&nslots=6&eid=31067485%2C31064019&pub_url=https%3A%2F%2Fgraham-wjxt.zeustechnology.com%2F&fc=0&tcfv1=0&tcfv2=0&usp=0&ptt=17
Requested by
Host: graham-wjxt.zeustechnology.com
URL: https://graham-wjxt.zeustechnology.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4014:80e::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://graham-wjxt.zeustechnology.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 25 May 2022 18:09:17 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
integrator.js
adservice.google.de/adsid/ 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=graham-wjxt.zeustechnology.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051901.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://graham-wjxt.zeustechnology.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 25 May 2022 18:09:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=graham-wjxt.zeustechnology.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051901.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://graham-wjxt.zeustechnology.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 25 May 2022 18:09:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		232 KB
34 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4472039380596488&correlator=2921787134356438&eid=31067485%2C31064019&output=ldjh&gdfp_req=1&vrg=2022051901&ptt=17&impl=fifs&iu_parts=15466288%2CWJXT%2CWEB%2CTOP_STORIES&enc_prev_ius=0%2F1%2F2%2F3%2C0%2F1%2F2%2F3%2C0%2F1%2F2%2F3%2C0%2F1%2F2%2F3%2C0%2F1%2F2%2F3%2C0%2F1%2F2%2F3&prev_iu_szs=320x50%7C728x90%2C320x50%7C300x600%7C300x250%2C320x50%7C728x90%7C970x250%7C970x90%7C1000x300%7C1000x40%2C1x1%2C320x50%7C300x600%7C300x250%2C320x50%7C728x90&fluid=height%2Cheight%2Cheight%2C0%2Cheight%2Cheight&ifi=1&adks=1890678921%2C622255232%2C4063884295%2C2483972560%2C957652000%2C226606345&sfv=1-0-38&ecs=20220525&fsapi=false&prev_scp=zeus_rendercount%3D1%26zeus_slot%3Dzeus_AUTO_INCREASE1.init.dsk%26zeus_sovrn%3D3%26zeus_auctionid_sovrn%3D7ac2a1a199fe45b6%7Czeus_rendercount%3D1%26zeus_slot%3Dzeus_DISPLAY1.init.dsk%26zeus_appnexus%3D32%26zeus_auctionid_appnexus%3D929c51542fba0256%26zeus_sovrn%3D2%26zeus_auctionid_sovrn%3Da661a6194763d91f%7Czeus_rendercount%3D1%26zeus_slot%3Dzeus_LEADER_BOARD1.init.dsk%26zeus_appnexus%3D29%26zeus_auctionid_appnexus%3D2a9529e0e159cdf6%7Czeus_rendercount%3D1%26zeus_slot%3Dzeus_PIXEL.init.dsk%7Czeus_rendercount%3D1%26zeus_slot%3Dzeus_PREMIUM1.init.dsk%7Czeus_rendercount%3D1%26zeus_slot%3Dzeus_PREMIUM_BANNER1.init.dsk&eri=1&cust_params=zeus%3Dapplied%26zeus_15466288%3Dgraham-wjxt.zeustechnology.com%26url%3Dhttp%253A%252F%252Fwww.my-site.com%252F%26pl%3Dhomepage%26foo%3Dbar&sc=1&cookie_enabled=1&abxe=1&dt=1653502157400&lmt=1653324663&dlt=1653502156394&idt=200&biw=1600&bih=1200&adxs=800%2C800%2C800%2C800%2C800%2C800&adys=348%2C417%2C487%2C1157%2C1227%2C1297&ucis=1%7C2%7C3%7C4%7C5%7C6&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&url=https%3A%2F%2Fgraham-wjxt.zeustechnology.com%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=1544x69%7C1544x69%7C1544x69%7C1544x69%7C1544x69%7C1544x69&msz=1x0%7C1x0%7C1x0%7C1x0%7C1x0%7C1x0&fws=0%2C0%2C0%2C0%2C0%2C0&ohw=0%2C0%2C0%2C0%2C0%2C0&ga_vid=1218102509.1653502157&ga_sid=1653502157&ga_hid=357649236&ga_fc=false&btvi=0%7C0%7C0%7C0%7C1%7C2&topics=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051901.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
382d4501beb8731af26083ba2b930c569355b8ec054f9ca9e21fd07dc6fa8003
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://graham-wjxt.zeustechnology.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 25 May 2022 18:09:17 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2,-2,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
34981
x-xss-protection
0
google-lineitem-id
-1,5432212295,-1,6023264127,-1,5892256279
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-1,138317865560,-1,138392599865,-1,138378960562
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://graham-wjxt.zeustechnology.com
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
3d56026a4609568943187b9a88d1e075.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame F565 		6 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://3d56026a4609568943187b9a88d1e075.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051901.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://graham-wjxt.zeustechnology.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 25 May 2022 18:09:17 GMT
expires
Thu, 25 May 2023 18:09:17 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ 		14 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022051901&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051901.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4014:80e::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8610ccfc3124d7e6c1519fe8525fe296f9add00c225c4a00a1bfde6da46a10a3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://graham-wjxt.zeustechnology.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 25 May 2022 18:09:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10686
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051901.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://graham-wjxt.zeustechnology.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 25 May 2022 18:09:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 25 May 2022 18:09:17 GMT
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012205161914000/ Frame C091 		220 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012205161914000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051901.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
757319a250590e2bd0a13b21c1541d2de6628e4f27fc53dbc09810a20eece701
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://graham-wjxt.zeustechnology.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
120220
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
61456
x-xss-protection
0
server
sffe
date
Tue, 24 May 2022 08:45:37 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"42b814baf88beb20"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 24 May 2023 08:45:37 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012205161914000/v0/ Frame C091 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012205161914000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051901.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bb79fb74d6258322e62522032aa870d6b08193d00356365ada57b7ec120c831f
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://graham-wjxt.zeustechnology.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
176391
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5191
x-xss-protection
0
server
sffe
date
Mon, 23 May 2022 17:09:26 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"d3630c4be819f8fb"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 23 May 2023 17:09:26 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012205161914000/v0/ Frame C091 		94 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012205161914000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051901.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ba4104ca707204425da942d41ded59339a7925fa7986876ae2b2fde22a3ef7a2
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://graham-wjxt.zeustechnology.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
176391
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28900
x-xss-protection
0
server
sffe
date
Mon, 23 May 2022 17:09:26 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"ccce7ec6c76e0017"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 23 May 2023 17:09:26 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012205161914000/v0/ Frame C091 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012205161914000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051901.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3427cca8a2e3789c0a04279acc2720b7f93b87932a915c850fe41a09924f0a8c
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://graham-wjxt.zeustechnology.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
176391
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1905
x-xss-protection
0
server
sffe
date
Mon, 23 May 2022 17:09:26 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"862cd07357fd06d9"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 23 May 2023 17:09:26 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012205161914000/v0/ Frame C091 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012205161914000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051901.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1632299889539ec3c89ff14ed39f3a8ad49ab6b13eedf7bb78e0bd70b95d79a9
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://graham-wjxt.zeustechnology.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
82931
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12945
x-xss-protection
0
server
sffe
date
Tue, 24 May 2022 19:07:06 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"2cd215bb1afb4615"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 24 May 2023 19:07:06 GMT
css
fonts.googleapis.com/ Frame C091 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:400,500&lang=de
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051901.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
9386475565ffbaa9a41d4d643cfa2a895c1f64d557ad5d3f4e299716d737f5eb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://graham-wjxt.zeustechnology.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 25 May 2022 16:17:53 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Wed, 25 May 2022 18:09:17 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 25 May 2022 18:09:17 GMT
css
fonts.googleapis.com/ Frame C091 		4 KB
690 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:400,500&text=
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051901.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
9386475565ffbaa9a41d4d643cfa2a895c1f64d557ad5d3f4e299716d737f5eb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://graham-wjxt.zeustechnology.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 25 May 2022 18:01:07 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Wed, 25 May 2022 18:09:17 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 25 May 2022 18:09:17 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame DE62 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsumX5yMFoFWZGCLyTULZWjPNfkGkF5YZSep00YcsW-EUOVRsaN72dlMLv484M6P7CSfwyPHvs-97LdJiS-JBPiIdx5sGP19hJAt8HEALuo0aWZVJEp02tq-IKDZUaclwApQ3XWtHZmN_1ZKidpNoKQkvAn1vm_TuAfuMXVnMsI2eGuBM_sZO1XFTdQV3k9U4RnOSxTNAG1ZttU_wROehBHIEL5GuyjkA-E_F778PGpyxIPMHd05OfIy6EVRfyHskgZ0oN4bhliwHPabr6jauv8bO3_6-IBae7H0fqU5AYkSURgdOTPKo36YLAOrUqU5fN6HmsGQyo3zeDEaBHFJzq0J-A&sig=Cg0ArKJSzFQ5rM-TKp6VEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: graham-wjxt.zeustechnology.com
URL: https://graham-wjxt.zeustechnology.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://graham-wjxt.zeustechnology.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 25 May 2022 18:09:17 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
rd_log
fra1-ib.adnxs.com/ Frame DE62 		0
813 B 		Script
General
Check archive.org
Download Go to
Full URL
https://fra1-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Fgraham-wjxt.zeustechnology.com%2F&e=wqT_3QKABHwAAgAAAwDWAAUBCMzhuZQGEMuBldyCtorXbhgAKjYJAA0BABENCAQAGQEJEClcC0AhAQkBAQApAQUBAfQXATEAAAAgXI_SPzD969gJONg8QNg8SABQAFiAmo8BYABo0v2nAXjg1gWAAQGKAQCSAQNVU0SYAdgFoAFaqAEBsAEAuAEAwAEAyAEA0AEA2AEA4AEA8AEA2AIA4AK04TzqAidodHRwczovL2dyYWhhbS13anh0LnpldXN0ZWNobm9sb2d5LmNvbS-AAwCIAwGQAwCYAxegAwGqAwDAA6wCyAMA2AMA4AMA6AMA-AMBgAQAkgQNL3V0L3YzL3ByZWJpZJgEAKIEDDIxNy42NC4xNTEuM6gEALIEDwgAEAEY2AUgWigAMAA4ArgEAMAEAMgEANoEAggA4AQA8AQAiAUBmAUAoAUAwAUAyQUAAAAAAADwP9IFCQkAAAAhHGwA2AUB4AUA8AUA-gUECAAQAJAGAJgGALgGAMEGBSAcAAAA2gYWChABCS4BAFwQABgA4AYA8gYCCACABwGIBwCgBwC6Bw8BREwYACAAMAA4vQZAAMgH4NYF0gcNCRE8ATgI2gcGCSdo4AcA6gcCCADwB4fjAooIAhAAlQgAAIA_mAgB&s=2aa1f8b1ec98b5d9a9bf4f8fbf10ead7f347eab8&bdref=https%3A%2F%2Fgraham-wjxt.zeustechnology.com%2F&bdtop=true&bdifs=1&bstk=https%3A%2F%2Fgraham-wjxt.zeustechnology.com%2F,https%3A%2F%2Fgraham-wjxt.zeustechnology.com%2F&
Requested by
Host: graham-wjxt.zeustechnology.com
URL: https://graham-wjxt.zeustechnology.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.27 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://graham-wjxt.zeustechnology.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 25 May 2022 18:09:17 GMT
X-Proxy-Origin
217.64.151.3; 217.64.151.3; 539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
a6ec2fed-ff5a-4a5c-a39e-936d98b0c14b
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
300x250-de.jpg
do69ll745l27z.cloudfront.net/tencent/bbshark/ Frame DE62 		44 KB
44 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://do69ll745l27z.cloudfront.net/tencent/bbshark/300x250-de.jpg
Requested by
Host: graham-wjxt.zeustechnology.com
URL: https://graham-wjxt.zeustechnology.com/main.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2315:da00:11:99d8:dfc0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.14.1 /
Resource Hash
bb56bd05bb88097b0f4bc9beacb2c1a00fad3186c12f0d9e222ae699f11850bc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://graham-wjxt.zeustechnology.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 10 May 2022 16:07:02 GMT
via
1.1 021d8c03b9a9a9281489f9b9055209cc.cloudfront.net (CloudFront)
last-modified
Mon, 09 May 2022 08:58:58 GMT
server
nginx/1.14.1
age
1303335
etag
"6278d7d2-ae41"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=2592000
x-amz-cf-pop
DUS51-P2
accept-ranges
bytes
content-length
44609
x-amz-cf-id
PJF_Wh_loBCPylHGmmktlRCwWJ5y7IYWGTKHLoeuVW1_pXKa6d59kQ==
expires
Thu, 09 Jun 2022 16:07:02 GMT
trk.js
cdn.adnxs.com/v/s/224/ Frame DE62 		85 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adnxs.com/v/s/224/trk.js
Requested by
Host: graham-wjxt.zeustechnology.com
URL: https://graham-wjxt.zeustechnology.com/main.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.193.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
c652cb3dcc3b49133285c42c49b296c3a3af4f9fceffde1022a6e3539e2422b1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://graham-wjxt.zeustechnology.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Wed, 25 May 2022 18:09:17 GMT
Content-Encoding
gzip
Age
7809046
X-Cache
HIT, HIT
Connection
keep-alive
Content-Length
29216
X-Served-By
cache-lga21964-LGA, cache-hhn4047-HHN
Access-Control-Allow-Origin
*, *
Last-Modified
Thu, 24 Feb 2022 08:58:20 GMT
Server
AkamaiNetStorage
X-Timer
S1653502158.970556,VS0,VE0
ETag
"80cd3e09497c9fa4207d756c9d41697c:1645693100.060631"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Via
1.1 varnish, 1.1 varnish
Expires
Fri, 24 Feb 2023 08:58:29 GMT
Cache-Control
max-age=31536000
Accept-Ranges
bytes
X-Cache-Hits
1526399, 2133272
it
fra1-ib.adnxs.com/ Frame DE62 		0
813 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fra1-ib.adnxs.com/it?an_audit=0&referrer=https%253A%252F%252Fgraham-wjxt.zeustechnology.com%252F&e=wqT_3QKgCsggBQAAAwDWAAUBCMzhuZQGEMnZlfLBoaaxIxgAKjYJPeyodldh3T8RKkQTktpy1D8ZAAABAvBJFUAh4lrE4v3Z1z8p-x2KAn0i4T8xAAAAwB6F4z8w_uvYCTjYPEDDG0gCUK-o66oBWICajwFgAGjS_acBeODWBYABAYoBA1VTRJIFBvBSmAGsAqAB-gGoAQGwAQC4AQHAAQXIAQLQAQDYAQDgAQDwAQCKAlp1ZignYScsIDU4NTczNDEsIDE2NTM1MDIxNTYpO3VmKCdjJywgNTI5NjAzMTZGHgAwcicsIDM1ODI3NDA5NTYfAPCwkgL1AyE0MU9ia0FpOHVLQVpFSy1vNjZvQkdBQWdnSnFQQVRBQU9BQkFBRWpERzFELTY5Z0pXQUJnX19fX193OW9BSEFCZUFHQUFRR0lBUUdRQVFHWUFRR2dBUUdvQVFPd0FRQzVBU21MaUlNQUFPQV93UUU5dkRGdWVTTGhQOGtCVVlhRjM4SUk4RF9aQVl3Vk5aaUc0ZTBfNEFFQTlRRUFBQUFBbUFJQW9BSUF0UUlBAREIdlFJAQfwSUF3QUlCeUFJQjBBSUIyQUlCNEFJQTZBSUEtQUlBZ0FNQm1BTUJ1Z01KUmxKQk1UbzBPREF6NEFPekxvZ0VBSkFFQUpnRUFjRUVBBU4BAQhESkIBBw0BGDJBUUE4UVENDihBQUFJZ0Z3eVdwQhETFFBBX3NRVQEaCQEITUVGCQkBAQREShUoDEFBQTAuKAAETmsuKACwZ0JhcWlBX0FGdHI3TkNQZ0Z2Y0RsQW9JR0EwVlZVb2dHQVpBR0FaZ0dBS0VHAUwJASRDb0JnR3lCaVFKCRAFAQBSBQYJAQBaCQcFAQBoBQYFAUBDNEJnby6aApkBIUZoSU9SUTr5ASxJQ2Fqd0VnQUNnQU0R6YhBQUFPZ2xHVWtFeE9qUTRNRE5Bc3k1SmpCVTFtSWJoN1Q5UgEkCQEAQh15AEIdeQRCcAkgAQEEQngBBgkBIbgAay54AfC2LtgCAOACtOE86gInaHR0cHM6Ly9ncmFoYW0td2p4dC56ZXVzdGVjaG5vbG9neS5jb20vgAMAiAMBkAMAmAMXoAMBqgMAwAOsAsgDANgDAOADAOgDAPgDAYAEAJIEDS91dC92My9wcmViaWSYBACiBAwyMTcuNjQuMTUxLjOoBACyBBAIABABGKwCINgEKAAwADgCuAQAwAQAyAQA0gQOMzUyMyNGUkExOjQ4MDPaBAIIAeAEAfAEZfAgiAUBmAUAoAX_EQEUAcAFAMkFgTscAADwP9IFCQkJDHgAANgFAeAFAfAF4Mk0-gUECAAQAJAGAJgGALgGAMEGCSUo8D_QBtUN2gYWChAJERkBXBAAGADgBgHyBgIIAIAHAYgHAKAHAboHDwFISBgAIAAwADi9BkAAyAfg1gXSBw0VdgE4CNoHBgknaOAHAOoHAggA8AeH4wKKCAIQAJUIAACAP5gIAQ..&s=2f9debab928b896a54b97dc9c9b1960712f8c7fd
Requested by
Host: graham-wjxt.zeustechnology.com
URL: https://graham-wjxt.zeustechnology.com/main.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.27 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://graham-wjxt.zeustechnology.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 25 May 2022 18:09:17 GMT
X-Proxy-Origin
217.64.151.3; 217.64.151.3; 539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
53804558-6453-474d-84dc-060994603c2c
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame DE62 		136 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051901.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1ecfc5a4d72d8f9fc774268cda69765e8578cd3a3859b229288b10c36acb0b35
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://graham-wjxt.zeustechnology.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 25 May 2022 18:09:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42522
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1653305577626270"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 25 May 2022 18:09:17 GMT
downsize_200k_v1
tpc.googlesyndication.com/simgad/654892692073010518/ Frame C091 		42 KB
43 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/654892692073010518/downsize_200k_v1?sqp=4sqPyQSLAUKIAQgAEhQNzczMPhUAAABAHQAAAAAlAAAAABgAIgoNAACAPxUAAIA_Kk8IWhABHQAAtEIgASgBMAY4A0CAwtcvSABQAFgAYFpwAngAgAEAiAEAkAEAnQEAAIA_oAEAqAEAsAGAreIEuAH___________8BxQEtsp0-Mg8I2AQQugIYASABLQAAAD8&rs=AOga4qlHWxTVTAjcBcK2O8lb1TCKRf9ZYg
Requested by
Host: graham-wjxt.zeustechnology.com
URL: https://graham-wjxt.zeustechnology.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bf08eed2f136956a7c9eda1dfcdaecaa35de43974e1116dbf381240de2e96711
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://graham-wjxt.zeustechnology.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Thu, 19 May 2022 10:44:57 GMT
x-content-type-options
nosniff
age
545060
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43098
x-xss-protection
0
last-modified
Thu, 13 Jan 2022 08:43:54 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Fri, 19 May 2023 10:44:57 GMT
downsize_200k_v1
tpc.googlesyndication.com/simgad/10038990801002461740/ Frame C091 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/10038990801002461740/downsize_200k_v1?sqp=4sqPyQR5QncIABIUDc3MzD4VAAAAQB0AAAAAJQAAAAAYACIKDQAAgD8VAACAPypPCFoQAR0AALRCIAEoATAGOANAgMLXL0gAUABYAGBacAJ4AIABAIgBAJABAJ0BAACAP6ABAKgBALABgK3iBLgB____________AcUBLbKdPg&rs=AOga4qk8cDnJvYAB43BSftGvZbXq_fYpMA
Requested by
Host: graham-wjxt.zeustechnology.com
URL: https://graham-wjxt.zeustechnology.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1d5968dfaaaacd03735fbf41e9cb7add2e18f1d2f1e99e2b5c66107d2056b13f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://graham-wjxt.zeustechnology.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 25 May 2022 07:47:23 GMT
x-content-type-options
nosniff
age
37314
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5097
x-xss-protection
0
last-modified
Tue, 26 Oct 2021 09:27:55 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 25 May 2023 07:47:23 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame C091 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=Cb5XHzXCOYuTvG8uX9u8P1O2KyA6I3eCJapjWuLroD5aCzYWIFhABILTHtChglYKAgLAHoAGw1oGZKMgBBqkCcpLP9IrlsT7gAgCoAwHIAwqqBIcCT9Chi_oVp94WAWoex92YM5zvv-ar3m1zgSDRoFlKBbaXSa1omROKypFJnEa72QXVKWc8P_QnyHU3-BXPkEdNG42MY5aq4fom1oXEkmCjTOXbSyAqdkMZP7ljSVyBYc4K8GT8dZgEhkyZa8_AMgQzt8WBjpr78g1UT08eJE-cXJMUX5i4LA1x1kI7Vsm74Yy03KGAWQJZawqgt1I0mFaZ0ARsnFwPC12MranV1mVpNLy5k4hZ_byMLhrEswFzEqccXTOmieIF_jd-E_9GSI2Eqp0u9KvaeWx47bbkSH4QkWhidBCbyOAZyhKxx-a2S1FL9RRuSyE2VfbfomFnfe-YPtBxludKdpzABPPNt8LuA-AEAZIFBAgEGAGSBQQIBRgEoAY3gAewjtL4AqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcEENibCdIICQiA4YBwEAEYHYAKA8gLAdgTC9AVAZgWAYAXAbIXHgocCAASFHB1Yi02NzE0ODI1NjA4MzUwMDA5GLjQEg&sigh=f-kv4K6mudM&uach_m=[UACH]&cid=CAQSOwCNIrLMHVS9SuqHb6ZvzETeytPVXoPXE_wX3uBvz4JmDfhmoYbJRci4KvplTnPfk3qjlEtOJb224NDUGAE&template_id=492
Requested by
Host: graham-wjxt.zeustechnology.com
URL: https://graham-wjxt.zeustechnology.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://graham-wjxt.zeustechnology.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers
l
www.google.com/ads/measurement/ Frame C091 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRtabjhiNJw7ZwX_aZrd_BRUPVL6FZRcC8d0obwRCtz2uf49hDYh6uFXu4VVQjmEcwTX4fR
Requested by
Host: graham-wjxt.zeustechnology.com
URL: https://graham-wjxt.zeustechnology.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://graham-wjxt.zeustechnology.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers
