otodiva.com Open in urlscan Pro
2606:4700:3034::6815:1bab Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://otodiva.com/ip4xl/viewtopic.php?page=comerica-bank-credit-card
Effective URL:
https://otodiva.com/ip4xl/viewtopic.php?page=comerica-bank-credit-card
Submission: On April 19 via api (April 19th 2023, 11:36:10 am UTC) from US — Scanned from DE

Summary HTTP 159 Redirects Links 6 Behaviour Indicators

Summary

This website contacted 35 IPs in 7 countries across 30 domains to perform 159 HTTP transactions. The main IP is 2606:4700:3034::6815:1bab, located in United States and belongs to CLOUDFLARENET, US. The main domain is otodiva.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on February 13th 2023. Valid for: a year.

This is the only time otodiva.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2606:4700:303... 2606:4700:3035::ac43:a996	13335 (CLOUDFLAR...) (CLOUDFLARENET)
45	2606:4700:303... 2606:4700:3034::6815:1bab	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:829::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:831::2008	15169 (GOOGLE) (GOOGLE)
10	2a00:1450:400... 2a00:1450:4001:803::2002	15169 (GOOGLE) (GOOGLE)
9	2a00:1450:400... 2a00:1450:4001:828::2003	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:808::200e	15169 (GOOGLE) (GOOGLE)
9	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400c:c0a::9c	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:810::2003	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:82f::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
1	2a02:2638:3::9 2a02:2638:3::9	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2a02:2638:d::4 2a02:2638:d::4	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
7	2a00:1450:400... 2a00:1450:4001:813::2001	15169 (GOOGLE) (GOOGLE)
9	2a02:2638:d::2 2a02:2638:d::2	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	178.250.7.9 178.250.7.9	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
13	2a02:2638:3::10 2a02:2638:3::10	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	2a02:2638:3::1a 2a02:2638:3::1a	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2600:1901:0:7... 2600:1901:0:76b9::	15169 (GOOGLE) (GOOGLE)
14	2606:4700:20:... 2606:4700:20::681a:bd1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	151.101.194.49 151.101.194.49	54113 (FASTLY) (FASTLY)
1 7	142.250.74.194 142.250.74.194	15169 (GOOGLE) (GOOGLE)
1	35.71.131.137 35.71.131.137	16509 (AMAZON-02) (AMAZON-02)
1 1	2a05:d018:d29... 2a05:d018:d29:3605:321a:b7de:60de:298b	16509 (AMAZON-02) (AMAZON-02)
2 2	37.157.4.39 37.157.4.39	198622 (ADFORM) (ADFORM)
2 2	198.47.127.19 198.47.127.19	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 1	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
1 2	104.111.217.42 104.111.217.42	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2606:4700:20:... 2606:4700:20::ac43:444e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	23.210.125.176 23.210.125.176	16625 (AKAMAI-AS) (AKAMAI-AS)
2 2	142.250.186.166 142.250.186.166	15169 (GOOGLE) (GOOGLE)
2 2	84.200.5.215 84.200.5.215	44066 (DE-FIRSTC...) (DE-FIRSTCOLO www.first-colo.net)
1	167.233.13.224 167.233.13.224	24940 (HETZNER-AS) (HETZNER-AS)
1	3.9.84.205 3.9.84.205	16509 (AMAZON-02) (AMAZON-02)
1	18.66.147.98 18.66.147.98	16509 (AMAZON-02) (AMAZON-02)
1	99.86.4.52 99.86.4.52	16509 (AMAZON-02) (AMAZON-02)
2	18.130.95.23 18.130.95.23	16509 (AMAZON-02) (AMAZON-02)
159	35

1 2606:4700:3035::ac43:a996 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

otodiva.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

45 2606:4700:3034::6815:1bab (United States)

ASN13335 (CLOUDFLARENET, US)

otodiva.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c0a::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:3::9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

rtb.nl3.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:d::4 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

ads.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:813::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a02:2638:d::2 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.7.9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

cat.fr3.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a02:2638:3::10 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

imageproxy.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:3::1a (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

csm.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1901:0:76b9:: (Kansas City, United States)

ASN15169 (GOOGLE, US)

prod-rtb.ad4mat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2606:4700:20::681a:bd1 (United States)

ASN13335 (CLOUDFLARENET, US)

as.ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
assets.ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.194.49 (United States) 1 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 142.250.74.194 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.71.131.137 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d018:d29:3605:321a:b7de:60de:298b (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.4.39 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 198.47.127.19 (United States) 2 redirects

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.139 (Frankfurt am Main, Germany) 1 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.111.217.42 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-217-42.deploy.static.akamaitechnologies.com

sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::ac43:444e (United States)

ASN13335 (CLOUDFLARENET, US)

static-de.ad4mat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.210.125.176 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-210-125-176.deploy.static.akamaitechnologies.com

www.awin1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.166 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 84.200.5.215 (Germany) 2 redirects

ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE)

www.telefonica-partner.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.lead-alliance.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 167.233.13.224 (Hallbergmoos, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.224.13.233.167.clients.your-server.de

partner.o2online.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.9.84.205 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-9-84-205.eu-west-2.compute.amazonaws.com

track.webgains.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.147.98 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-147-98.fra60.r.cloudfront.net

analytics.webgains.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.86.4.52 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-52.fra6.r.cloudfront.net

cdn.track.production.webgains.team	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.130.95.23 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-130-95-23.eu-west-2.compute.amazonaws.com

api.webgains.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
46	otodiva.com 1 redirects otodiva.com	1 MB
24	criteo.net static.criteo.net — Cisco Umbrella Rank: 763 imageproxy.eu.criteo.net — Cisco Umbrella Rank: 9652 csm.eu.criteo.net — Cisco Umbrella Rank: 6433	284 KB
17	doubleclick.net 3 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 67 stats.g.doubleclick.net — Cisco Umbrella Rank: 166 cm.g.doubleclick.net — Cisco Umbrella Rank: 313 ad.doubleclick.net — Cisco Umbrella Rank: 201	39 KB
17	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 129 tpc.googlesyndication.com — Cisco Umbrella Rank: 177	271 KB
14	ad4m.at as.ad4m.at — Cisco Umbrella Rank: 23943 ad4m.at — Cisco Umbrella Rank: 9478 assets.ad4m.at — Cisco Umbrella Rank: 31150	522 KB
9	gstatic.com fonts.gstatic.com	240 KB
7	google.com region1.analytics.google.com — Cisco Umbrella Rank: 2930 www.google.com — Cisco Umbrella Rank: 16 adservice.google.com — Cisco Umbrella Rank: 130	2 KB
5	google.de www.google.de — Cisco Umbrella Rank: 3425 adservice.google.de — Cisco Umbrella Rank: 5261	1 KB
3	webgains.io analytics.webgains.io — Cisco Umbrella Rank: 15646 api.webgains.io — Cisco Umbrella Rank: 40158	31 KB
3	criteo.com rtb.nl3.eu.criteo.com — Cisco Umbrella Rank: 12727 ads.eu.criteo.com — Cisco Umbrella Rank: 6413 cat.fr3.eu.criteo.com — Cisco Umbrella Rank: 7993	55 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 91	20 KB
2	teads.tv 1 redirects sync.teads.tv — Cisco Umbrella Rank: 1703	458 B
2	pubmatic.com 2 redirects image6.pubmatic.com — Cisco Umbrella Rank: 1037	1 KB
2	adform.net 2 redirects c1.adform.net — Cisco Umbrella Rank: 908	1 KB
2	ad4mat.net prod-rtb.ad4mat.net — Cisco Umbrella Rank: 77547 static-de.ad4mat.net — Cisco Umbrella Rank: 111741	4 KB
2	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 238	98 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 114	132 KB
1	webgains.team cdn.track.production.webgains.team — Cisco Umbrella Rank: 43265	15 KB
1	webgains.com track.webgains.com — Cisco Umbrella Rank: 21883	2 KB
1	o2online.de partner.o2online.de — Cisco Umbrella Rank: 61533	1 KB
1	lead-alliance.net 1 redirects www.lead-alliance.net — Cisco Umbrella Rank: 53210	438 B
1	telefonica-partner.de 1 redirects www.telefonica-partner.de — Cisco Umbrella Rank: 53598	262 B
1	awin1.com www.awin1.com — Cisco Umbrella Rank: 15474	702 B
1	rubiconproject.com 1 redirects pixel.rubiconproject.com — Cisco Umbrella Rank: 447	463 B
1	yahoo.com 1 redirects pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 689	717 B
1	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 451	265 B
1	everesttech.net 1 redirects sync-tm.everesttech.net — Cisco Umbrella Rank: 1020	544 B
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 344	5 KB
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 1132	602 B
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 119	3 KB
159	30

	Domain	Requested by
46	otodiva.com	1 redirects otodiva.com
13	imageproxy.eu.criteo.net	ads.eu.criteo.com
10	pagead2.googlesyndication.com	otodiva.com pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
9	static.criteo.net	ads.eu.criteo.com
9	fonts.gstatic.com	fonts.googleapis.com
7	cm.g.doubleclick.net	1 redirects googleads.g.doubleclick.net
7	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
6	assets.ad4m.at	as.ad4m.at
6	googleads.g.doubleclick.net	pagead2.googlesyndication.com otodiva.com googleads.g.doubleclick.net
4	ad4m.at	as.ad4m.at ad4m.at
4	as.ad4m.at	googleads.g.doubleclick.net as.ad4m.at ad4m.at
3	adservice.google.com	pagead2.googlesyndication.com
3	adservice.google.de	pagead2.googlesyndication.com
3	www.google.com	otodiva.com googleads.g.doubleclick.net tpc.googlesyndication.com
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com otodiva.com
2	api.webgains.io	analytics.webgains.io
2	ad.doubleclick.net	2 redirects
2	sync.teads.tv	1 redirects
2	image6.pubmatic.com	2 redirects
2	c1.adform.net	2 redirects
2	csm.eu.criteo.net	ads.eu.criteo.com
2	www.googletagservices.com	googleads.g.doubleclick.net
2	www.google.de	otodiva.com
2	stats.g.doubleclick.net	www.googletagmanager.com www.google-analytics.com
2	www.googletagmanager.com	otodiva.com www.googletagmanager.com
1	cdn.track.production.webgains.team	as.ad4m.at
1	analytics.webgains.io	track.webgains.com
1	track.webgains.com	as.ad4m.at
1	partner.o2online.de	as.ad4m.at
1	www.lead-alliance.net	1 redirects
1	www.telefonica-partner.de	1 redirects
1	www.awin1.com	as.ad4m.at
1	static-de.ad4mat.net	as.ad4m.at
1	pixel.rubiconproject.com	1 redirects
1	pr-bh.ybp.yahoo.com	1 redirects
1	match.adsrvr.org	googleads.g.doubleclick.net
1	sync-tm.everesttech.net	1 redirects
1	prod-rtb.ad4mat.net	googleads.g.doubleclick.net
1	cdnjs.cloudflare.com	ads.eu.criteo.com
1	cat.fr3.eu.criteo.com	ads.eu.criteo.com
1	ads.eu.criteo.com	googleads.g.doubleclick.net
1	rtb.nl3.eu.criteo.com	otodiva.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	region1.analytics.google.com	www.googletagmanager.com
1	fonts.googleapis.com	otodiva.com
159	45

This site contains links to these domains. Also see Links.

Domain
facebook.com
twitter.com
gadgetdiva.id
traveldiva.id
gizmologi.id
gizmologi.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-02-13` - `2024-02-13`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
*.google.de GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
*.nl3.eu.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-03-14` - `2023-06-09`	3 months	crt.sh
*.eu.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-03-04` - `2023-06-04`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-03-24` - `2023-06-18`	3 months	crt.sh
*.fr3.eu.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-03-22` - `2023-06-25`	3 months	crt.sh
*.eu.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-03-26` - `2023-06-29`	3 months	crt.sh
prod-rtb.ad4mat.net GTS CA 1D4	`2023-04-09` - `2023-07-08`	3 months	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2022-03-31` - `2023-05-02`	a year	crt.sh
www.awin1.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-10` - `2024-03-09`	a year	crt.sh
*.webgains.com Amazon RSA 2048 M01	`2023-02-22` - `2023-07-13`	5 months	crt.sh
*.webgains.io Amazon RSA 2048 M02	`2023-03-02` - `2023-09-21`	7 months	crt.sh
cdn.track.production.webgains.team Amazon RSA 2048 M01	`2023-02-28` - `2023-10-28`	8 months	crt.sh

This page contains 12 frames:

Primary Page: https://otodiva.com/ip4xl/viewtopic.php?page=comerica-bank-credit-card
Frame ID: 622768F193F33D9AD8E3BD789D4905F7
Requests: 80 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230413/r20190131/zrt_lookup.html
Frame ID: F3D7A82E13B340367234A659EAC9A9D7
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5949640052836324&output=html&adk=1812271804&adf=3025194257&lmt=1681904161&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=500x540_l%7C500x540_r&format=0x0&url=https%3A%2F%2Fotodiva.com%2Fip4xl%2Fviewtopic.php%3Fpage%3Dcomerica-bank-credit-card&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1681904161644&bpp=4&bdt=1681&idt=194&shv=r20230413&mjsv=m202304060101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8669149600763&frm=20&pv=2&ga_vid=493008130.1681904162&ga_sid=1681904162&ga_hid=1645194008&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42532089%2C44759837%2C44759875%2C44759926%2C42532185&oid=2&pvsid=1222634675579513&tmod=635692072&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=228
Frame ID: 8341A4F91A135FB9880BA9C63FF3B122
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230413/r20110914/zrt_lookup.html?fsb=1
Frame ID: BC3A02D6B6BF015C76D92B61ED36A968
Requests: 8 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZD_SIQANvo4JHUMOAAAiWtpez0z6M7MKzFpBMQ&u=%7C775fAfJMwZTFh3Paiy799Mh1yl%2FoicnjPZGDPZYIhEY%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANddNRPYHnj5twBJ-vtli4qThvn7Ai3s4nNMfTzEVAkD9Q4M_K1CnPg_F3CouNxzPhPXxSHxiN6aZETKfGXVrHP-C8FtAXjiRsokCfOpQV7lOQE4J2dQea7mQ5ODllXGCBdwJH4LMEn3EFzl2WHtZkZROwZNFW-YqK5f7lgJ4nMxrtLsKUE5raAQhizowmw3Vzm8unDn9yXibVc1NTFjvTEDUlR2qDYZsvybDJREFxE9Otns6BgioX6Ox3yyOaEpOeb7G6BYn7-nyBL4t4d7bFqZGxHKZHCbP4eC1lkYzeZhOoy--cly7CCuLi5EDMP8baj-qmfWVEskTpUqg_eBIBZ6y0NwQNpngvjbNLyZP0vyBEySQhpf5Tpl21UQ02TB77xKoiwIjN079tgyn0wi5jQAfn-fqWEHt7K49rKDScAevvdp531maaAD-h4YJttVEq3oTyXgTOBnWFbDznugXTCA-sNjAIaMKf1hqPBahChQnDuTlqIyfi3tgDPoZuyXris3zo-2CR69PU2unGy1x4YHHzS94A4k-CjsTjphRXFIS&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCDYsCIdI_ZI79No6G9fgP2sSAmAnJntKxXJWil_dwwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5NDk2NDAwNTI4MzYzMjTIAQmpAhFH6ZDxZrI-qAMBqgTrAU_QjlI0yEVYbOB0FrYqXNq8eEMU58JGBGcWs-YC0LXhmNrdv16mc8gM0PptNJ-5RUTfEPDS8Ys5CbrNL2I3yNB7_eOLL2RPMAN2QCnHjo5T1GHKBISZAEZ0bZ8xraeiYzIPtbLrTxoqW3scT6aRW-5OgfIpFgQW39CfCuoKIDMf0koH9U_zBUJb1DrWwidmU4o9PgpQJ_31Q7_9Z1BSzXXCrs2aKW7bjV8VgluHURNy9i_LSL5Os8YrW7ieNJsBm2Dweq-jFidsbQErqmQ3o1o4AqoxP7-BtStQrQh-7aLdVhwiBvC-nkTb6xOABtyKgb2Ag8b3tgGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3brLoHUt63Vh-t1F90yf2MrK_eaw%26client%3Dca-pub-5949640052836324%26adurl%3D
Frame ID: 847802459D68FB592767461D851EEB8D
Requests: 27 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5949640052836324&output=html&h=90&slotname=2863858251&adk=2398503812&adf=1183505835&pi=t.ma~as.2863858251&w=728&lmt=1681904162&format=728x90&url=https%3A%2F%2Fotodiva.com%2Fip4xl%2Fviewtopic.php%3Fpage%3Dcomerica-bank-credit-card&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1681904162953&bpp=2&bdt=2989&idt=2&shv=r20230413&mjsv=m202304060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dba9d1d706eb74bb0-22fbdd2e9fdd0005%3AT%3D1681904161%3ART%3D1681904161%3AS%3DALNI_MZCtg48KIieZivJeOJmgS1rWPGVsA&gpic=UID%3D00000bd82b6da175%3AT%3D1681904161%3ART%3D1681904161%3AS%3DALNI_MYBiT-n50zk-cvrrEm2XFJNC8Rx9w&prev_fmts=0x0%2C1005x124&nras=2&correlator=8669149600763&frm=20&pv=1&ga_vid=493008130.1681904162&ga_sid=1681904162&ga_hid=1645194008&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=606&ady=57&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42532089%2C44759837%2C44759875%2C44759926%2C42532185&oid=2&psts=AHQMDFeIBO6NtcrPVW5HCN-KLZOWQHZ4wrj7nFqv1xWCFZBeJyKCfl-JVEIxjv5pKBI-zbSuALPcL2S2FkecRXLNfq7FaufU9I1tdnPUres&pvsid=1222634675579513&tmod=635692072&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaE%7C&abl=CA&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=0EGeRu6X4Q&p=https%3A//otodiva.com&dtd=8
Frame ID: 5875CA30ABFDC03E882875C304B22AE3
Requests: 9 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1jpyxp762gbftcmqnqd8g821q0r2kyfj1tb4wkex4e3metwzn6bvnvj1s1bba6wvgktn9kg6wg16mr66kz2d96ajbdyc1fqt6z0r21gp14t30jan6p6y9bcqkye77v2z7s4dknhqsz847gktq9ns9mks9ykf6tk5xvm6r0jdryght9gdfjb3pyej4sawtecqw7tj9nj3r78k34vcv03sem94zqgm07345dav4bbtqqcaprbabvc45xdqg185zt12e4f2xynhbfys5rqdc9jkebjyqxzmb69nw162hk56j125s6aaz4bxvf7f1gnzy79jxzk2wmkzbcwac1f3v6wc2e6dsecmw6thpbws28hdsqdfbkb18hrcjg7qsb0a9yjaja685nvdh90vycc00venawd453hk1nkm8pb2xnw1scay9bncyfrsk5mmevfdnd5gpsb58za8&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCfWh1ItI_ZKWrPK2O9fgPsr-WwAqQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi01OTQ5NjQwMDUyODM2MzI0yAEJqQIP8eY_0GKyPqgDAaoE6QFP0GJI4MAKD6xiOx8uPQ3vnMufW-uAdY9Kzdk84P0Yeze4HEd09NZOb8ZBfdOR7WFC4SryqemRuiHwZ-ezYxdXlfgQPkd7SywEsKJKJaxpqwBBExnGOf-AjWHwIVzJotiPSbBf5jrcvESMNRScuUwOwV5hbWEj-NLUaBI12kDKKCZ65dXEzQX6-8ydCaLivCSL29god4BPYuQGrOFNrRGZMAoL7HLQ4cVrnSB96O1_w7dk2Bs9j_duiJUdxJi303yedk9zeexvCoDfLm0BkV5FRsH1emlLoRJ9NCit0pxKKcwlhMaCLG7iWYAGueqywdfTjrq-AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0bFhc_6d0lYmSzpRiDsxHAXKHfdg%26client%3Dca-pub-5949640052836324%26adurl%3D
Frame ID: AB49541C72C553F23999A8F6A339FC80
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 1C70AFD84E0E62DC301FBEE6D1D324AF
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 0B059BB15647AB26739584EB60BBB9A8
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: ED0E3407B3E7402CF89445716CA51824
Requests: 2 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: 73E57C4BE6B2A21B68C447A0725B7E09
Requests: 1 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=117569%2C19458%2C197862&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2CZ28fwfBf6wRUmHDHDt3tJJZC6SXTQQefY5jB%2C3qjcpf4fXWQdC7HrHAtEtrQ4XsPSWTKKMsg2Y3&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2C9kMaMfmfxEVFKHBH2tzCrr9U9SmTzzmSrbBX%2CWPefrfdfZbxRaYH5HjtDC8qQ7u3SETVVmU9Q8W&c=728&d=90&e=&g=d8984c1d5e79e5ca6811f7dd83fb16d1%2F18242259206932164465&i=29981%2C20774%2C71725&j=16%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1681904163491&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1k0dtnzgevjk2563w6gyjp90sxqstpjz94kbhdzjn00nn4xnmy2grxg5wyp31j56qdcnk9trbz155a9a0r1pqw7nd3wc3vsbb4bmkx0r455kdfyeh410p0azhaf8b2f7d6h8jgse52rwe78wpaa0vh0wz6s01dc15q3b2t8mz8pw8wg1thqc6tfjtcn5x8rsb34btpxrz0qyvkch15t8yqw0k0x8t5w44xv4hk1464kmz8cqfc9hzzcekx87880r0hr57bd2wk4e0a0rhy46c63v%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCfWh1ItI_ZKWrPK2O9fgPsr-WwAqQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi01OTQ5NjQwMDUyODM2MzI0yAEJqQIP8eY_0GKyPqgDAaoE6QFP0GJI4MAKD6xiOx8uPQ3vnMufW-uAdY9Kzdk84P0Yeze4HEd09NZOb8ZBfdOR7WFC4SryqemRuiHwZ-ezYxdXlfgQPkd7SywEsKJKJaxpqwBBExnGOf-AjWHwIVzJotiPSbBf5jrcvESMNRScuUwOwV5hbWEj-NLUaBI12kDKKCZ65dXEzQX6-8ydCaLivCSL29god4BPYuQGrOFNrRGZMAoL7HLQ4cVrnSB96O1_w7dk2Bs9j_duiJUdxJi303yedk9zeexvCoDfLm0BkV5FRsH1emlLoRJ9NCit0pxKKcwlhMaCLG7iWYAGueqywdfTjrq-AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0bFhc_6d0lYmSzpRiDsxHAXKHfdg%2526client%253Dca-pub-5949640052836324%2526adurl%253D&y=1&s=&z=0
Frame ID: BD481DC964D094D6395F0ECF1551434B
Requests: 14 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Page Not Found - otodiva