en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame C091 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en.png
Requested by
Host: graham-wjxt.zeustechnology.com
URL: https://graham-wjxt.zeustechnology.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://graham-wjxt.zeustechnology.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 24 May 2022 18:59:48 GMT
x-content-type-options
nosniff
server
cafe
age
83369
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag
14819457070020093239
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2502
x-xss-protection
0
expires
Wed, 25 May 2022 18:59:48 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame C091 		295 B
400 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: graham-wjxt.zeustechnology.com
URL: https://graham-wjxt.zeustechnology.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://graham-wjxt.zeustechnology.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 25 May 2022 05:43:34 GMT
x-content-type-options
nosniff
server
cafe
age
44743
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag
426692510519060060
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Thu, 26 May 2022 05:43:34 GMT
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012205161914000/ Frame 9FB0 		220 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012205161914000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051901.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
757319a250590e2bd0a13b21c1541d2de6628e4f27fc53dbc09810a20eece701
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://graham-wjxt.zeustechnology.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
120220
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
61456
x-xss-protection
0
server
sffe
date
Tue, 24 May 2022 08:45:37 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"42b814baf88beb20"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 24 May 2023 08:45:37 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012205161914000/v0/ Frame 9FB0 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012205161914000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051901.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bb79fb74d6258322e62522032aa870d6b08193d00356365ada57b7ec120c831f
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://graham-wjxt.zeustechnology.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
176391
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5191
x-xss-protection
0
server
sffe
date
Mon, 23 May 2022 17:09:26 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"d3630c4be819f8fb"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 23 May 2023 17:09:26 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012205161914000/v0/ Frame 9FB0 		94 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012205161914000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051901.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ba4104ca707204425da942d41ded59339a7925fa7986876ae2b2fde22a3ef7a2
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://graham-wjxt.zeustechnology.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
176391
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28900
x-xss-protection
0
server
sffe
date
Mon, 23 May 2022 17:09:26 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"ccce7ec6c76e0017"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 23 May 2023 17:09:26 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012205161914000/v0/ Frame 9FB0 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012205161914000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051901.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3427cca8a2e3789c0a04279acc2720b7f93b87932a915c850fe41a09924f0a8c
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://graham-wjxt.zeustechnology.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
176391
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1905
x-xss-protection
0
server
sffe
date
Mon, 23 May 2022 17:09:26 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"862cd07357fd06d9"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 23 May 2023 17:09:26 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012205161914000/v0/ Frame 9FB0 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012205161914000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051901.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1632299889539ec3c89ff14ed39f3a8ad49ab6b13eedf7bb78e0bd70b95d79a9
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://graham-wjxt.zeustechnology.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
82931
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12945
x-xss-protection
0
server
sffe
date
Tue, 24 May 2022 19:07:06 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"2cd215bb1afb4615"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 24 May 2023 19:07:06 GMT
css
fonts.googleapis.com/ Frame 9FB0 		8 KB
965 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051901.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
8393b0f49cbaac879bc0a89a8d6fc918081a21fd4b13e5ae4416d2c1afbcca92
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://graham-wjxt.zeustechnology.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 25 May 2022 18:00:22 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Wed, 25 May 2022 18:09:17 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 25 May 2022 18:09:17 GMT
en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 9FB0 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en.png
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051901.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://graham-wjxt.zeustechnology.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 24 May 2022 18:59:48 GMT
x-content-type-options
nosniff
server
cafe
age
83369
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag
14819457070020093239
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2502
x-xss-protection
0
expires
Wed, 25 May 2022 18:59:48 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 9FB0 		295 B
319 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051901.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://graham-wjxt.zeustechnology.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 25 May 2022 05:43:34 GMT
x-content-type-options
nosniff
server
cafe
age
44743
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag
426692510519060060
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Thu, 26 May 2022 05:43:34 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 9D37 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssbrsBdPsVzwN5xL-wIstv-HyYWCD-vuWb7JMluXrd4dJIsAA3V6qJxAWKrlCMIHhBCmGb67fX92tCCq12vTLwrKa4ZjjaE-TGDrcCAa3y2NQFWqsNbEc1mrSHmZdTXVnLh6c7yTv76WUMqbeszFwzJhBfyuQis3sHXirnAm-urn1LBJPZfipQ5I0vNsa2CKbinplJ5uBcmYRMKYQKUyF4AHMLJzzyqaq7VCNOjokKAYHf-m5Vzcj-Iwb2RhQItF3aNdhTYtobsYmJ6ZlLQuweDGtJIBqoyy1l-aTIKmuHr7PoAeyj9q61-5ge6rpm-s_t0QJqHkz2GiGOQxjYhKQ&sig=Cg0ArKJSzA366bkpEnOrEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: graham-wjxt.zeustechnology.com
URL: https://graham-wjxt.zeustechnology.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://graham-wjxt.zeustechnology.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 25 May 2022 18:09:17 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 9D37 		136 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051901.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1ecfc5a4d72d8f9fc774268cda69765e8578cd3a3859b229288b10c36acb0b35
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://graham-wjxt.zeustechnology.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 25 May 2022 18:09:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42522
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1653305577626270"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 25 May 2022 18:09:17 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=gpt_whirs&c=sd&s=2
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051901.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4014:80e::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://graham-wjxt.zeustechnology.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 25 May 2022 18:09:18 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012205161914000/ Frame B8D9 		220 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012205161914000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051901.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
757319a250590e2bd0a13b21c1541d2de6628e4f27fc53dbc09810a20eece701
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://graham-wjxt.zeustechnology.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
120220
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
61456
x-xss-protection
0
server
sffe
date
Tue, 24 May 2022 08:45:37 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"42b814baf88beb20"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 24 May 2023 08:45:37 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012205161914000/v0/ Frame B8D9 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012205161914000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051901.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bb79fb74d6258322e62522032aa870d6b08193d00356365ada57b7ec120c831f
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://graham-wjxt.zeustechnology.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
176391
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5191
x-xss-protection
0
server
sffe
date
Mon, 23 May 2022 17:09:26 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"d3630c4be819f8fb"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 23 May 2023 17:09:26 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012205161914000/v0/ Frame B8D9 		94 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012205161914000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051901.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ba4104ca707204425da942d41ded59339a7925fa7986876ae2b2fde22a3ef7a2
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://graham-wjxt.zeustechnology.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
176391
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28900
x-xss-protection
0
server
sffe
date
Mon, 23 May 2022 17:09:26 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"ccce7ec6c76e0017"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 23 May 2023 17:09:26 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012205161914000/v0/ Frame B8D9 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012205161914000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051901.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3427cca8a2e3789c0a04279acc2720b7f93b87932a915c850fe41a09924f0a8c
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://graham-wjxt.zeustechnology.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
176391
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1905
x-xss-protection
0
server
sffe
date
Mon, 23 May 2022 17:09:26 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"862cd07357fd06d9"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 23 May 2023 17:09:26 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012205161914000/v0/ Frame B8D9 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012205161914000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051901.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1632299889539ec3c89ff14ed39f3a8ad49ab6b13eedf7bb78e0bd70b95d79a9
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://graham-wjxt.zeustechnology.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
82931
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12945
x-xss-protection
0
server
sffe
date
Tue, 24 May 2022 19:07:06 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"2cd215bb1afb4615"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 24 May 2023 19:07:06 GMT
css
fonts.googleapis.com/ Frame B8D9 		8 KB
892 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051901.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
8393b0f49cbaac879bc0a89a8d6fc918081a21fd4b13e5ae4416d2c1afbcca92
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://graham-wjxt.zeustechnology.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 25 May 2022 18:02:24 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Wed, 25 May 2022 18:09:17 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 25 May 2022 18:09:17 GMT
en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame B8D9 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en.png
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051901.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://graham-wjxt.zeustechnology.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 24 May 2022 18:59:48 GMT
x-content-type-options
nosniff
server
cafe
age
83369
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag
14819457070020093239
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2502
x-xss-protection
0
expires
Wed, 25 May 2022 18:59:48 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame B8D9 		295 B
319 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051901.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://graham-wjxt.zeustechnology.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 25 May 2022 05:43:34 GMT
x-content-type-options
nosniff
server
cafe
age
44743
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag
426692510519060060
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Thu, 26 May 2022 05:43:34 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 06E5 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsscrOdzkomM7PDS5OA2w9FE3rJ7oI11gPWA8etdlVnFCKaxYi6NPn0eqbN4l7E2UHsf2t3sS9agiMBMC_lqEkdVPgM2f-7OXCh_q_6Pvl5M3HR73sJddhlZNKDEeYZFAtjM7yJkJoTzv0ScXc9xumKBRj-zSBfgOrl8oIaZkCgNK0jXa3b9exuQYrRcMgmhRTfB1jhBzYWLtLZcXCfVs6ixcE6KsaKeteaPc9-vIW4uh2MzgyFxTWUn-kI3mLK-ovCbciU_K04TcYfZT8R9b9tX86666z9rEGX1wUwc6vOwZqpH6SAKgyo7vSfqc8M-kuHsU5ZAbwwQA_6EjC_blg&sig=Cg0ArKJSzLy9Fg5yghaUEAE&uach_m=[UACH]&adurl=
Requested by
Host: graham-wjxt.zeustechnology.com
URL: https://graham-wjxt.zeustechnology.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://graham-wjxt.zeustechnology.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 25 May 2022 18:09:17 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220523/r20110914/client/ Frame 06E5 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220523/r20110914/client/window_focus_fy2019.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051901.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://graham-wjxt.zeustechnology.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 25 May 2022 18:07:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
132
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 08 Jun 2022 18:07:05 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 06E5 		136 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051901.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1ecfc5a4d72d8f9fc774268cda69765e8578cd3a3859b229288b10c36acb0b35
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://graham-wjxt.zeustechnology.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 25 May 2022 18:09:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42522
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1653305577626270"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 25 May 2022 18:09:18 GMT
l
www.google.com/ads/measurement/ Frame 06E5 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTqCEV5oFMjKm0RfeQLr8GJI9YezW41JtPeB1kh_m9SKyr-7fNwuP11ldVW9bjJdHTRYbkA
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051901.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://graham-wjxt.zeustechnology.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers
11620025395715629891
tpc.googlesyndication.com/simgad/ Frame 06E5 		27 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/11620025395715629891
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051901.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2fb6384a0d34489b2de325aaabc88dfb3493c941f0018532fbb65def9fac2756
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://graham-wjxt.zeustechnology.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 24 May 2022 22:40:02 GMT
x-content-type-options
nosniff
age
70155
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27789
x-xss-protection
0
last-modified
Wed, 19 Jan 2022 17:09:55 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Wed, 24 May 2023 22:40:02 GMT
l
www.google.com/ads/measurement/ Frame 9FB0 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaT_VWlbuO1iwo7ta6mcEBFBWbTNLRGpd8FLB4rhhPCqd0CuMGfXwPV-yUXDSzeo53bIb1aI
Requested by
Host: graham-wjxt.zeustechnology.com
URL: https://graham-wjxt.zeustechnology.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://graham-wjxt.zeustechnology.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers
adview
securepubads.g.doubleclick.net/pagead/ Frame 9FB0 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=Cw9SVzXCOYubvG8uX9u8P1O2KyA7ps_CharrrztmpD5aCzYWIFhABILTHtChglYKAgLAHoAHP7M3RAcgBCakCcpLP9IrlsT7gAgCoAwHIAwqqBJICT9ACbnz1RBHlV8xT3asgCRLw9JnEHhH8VcTiTnCORWBwxrNB3oiYTO5uShJEyyFQSXqUj9mUuDqfx2bFX1k-jSG8mmqDuZvnwguqqbHGDnCM_4xdcBLnKXEQ7PixdUkvKI0CI3rqiHNoZaB7UpzYv9XqJLTNhVxtYUjG1uglvYEukpLL-1bx9e8nABXYkBzihDyrnkTmScQiAUZCyqGTQ6rmRwmy5HGg-uMIXpzU18Wz6jLRtOEhRsBtrAktTJZHflG5i_J3B2kDVBjR9h11L3JJD5yub03WFBxCXRe34C9mMckJo4ZvdpKzeaEN2N4dd8_YPE_H4abpRfA-Qh94SLuQgLXzuSWa3m5rzmBHt3lz08AErMDu9fMD4AQBkgUECAQYAZIFBAgFGASgBi6AB5mTsq4CqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwQQw9sR0ggJCIDhgHAQARgdgAoDyAsBuBOIJ9gTDNAVAZgWAYAXAbIXHgocCAASFHB1Yi02NzE0ODI1NjA4MzUwMDA5GLjQEg&sigh=Dyy1yOl1Bug&uach_m=[UACH]&cid=CAQSOwCNIrLMHVS9SuqHb6ZvzETeytPVXoPXE_wX3uBvz4JmDfhmoYbJRci4KvplTnPfk3qjlEtOJb224NDUGAE&template_id=5000
Requested by
Host: graham-wjxt.zeustechnology.com
URL: https://graham-wjxt.zeustechnology.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://graham-wjxt.zeustechnology.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers
adview
securepubads.g.doubleclick.net/pagead/ Frame B8D9 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CknQBzXCOYufvG8uX9u8P1O2KyA6I3eCJaujWuLroD5aCzYWIFhABILTHtChglYKAgLAHoAGw1oGZKMgBCakCcpLP9IrlsT7gAgCoAwHIAwqqBIsCT9Coi0_T3ku3xE3Oo44dcVC7_-BrDBP0IeKrUM5Zp2-G1PhAJNuYTeU3h_WDgKmy4FVu4VyIUJjLOOu-0FwMZe2xiUNbk2RkjQuwenlErBhDm_8boC5Yphp6bgSKYhoeYiTb3_nUq-G-4KAcxtwr_TadS_ZfxFTZBzorqWVlDJBCRTf1DtPBOYNLa967rpJ4FZ8EjiYs0ooopAy0scZvxhV-_1M4jbcJGaqjFspnq9b-GNUbvUriWaomZJ3L5aVsrvQ_9c2V26Oh--UIqCi7uOn5nU8G2zLsFvYIpbN9HgUqswDZANA4iVEzPLf4VzMAdTDqLxbj2__mH10oDcQWJvyuZFU2cawEuSoCwATzzbfC7gPgBAGSBQQIBBgBkgUECAUYBKAGLoAHsI7S-AKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHBBDxlgzSCAkIgOGAcBABGB2ACgPICwG4E4gn2BML0BUBmBYBgBcBshceChwIABIUcHViLTY3MTQ4MjU2MDgzNTAwMDkYuNAS&sigh=Xw514mRk1T4&uach_m=[UACH]&cid=CAQSOwCNIrLMHVS9SuqHb6ZvzETeytPVXoPXE_wX3uBvz4JmDfhmoYbJRci4KvplTnPfk3qjlEtOJb224NDUGAE&template_id=5000
Requested by
Host: graham-wjxt.zeustechnology.com
URL: https://graham-wjxt.zeustechnology.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://graham-wjxt.zeustechnology.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers
web.js
ads.celtra.com/15c65cb5/ Frame 9D37 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.celtra.com/15c65cb5/web.js?&clickUrl=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjst11WDhQ7Y_OUAQJJoKB7BpXHD5I9mHe1QQdPdEegZvMuXv5JHEyqdp8CjskF9nTa4S-ITPHte3YDTU4qxF8cI5ifiV2xpGX7_jcrVdnHo1r5ZKWCVE9cV5FqizWTMomzlSUM_lDumZv6YfKwe5Bkp1nbyH5qY-99qFgeCdvfwO3ygnsh2OAgJXhFtEbprdoKrWrLGyXm4AnZtDk6eNV_AkzrmiZb8Qp_7m1OixLpVRaXkoWIx1iJr_jzAZpPWwOBMFuhuGwMRLVI9ktdn9xftlPo9zT0Q1NAch8zhIb3KTMNpkhD5T_DtmQzbSNOmDMWPMqYEDJyZau1ChBg%26sig%3DCg0ArKJSzOaBEFukfBQLEAE%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26adurl%3D&sticky=bottom&preferredClickThroughWindow=new&clickEvent=advertiser&iosAdvId=&androidAdvId=&externalAdServer=DFPPremium&tagVersion=html-standard-7&eas.JWVjaWQh=138392599865&externalCreativeId=138392599865&externalPlacementId=188961168&externalSiteId=14466408&externalSiteName=zeustechnology.com&externalLineItemId=6023264127&externalCampaignId=3032225001&externalAdvertiserId=4883945438&coppa=0&scriptId=celtra-script-1&clientTimestamp=1653502157.959&clientTimeZoneOffsetInMinutes=0&hostPageLoadId=8674685952649426
Requested by
Host: graham-wjxt.zeustechnology.com
URL: https://graham-wjxt.zeustechnology.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.156.107.10 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-107-10.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
051bb85e68ca53dc8e7b923e1ff98f5f59d389c05eeaaedc3db14138389f45d1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://graham-wjxt.zeustechnology.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 25 May 2022 18:09:17 GMT
content-encoding
gzip
Content-Type
application/javascript; charset=utf-8
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
4706
Expires
0
truncated
/ Frame C091 		217 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
739b900cbaf4f473a90f3f4dae1b088418ef46cff0e7918a379a065dc68c8df6