Page URL History Show full URLs

http://otodiva.com/ip4xl/viewtopic.php?page=comerica-bank-credit-card HTTP 301
https://otodiva.com/ip4xl/viewtopic.php?page=comerica-bank-credit-card Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

\.php(?:$|\?)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Underscore.js (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

underscore.*\.js(?:\?ver=([\d.]+))?

Webgains (Affiliate programs) Expand

Overall confidence: 100%
Detected patterns

analytics\.webgains\.io

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

159
Requests

96 %
HTTPS

62 %
IPv6

30
Domains

45
Subdomains

35
IPs

7
Countries

3008 kB
Transfer

6336 kB
Size

18
Cookies

6 Outgoing links

These are links going to different origins than the main page.

URL: https://facebook.com/groups/otodiva/

Search URL Search Domain Scan URL

URL: https://twitter.com/otodiva

Search URL Search Domain Scan URL

URL: https://gadgetdiva.id/
Title: > Gadgetdiva.id

Search URL Search Domain Scan URL

URL: https://traveldiva.id/
Title: > Traveldiva.ID

Search URL Search Domain Scan URL

URL: https://gizmologi.id/
Title: > Gizmologi.ID

Search URL Search Domain Scan URL

URL: https://gizmologi.com/
Title: > Gizmologi.com

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://otodiva.com/ip4xl/viewtopic.php?page=comerica-bank-credit-card HTTP 301
https://otodiva.com/ip4xl/viewtopic.php?page=comerica-bank-credit-card Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 115

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESELyPPcc_1X_dwIjzPs_Gs6g&google_cver=1&google_push=Aer7DvJN8R3yxBJQJcmNQtcjw4eyihbp-bByIoA53CTJ38q_J12j6IxIt1oy2Tpq9nMorRx_H1UwBcl2f3fgXEMJrMoh_IXjt-p4Vpw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESELyPPcc_1X_dwIjzPs_Gs6g&google_push=Aer7DvJN8R3yxBJQJcmNQtcjw4eyihbp-bByIoA53CTJ38q_J12j6IxIt1oy2Tpq9nMorRx_H1UwBcl2f3fgXEMJrMoh_IXjt-p4Vpw

Request Chain 117

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEI3kQCbK0e-xZU8OtdpHGhE&google_cver=1&google_push=Aer7DvLgnaUP69dVOSWA4F6lKthW7GvLfMQW0OM9XsyL61XhOHAR0jxHvO7xHv57X8hW6Uv_gwdOb2XC68fd8tFzC3GdkIqBYZ8fr4U HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=Aer7DvLgnaUP69dVOSWA4F6lKthW7GvLfMQW0OM9XsyL61XhOHAR0jxHvO7xHv57X8hW6Uv_gwdOb2XC68fd8tFzC3GdkIqBYZ8fr4U&google_hm=eS1fU0dLZkJSRTJwR2N6eklJSThsYkI0NkZwUFdsOU5UUH5B

Request Chain 118

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEA9alINSqepsqwWIDpdwziw&google_cver=1&google_push=Aer7DvK1EtcPAoNBU-Cw5zvgZyiX7CV7rxBqDvL5WRxxqvSY_7FRyyeu-I-qWmNDbHg-2yVb1Y_TMVo5oFleUITfnp80KXq3BhciyQ HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEA9alINSqepsqwWIDpdwziw&google_cver=1&google_push=Aer7DvK1EtcPAoNBU-Cw5zvgZyiX7CV7rxBqDvL5WRxxqvSY_7FRyyeu-I-qWmNDbHg-2yVb1Y_TMVo5oFleUITfnp80KXq3BhciyQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=Nzk0OTMzMDg3ODk5OTkyNTMzNA&google_push=Aer7DvK1EtcPAoNBU-Cw5zvgZyiX7CV7rxBqDvL5WRxxqvSY_7FRyyeu-I-qWmNDbHg-2yVb1Y_TMVo5oFleUITfnp80KXq3BhciyQ

Request Chain 119

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEIk6ykUwiwrSkf86l3QYTCY&google_cver=1&google_push=Aer7DvJQD6AOosweEjubamp9JTAAz0RjA-4rG_hn7O0vrgbdnAImj1-3-IeY78r17mA96jUtDYySeDMsCWhtovDtBjFWafmRrS6WC78 HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEIk6ykUwiwrSkf86l3QYTCY&google_cver=1&google_push=Aer7DvJQD6AOosweEjubamp9JTAAz0RjA-4rG_hn7O0vrgbdnAImj1-3-IeY78r17mA96jUtDYySeDMsCWhtovDtBjFWafmRrS6WC78&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=wjOQF9JAQ_i1aMkUf6LQkQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=Aer7DvJQD6AOosweEjubamp9JTAAz0RjA-4rG_hn7O0vrgbdnAImj1-3-IeY78r17mA96jUtDYySeDMsCWhtovDtBjFWafmRrS6WC78