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type
image/png
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame C091 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,500&lang=de
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://graham-wjxt.zeustechnology.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Mon, 23 May 2022 11:07:47 GMT
x-content-type-options
nosniff
age
198091
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 23 May 2023 11:07:47 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame C091 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,500&lang=de
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://graham-wjxt.zeustechnology.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Mon, 23 May 2022 16:12:47 GMT
x-content-type-options
nosniff
age
179791
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15920
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:45 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 23 May 2023 16:12:47 GMT
downsize_200k_v1
tpc.googlesyndication.com/simgad/14700577122859765402/ Frame 9FB0 		28 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/14700577122859765402/downsize_200k_v1?w=600&h=314
Requested by
Host: graham-wjxt.zeustechnology.com
URL: https://graham-wjxt.zeustechnology.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2a3e3202cfaa31ea0d64c44c856d1578cac15b98a7554a530a69bd007f33cb04
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://graham-wjxt.zeustechnology.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Mon, 23 May 2022 12:28:04 GMT
x-content-type-options
nosniff
age
193274
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29162
x-xss-protection
0
last-modified
Mon, 09 May 2022 07:12:55 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Tue, 23 May 2023 12:28:04 GMT
truncated
/ Frame 9FB0 		206 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame 9FB0 		209 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame 9FB0 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
121902ea384864e38ddca39e216b5b15b4702c073551024862dd4e3837a50e4e