Request Chain 120

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEDXEhvgjsWRTSwb3mAQgehY&google_cver=1&google_push=Aer7DvLyPOGsa6zU2Q-qT0TIN2G86SWrORRfNaRDHvlpvuSGcvUAJ6H--ShU_FdN18TDPn2sUsROy8NQ9d91vsFWsCtw74X8VYwjMQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEdOTUJBM1AtMjItR01MQg==&google_push=Aer7DvLyPOGsa6zU2Q-qT0TIN2G86SWrORRfNaRDHvlpvuSGcvUAJ6H--ShU_FdN18TDPn2sUsROy8NQ9d91vsFWsCtw74X8VYwjMQ

Request Chain 121

https://sync.teads.tv/um?eid=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEP-6PveuM5ZrAIZ3f60-UEc&google_cver=1&google_push=Aer7DvKWttxwHMxrdihli-_zCvZk-em2l_nbfHYWKd0Vlyw_WuZNoG4hNXhLEvgcbNVjpnb1gKg94h27BsgpWzSe3n9EAq0VWtQAoQ8 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=Aer7DvKWttxwHMxrdihli-_zCvZk-em2l_nbfHYWKd0Vlyw_WuZNoG4hNXhLEvgcbNVjpnb1gKg94h27BsgpWzSe3n9EAq0VWtQAoQ8 HTTP 302
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

Request Chain 148

https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?https%3A%2F%2Fwww.telefonica-partner.de%2Ftpv.php%3Ft%3D112793V1226132702M%26subid%3DviewoneidZ28fwfBf6wRUmHDHDt3tJJZC6SXTQQefY5jBoneid__suite_Netmix_Reach121_BESTPERFORMER%26gdpr_consent=%26gdpr=0%26gdpr_pd=0 HTTP 302
https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_pre=CP3p46Httf4CFcaB3godi-IAVg;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?https%3A%2F%2Fwww.telefonica-partner.de%2Ftpv.php%3Ft%3D112793V1226132702M%26subid%3DviewoneidZ28fwfBf6wRUmHDHDt3tJJZC6SXTQQefY5jBoneid__suite_Netmix_Reach121_BESTPERFORMER%26gdpr_consent=%26gdpr=0%26gdpr_pd=0 HTTP 302
https://www.telefonica-partner.de/tpv.php?t=112793V1226132702M&subid=viewoneidZ28fwfBf6wRUmHDHDt3tJJZC6SXTQQefY5jBoneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://www.lead-alliance.net/tpv.php?t=112793V1226132702M&subid=viewoneidZ28fwfBf6wRUmHDHDt3tJJZC6SXTQQefY5jBoneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=112793&s_id=2023041913360384076032895X112793V1226132702MSviewoneidZ28fwfBf6wRUmHDHDt3tJJZC6SXTQQefY5jBoneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&cons=0&spid=2023041913360384076032895X112793V1226132702MSviewoneidZ28fwfBf6wRUmHDHDt3tJJZC6SXTQQefY5jBoneid__suite_Netmix_Reach121_BESTPERFORMER&wfid=112793&partnerid=12218

159 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

404

Primary Request viewtopic.php Show response
otodiva.com/ip4xl/
Redirect Chain

http://otodiva.com/ip4xl/viewtopic.php?page=comerica-bank-credit-card
https://otodiva.com/ip4xl/viewtopic.php?page=comerica-bank-credit-card

207 KB
25 KB

6026ms
5991ms

Document
text/html

2606:4700:3034::6815:1bab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://otodiva.com/ip4xl/viewtopic.php?page=comerica-bank-credit-card
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6815:1bab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 249593749e31df1873df323187de6ce30bdfc0eb98d0703884a97e8c2ca6b361

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache, must-revalidate, max-age=0
cf-cache-status: DYNAMIC
cf-ray: 7ba4d8c24e963625-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Wed, 19 Apr 2023 11:35:59 GMT
expires: Wed, 11 Jan 1984 05:00:00 GMT
link: <https://otodiva.com/wp-json/>; rel="https://api.w.org/"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8Dfes9JzJPjj5khrd%2B0UNOYZo107L0mE0PLemdmY0YCpvFORtc7EFMaPBvg4MDmwJI%2BefpyZGB58hddU3wcfcm%2FwGRV18khCunjn1M2kWXIJUYJyGQD9aC616iKW29g%2B3TE2VpmTWHW1%2FA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-two-cache-date: 1681856626
x-two-optimize: 1
x-two-optimize-reason: Page id not found
x-two-page-is-optimized: 0
x-two-version: 2.17.21
x-two-webp: 1

Redirect headers

CF-Cache-Status: DYNAMIC
CF-RAY: 7ba4d8bed8823828-FRA
Connection: keep-alive
Content-Type: text/html
Date: Wed, 19 Apr 2023 11:35:53 GMT
Location: https://otodiva.com/ip4xl/viewtopic.php?page=comerica-bank-credit-card
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=x%2BxYDMsqEByt9LLEtkMINprXTD1pkHQCsyUhuR3XKHtAx2byi%2BoFxc6JmLLTBHVjh7t%2BZNggpzFeY0NyswTkjxrOnCZyAGPoSt5WkT3oKV92HwYzz11FGcIkX7vNcz1cmvTYVBXtoJWlUw%3D%3D"}],"group":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 style.min.css
otodiva.com/wp-includes/css/dist/block-library/ 95 KB
13 KB 1030ms
1026ms Stylesheet
text/css 2606:4700:3034::6815:1bab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://otodiva.com/wp-includes/css/dist/block-library/style.min.css?ver=6.2

Requested by

Host: otodiva.com
URL: https://otodiva.com/ip4xl/viewtopic.php?page=comerica-bank-credit-card

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3034::6815:1bab , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aca566587618e75fa291a419c7c430be02e03fc72f6105658c1bc8e7d59a65e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://otodiva.com/ip4xl/viewtopic.php?page=comerica-bank-credit-card
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 19 Apr 2023 11:36:00 GMT
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Fri, 07 Apr 2023 16:14:17 GMT
server: cloudflare
etag: W/"64304159-17ced"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AowBNx43O3BoUd4m%2FBhtxRcwJ8KGBV3C0CYyWjLCYLFIv236wavSFMqjIKyzQwPEM8g9CyiZrw3j8KZH7mPo7mJTWQdT7%2Ftj3D0PCJvrwKz3IPGJIoLN2NN8WieWVqq%2B2JLN3rRIeH7Spw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31104000
cf-ray: 7ba4d8e7ce103625-FRA
expires: Sat, 13 Apr 2024 11:36:00 GMT

GET
H2 200 classic-themes.min.css
otodiva.com/wp-includes/css/ 291 B
652 B 775ms
772ms Stylesheet
text/css 2606:4700:3034::6815:1bab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://otodiva.com/wp-includes/css/classic-themes.min.css?ver=6.2

Requested by

Host: otodiva.com
URL: https://otodiva.com/ip4xl/viewtopic.php?page=comerica-bank-credit-card

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3034::6815:1bab , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dcd9f488bd62ba0ee403b07a97e40b9ffd63a0eff61091588c913b16d5153d48

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://otodiva.com/ip4xl/viewtopic.php?page=comerica-bank-credit-card
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 19 Apr 2023 11:36:00 GMT
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Fri, 07 Apr 2023 16:14:17 GMT
server: cloudflare
etag: W/"64304159-123"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kXlJUbo7Jp9%2FbhmBNO339oCemPZEDpwDn26M03YJpW2MDCea5PdBOsysikFPFTEj6fhXSWBK79HFJgDEy9jYEcO0jTw28irIPUVdHrwl%2FfbUBTZC4pMvMS6GFfggSE4ZfJUsTr%2BdWjQjJQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31104000
cf-ray: 7ba4d8e7ce0c3625-FRA
expires: Sat, 13 Apr 2024 11:36:00 GMT

GET
H2 200 style.css
otodiva.com/wp-content/plugins/td-composer/td-multi-purpose/ 37 KB
5 KB 781ms
778ms Stylesheet
text/css 2606:4700:3034::6815:1bab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://otodiva.com/wp-content/plugins/td-composer/td-multi-purpose/style.css?ver=969f3bb4333afe45565e713582b6de14

Requested by

Host: otodiva.com
URL: https://otodiva.com/ip4xl/viewtopic.php?page=comerica-bank-credit-card

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3034::6815:1bab , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3ed2e42d3ce5e24dcb11cddde4126e4f07c3afc590f708ad2cfbf7669002f92e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://otodiva.com/ip4xl/viewtopic.php?page=comerica-bank-credit-card
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 19 Apr 2023 11:36:00 GMT
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Wed, 01 Feb 2023 08:55:31 GMT
server: cloudflare
etag: W/"63da2903-92ec"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ml85plVGBJYCRiK5wtMOlfp%2FWvUePZEoQ8Km0PxXoT%2BRKNXVoobsAz9OpGQCaqCA6KHljfBkVqQlY5h0KzE48XDgJSneIZwUFajDwB%2BGbByiso9Lw%2FaA3uhODSAvnTc%2FybW%2BsXP7NWsQDg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31104000
cf-ray: 7ba4d8e7ce0e3625-FRA
expires: Sat, 13 Apr 2024 11:36:00 GMT

GET
H2 200 css
fonts.googleapis.com/ 98 KB
3 KB 147ms
55ms Stylesheet
text/css 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Fira+Sans%3A400%2C100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7COpen+Sans%3A400%2C600%2C700%2C100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400italic%2C500%2C500italic%2C600italic%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto%3A400%2C500%2C700%2C100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400italic%2C500italic%2C600%2C600italic%2C700italic%2C800%2C800italic%2C900%2C900italic%7CFira+Sans%3A700%2C300%2C400&display=swap&ver=12.2

Requested by

Host: otodiva.com
URL: https://otodiva.com/ip4xl/viewtopic.php?page=comerica-bank-credit-card

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

3870ef7428d7015e6ad76607ead8663e58f9e3a794e2bd196bd8a491871c3cc5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://otodiva.com/
Origin: https://otodiva.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 19 Apr 2023 11:36:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 19 Apr 2023 11:36:00 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 19 Apr 2023 11:36:00 GMT

GET
H2 200 style.css
otodiva.com/wp-content/themes/Newspaper/ 149 KB
26 KB 1083ms
1080ms Stylesheet
text/css 2606:4700:3034::6815:1bab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://otodiva.com/wp-content/themes/Newspaper/style.css?ver=12.2

Requested by

Host: otodiva.com
URL: https://otodiva.com/ip4xl/viewtopic.php?page=comerica-bank-credit-card

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3034::6815:1bab , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

99b17728d81082e7a6e0f8ed2f61b8bb249f1b08c8fe07e9503c18f12a8d797e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://otodiva.com/ip4xl/viewtopic.php?page=comerica-bank-credit-card
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 19 Apr 2023 11:36:01 GMT
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Wed, 01 Feb 2023 08:44:58 GMT
server: cloudflare
etag: W/"63da268a-25410"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GP4rrwIRkfvJ7mRIV061PoWoC2YuwPezW8XlboA2EUscccx6i66zaEyYXJDpiR4%2FGgQUzvwLgVQJSfph5ICuUBERm0rEwKUU9bPST2Fo184SwavEvjXWYckHwIlOTye4XsBKJloUFGuNHQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31104000
cf-ray: 7ba4d8e7ce113625-FRA
expires: Sat, 13 Apr 2024 11:36:00 GMT

GET
H2 200 td_legacy_main.css
otodiva.com/wp-content/plugins/td-composer/legacy/Newspaper/assets/css/ 161 KB
25 KB 1072ms
1069ms Stylesheet
text/css 2606:4700:3034::6815:1bab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://otodiva.com/wp-content/plugins/td-composer/legacy/Newspaper/assets/css/td_legacy_main.css?ver=969f3bb4333afe45565e713582b6de14

Requested by

Host: otodiva.com
URL: https://otodiva.com/ip4xl/viewtopic.php?page=comerica-bank-credit-card

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3034::6815:1bab , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

690b96d2559591f91a037476ec10a31fa8c92fcccd97dd48136223cfb70e6299

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://otodiva.com/ip4xl/viewtopic.php?page=comerica-bank-credit-card
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 19 Apr 2023 11:36:01 GMT
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Wed, 01 Feb 2023 08:55:30 GMT
server: cloudflare
etag: W/"63da2902-28238"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MA660ns20rnd7e5SGCf7lefYKQjnRQ6rMwuevjkW0MV09Pj2bU2Mwj6%2FVTrwsyQ1pMdLtity5IKVzi1X2ZN%2B1d%2FIktgNQ%2Fc1jp0YS3B0vVbbgOsU1Uw4MNE7uuwr3%2F4rVxp67KCl0KPpTw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31104000
cf-ray: 7ba4d8e7ce173625-FRA
expires: Sat, 13 Apr 2024 11:36:00 GMT

GET
H2 200 td_standard_pack_main.css
otodiva.com/wp-content/plugins/td-standard-pack/Newspaper/assets/css/ 715 KB
64 KB 1354ms
1351ms Stylesheet
text/css 2606:4700:3034::6815:1bab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://otodiva.com/wp-content/plugins/td-standard-pack/Newspaper/assets/css/td_standard_pack_main.css?ver=7b24cfa58e9ab053c98d141038fd6ac7

Requested by

Host: otodiva.com
URL: https://otodiva.com/ip4xl/viewtopic.php?page=comerica-bank-credit-card

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3034::6815:1bab , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1008e0fea1bcea71d721ce0187eba5979aee7626901ea11940898b0db51320c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://otodiva.com/ip4xl/viewtopic.php?page=comerica-bank-credit-card
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 19 Apr 2023 11:36:01 GMT
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Wed, 01 Feb 2023 08:45:50 GMT
server: cloudflare
etag: W/"63da26be-b2d2a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xq9TBadgh0qHjr%2BMYLqP9WEJajctvFtP9LPcOlT4SfAL3Kz%2F4B3jOJSmgwbykcOZzpMXuKWnTnmIEHGHPU4PMSzfxCw1vj4N%2BQshmpb7gEXNRUOKASrLF%2BMlSzFRJcV%2BijY5bp4loEEPLA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31104000
cf-ray: 7ba4d8e7ce183625-FRA
expires: Sat, 13 Apr 2024 11:36:00 GMT

GET
H2 200 demo_style.css
otodiva.com/wp-content/plugins/td-composer/legacy/Newspaper/includes/demos/gossip/ 914 B
610 B 822ms
819ms Stylesheet
text/css 2606:4700:3034::6815:1bab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://otodiva.com/wp-content/plugins/td-composer/legacy/Newspaper/includes/demos/gossip/demo_style.css?ver=12.2

Requested by

Host: otodiva.com
URL: https://otodiva.com/ip4xl/viewtopic.php?page=comerica-bank-credit-card

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3034::6815:1bab , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e76fc56db6a781f7f604b281948d4be6115b7fd1f95d0abc05ca22ec594f8b21

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://otodiva.com/ip4xl/viewtopic.php?page=comerica-bank-credit-card
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 19 Apr 2023 11:36:00 GMT
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Wed, 01 Feb 2023 08:55:30 GMT
server: cloudflare
etag: W/"63da2902-392"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ph%2B915JIZrXCfbvmPy0VzCMGvCNqniT7Zt6JyMwAOrawiUFSPfZBNhi8waz9%2FdN2p6zNO36JN0pw7L2phDuhjSIpRYnUfTst0znsvnzeX4Vl03xadc6dDPmMMgmzxyyUrLeS5KcBy1s1EA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31104000
cf-ray: 7ba4d8e7ce1a3625-FRA
expires: Sat, 13 Apr 2024 11:36:00 GMT

GET
H2 200 tdb_main.css
otodiva.com/wp-content/plugins/td-cloud-library/assets/css/ 34 KB
6 KB 827ms
824ms Stylesheet
text/css 2606:4700:3034::6815:1bab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://otodiva.com/wp-content/plugins/td-cloud-library/assets/css/tdb_main.css?ver=f41b1d596d81a0ab113b1f85139ed2c2

Requested by

Host: otodiva.com
URL: https://otodiva.com/ip4xl/viewtopic.php?page=comerica-bank-credit-card

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3034::6815:1bab , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c8821d06dfd34ed87aeddfc12c30cd9095bdbbb50e74f2a4e1fe4a6d77431287

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://otodiva.com/ip4xl/viewtopic.php?page=comerica-bank-credit-card
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 19 Apr 2023 11:36:00 GMT
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Wed, 01 Feb 2023 08:45:15 GMT
server: cloudflare
etag: W/"63da269b-882f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bqfYaPmaS3dNaxdbi%2BS3GJKqIpwwA1%2B%2F%2FWmqHbDIvOrZZ6WxZfjlJheBfvDxt43d%2BhU8t6aYXv5s2P0273hE%2BhGNAcLC4wfHXkTwBy4rswF%2BCOjuDgWIVGPfCtfrZHW5W0W9eRunULiVpQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31104000
cf-ray: 7ba4d8e7ce1c3625-FRA
expires: Sat, 13 Apr 2024 11:36:00 GMT

GET
H2 200 jquery.min.js Show response
otodiva.com/wp-includes/js/jquery/ 88 KB
32 KB 1094ms
1092ms Script
application/javascript 2606:4700:3034::6815:1bab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://otodiva.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.3

Requested by

Host: otodiva.com
URL: https://otodiva.com/ip4xl/viewtopic.php?page=comerica-bank-credit-card