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type
image/png
4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v44/ Frame 9FB0 		28 KB
28 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesans/v44/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7d210f7d18b1a67c12052541793c3fc63a9175ec1809b7988b9b9a13a4b50e16
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://graham-wjxt.zeustechnology.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 24 May 2022 22:12:07 GMT
x-content-type-options
nosniff
age
71831
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28276
x-xss-protection
0
last-modified
Tue, 19 Apr 2022 19:33:38 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 24 May 2023 22:12:07 GMT
downsize_200k_v1
tpc.googlesyndication.com/simgad/654892692073010518/ Frame B8D9 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/654892692073010518/downsize_200k_v1?w=600&h=314
Requested by
Host: graham-wjxt.zeustechnology.com
URL: https://graham-wjxt.zeustechnology.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c83f52a7741dec7d418b154516fe739884d94aab93d539d041fb710b27882c16
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://graham-wjxt.zeustechnology.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 24 May 2022 17:06:09 GMT
x-content-type-options
nosniff
age
90189
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
26552
x-xss-protection
0
last-modified
Thu, 13 Jan 2022 08:43:54 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Wed, 24 May 2023 17:06:09 GMT
truncated
/ Frame B8D9 		206 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame B8D9 		209 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame B8D9 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9ca291cfde4b1a33da8b095a8b883c6686cad4d82cbfeec60719db85a17df7d7