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3034::6815:1bab , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

afacce23cb4feaaaef37997f8439819d8f827df4951f3ff02704c9f16fb7f53a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://otodiva.com/ip4xl/viewtopic.php?page=comerica-bank-credit-card
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 19 Apr 2023 11:36:01 GMT
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Fri, 07 Apr 2023 16:14:17 GMT
server: cloudflare
etag: W/"64304159-15ed7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9aGM6TY5h4UUxmStbzLsUVwi555IIQmlihvaHuAd0RyWZyuyuUIg8M%2FEgKRw6AVQslkAlEcejrpbh9NP8gHJ1RDRp%2Flduv5ZPcyMOTZGcaoPApaAPgzRit2ahAuunKC%2Br%2F1KEj0NwfdXwQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000
cf-ray: 7ba4d8e7de2a3625-FRA
expires: Sat, 13 Apr 2024 11:36:00 GMT

GET
H2 200 jquery-migrate.min.js Show response
otodiva.com/wp-includes/js/jquery/ 13 KB
5 KB 776ms
774ms Script
application/javascript 2606:4700:3034::6815:1bab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://otodiva.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.0

Requested by

Host: otodiva.com
URL: https://otodiva.com/ip4xl/viewtopic.php?page=comerica-bank-credit-card

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3034::6815:1bab , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9810aee7e6d57d8cceaa96322b88e6df46710194689ae12b284149148cabc2f3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://otodiva.com/ip4xl/viewtopic.php?page=comerica-bank-credit-card
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 19 Apr 2023 11:36:00 GMT
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Fri, 07 Apr 2023 16:14:17 GMT
server: cloudflare
etag: W/"64304159-3470"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BhJh4JDEanXhpSKwtsF9ba3ao%2FwMLn3S3KhcUPzRYIhG%2FhVndyXrrYwa3skOnvuGT9Ej%2FADdk7Gf8P0HgrOosBVXueyTYtY0SRjZC1%2B5WcN7ohDmwWVvaZpbvL614fOFT02PwyJr8EsrWw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000
cf-ray: 7ba4d8e7de2c3625-FRA
expires: Sat, 13 Apr 2024 11:36:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 164 KB
61 KB 143ms
51ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-109987058-3

Requested by

Host: otodiva.com
URL: https://otodiva.com/ip4xl/viewtopic.php?page=comerica-bank-credit-card

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f9fcd4d63b97ec18ab2e89c66e859401dc79e525a677325c1032443b258f363d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://otodiva.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 19 Apr 2023 11:36:01 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 61599
x-xss-protection: 0
last-modified: Wed, 19 Apr 2023 09:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 19 Apr 2023 11:36:01 GMT

GET
H3 200 wp-emoji-release.min.js Show response
otodiva.com/wp-includes/js/ 18 KB
5 KB 804ms
803ms Script
application/javascript 2606:4700:3034::6815:1bab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://otodiva.com/wp-includes/js/wp-emoji-release.min.js?ver=6.2

Requested by

Host: otodiva.com
URL: https://otodiva.com/ip4xl/viewtopic.php?page=comerica-bank-credit-card

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::6815:1bab , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://otodiva.com/ip4xl/viewtopic.php?page=comerica-bank-credit-card
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 19 Apr 2023 11:36:02 GMT
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Fri, 07 Apr 2023 16:14:18 GMT
server: cloudflare
etag: W/"6430415a-4904"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kVPB7WaaA%2FgJJrstBN%2B1C2XrDzz61mQjuqVZZiJrDDxmWeNFCX39%2FbXY987wi7foVjh7stO6icL3Wjy3izndXe%2FjCuTwgj1%2BHsGFHdzRATbjXgpzNmO9JndJPo0KxHY8r6xoGRopuodnpw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000
cf-ray: 7ba4d8f07a2b373e-FRA
expires: Sat, 13 Apr 2024 11:36:02 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 137 KB
47 KB 213ms
130ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: otodiva.com
URL: https://otodiva.com/ip4xl/viewtopic.php?page=comerica-bank-credit-card

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fa5dbe24fc5509da2371a56742591f7e7e888f68fb1be322a060ccd4c187a2aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://otodiva.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 19 Apr 2023 11:36:01 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 47897
x-xss-protection: 0
server: cafe
etag: 17517615501065500786
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 19 Apr 2023 11:36:01 GMT

GET
H3 200 logo-otodiva-mobile.png
otodiva.com/wp-content/uploads/2019/12/ 4 KB
5 KB 777ms
776ms Image
image/png 2606:4700:3034::6815:1bab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://otodiva.com/wp-content/uploads/2019/12/logo-otodiva-mobile.png

Requested by

Host: otodiva.com
URL: https://otodiva.com/ip4xl/viewtopic.php?page=comerica-bank-credit-card

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::6815:1bab , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6c8fbba5bac03e68ca24cb053b2552548375646d09a0273223ba8080d81498af

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://otodiva.com/ip4xl/viewtopic.php?page=comerica-bank-credit-card
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 19 Apr 2023 11:36:02 GMT
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4442
x-xss-protection: 1; mode=block
last-modified: Thu, 17 Feb 2022 09:33:25 GMT
server: cloudflare
etag: "620e1665-115a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ebSKMdssSdWPA0ENVYoeSqLLn2Y7rTUtds0FO3j4n823b%2BDPt5IYEcQ4fhb2pO2FIJFu0CVypB3nqipkpxnrib%2FhTBp7pZ6O%2FA7RK0l9DexOUs9It8v2foiRJqLu2WKmdBaCs7Wdryt5Xw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31104000
accept-ranges: bytes
cf-ray: 7ba4d8f07a2e373e-FRA
expires: Sat, 13 Apr 2024 11:36:01 GMT

GET
H3 200 underscore.min.js Show response
otodiva.com/wp-includes/js/ 18 KB
8 KB 780ms
779ms Script
application/javascript 2606:4700:3034::6815:1bab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://otodiva.com/wp-includes/js/underscore.min.js?ver=1.13.4

Requested by

Host: otodiva.com
URL: https://otodiva.com/ip4xl/viewtopic.php?page=comerica-bank-credit-card

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::6815:1bab , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

726b820e44f6ab90ad991d30a4bf26d3a5d71493cbcd1fb1efd0d14e89b9df2a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://otodiva.com/ip4xl/viewtopic.php?page=comerica-bank-credit-card
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 19 Apr 2023 11:36:01 GMT
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Sat, 25 Feb 2023 10:03:01 GMT
server: cloudflare
etag: W/"63f9dcd5-4991"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=55ybgjIYvdJDmTWo5FkonhZuoGigNrfbIjoYb5Mxq7AOzIPL%2FdUo3AYiYfLnI9E7h%2Bq8mPTh6rKl433mD5AQ4JmAP5Nzf5o5MOk3s4QV3mGKjs0FPfNZlWGIo2ltcWYc3EsQAoTAcuyyDw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000
cf-ray: 7ba4d8eea812373e-FRA
expires: Sat, 13 Apr 2024 11:36:01 GMT

GET
H3 200 js_posts_autoload.min.js Show response
otodiva.com/wp-content/plugins/td-cloud-library/assets/js/ 5 KB
3 KB 766ms
765ms Script
application/javascript 2606:4700:3034::6815:1bab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://otodiva.com/wp-content/plugins/td-cloud-library/assets/js/js_posts_autoload.min.js?ver=f41b1d596d81a0ab113b1f85139ed2c2

Requested by

Host: otodiva.com
URL: https://otodiva.com/ip4xl/viewtopic.php?page=comerica-bank-credit-card

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::6815:1bab , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c34299966d31c0354eac70bc6fc85bedcfa88a5ec90973ce4f3cdc6c5d103bd8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://otodiva.com/ip4xl/viewtopic.php?page=comerica-bank-credit-card
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 19 Apr 2023 11:36:02 GMT
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Wed, 01 Feb 2023 08:45:15 GMT
server: cloudflare
etag: W/"63da269b-14e2"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Rrmy%2FqhjstlDtVcEitkT1Wxk8HPLQfio0QbiQUD6zbKG18CddKf9aXOKTTwL5GzZ3rYVMIquFtwQWkCaJ2lEplLI0eEi0gjD%2Bjk%2FhaLB9Kbog3ivcovyxkddH7g9yR05yXS%2B%2FOV8n93WOQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000
cf-ray: 7ba4d8f049f2373e-FRA
expires: Sat, 13 Apr 2024 11:36:01 GMT

GET
H3 200 tagdiv_theme.min.js Show response
otodiva.com/wp-content/plugins/td-composer/legacy/Newspaper/js/ 301 KB
73 KB 1323ms
1322ms Script
application/javascript 2606:4700:3034::6815:1bab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://otodiva.com/wp-content/plugins/td-composer/legacy/Newspaper/js/tagdiv_theme.min.js?ver=12.2

Requested by

Host: otodiva.com
URL: https://otodiva.com/ip4xl/viewtopic.php?page=comerica-bank-credit-card