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type
image/png
4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v44/ Frame B8D9 		28 KB
28 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesans/v44/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7d210f7d18b1a67c12052541793c3fc63a9175ec1809b7988b9b9a13a4b50e16
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://graham-wjxt.zeustechnology.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 24 May 2022 22:12:07 GMT
x-content-type-options
nosniff
age
71831
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28276
x-xss-protection
0
last-modified
Tue, 19 Apr 2022 19:33:38 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 24 May 2023 22:12:07 GMT
truncated
/ Frame 9D37 		207 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
15d222a92fe790e2db4470243fa0489abe0fdb4c8ec9340af215b99241aed884

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame DE62 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsssASjKNx_PFq7T7krY_BJVIbI2GeGvP8PWNbitz1KZWjfpwsUzxS72PIAsy-rEzDINSsGvZCy4BXCkQTi-oGTgkdE7kY3uQwtfAMFVB4f66k6Dh4tgq4oyVpa3-UutfOYT9fL5zSn57Fwi1yjgBH85Vl5xfoUUNqHMgC92QWhTDwoRiMrhPbdVfobFx-BgZhZC1FyTIzTaTsH7--dt7nCyqssr_rBXCs-8slrVIEfyoRVBMAQFvZGqk1Grlm4kz4G3qeop_nvilqOCjuvYFrJ-2Pyo7Uc59BB7Fpvva2pYM-izNlnlprkulptd9lx8Lmzev6AhQP4XZxm5rD9GTznXpm-w&sig=Cg0ArKJSzJFJlNVNB2dSEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://graham-wjxt.zeustechnology.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 25 May 2022 18:09:18 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Wed, 25 May 2022 18:09:18 GMT
truncated
/ Frame DE62 		210 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
96bbc47553023cf5e1ecb4402817aa64cd42534758a99f58a131387ec98b8dfc

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame 06E5 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu0jHlRdNklccsHo4-5MzZltJegJIfM2qZJfwqlHkbIc7hdlbCy4n7FtY7-zMwoelOdQYNShKuBapqgV5GAu99ZdkR2ay7YTbY7wL-msAF59JWj4s2B5lb4knD9-rt51PpCtBPLDEUZCERNwpUPZJmpAH0F0EBgqSG2kMZ2YVzB7NNisdWFKKNAwoqcGdrj-xRKIWpL6QYFbzYOeXdc6hNTV2Kq2IOMrgAEfjsczMgnP8h9TEqYwrFLXLYgFA303EtRqZAToZs0Y2fTSbNlgKxmR-X2FkVWMeo69v5etMAw0xtTdEEjc41KjECEi_e5-as9UCe50t0RFGLVcPpLAGLb&sig=Cg0ArKJSzBS5WlSvhyE2EAE&uach_m=[UACH]&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://graham-wjxt.zeustechnology.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 25 May 2022 18:09:18 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Wed, 25 May 2022 18:09:18 GMT
truncated
/ Frame 06E5 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1578ef0ae88c2367a41842db85d428b44c1209c07ac4a2ca64084633e0a1f24b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type
image/png
si
googleads.g.doubleclick.net/pagead/drt/ Frame C091
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: graham-wjxt.zeustechnology.com
URL: https://graham-wjxt.zeustechnology.com/
Protocol
H2
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Redirect headers

date
Wed, 25 May 2022 18:09:18 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control
private
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 9C41 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://graham-wjxt.zeustechnology.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
7597
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 25 May 2022 16:02:41 GMT
expires
Thu, 25 May 2023 16:02:41 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame A7AE 		783 B
534 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
e2cade44345876eb5a25dd039211d441584dfa3db6b43d2c60b7b311b7d5a35e
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-P1SvKGipbW-vO9eDsn98Bw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://graham-wjxt.zeustechnology.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
512
content-security-policy
script-src 'report-sample' 'nonce-P1SvKGipbW-vO9eDsn98Bw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 25 May 2022 18:09:18 GMT
expires
Wed, 25 May 2022 18:09:18 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
vevent
fra1-ib.adnxs.com/ Frame DE62 		0
850 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://fra1-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fgraham-wjxt.zeustechnology.com%2F&e=wqT_3QKgCsggBQAAAwDWAAUBCMzhuZQGEMnZlfLBoaaxIxgAKjYJPeyodldh3T8RKkQTktpy1D8ZAAABAvBJFUAh4lrE4v3Z1z8p-x2KAn0i4T8xAAAAwB6F4z8w_uvYCTjYPEDDG0gCUK-o66oBWICajwFgAGjS_acBeODWBYABAYoBA1VTRJIFBvBSmAGsAqAB-gGoAQGwAQC4AQHAAQXIAQLQAQDYAQDgAQDwAQCKAlp1ZignYScsIDU4NTczNDEsIDE2NTM1MDIxNTYpO3VmKCdjJywgNTI5NjAzMTZGHgAwcicsIDM1ODI3NDA5NTYfAPCwkgL1AyE0MU9ia0FpOHVLQVpFSy1vNjZvQkdBQWdnSnFQQVRBQU9BQkFBRWpERzFELTY5Z0pXQUJnX19fX193OW9BSEFCZUFHQUFRR0lBUUdRQVFHWUFRR2dBUUdvQVFPd0FRQzVBU21MaUlNQUFPQV93UUU5dkRGdWVTTGhQOGtCVVlhRjM4SUk4RF9aQVl3Vk5aaUc0ZTBfNEFFQTlRRUFBQUFBbUFJQW9BSUF0UUlBAREIdlFJAQfwSUF3QUlCeUFJQjBBSUIyQUlCNEFJQTZBSUEtQUlBZ0FNQm1BTUJ1Z01KUmxKQk1UbzBPREF6NEFPekxvZ0VBSkFFQUpnRUFjRUVBBU4BAQhESkIBBw0BGDJBUUE4UVENDihBQUFJZ0Z3eVdwQhETFFBBX3NRVQEaCQEITUVGCQkBAQREShUoDEFBQTAuKAAETmsuKACwZ0JhcWlBX0FGdHI3TkNQZ0Z2Y0RsQW9JR0EwVlZVb2dHQVpBR0FaZ0dBS0VHAUwJASRDb0JnR3lCaVFKCRAFAQBSBQYJAQBaCQcFAQBoBQYFAUBDNEJnby6aApkBIUZoSU9SUTr5ASxJQ2Fqd0VnQUNnQU0R6YhBQUFPZ2xHVWtFeE9qUTRNRE5Bc3k1SmpCVTFtSWJoN1Q5UgEkCQEAQh15AEIdeQRCcAkgAQEEQngBBgkBIbgAay54AfC2LtgCAOACtOE86gInaHR0cHM6Ly9ncmFoYW0td2p4dC56ZXVzdGVjaG5vbG9neS5jb20vgAMAiAMBkAMAmAMXoAMBqgMAwAOsAsgDANgDAOADAOgDAPgDAYAEAJIEDS91dC92My9wcmViaWSYBACiBAwyMTcuNjQuMTUxLjOoBACyBBAIABABGKwCINgEKAAwADgCuAQAwAQAyAQA0gQOMzUyMyNGUkExOjQ4MDPaBAIIAeAEAfAEZfAgiAUBmAUAoAX_EQEUAcAFAMkFgTscAADwP9IFCQkJDHgAANgFAeAFAfAF4Mk0-gUECAAQAJAGAJgGALgGAMEGCSUo8D_QBtUN2gYWChAJERkBXBAAGADgBgHyBgIIAIAHAYgHAKAHAboHDwFISBgAIAAwADi9BkAAyAfg1gXSBw0VdgE4CNoHBgknaOAHAOoHAggA8AeH4wKKCAIQAJUIAACAP5gIAQ..&s=2f9debab928b896a54b97dc9c9b1960712f8c7fd&type=nv&nvt=5&jm=1003&px=650&py=435&bw=300&bh=250&sid=1951812141128570654&vd=ct~0|rr~0&sv=224&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=20329982&sw=1600&sh=1200&pw=1600&ph=5030&ww=1600&wh=1200&ft=2
Requested by
Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/224/trk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.27 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://graham-wjxt.zeustechnology.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 25 May 2022 18:09:18 GMT
X-Proxy-Origin
217.64.151.3; 217.64.151.3; 539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
319eb221-0b9c-4ee7-9309-f221d0b606bf
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://graham-wjxt.zeustechnology.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
web.js
cache-ssl.celtra.com/api/creatives/80abb56d/compiled/ Frame 9D37 		477 KB
117 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cache-ssl.celtra.com/api/creatives/80abb56d/compiled/web.js?v=3-b15c485b10&secure=1&cachedVariantChoices=W10-&isPurposePreview=0&eventMetadataExperiment=newMeta&inmobi=0
Requested by
Host: ads.celtra.com
URL: https://ads.celtra.com/15c65cb5/web.js?&clickUrl=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjst11WDhQ7Y_OUAQJJoKB7BpXHD5I9mHe1QQdPdEegZvMuXv5JHEyqdp8CjskF9nTa4S-ITPHte3YDTU4qxF8cI5ifiV2xpGX7_jcrVdnHo1r5ZKWCVE9cV5FqizWTMomzlSUM_lDumZv6YfKwe5Bkp1nbyH5qY-99qFgeCdvfwO3ygnsh2OAgJXhFtEbprdoKrWrLGyXm4AnZtDk6eNV_AkzrmiZb8Qp_7m1OixLpVRaXkoWIx1iJr_jzAZpPWwOBMFuhuGwMRLVI9ktdn9xftlPo9zT0Q1NAch8zhIb3KTMNpkhD5T_DtmQzbSNOmDMWPMqYEDJyZau1ChBg%26sig%3DCg0ArKJSzOaBEFukfBQLEAE%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26adurl%3D&sticky=bottom&preferredClickThroughWindow=new&clickEvent=advertiser&iosAdvId=&androidAdvId=&externalAdServer=DFPPremium&tagVersion=html-standard-7&eas.JWVjaWQh=138392599865&externalCreativeId=138392599865&externalPlacementId=188961168&externalSiteId=14466408&externalSiteName=zeustechnology.com&externalLineItemId=6023264127&externalCampaignId=3032225001&externalAdvertiserId=4883945438&coppa=0&scriptId=celtra-script-1&clientTimestamp=1653502157.959&clientTimeZoneOffsetInMinutes=0&hostPageLoadId=8674685952649426
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.74 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-74.fra50.r.cloudfront.net
Software
Apache /
Resource Hash
a0a47fdff8a5780429739613615fd99bff0f7dc9f2f98e643ef1662645248560

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://graham-wjxt.zeustechnology.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 25 May 2022 04:00:06 GMT
content-encoding
gzip
age
50951
x-cache
Hit from cloudfront
content-length
119588
access-control-allow-origin
*
server
Apache
etag
"87d24d96de4aedf54da2f78c3828daba31fdc7b8fa633845a280af6a50990225"
vary
Accept-Encoding
x-varnish
2757079 3873743
via
1.1 varnish (Varnish/6.2), 1.1 055d899361491602a9ef1eb0cdc5e336.cloudfront.net (CloudFront)
access-control-expose-headers
Accept-Ranges, Content-Encoding, Content-Length, Content-Range, Content-Disposition
cache-control
max-age=31556926
access-control-allow-credentials
false
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-type
application/javascript
x-amz-cf-id
fLyb0-rURV4g2Pejmd6xKUSpWoXphlb4KR6fRK2A5yWRExi2YfE5SQ==
truncated
/ Frame 9D37 		167 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d26432e661658ef9d3d538b1f71b1478193f6c141f1cd7dfed03e5b677d178c2