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::6815:1bab , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7ab56986ff9a66c35dcce1d3e2e2991e562a690e4e9d7388ea94f107cf49393f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://otodiva.com/ip4xl/viewtopic.php?page=comerica-bank-credit-card
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 19 Apr 2023 11:36:02 GMT
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Wed, 01 Feb 2023 08:55:30 GMT
server: cloudflare
etag: W/"63da2902-4b207"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8LOi23ghyBjSwM2aDUv2XNexhb%2F3odMqsEuAhxn%2F%2FAgzhnoyf8%2FCiNnyY67Apo1kPAy0pLdWGH7HnMZtO9o5Q%2F1s3aVjpeX4cZpAYtIsoTsuV2fUxnBlMG4WDZcSZ4S6pTVZ96IZdC8xSg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000
cf-ray: 7ba4d8f07a29373e-FRA
expires: Sat, 13 Apr 2024 11:36:02 GMT

GET
H3 200 js_files_for_front.min.js Show response
otodiva.com/wp-content/plugins/td-cloud-library/assets/js/ 183 KB
45 KB 1245ms
1244ms Script
application/javascript 2606:4700:3034::6815:1bab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://otodiva.com/wp-content/plugins/td-cloud-library/assets/js/js_files_for_front.min.js?ver=f41b1d596d81a0ab113b1f85139ed2c2

Requested by

Host: otodiva.com
URL: https://otodiva.com/ip4xl/viewtopic.php?page=comerica-bank-credit-card

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::6815:1bab , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

195cc8d1cc568e2ad7f92ec4d0ce8fb785476f79d603a785c542ec16ceaacf84

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://otodiva.com/ip4xl/viewtopic.php?page=comerica-bank-credit-card
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 19 Apr 2023 11:36:02 GMT
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Wed, 01 Feb 2023 08:45:15 GMT
server: cloudflare
etag: W/"63da269b-2dcbf"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VvnXJQvddFAFj2q0aoLOUsBzAvmPVPPsTRPJXUPh9wkhr0W6BJn4jqlse7aBFKTU2%2FrHn4Wxxf4cA4cHDAveHy4CvrO%2BDeJfRpUdPurfX1mrzUD%2B8QQB%2BW29aBW7x9o%2Fh4iR%2BGyc96Cukw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000
cf-ray: 7ba4d8f07a2a373e-FRA
expires: Sat, 13 Apr 2024 11:36:01 GMT

GET
DATA 200
OK truncated
/ 111 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7ae5b52b01b37efb4547c3493f75abf51dc034326bb6f1ff6fc97348065716ba

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 1.jpg
otodiva.com/wp-content/uploads/2019/11/ 74 KB
74 KB 1279ms
1276ms Image
image/jpeg 2606:4700:3034::6815:1bab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://otodiva.com/wp-content/uploads/2019/11/1.jpg

Requested by

Host: otodiva.com
URL: https://otodiva.com/ip4xl/viewtopic.php?page=comerica-bank-credit-card

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::6815:1bab , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e39f152f8116a53dcdb917dbd0d6ffaea88999842e7cbf87edc487a8cd28f105

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://otodiva.com/ip4xl/viewtopic.php?page=comerica-bank-credit-card
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 19 Apr 2023 11:36:02 GMT
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 75586
x-xss-protection: 1; mode=block
last-modified: Thu, 17 Feb 2022 09:33:25 GMT
server: cloudflare
etag: "620e1665-12742"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sA01q4Cdog8%2FaYkkS2ByrfX7MYMV1eV0eHRr8VKuHhxfaLUajnav%2B4nZgbbHHA%2BypaGhUGdUox2kL8C8bg9gR0iX4J6XM6joPy6RRbUb2PFXVchhr0CgmpjsggzQsTRdjBz5Fq%2Fqynq7UA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31104000
accept-ranges: bytes
cf-ray: 7ba4d8f0aa65373e-FRA
expires: Sat, 13 Apr 2024 11:36:02 GMT

GET
H3 200 newspaper.woff
otodiva.com/wp-content/themes/Newspaper/images/icons/ 33 KB
22 KB 1023ms
1020ms Font
application/font-woff 2606:4700:3034::6815:1bab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://otodiva.com/wp-content/themes/Newspaper/images/icons/newspaper.woff?221

Requested by

Host: otodiva.com
URL: https://otodiva.com/wp-content/themes/Newspaper/style.css?ver=12.2

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::6815:1bab , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d2054b9fb412f742d8d13aa75a48e59b830094999f9000ae8c69916e11b8d805

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://otodiva.com/wp-content/themes/Newspaper/style.css?ver=12.2
Origin: https://otodiva.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 19 Apr 2023 11:36:02 GMT
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Wed, 01 Feb 2023 08:44:58 GMT
server: cloudflare
etag: W/"63da268a-82d0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8%2Fr4olPDwZspc45ZgchIJQ%2FzJaPczPAoMqg5S8P37rzi3i6cIHR2orizZN8xTJRZ1cUi9FRpIxHNAn0RP8d%2BMMCzehDnVbR0Kk3MUK81TNBYvAb99%2FEoub9od3ert4EakKmKkZFMGAZ0ow%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/font-woff
access-control-allow-origin: *
cache-control: max-age=31104000
cf-ray: 7ba4d8f0aa67373e-FRA
expires: Sat, 13 Apr 2024 11:36:02 GMT

GET
H2 200 va9B4kDNxMZdWfMOD5VnLK3eRhf6.woff2
fonts.gstatic.com/s/firasans/v16/ 23 KB
23 KB 229ms
141ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/firasans/v16/va9B4kDNxMZdWfMOD5VnLK3eRhf6.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Fira+Sans%3A400%2C100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7COpen+Sans%3A400%2C600%2C700%2C100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400italic%2C500%2C500italic%2C600italic%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto%3A400%2C500%2C700%2C100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400italic%2C500italic%2C600%2C600italic%2C700italic%2C800%2C800italic%2C900%2C900italic%7CFira+Sans%3A700%2C300%2C400&display=swap&ver=12.2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

51aa1f55f3d344d82ece24055a31012cf77d10cc4a2f9307f5dea293118d40f1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://otodiva.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 18 Apr 2023 10:36:54 GMT
x-content-type-options: nosniff
age: 89947
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23724
x-xss-protection: 0
last-modified: Thu, 21 Apr 2022 16:58:19 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 17 Apr 2024 10:36:54 GMT

GET
H2 200 va9E4kDNxMZdWfMOD5Vvl4jL.woff2
fonts.gstatic.com/s/firasans/v16/ 22 KB
22 KB 201ms
114ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/firasans/v16/va9E4kDNxMZdWfMOD5Vvl4jL.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ea03bd5d723c75f6d0a9419d4f9651afd78ea2a4abfcee7f926cbde0681a2671

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://otodiva.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 18 Apr 2023 18:19:42 GMT
x-content-type-options: nosniff
age: 62179
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 22592
x-xss-protection: 0
last-modified: Thu, 21 Apr 2022 16:51:36 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 17 Apr 2024 18:19:42 GMT

GET
H2 200 va9C4kDNxMZdWfMOD5VvkrjJYTI.woff2
fonts.gstatic.com/s/firasans/v16/ 23 KB
23 KB 184ms
97ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/firasans/v16/va9C4kDNxMZdWfMOD5VvkrjJYTI.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e895de4f58ade3e9cd2db4dcd61eb030c4d4f85274622bbb23755a34c41b870e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://otodiva.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 18 Apr 2023 02:01:14 GMT
x-content-type-options: nosniff
age: 120887
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23488
x-xss-protection: 0
last-modified: Thu, 21 Apr 2022 16:51:37 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 17 Apr 2024 02:01:14 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v34/ 44 KB
44 KB 124ms
37ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://otodiva.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 18 Apr 2023 10:31:18 GMT
x-content-type-options: nosniff
age: 90283
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 44856
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 17 Apr 2024 10:31:18 GMT

GET
H2 200 va9f4kDNxMZdWfMOD5VvkrByRCf4VFk.woff2
fonts.gstatic.com/s/firasans/v16/ 24 KB
24 KB 244ms
158ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/firasans/v16/va9f4kDNxMZdWfMOD5VvkrByRCf4VFk.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0430beb254891a46106c24d7bd556893899b3417501cf55a9315f1dd9a07fd9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://otodiva.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 18 Apr 2023 02:01:38 GMT
x-content-type-options: nosniff
age: 120863
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24712
x-xss-protection: 0
last-modified: Thu, 21 Apr 2022 16:51:53 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 17 Apr 2024 02:01:38 GMT

GET
H2 200 memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2
fonts.gstatic.com/s/opensans/v34/ 47 KB
47 KB 207ms
129ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v34/memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

84161c46238fff2c6920ebc28f02cddd7b710cf3d1107853f540b084320f6afd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://otodiva.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 18 Apr 2023 01:12:38 GMT
x-content-type-options: nosniff
age: 123803
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 47952
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 18:22:41 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 17 Apr 2024 01:12:38 GMT

GET
H2 200 va9f4kDNxMZdWfMOD5VvkrBiQyf4VFk.woff2
fonts.gstatic.com/s/firasans/v16/ 23 KB
23 KB 198ms
149ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/firasans/v16/va9f4kDNxMZdWfMOD5VvkrBiQyf4VFk.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

aca81375388e5168a0b776be758230812de2b740677dfad7a33e18e007669b9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://otodiva.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 18 Apr 2023 12:08:31 GMT
x-content-type-options: nosniff
age: 84450
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23224
x-xss-protection: 0
last-modified: Thu, 21 Apr 2022 16:51:33 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 17 Apr 2024 12:08:31 GMT