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type
image/png
f0088b89-a246-4a27-8224-ab2574ee1283
https://graham-wjxt.zeustechnology.com/ Frame 9D37 		167 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
blob:https://graham-wjxt.zeustechnology.com/f0088b89-a246-4a27-8224-ab2574ee1283
Requested by
Host: graham-wjxt.zeustechnology.com
URL: https://graham-wjxt.zeustechnology.com/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d26432e661658ef9d3d538b1f71b1478193f6c141f1cd7dfed03e5b677d178c2

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Length
167
Content-Type
image/png
en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 9FB0 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012205161914000/amp4ads-v0.mjs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://graham-wjxt.zeustechnology.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 24 May 2022 18:59:48 GMT
x-content-type-options
nosniff
server
cafe
age
83370
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag
14819457070020093239
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2502
x-xss-protection
0
expires
Wed, 25 May 2022 18:59:48 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 9FB0 		295 B
319 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012205161914000/amp4ads-v0.mjs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://graham-wjxt.zeustechnology.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 25 May 2022 05:43:34 GMT
x-content-type-options
nosniff
server
cafe
age
44744
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag
426692510519060060
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Thu, 26 May 2022 05:43:34 GMT
en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame B8D9 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012205161914000/amp4ads-v0.mjs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://graham-wjxt.zeustechnology.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 24 May 2022 18:59:48 GMT
x-content-type-options
nosniff
server
cafe
age
83370
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag
14819457070020093239
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2502
x-xss-protection
0
expires
Wed, 25 May 2022 18:59:48 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame B8D9 		295 B
319 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012205161914000/amp4ads-v0.mjs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://graham-wjxt.zeustechnology.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 25 May 2022 05:43:34 GMT
x-content-type-options
nosniff
server
cafe
age
44744
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag
426692510519060060
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Thu, 26 May 2022 05:43:34 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame A7AE 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022051901&jk=4472039380596488&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4014:80e::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers
arPbY-3YgYGr_MCC2cNf3gMi8SxKBb_Vamoqi1J17n4.js
pagead2.googlesyndication.com/bg/ Frame 9C41 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/arPbY-3YgYGr_MCC2cNf3gMi8SxKBb_Vamoqi1J17n4.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4014:80e::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6ab3db63edd88181abfcc082d9c35fde0322f12c4a05bfd56a6a2a8b5275ee7e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 25 May 2022 09:06:03 GMT
content-encoding
br
x-content-type-options
nosniff
age
32595
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13637
x-xss-protection
0
last-modified
Tue, 17 May 2022 14:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 25 May 2023 09:06:03 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 9D37 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu3ePp4HLG2Aoj294sl1_RkTTeiQqCLPLP6PywSsA8v5V4eBprk_JpXGY3LCKuzQOw1Ec4gQHm_JucJKiZE6UMHssPDgG6SfbiOZf7eHkDJQ3JLGsRyppfGFKv33hFDbYsPcDgN9kblC2R2DP12pjQMk2f1Gi0vZHFLhfkzrLOaEUUW1LfpYjedhNG5JVCypL2wrdPoKzlLVed530kjyyvmnLPAH7VWrAGz8KMcbRLOwdF11jZczHVQExmORawP8sg0ySJty7T2BTfcbIMDotrunDv1N5TnVg0GDzpy9ByPL9L75eLEXcVZ3B9SCMAU7AollnHdEYr9MTTzVgGomPjy&sig=Cg0ArKJSzIFOUgVIuox8EAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://graham-wjxt.zeustechnology.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 25 May 2022 18:09:18 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Wed, 25 May 2022 18:09:18 GMT
eyJldmVudHMiOlt7InNlc3Npb25JZCI6InMxNjUzNTAyMTU4eDI5ZWMyZjFjZDJmOGM3eDA5OTEwNzYyIiwiYWNjb3VudElkIjoiN2NlZWMxMDIiLCJzdHJlYW0iOiJhZEV2ZW50cyIsImluc3RhbnRpYXRpb24iOiI1MDc5MTQ3NzUwMTQ5NDEzIiwiaW5kZXgiO...
track.celtra.com/json/ 		35 B
242 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track.celtra.com/json/eyJldmVudHMiOlt7InNlc3Npb25JZCI6InMxNjUzNTAyMTU4eDI5ZWMyZjFjZDJmOGM3eDA5OTEwNzYyIiwiYWNjb3VudElkIjoiN2NlZWMxMDIiLCJzdHJlYW0iOiJhZEV2ZW50cyIsImluc3RhbnRpYXRpb24iOiI1MDc5MTQ3NzUwMTQ5NDEzIiwiaW5kZXgiOjAsImNsaWVudFRpbWVzdGFtcCI6MTY1MzUwMjE1OC40NjYsIm5hbWUiOiJjb250YWluZXJCZWNhbWVWaWV3YWJsZSJ9XX0=?crc32c=1128170744
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.67.119.217 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-67-119-217.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://graham-wjxt.zeustechnology.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 25 May 2022 18:09:18 GMT
Cache-Control
no-cache, no-store, must-revalidate
Expires
0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
3_webfont.woff2
cache-ssl.celtra.com/api/fonts/google/Roboto:300/ Frame 7FA0 		2 KB
3 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cache-ssl.celtra.com/api/fonts/google/Roboto:300/3_webfont.woff2?subset=ADENPX
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.74 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-74.fra50.r.cloudfront.net
Software
Apache /
Resource Hash
9d68a98ebdb1951fc93600a2bf139a10de4c4960084b49b1cec28a0eba73d0c1

Request headers

Referer
https://graham-wjxt.zeustechnology.com/
Origin
https://graham-wjxt.zeustechnology.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 25 May 2022 04:47:31 GMT
via
1.1 varnish (Varnish/6.2), 1.1 bee9d99ac2913ec4167e166e6bdb691e.cloudfront.net (CloudFront)
age
48107
x-cache
Hit from cloudfront
content-length
2188
server
Apache
etag
"9d68a98ebdb1951fc93600a2bf139a10de4c4960084b49b1cec28a0eba73d0c1"
x-varnish
1647678
access-control-allow-origin
*
access-control-expose-headers
Accept-Ranges, Content-Encoding, Content-Length, Content-Range, Content-Disposition
cache-control
max-age=31556926
access-control-allow-credentials
false
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-type
application/font-woff2
x-amz-cf-id
4fdwctSp8eBJ1t8r1vds_7VQOzAiziviCSyRkgCRD6JWmlX1bXbbDA==
generate_204
tpc.googlesyndication.com/ Frame 9C41 		0
9 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?3sOu2w
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 25 May 2022 18:09:18 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
Minimize.png
cache-ssl.celtra.com/api/blobs/d058f332ec79c6e00f1045d5a28488b6241a5d0ec5e6a8d36e64b63a2eb4f5e3/ Frame 7FA0 		93 B
603 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cache-ssl.celtra.com/api/blobs/d058f332ec79c6e00f1045d5a28488b6241a5d0ec5e6a8d36e64b63a2eb4f5e3/Minimize.png?transform=crush&quality=256
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.74 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-74.fra50.r.cloudfront.net
Software
Apache /
Resource Hash
65f0d90cfdb3d5e71f890d7d3b1be97491b49b170e6573fbd3e09e3340720cfd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://graham-wjxt.zeustechnology.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Mon, 23 May 2022 05:59:30 GMT
via
1.1 varnish (Varnish/6.2), 1.1 055d899361491602a9ef1eb0cdc5e336.cloudfront.net (CloudFront)
age
216588
x-cache
Hit from cloudfront
content-length
93
server
Apache
etag
"65f0d90cfdb3d5e71f890d7d3b1be97491b49b170e6573fbd3e09e3340720cfd"
x-varnish
24097059
access-control-allow-origin
*
access-control-expose-headers
Accept-Ranges, Content-Encoding, Content-Length, Content-Range, Content-Disposition
cache-control
max-age=31556926
access-control-allow-credentials
false
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-type
image/png
x-amz-cf-id
pv8ZQhSPXYOP3ZahiktJPojLcKP613YkltF-ppRI2QD0kFXwANSCYQ==
Min_Over.png
cache-ssl.celtra.com/api/blobs/57a521c8096594b6b3215dcb74d37533419962d2712c12f70fa052c9bbb4d0a8/ Frame 7FA0 		229 B
737 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cache-ssl.celtra.com/api/blobs/57a521c8096594b6b3215dcb74d37533419962d2712c12f70fa052c9bbb4d0a8/Min_Over.png?transform=crush&quality=256
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.74 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-74.fra50.r.cloudfront.net
Software
Apache /
Resource Hash
5be03e5167b4673dda37498b0fbadd6c5d70c7731006e326ca05ecb9c567ee28

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://graham-wjxt.zeustechnology.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Mon, 23 May 2022 05:59:30 GMT
via
1.1 varnish (Varnish/6.2), 1.1 055d899361491602a9ef1eb0cdc5e336.cloudfront.net (CloudFront)
age
216588
x-cache
Hit from cloudfront
content-length
229
server
Apache
etag
"5be03e5167b4673dda37498b0fbadd6c5d70c7731006e326ca05ecb9c567ee28"
x-varnish
37474365
access-control-allow-origin
*
access-control-expose-headers
Accept-Ranges, Content-Encoding, Content-Length, Content-Range, Content-Disposition
cache-control
max-age=31556926
access-control-allow-credentials
false
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-type
image/png
x-amz-cf-id
FbCJSgUjls6tDHWAa9KmlMe0l-PW2zC1_q_CHonAbc5hcSMYOsN3aw==
140.jpg
cache-ssl.celtra.com/api/blobs/74ca26d22a6da339313dfdc2d398dcedf879ab8a0957ec5f77eed787f17edcdb/ Frame 7FA0 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cache-ssl.celtra.com/api/blobs/74ca26d22a6da339313dfdc2d398dcedf879ab8a0957ec5f77eed787f17edcdb/140.jpg?transform=crush&quality=85
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.74 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-74.fra50.r.cloudfront.net
Software
Apache /
Resource Hash
5e2187082ebd5835ca3a23b660f3389a96fb94ac5c039352d08ef65f9127e55b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://graham-wjxt.zeustechnology.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 25 May 2022 04:04:55 GMT
via
1.1 varnish (Varnish/6.2), 1.1 055d899361491602a9ef1eb0cdc5e336.cloudfront.net (CloudFront)
age
50662
x-cache
Hit from cloudfront
content-length
6714
server
Apache
etag
"5e2187082ebd5835ca3a23b660f3389a96fb94ac5c039352d08ef65f9127e55b"
x-varnish
462732 6490234
access-control-allow-origin
*
access-control-expose-headers
Accept-Ranges, Content-Encoding, Content-Length, Content-Range, Content-Disposition
cache-control
max-age=31556926
access-control-allow-credentials
false
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-type
image/jpeg
x-amz-cf-id
9rnlmcKdkfqXx2rF2b1qdQQlljv19CZj2TCz5iB9y-_ImeNlgygM_Q==
bluecrab.png
cache-ssl.celtra.com/api/blobs/00fc22f1ba3f96bde64fb8935d4ffa6d6b2eca8cde3d66afcd6cde4e3e2787c3/ Frame 7FA0 		27 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cache-ssl.celtra.com/api/blobs/00fc22f1ba3f96bde64fb8935d4ffa6d6b2eca8cde3d66afcd6cde4e3e2787c3/bluecrab.png?transform=crush&quality=256
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.74 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-74.fra50.r.cloudfront.net
Software
Apache /
Resource Hash
4112041e287115b688eeb2bdcf753054eab528a42b47451f58f11afc3e39547c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://graham-wjxt.zeustechnology.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Mon, 23 May 2022 20:43:05 GMT
via
1.1 varnish (Varnish/6.2), 1.1 055d899361491602a9ef1eb0cdc5e336.cloudfront.net (CloudFront)
age
163572
x-cache
Hit from cloudfront
content-length
28113
server
Apache
etag
"4112041e287115b688eeb2bdcf753054eab528a42b47451f58f11afc3e39547c"
x-varnish
36839800
access-control-allow-origin
*
access-control-expose-headers
Accept-Ranges, Content-Encoding, Content-Length, Content-Range, Content-Disposition
cache-control
max-age=31556926
access-control-allow-credentials
false
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-type
image/png
x-amz-cf-id
dBwUCrNP7dR7zMK5wLn-cZaqDQDMICUWovLdg4nCnIthaEyHHiEZNQ==
close-up.svg
cache-ssl.celtra.com/api/static/vb15c485b10/runner/clazzes/CreativeUnit/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cache-ssl.celtra.com/api/static/vb15c485b10/runner/clazzes/CreativeUnit/close-up.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.74 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-74.fra50.r.cloudfront.net
Software
Apache /
Resource Hash
d350cd3c1e1805977e3c9cd865c588fb33f853d94e07e59530a5417bcbd2245b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://graham-wjxt.zeustechnology.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 24 May 2022 08:49:02 GMT
via
1.1 varnish (Varnish/6.2), 1.1 055d899361491602a9ef1eb0cdc5e336.cloudfront.net (CloudFront)
age
120016
x-cache
Hit from cloudfront
content-length
1084
server
Apache
etag
"d350cd3c1e1805977e3c9cd865c588fb33f853d94e07e59530a5417bcbd2245b"
x-varnish
20616700 12654533
access-control-allow-origin
*
access-control-expose-headers
Accept-Ranges, Content-Encoding, Content-Length, Content-Range, Content-Disposition
cache-control
max-age=31556926
access-control-allow-credentials
false
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-type
image/svg+xml
x-amz-cf-id
bY890uYIyie8P_XA4ZjXSRyWvxXpq4KGUlVcj-sR-d72AfbY0aHvFw==
close-down.svg
cache-ssl.celtra.com/api/static/vb15c485b10/runner/clazzes/CreativeUnit/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cache-ssl.celtra.com/api/static/vb15c485b10/runner/clazzes/CreativeUnit/close-down.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.74 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-74.fra50.r.cloudfront.net
Software
Apache /
Resource Hash
93810046cf5293dcb79678f9e2301587886e4944044b113f03429b5650ef02c0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://graham-wjxt.zeustechnology.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 24 May 2022 08:49:03 GMT
via
1.1 varnish (Varnish/6.2), 1.1 055d899361491602a9ef1eb0cdc5e336.cloudfront.net (CloudFront)
age
120015
x-cache
Hit from cloudfront
content-length
1164
server
Apache
etag
"93810046cf5293dcb79678f9e2301587886e4944044b113f03429b5650ef02c0"
x-varnish
917538 950280
access-control-allow-origin
*
access-control-expose-headers
Accept-Ranges, Content-Encoding, Content-Length, Content-Range, Content-Disposition
cache-control
max-age=31556926
access-control-allow-credentials
false
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-type
image/svg+xml
x-amz-cf-id
UBqG62R0sVlrcmYphvjgDF6kJ95xYsf-rtGIZWWSAwqDdNWs_cXvKA==
eyJldmVudHMiOlt7InNlc3Npb25JZCI6InMxNjUzNTAyMTU4eDI5ZWMyZjFjZDJmOGM3eDA5OTEwNzYyIiwiYWNjb3VudElkIjoiN2NlZWMxMDIiLCJzdHJlYW0iOiJhZEV2ZW50cyIsImluc3RhbnRpYXRpb24iOiI1MDc5MTQ3NzUwMTQ5NDEzIiwiaW5kZXgiO...
track.celtra.com/json/ 		35 B
242 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track.celtra.com/json/eyJldmVudHMiOlt7InNlc3Npb25JZCI6InMxNjUzNTAyMTU4eDI5ZWMyZjFjZDJmOGM3eDA5OTEwNzYyIiwiYWNjb3VudElkIjoiN2NlZWMxMDIiLCJzdHJlYW0iOiJhZEV2ZW50cyIsImluc3RhbnRpYXRpb24iOiI1MDc5MTQ3NzUwMTQ5NDEzIiwiaW5kZXgiOjEsImNsaWVudFRpbWVzdGFtcCI6MTY1MzUwMjE1OC40OTQsInNjb3BlIjoiZ2xvYmFsIiwidXNlckFnZW50IjoiTW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzEwMS4wLjQ5NTEuNjQgU2FmYXJpLzUzNy4zNiIsIm9yaWVudGF0aW9uIjowLCJ0b3Btb3N0UmVhY2hhYmxlV2luZG93Ijp7IndpZHRoIjoxNjAwLCJoZWlnaHQiOjEyMDB9LCJob3N0V2luZG93Ijp7IndpZHRoIjoxLCJoZWlnaHQiOjF9LCJuZXN0aW5nIjp7ImlmcmFtZSI6dHJ1ZSwiZnJpZW5kbHlJZnJhbWUiOnRydWUsImlhYkZyaWVuZGx5SWZyYW1lIjp0cnVlLCJob3N0aWxlSWZyYW1lIjpmYWxzZSwiaWZyYW1lRGVwdGgiOjF9LCJwYWdlVmlzaWJpbGl0eUFwaSI6dHJ1ZSwicmVxdWVzdEFuaW1hdGlvbkZyYW1lIjp0cnVlLCJ0b3BXaW5kb3dOYXRpdmVSQUZTdXBwb3J0ZWQiOnRydWUsImFsbG93Tm9uTmF0aXZlUkFGRm9yVmlld2FibGVUaW1lVXNlZCI6ZmFsc2UsImNsaWVudFRpbWVab25lT2Zmc2V0SW5NaW51dGVzIjowLCJzdXBwb3J0c0NvbnRhaW5lclZpZXdhYmlsaXR5Ijp0cnVlLCJzdXBwb3J0c0NvbnRhaW5lckluaXRpYWxWaWV3YWJpbGl0eSI6dHJ1ZSwidGFnUGFyZW50V2lkdGgiOjAsInRhZ1BhcmVudEhlaWdodCI6MCwiYW1wRGV0ZWN0ZWQiOmZhbHNlLCJhbXBOZXN0aW5nTGV2ZWwiOiIiLCJzYWZlRnJhbWVEZXRlY3RlZCI6ZmFsc2UsImZldGNoU3VwcG9ydGVkIjp0cnVlLCJhc2FwRW5hYmxlZCI6bnVsbCwibmF0aXZlUHJvbWlzZXNTdXBwb3J0ZWQiOnRydWUsImJlYWNvblN1cHBvcnRlZCI6dHJ1ZSwiSW50ZXJzZWN0aW9uT2JzZXJ2ZXJTdXBwb3J0ZWQiOnRydWUsImlzTXV0YXRpb25PYnNlcnZlclN1cHBvcnRlZCI6dHJ1ZSwid2ViVmlldyI6bnVsbCwiaXNXaW5kb3dPcGVuTmF0aXZlIjp0cnVlLCJwcm90b0xvYWRpbmciOnsiZGF0YUxvYWRTdGF0dXMiOiJzdXBwb3J0ZWQiLCJibG9iTG9hZFN0YXR1cyI6InN1cHBvcnRlZCJ9LCJ0b3BXaW5kb3dMb2NhdGlvbiI6Imh0dHBzOi8vZ3JhaGFtLXdqeHQuemV1c3RlY2hub2xvZ3kuY29tIiwidG9wV2luZG93TG9jYXRpb25MZW5ndGgiOjM4LCJuYW1lIjoiZW52aXJvbm1lbnRJbmZvIn0seyJzZXNzaW9uSWQiOiJzMTY1MzUwMjE1OHgyOWVjMmYxY2QyZjhjN3gwOTkxMDc2MiIsImFjY291bnRJZCI6IjdjZWVjMTAyIiwic3RyZWFtIjoiYWRFdmVudHMiLCJpbnN0YW50aWF0aW9uIjoiNTA3OTE0Nzc1MDE0OTQxMyIsImluZGV4IjoyLCJjbGllbnRUaW1lc3RhbXAiOjE2NTM1MDIxNTguNjk5LCJuYW1lIjoiY3JlYXRpdmVMb2FkZWQiLCJ2aWV3YWJpbGl0eTAwTWVhc3VyYWJsZSI6dHJ1ZSwidmlld2FiaWxpdHk1MDFNZWFzdXJhYmxlIjp0cnVlLCJ2aWV3YWJsZVRpbWVNZWFzdXJhYmxlIjp0cnVlLCJjZG5WYXJpYW50Ijoibm9uZSJ9XX0=?crc32c=1514306886
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.67.119.217 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-67-119-217.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://graham-wjxt.zeustechnology.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 25 May 2022 18:09:18 GMT
Cache-Control
no-cache, no-store, must-revalidate
Expires
0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
eyJldmVudHMiOlt7InNlc3Npb25JZCI6InMxNjUzNTAyMTU4eDI5ZWMyZjFjZDJmOGM3eDA5OTEwNzYyIiwiYWNjb3VudElkIjoiN2NlZWMxMDIiLCJzdHJlYW0iOiJhZEV2ZW50cyIsImluc3RhbnRpYXRpb24iOiI1MDc5MTQ3NzUwMTQ5NDEzIiwiaW5kZXgiO...
track.celtra.com/json/ 		35 B
242 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track.celtra.com/json/eyJldmVudHMiOlt7InNlc3Npb25JZCI6InMxNjUzNTAyMTU4eDI5ZWMyZjFjZDJmOGM3eDA5OTEwNzYyIiwiYWNjb3VudElkIjoiN2NlZWMxMDIiLCJzdHJlYW0iOiJhZEV2ZW50cyIsImluc3RhbnRpYXRpb24iOiI1MDc5MTQ3NzUwMTQ5NDEzIiwiaW5kZXgiOjMsImNsaWVudFRpbWVzdGFtcCI6MTY1MzUwMjE1OC43MTIsIm5hbWUiOiJ2aWV3YWJsZTAwIiwiY3JpdGVyaW9uIjp7Im5hbWUiOiJDb3JlIiwicmF0aW8iOjAsInRpbWUiOjB9fSx7InNlc3Npb25JZCI6InMxNjUzNTAyMTU4eDI5ZWMyZjFjZDJmOGM3eDA5OTEwNzYyIiwiYWNjb3VudElkIjoiN2NlZWMxMDIiLCJzdHJlYW0iOiJhZEV2ZW50cyIsImluc3RhbnRpYXRpb24iOiI1MDc5MTQ3NzUwMTQ5NDEzIiwiaW5kZXgiOjQsImNsaWVudFRpbWVzdGFtcCI6MTY1MzUwMjE1OC43MTMsInVuaXROYW1lIjoiYmFubmVyIiwidW5pdFZhcmlhbnRMb2NhbElkIjoyLCJzY3JlZW5Mb2NhbElkIjpudWxsLCJzY3JlZW5UaXRsZSI6bnVsbCwic2NyZWVuSXNNYXN0ZXIiOm51bGwsIm9iamVjdExvY2FsSWQiOm51bGwsIm9iamVjdE5hbWUiOm51bGwsIm9iamVjdENsYXp6IjpudWxsLCJpbml0aWF0aW9uVGltZXN0YW1wIjoxNjUzNTAyMTU4LjcxMywibmFtZSI6InZpZXdTaG93biIsInZpZXdOYW1lIjoiMTAyOCB4IDEyMCIsImNsYXp6IjoiQ3JlYXRpdmVVbml0VmFyaWFudCIsImRlc2lnblNpemUiOnsid2lkdGgiOjEwMjgsImhlaWdodCI6MTIwfSwiYXZhaWxhYmxlU2l6ZSI6eyJ3aWR0aCI6MTYwMCwiaGVpZ2h0IjoxMjB9fV19?crc32c=2730665820
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.67.119.217 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-67-119-217.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://graham-wjxt.zeustechnology.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 25 May 2022 18:09:18 GMT
Cache-Control
no-cache, no-store, must-revalidate
Expires
0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
eyJldmVudHMiOlt7InNlc3Npb25JZCI6InMxNjUzNTAyMTU4eDI5ZWMyZjFjZDJmOGM3eDA5OTEwNzYyIiwiYWNjb3VudElkIjoiN2NlZWMxMDIiLCJzdHJlYW0iOiJhZEV2ZW50cyIsImluc3RhbnRpYXRpb24iOiI1MDc5MTQ3NzUwMTQ5NDEzIiwiaW5kZXgiO...
track.celtra.com/json/ 		35 B
242 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track.celtra.com/json/eyJldmVudHMiOlt7InNlc3Npb25JZCI6InMxNjUzNTAyMTU4eDI5ZWMyZjFjZDJmOGM3eDA5OTEwNzYyIiwiYWNjb3VudElkIjoiN2NlZWMxMDIiLCJzdHJlYW0iOiJhZEV2ZW50cyIsImluc3RhbnRpYXRpb24iOiI1MDc5MTQ3NzUwMTQ5NDEzIiwiaW5kZXgiOjUsImNsaWVudFRpbWVzdGFtcCI6MTY1MzUwMjE1OC43MiwidW5pdE5hbWUiOiJiYW5uZXIiLCJ1bml0VmFyaWFudExvY2FsSWQiOjIsInNjcmVlbkxvY2FsSWQiOjQsInNjcmVlblRpdGxlIjoiU3RhcnQiLCJzY3JlZW5Jc01hc3RlciI6ZmFsc2UsIm9iamVjdExvY2FsSWQiOm51bGwsIm9iamVjdE5hbWUiOm51bGwsIm9iamVjdENsYXp6IjpudWxsLCJpbml0aWF0aW9uVGltZXN0YW1wIjoxNjUzNTAyMTU4LjcyLCJuYW1lIjoic2NyZWVuU2hvd24ifSx7InNlc3Npb25JZCI6InMxNjUzNTAyMTU4eDI5ZWMyZjFjZDJmOGM3eDA5OTEwNzYyIiwiYWNjb3VudElkIjoiN2NlZWMxMDIiLCJzdHJlYW0iOiJhZEV2ZW50cyIsImluc3RhbnRpYXRpb24iOiI1MDc5MTQ3NzUwMTQ5NDEzIiwiaW5kZXgiOjYsImNsaWVudFRpbWVzdGFtcCI6MTY1MzUwMjE1OC43MiwibmFtZSI6ImNyZWF0aXZlUmVuZGVyZWQifV19?crc32c=3345353580
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.67.119.217 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-67-119-217.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://graham-wjxt.zeustechnology.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 25 May 2022 18:09:18 GMT
Cache-Control
no-cache, no-store, must-revalidate
Expires
0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
eyJldmVudHMiOlt7InNlc3Npb25JZCI6InMxNjUzNTAyMTU4eDI5ZWMyZjFjZDJmOGM3eDA5OTEwNzYyIiwiYWNjb3VudElkIjoiN2NlZWMxMDIiLCJzdHJlYW0iOiJhZEV2ZW50cyIsImluc3RhbnRpYXRpb24iOiI1MDc5MTQ3NzUwMTQ5NDEzIiwiaW5kZXgiO...
track.celtra.com/json/ 		35 B
242 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track.celtra.com/json/eyJldmVudHMiOlt7InNlc3Npb25JZCI6InMxNjUzNTAyMTU4eDI5ZWMyZjFjZDJmOGM3eDA5OTEwNzYyIiwiYWNjb3VudElkIjoiN2NlZWMxMDIiLCJzdHJlYW0iOiJhZEV2ZW50cyIsImluc3RhbnRpYXRpb24iOiI1MDc5MTQ3NzUwMTQ5NDEzIiwiaW5kZXgiOjcsImNsaWVudFRpbWVzdGFtcCI6MTY1MzUwMjE1OC43MjgsIm5hbWUiOiJ2aWV3YWJsZVRpbWUiLCJmcm9tIjoxNjUzNTAyMTU4LjcxNCwidG8iOjE2NTM1MDIxNTguNzE0fV19?crc32c=1659605833
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.67.119.217 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-67-119-217.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://graham-wjxt.zeustechnology.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 25 May 2022 18:09:18 GMT
Cache-Control
no-cache, no-store, must-revalidate
Expires
0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022051901&jk=4472039380596488&bg=!j4yljMjNAAZ4vKt9WLw7ACkAdvg8WhV0BW6F_tstwZ7MxxY2yi96im1KrTLc7gq4pfPb_vDydVEelAIAAAC5UgAAAAloAQeZArRNkBs9FBpxcRDQBMpeKgJbkwreXPDZHanoYegFtbeTMa8zaqpZcaBOYoJNOZCOlfMpolajZkgCLdjBcXop2ArF_oVOa9m7LWPch1z1qcWioaE--5A777ovx9M11NcJlQTXzIDlK9q86eNX2JVNzVhwxlqTzfOuIbCgA4RkkkjSIL3YYqjwwNWpqlDnMkj2MBja3XItFsBMT6mw_F2SQpDwyFLK-GmwQxLUA3rBgFyNmSlAO7XH7LYFy2WaHc9OzVk4SYfg_trwN1SlOOWmZXLp9cA98saDQq1De8i8-wqM-m2PEqxS1xkrQW-bMTJQMNw8iwqVLZvoLP18NwMLd989g03zr51ei6_Wy86SRpZK-eFMGuYag8GB4BjPLgm5ILzA2VN0a5MKecWw2YR4Rdyop-64UVMe4bV0vy2i1rm_zPqw-kUO00ft5Gfa_dp6ch-C_Ki_C9VLwmXHBOj0NSMqdM2wL00zX5GebT2NctNaCVrjwg4CFupOpijLp49fCs9QzeBmiYvVVnf2ZFcHaRhSjKxmwIrqJhG-oxyxPDoLmRLfdtixYhH-7WCbNt0A5Gu7_eXV24XvtUA5ntB8lTaQmlNifaa62r8SASyz0UgDSixx9EEi-PAUNJZ-3H0ICECUMBKZyBwpRabLdwcVPyuawLD6sPLiyBeZHzbmmzteb8-xx0l8S39Zzwj1AxxPmHBUTFdaVfYkkObZ2G2Wr1waMtQ4tE1ceOM8Aut-7Iw865cSRXdmiOuu2syhw3IdLhxq4g6cRtZRR3IUCmIVDqJ56IKrS2R10nx4sXagCLh7nreDmQxrph4Krw49jT4p1_cppMe5l9KkNyloPGvU-YsbsKMRi_hlZG6kp3NZuNf9BzqcJt9T8kDk6BQk0hBb-Kj3XbsCqZgZ9L-bf4_s0rfY3lebAA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4014:80e::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://graham-wjxt.zeustechnology.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers
activeview
pagead2.googlesyndication.com/pcs/ Frame DE62 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstZ0Zg2pmLASz5BkA_xNze1xtZ_mD6PtgtI0LD4XgXzvhPzYGGzf2I-ZChIlPXlsHMKj-rbJdVfQMMyo5esLdsuOZ6xDZfPvCrmE2t8jk8D0675BI4N&sig=Cg0ArKJSzH5_y57IWwuAEAE&id=lidar2&mcvt=1000&p=435,650,685,950&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220523&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=19&adk=622255232&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1653502157879&rpt=272&isd=0&lsd=0&met=ie&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4014:80e::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://graham-wjxt.zeustechnology.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 25 May 2022 18:09:19 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
vevent
fra1-ib.adnxs.com/ Frame DE62 		0
850 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://fra1-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fgraham-wjxt.zeustechnology.com%2F&e=wqT_3QKgCsggBQAAAwDWAAUBCMzhuZQGEMnZlfLBoaaxIxgAKjYJPeyodldh3T8RKkQTktpy1D8ZAAABAvBJFUAh4lrE4v3Z1z8p-x2KAn0i4T8xAAAAwB6F4z8w_uvYCTjYPEDDG0gCUK-o66oBWICajwFgAGjS_acBeODWBYABAYoBA1VTRJIFBvBSmAGsAqAB-gGoAQGwAQC4AQHAAQXIAQLQAQDYAQDgAQDwAQCKAlp1ZignYScsIDU4NTczNDEsIDE2NTM1MDIxNTYpO3VmKCdjJywgNTI5NjAzMTZGHgAwcicsIDM1ODI3NDA5NTYfAPCwkgL1AyE0MU9ia0FpOHVLQVpFSy1vNjZvQkdBQWdnSnFQQVRBQU9BQkFBRWpERzFELTY5Z0pXQUJnX19fX193OW9BSEFCZUFHQUFRR0lBUUdRQVFHWUFRR2dBUUdvQVFPd0FRQzVBU21MaUlNQUFPQV93UUU5dkRGdWVTTGhQOGtCVVlhRjM4SUk4RF9aQVl3Vk5aaUc0ZTBfNEFFQTlRRUFBQUFBbUFJQW9BSUF0UUlBAREIdlFJAQfwSUF3QUlCeUFJQjBBSUIyQUlCNEFJQTZBSUEtQUlBZ0FNQm1BTUJ1Z01KUmxKQk1UbzBPREF6NEFPekxvZ0VBSkFFQUpnRUFjRUVBBU4BAQhESkIBBw0BGDJBUUE4UVENDihBQUFJZ0Z3eVdwQhETFFBBX3NRVQEaCQEITUVGCQkBAQREShUoDEFBQTAuKAAETmsuKACwZ0JhcWlBX0FGdHI3TkNQZ0Z2Y0RsQW9JR0EwVlZVb2dHQVpBR0FaZ0dBS0VHAUwJASRDb0JnR3lCaVFKCRAFAQBSBQYJAQBaCQcFAQBoBQYFAUBDNEJnby6aApkBIUZoSU9SUTr5ASxJQ2Fqd0VnQUNnQU0R6YhBQUFPZ2xHVWtFeE9qUTRNRE5Bc3k1SmpCVTFtSWJoN1Q5UgEkCQEAQh15AEIdeQRCcAkgAQEEQngBBgkBIbgAay54AfC2LtgCAOACtOE86gInaHR0cHM6Ly9ncmFoYW0td2p4dC56ZXVzdGVjaG5vbG9neS5jb20vgAMAiAMBkAMAmAMXoAMBqgMAwAOsAsgDANgDAOADAOgDAPgDAYAEAJIEDS91dC92My9wcmViaWSYBACiBAwyMTcuNjQuMTUxLjOoBACyBBAIABABGKwCINgEKAAwADgCuAQAwAQAyAQA0gQOMzUyMyNGUkExOjQ4MDPaBAIIAeAEAfAEZfAgiAUBmAUAoAX_EQEUAcAFAMkFgTscAADwP9IFCQkJDHgAANgFAeAFAfAF4Mk0-gUECAAQAJAGAJgGALgGAMEGCSUo8D_QBtUN2gYWChAJERkBXBAAGADgBgHyBgIIAIAHAYgHAKAHAboHDwFISBgAIAAwADi9BkAAyAfg1gXSBw0VdgE4CNoHBgknaOAHAOoHAggA8AeH4wKKCAIQAJUIAACAP5gIAQ..&s=2f9debab928b896a54b97dc9c9b1960712f8c7fd&type=pv&jm=1003&px=650&py=435&bw=300&bh=250&sf=1&sid=1951812141128570654&vd=ct~0|rr~5&sv=224&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=20329982&ft=2
Requested by
Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/224/trk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.27 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://graham-wjxt.zeustechnology.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 25 May 2022 18:09:19 GMT
X-Proxy-Origin
217.64.151.3; 217.64.151.3; 539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
1741f8e1-26c9-4250-8957-19a51aea5091
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://graham-wjxt.zeustechnology.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 9FB0 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstbynKafJ8X3bOGTdx86-VIaJxgA2LUdLMblkApVD4rPKtcAJEt2h6WAAaB6iId16jYcHrjS3E_pQAANCl3BUaD5LLfatGA53d9Fglsu49i2TX50_vMXKVWazKkFcJcIhwYNg&sai=AMfl-YT7u-mo8xYvzFY8QzMAzaEYGrDHtnF3ztQjn_wc2cFqn7BjQFDoQotUMPy8fN5LzfUlP6Cc-KUt8lWBN8dBbNE6QkoiuJR0ozLXP2wK7bFavtD7rFJ7noJAEcg&sig=Cg0ArKJSzBorSXxL-XwZEAE&cid=CAQSOwCNIrLMHVS9SuqHb6ZvzETeytPVXoPXE_wX3uBvz4JmDfhmoYbJRci4KvplTnPfk3qjlEtOJb224NDUGAE&id=ampim&o=29,755&d=1544,300&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,0,1000,1000&tos=0,0,0,1000,0&tfs=483&tls=1483&g=100&h=100&tt=1483&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=4063884295
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4014:80e::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://graham-wjxt.zeustechnology.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 25 May 2022 18:09:19 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame C091 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstxb-kZFNjR2FTszPWRitNW4Eyz-TV6k8OzMLZJLBFSz34-t5oKGXNPFt2VZVGakKaU32xgDXFeyj4kokCITWyY1wGFcszW_PmL5pYqcXMVUk8ABX5pR2A4wOkAT6wWDWKqLg&sai=AMfl-YSpFszUJiGgPhzTYeDmAwmFmTvIUXvoqoECKeX2b3YHj8D5-hWZno-8E6AXBkxTJREpqHwgWyr7fWxoPMRiERBDMMUsJFP0ioJcKJIIZ2X33rqBc5-T88IYttQ&sig=Cg0ArKJSzHzNj1xnypM9EAE&cid=CAQSOwCNIrLMHVS9SuqHb6ZvzETeytPVXoPXE_wX3uBvz4JmDfhmoYbJRci4KvplTnPfk3qjlEtOJb224NDUGAE&id=ampim&o=29,366&d=1542,140&ss=1600,1200&bs=1600,1200&mcvt=1001&mtos=0,0,1001,1001,1001&tos=0,0,1001,0,0&tfs=632&tls=1633&g=100&h=100&tt=1633&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=1890678921
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4014:80e::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://graham-wjxt.zeustechnology.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 25 May 2022 18:09:19 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
eyJldmVudHMiOlt7InNlc3Npb25JZCI6InMxNjUzNTAyMTU4eDI5ZWMyZjFjZDJmOGM3eDA5OTEwNzYyIiwiYWNjb3VudElkIjoiN2NlZWMxMDIiLCJzdHJlYW0iOiJhZEV2ZW50cyIsImluc3RhbnRpYXRpb24iOiI1MDc5MTQ3NzUwMTQ5NDEzIiwiaW5kZXgiO...
track.celtra.com/json/ 		35 B
242 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track.celtra.com/json/eyJldmVudHMiOlt7InNlc3Npb25JZCI6InMxNjUzNTAyMTU4eDI5ZWMyZjFjZDJmOGM3eDA5OTEwNzYyIiwiYWNjb3VudElkIjoiN2NlZWMxMDIiLCJzdHJlYW0iOiJhZEV2ZW50cyIsImluc3RhbnRpYXRpb24iOiI1MDc5MTQ3NzUwMTQ5NDEzIiwiaW5kZXgiOjgsImNsaWVudFRpbWVzdGFtcCI6MTY1MzUwMjE1OS43MTQsIm5hbWUiOiJ2aWV3YWJsZTUwMSIsImNyaXRlcmlvbiI6eyJuYW1lIjoiNTAvMSIsInJhdGlvIjowLjUsInRpbWUiOjEwMDB9fV19?crc32c=3617824180
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.67.119.217 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-67-119-217.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://graham-wjxt.zeustechnology.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 25 May 2022 18:09:19 GMT
Cache-Control
no-cache, no-store, must-revalidate
Expires
0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
eyJldmVudHMiOlt7InNlc3Npb25JZCI6InMxNjUzNTAyMTU4eDI5ZWMyZjFjZDJmOGM3eDA5OTEwNzYyIiwiYWNjb3VudElkIjoiN2NlZWMxMDIiLCJzdHJlYW0iOiJhZEV2ZW50cyIsImluc3RhbnRpYXRpb24iOiI1MDc5MTQ3NzUwMTQ5NDEzIiwiaW5kZXgiO...
track.celtra.com/json/ 		35 B
242 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track.celtra.com/json/eyJldmVudHMiOlt7InNlc3Npb25JZCI6InMxNjUzNTAyMTU4eDI5ZWMyZjFjZDJmOGM3eDA5OTEwNzYyIiwiYWNjb3VudElkIjoiN2NlZWMxMDIiLCJzdHJlYW0iOiJhZEV2ZW50cyIsImluc3RhbnRpYXRpb24iOiI1MDc5MTQ3NzUwMTQ5NDEzIiwiaW5kZXgiOjksImNsaWVudFRpbWVzdGFtcCI6MTY1MzUwMjE1OS43NDUsIm5hbWUiOiJ2aWV3YWJsZVRpbWUiLCJmcm9tIjoxNjUzNTAyMTU4LjcxNCwidG8iOjE2NTM1MDIxNTkuNzI4fV19?crc32c=4226795786
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.67.119.217 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-67-119-217.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://graham-wjxt.zeustechnology.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 25 May 2022 18:09:19 GMT
Cache-Control
no-cache, no-store, must-revalidate
Expires
0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
eyJldmVudHMiOlt7InNlc3Npb25JZCI6InMxNjUzNTAyMTU4eDI5ZWMyZjFjZDJmOGM3eDA5OTEwNzYyIiwiYWNjb3VudElkIjoiN2NlZWMxMDIiLCJzdHJlYW0iOiJhZEV2ZW50cyIsImluc3RhbnRpYXRpb24iOiI1MDc5MTQ3NzUwMTQ5NDEzIiwiaW5kZXgiO...
track.celtra.com/json/ 		35 B
242 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track.celtra.com/json/eyJldmVudHMiOlt7InNlc3Npb25JZCI6InMxNjUzNTAyMTU4eDI5ZWMyZjFjZDJmOGM3eDA5OTEwNzYyIiwiYWNjb3VudElkIjoiN2NlZWMxMDIiLCJzdHJlYW0iOiJhZEV2ZW50cyIsImluc3RhbnRpYXRpb24iOiI1MDc5MTQ3NzUwMTQ5NDEzIiwiaW5kZXgiOjEwLCJjbGllbnRUaW1lc3RhbXAiOjE2NTM1MDIxNjAuNzUyLCJuYW1lIjoidmlld2FibGVUaW1lIiwiZnJvbSI6MTY1MzUwMjE1OS43MjgsInRvIjoxNjUzNTAyMTYwLjc0Nn1dfQ==?crc32c=486676983
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.67.119.217 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-67-119-217.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://graham-wjxt.zeustechnology.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 25 May 2022 18:09:20 GMT
Cache-Control
no-cache, no-store, must-revalidate
Expires
0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
eyJldmVudHMiOlt7InNlc3Npb25JZCI6InMxNjUzNTAyMTU4eDI5ZWMyZjFjZDJmOGM3eDA5OTEwNzYyIiwiYWNjb3VudElkIjoiN2NlZWMxMDIiLCJzdHJlYW0iOiJhZEV2ZW50cyIsImluc3RhbnRpYXRpb24iOiI1MDc5MTQ3NzUwMTQ5NDEzIiwiaW5kZXgiO...
track.celtra.com/json/ 		35 B
242 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track.celtra.com/json/eyJldmVudHMiOlt7InNlc3Npb25JZCI6InMxNjUzNTAyMTU4eDI5ZWMyZjFjZDJmOGM3eDA5OTEwNzYyIiwiYWNjb3VudElkIjoiN2NlZWMxMDIiLCJzdHJlYW0iOiJhZEV2ZW50cyIsImluc3RhbnRpYXRpb24iOiI1MDc5MTQ3NzUwMTQ5NDEzIiwiaW5kZXgiOjExLCJjbGllbnRUaW1lc3RhbXAiOjE2NTM1MDIxNjEuNzYxLCJuYW1lIjoidmlld2FibGVUaW1lIiwiZnJvbSI6MTY1MzUwMjE2MC43NDYsInRvIjoxNjUzNTAyMTYxLjc1Mn1dfQ==?crc32c=2551755336
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.67.119.217 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-67-119-217.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://graham-wjxt.zeustechnology.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 25 May 2022 18:09:21 GMT
Cache-Control
no-cache, no-store, must-revalidate
Expires
0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif

Verdicts & Comments Add Verdict or Comment

40 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| oncontextlost object| oncontextrestored function| structuredClone function| getScreenDetails string| zeusAdUnitPath object| zeusKeyvalues function| getConfigOverride function| generateAdDiv function| generateVideo object| regeneratorRuntime object| iris object| googletag object| zeus object| ggeac object| google_tag_data object| google_js_reporting_queue undefined| google_measure_js_timing object| headertag function| headertag_render object| default object| google_image_requests object| googleToken object| googleIMState function| processGoogleToken number| google_unique_id object| gaGlobal object| GoogleGcLKhOms object| ampInaboxPositionObserver object| ampInaboxFrameOverlayManager number| lnt_z object| __CELTRA

16 Cookies

Domain/Path Name / Value
.rubiconproject.com/ Name: khaos
Value: L3LWHPNB-Z-LPVT
.rubiconproject.com/ Name: audit
Value: 1|hLZGFuTafB0IhTIxrlp4KUHau3iET1N0BmQvWiFCZkJQW03tTNtB71HPeoZuy5tXas1/UxveluXlUjNM9duiy7mzppZtqU8r6nGgWGLe3gmp09IPATRueuIv+f4pZJLB
.pubmatic.com/ Name: KTPCACOOKIE
Value: YES
.adnxs.com/ Name: icu
Value: ChgI1KhyEAoYASABKAEwzOG5lAY4AUABSAEQzOG5lAYYAA..
.adnxs.com/ Name: uuid2
Value: 2845700939026239408
.yahoo.com/ Name: A3
Value: d=AQABBMxwjmICEDLbGl0kM5Ywdh9tuYO0tQMFEgEBAQHCj2KYYgAAAAAA_eMAAA&S=AQAAAlhVjuIm5WD9jxFpkh5Pb7w
.pubmatic.com/ Name: KADUSERCOOKIE
Value: 547BA096-D4C6-421A-9C96-D65B5838EB70
.doubleclick.net/ Name: IDE
Value: AHWqTUlEZ1n5UlGnWqi6oU-vJ2mfhwEWcobMjrtgb8mydSbHOPrMTidxCeeJYLbOuVA
.pubmatic.com/ Name: pi
Value: 161044:3
.pubmatic.com/ Name: KRTBCOOKIE_80
Value: 22987-CAESEFfXIYWhXw7oyOfH2DXFGMo&KRTB&16514-CAESEFfXIYWhXw7oyOfH2DXFGMo&KRTB&23025-CAESEFfXIYWhXw7oyOfH2DXFGMo
.pubmatic.com/ Name: PugT
Value: 1653502157
.pubmatic.com/ Name: SyncRTB3
Value: 1654646400%3A13_220_21
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 3
.simpli.fi/ Name: suid
Value: A665BE63FDF943BFA2E6608A5036B9CB
.zeustechnology.com/ Name: __gads
Value: ID=345aaa4d54c74efa:T=1653502157:S=ALNI_MbR4sL5mF5WKSPjzxrXORRAaOD8qQ
.doubleclick.net/ Name: DSID
Value: NO_DATA

3 Console Messages

Source Level URL
Text
other warning URL: https://cdn.ampproject.org/rtv/012205161914000/v0/amp-ad-exit-0.1.mjs(Line 1)
Message:
Unrecognized feature: 'attribution-reporting'.
other warning URL: https://cdn.ampproject.org/rtv/012205161914000/v0/amp-ad-exit-0.1.mjs(Line 1)
Message:
Unrecognized feature: 'attribution-reporting'.
other warning URL: https://cdn.ampproject.org/rtv/012205161914000/v0/amp-ad-exit-0.1.mjs(Line 1)
Message:
Unrecognized feature: 'attribution-reporting'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

3d56026a4609568943187b9a88d1e075.safeframe.googlesyndication.com
ads.celtra.com
adservice.google.com
adservice.google.de
ap.lijit.com
cache-ssl.celtra.com
cdn.adnxs.com
cdn.ampproject.org
cm.g.doubleclick.net
do69ll745l27z.cloudfront.net
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
fra1-ib.adnxs.com
googleads.g.doubleclick.net
graham-wjxt.zeustechnology.com
hbopenbid.pubmatic.com
htlb.casalemedia.com
ib.adnxs.com
image2.pubmatic.com
image8.pubmatic.com
js-sec.indexww.com
match.adsrvr.org
pagead2.googlesyndication.com
securepubads.g.doubleclick.net
tpc.googlesyndication.com
track.celtra.com
um.simpli.fi
webc2s.pubgw.yahoo.com
www.google.com
www.googletagservices.com
104.92.100.195
142.250.184.194
142.250.185.162
143.204.98.74
151.101.193.108
159.122.14.34
162.248.18.11
18.156.107.10
185.64.190.80
2.20.157.55
204.237.133.116
216.52.2.39
2600:9000:2315:da00:11:99d8:dfc0:21
2602:803:c004:200::141
2a00:1288:80:807::1
2a00:1450:4001:803::2002
2a00:1450:4001:809::2002
2a00:1450:4001:810::2002
2a00:1450:4001:811::2001
2a00:1450:4001:811::2004
2a00:1450:4001:812::2001
2a00:1450:4001:812::2003
2a00:1450:4001:829::2001
2a00:1450:4001:82b::2002
2a00:1450:4001:82b::200a
2a00:1450:4014:80e::2002
3.67.119.217
35.71.131.137
37.252.172.37
37.252.173.27
65.9.63.83
035a862ce3d6630dd76876ef5ed7b94d8d24b352317e462faf4e3142dd51b8d0
051bb85e68ca53dc8e7b923e1ff98f5f59d389c05eeaaedc3db14138389f45d1
0c47e2e777f3111599b220688e217c8dcb5cea4f8b06dc19dc70cc2034823d7c
121902ea384864e38ddca39e216b5b15b4702c073551024862dd4e3837a50e4e
1578ef0ae88c2367a41842db85d428b44c1209c07ac4a2ca64084633e0a1f24b
15d222a92fe790e2db4470243fa0489abe0fdb4c8ec9340af215b99241aed884
1632299889539ec3c89ff14ed39f3a8ad49ab6b13eedf7bb78e0bd70b95d79a9
1d5968dfaaaacd03735fbf41e9cb7add2e18f1d2f1e99e2b5c66107d2056b13f
1ecfc5a4d72d8f9fc774268cda69765e8578cd3a3859b229288b10c36acb0b35
2a3e3202cfaa31ea0d64c44c856d1578cac15b98a7554a530a69bd007f33cb04
2fb6384a0d34489b2de325aaabc88dfb3493c941f0018532fbb65def9fac2756
3427cca8a2e3789c0a04279acc2720b7f93b87932a915c850fe41a09924f0a8c
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
382d4501beb8731af26083ba2b930c569355b8ec054f9ca9e21fd07dc6fa8003
4112041e287115b688eeb2bdcf753054eab528a42b47451f58f11afc3e39547c
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e
4cd9dc48f529174f1c5240d963a4a4f3c7e48d9d4908607e02daecfbf1b6f050
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5be03e5167b4673dda37498b0fbadd6c5d70c7731006e326ca05ecb9c567ee28
5e2187082ebd5835ca3a23b660f3389a96fb94ac5c039352d08ef65f9127e55b
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
65f0d90cfdb3d5e71f890d7d3b1be97491b49b170e6573fbd3e09e3340720cfd
6ab3db63edd88181abfcc082d9c35fde0322f12c4a05bfd56a6a2a8b5275ee7e
739b900cbaf4f473a90f3f4dae1b088418ef46cff0e7918a379a065dc68c8df6
757319a250590e2bd0a13b21c1541d2de6628e4f27fc53dbc09810a20eece701
77127ee6b7169577d071cc806cc157598e7d86b1d4d99835d6c69558aa02808c
7d210f7d18b1a67c12052541793c3fc63a9175ec1809b7988b9b9a13a4b50e16
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8393b0f49cbaac879bc0a89a8d6fc918081a21fd4b13e5ae4416d2c1afbcca92
8610ccfc3124d7e6c1519fe8525fe296f9add00c225c4a00a1bfde6da46a10a3
88ddf9583a3464bbc090bc64d9c9b82f0d837876105de35231fcacd9adced8af
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
93810046cf5293dcb79678f9e2301587886e4944044b113f03429b5650ef02c0
9386475565ffbaa9a41d4d643cfa2a895c1f64d557ad5d3f4e299716d737f5eb
96bbc47553023cf5e1ecb4402817aa64cd42534758a99f58a131387ec98b8dfc
98803d362dff83f33ffa04fd5aab706abf7bdde4cc789071559200a0d04570b3
9ca291cfde4b1a33da8b095a8b883c6686cad4d82cbfeec60719db85a17df7d7
9d68a98ebdb1951fc93600a2bf139a10de4c4960084b49b1cec28a0eba73d0c1
a0a47fdff8a5780429739613615fd99bff0f7dc9f2f98e643ef1662645248560
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
adf2e17fca13bd3d731209ed1aedc8f33eda350e8456ce2a32e62577d776d574
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b2b1dec112659f4ebebe1b62a838d3fb57a67fb0d31baa1371c3fe5420643120
ba4104ca707204425da942d41ded59339a7925fa7986876ae2b2fde22a3ef7a2
bb56bd05bb88097b0f4bc9beacb2c1a00fad3186c12f0d9e222ae699f11850bc
bb79fb74d6258322e62522032aa870d6b08193d00356365ada57b7ec120c831f
bf08eed2f136956a7c9eda1dfcdaecaa35de43974e1116dbf381240de2e96711
c652cb3dcc3b49133285c42c49b296c3a3af4f9fceffde1022a6e3539e2422b1
c83f52a7741dec7d418b154516fe739884d94aab93d539d041fb710b27882c16
c8f4fb8fa18fa71de65cc75e58e343c49fa6aed7e75046d1482bb9920c17d51d
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d26432e661658ef9d3d538b1f71b1478193f6c141f1cd7dfed03e5b677d178c2
d350cd3c1e1805977e3c9cd865c588fb33f853d94e07e59530a5417bcbd2245b
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6
db0d710a580dc90764c4f5f253d734e6c8e5f938ebd12a62fb95b34ba1e06535
e2cade44345876eb5a25dd039211d441584dfa3db6b43d2c60b7b311b7d5a35e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e9fbcdf651a938d0c3ddfe6a72dc73cb13473ef40fc9783d7f470981324b2294
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f04c12be1ce18ec284f153f56dddc99cf40dca5440ec6e401359b86a0c90fec3
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615