GET
H2 200 KFOjCnqEu92Fr1Mu51S7ACc6CsQ.woff2
fonts.gstatic.com/s/roboto/v30/ 17 KB
17 KB 186ms
137ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOjCnqEu92Fr1Mu51S7ACc6CsQ.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

661d4b208656c006e7aab58acf7784857963123675de2302279fbe6c05313547

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://otodiva.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 18 Apr 2023 10:31:18 GMT
x-content-type-options: nosniff
age: 90283
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17336
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 17 Apr 2024 10:31:18 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 16 KB
16 KB 125ms
76ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://otodiva.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 18 Apr 2023 10:31:11 GMT
x-content-type-options: nosniff
age: 90290
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 17 Apr 2024 10:31:11 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 198 KB
71 KB 57ms
56ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-LY8D8YR8N2&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-109987058-3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

30e042b99cb3bcd6aa503cb7a43efadd97d3670993c850c01d5fdfbc6b222661

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://otodiva.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 19 Apr 2023 11:36:01 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 72702
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 19 Apr 2023 11:36:01 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 115ms
35ms Script
text/javascript 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-109987058-3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://otodiva.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 19 Apr 2023 10:11:32 GMT
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
server: Golfe2
age: 5069
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20085
expires: Wed, 19 Apr 2023 12:11:32 GMT

GET
H2 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304060101/ 347 KB
116 KB 101ms
100ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304060101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5949640052836324&plah=otodiva.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ca45ddecb9284a53b3a937f3675777c7fd93569896eaaa043c7f0be96e5f0af0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://otodiva.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 19 Apr 2023 11:36:01 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 118943
x-xss-protection: 0
server: cafe
etag: 10426029684029817556
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 19 Apr 2023 11:36:01 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230413/r20190131/ Frame F3D7 10 KB
5 KB 115ms
35ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230413/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://otodiva.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 71295
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4549
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 18 Apr 2023 15:47:46 GMT
etag: 2378337311435320485
expires: Tue, 02 May 2023 15:47:46 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 204 collect
region1.analytics.google.com/g/ 0
251 B 51ms
19ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-LY8D8YR8N2&gtm=45je34c0&_p=1645194008&_gaz=1&cid=493008130.1681904162&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EA&_s=1&sid=1681904161&sct=1&seg=0&dl=https%3A%2F%2Fotodiva.com%2Fip4xl%2Fviewtopic.php%3Fpage%3Dcomerica-bank-credit-card&dt=Page%20Not%20Found%20-%20otodiva&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-LY8D8YR8N2&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://otodiva.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 19 Apr 2023 11:36:01 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://otodiva.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
242 B 57ms
19ms Ping
text/plain 2a00:1450:400c:c0a::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-LY8D8YR8N2&cid=493008130.1681904162&gtm=45je34c0&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-LY8D8YR8N2&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c0a::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://otodiva.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 19 Apr 2023 11:36:01 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://otodiva.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 138ms
58ms Image
image/gif 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-LY8D8YR8N2&cid=493008130.1681904162&gtm=45je34c0&aip=1&z=1379153754

Requested by

Host: otodiva.com
URL: https://otodiva.com/ip4xl/viewtopic.php?page=comerica-bank-credit-card

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://otodiva.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 19 Apr 2023 11:36:01 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
142 B 43ms
42ms XHR
text/plain 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j99&a=1645194008&t=pageview&_s=1&dl=https%3A%2F%2Fotodiva.com%2Fip4xl%2Fviewtopic.php%3Fpage%3Dcomerica-bank-credit-card&ul=en-us&de=UTF-8&dt=Page%20Not%20Found%20-%20otodiva&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCDACUABBAAAACAAI~&jid=1420328302&gjid=1871890708&cid=493008130.1681904162&tid=UA-109987058-3&_gid=1003568925.1681904162&_r=1&gtm=457e34c0&jsscut=1&z=829140185

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://otodiva.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 19 Apr 2023 11:36:01 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://otodiva.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
194 B 36ms
35ms Image
image/gif 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j99&a=1645194008&t=pageview&_s=2&dl=https%3A%2F%2Fotodiva.com%2Fip4xl%2Fviewtopic.php%3Fpage%3Dcomerica-bank-credit-card&ul=en-us&de=UTF-8&dt=Page%20Not%20Found%20-%20otodiva&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCDACUABBAAAACAAI~&jid=&gjid=&cid=493008130.1681904162&tid=UA-109987058-3&_gid=1003568925.1681904162&gtm=457e34c0&jsscut=1&z=881315038

Requested by

Host: otodiva.com
URL: https://otodiva.com/ip4xl/viewtopic.php?page=comerica-bank-credit-card

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://otodiva.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 19 Apr 2023 03:22:24 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 29617
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
151 B 19ms
18ms XHR
text/plain 2a00:1450:400c:c0a::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-109987058-3&cid=493008130.1681904162&jid=1420328302&gjid=1871890708&_gid=1003568925.1681904162&_u=YCDACUAABAAAACAAI~&z=1733186232

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0a::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://otodiva.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Wed, 19 Apr 2023 11:36:01 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://otodiva.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
408 B 141ms
59ms Image
image/gif 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-109987058-3&cid=493008130.1681904162&jid=1420328302&_u=YCDACUAABAAAACAAI~&z=1347663024

Requested by

Host: otodiva.com
URL: https://otodiva.com/ip4xl/viewtopic.php?page=comerica-bank-credit-card

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://otodiva.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 19 Apr 2023 11:36:01 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 60ms
58ms Image
image/gif 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-109987058-3&cid=493008130.1681904162&jid=1420328302&_u=YCDACUAABAAAACAAI~&z=1347663024

Requested by

Host: otodiva.com
URL: https://otodiva.com/ip4xl/viewtopic.php?page=comerica-bank-credit-card

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://otodiva.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 19 Apr 2023 11:36:01 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 389 B
602 B 124ms
45ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=otodiva.com&callback=_gfp_s_&client=ca-pub-5949640052836324

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304060101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5949640052836324&plah=otodiva.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b2067e7c7ca9c94e85bf58c2471a1e4e4eb6fa98434c4db24b2eda9da4a0c49b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://otodiva.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 19 Apr 2023 11:36:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 251
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
531 B 168ms
45ms Script
application/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=otodiva.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://otodiva.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 19 Apr 2023 11:36:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
456 B 125ms
45ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=otodiva.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://otodiva.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 19 Apr 2023 11:36:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 8341 49 KB
15 KB 390ms
389ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5949640052836324&output=html&adk=1812271804&adf=3025194257&lmt=1681904161&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=500x540_l%7C500x540_r&format=0x0&url=https%3A%2F%2Fotodiva.com%2Fip4xl%2Fviewtopic.php%3Fpage%3Dcomerica-bank-credit-card&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1681904161644&bpp=4&bdt=1681&idt=194&shv=r20230413&mjsv=m202304060101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8669149600763&frm=20&pv=2&ga_vid=493008130.1681904162&ga_sid=1681904162&ga_hid=1645194008&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42532089%2C44759837%2C44759875%2C44759926%2C42532185&oid=2&pvsid=1222634675579513&tmod=635692072&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=228

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

887c12b910a8bbafc210fcefc731e2a5578a8418ffd1c9b7b5e05d56d7be298e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://otodiva.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 15210
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 19 Apr 2023 11:36:02 GMT
expires: Wed, 19 Apr 2023 11:36:02 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304060101/ 150 KB
51 KB 92ms
92ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304060101/reactive_library_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f186056cb772ee11e76e908eb01d3e3911f8aaf1e9489533f1e7ae98c9c8a6a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://otodiva.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 19 Apr 2023 11:36:02 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52058
x-xss-protection: 0
server: cafe
etag: 15663420955365684637
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Wed, 19 Apr 2023 11:36:02 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
165 B 45ms
43ms Script
application/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=otodiva.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://otodiva.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 19 Apr 2023 11:36:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 45ms
44ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=otodiva.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://otodiva.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 19 Apr 2023 11:36:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230413/r20110914/ Frame BC3A 10 KB
4 KB 37ms
36ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230413/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://otodiva.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 55876
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4549
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 18 Apr 2023 20:04:46 GMT
etag: 2378337311435320485
expires: Tue, 02 May 2023 20:04:46 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame BC3A 0
0 79ms
79ms Fetch
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=Ca0uIIdI_ZI79No6G9fgP2sSAmAnJntKxXJWil_dwwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5NDk2NDAwNTI4MzYzMjTIAQmpAhFH6ZDxZrI-qAMBqgToAU_QjlI0yEVYbOB0FrYqXNq8eEMU58JGBGcWs-YC0LXhmNrdv16mc8gM0PptNJ-5RUTfEPDS8Ys5CbrNL2I3yNB7_eOLL2RPMAN2QCnHjo5T1GHKBISZAEZ0bZ8xraeiYzIPtbLrTxoqW3scT6aRW-5OgfIpFgQW39CfCuoKIDMf0koH9U_zBUJb1DrWwidmU4o9PgpQJ_31Q7_9Z1BSzXXCrs2aKW7bjV8VgluHURNy9i_LSL5Os8YrW7ieNJsBm2DwOK2ChKDj8RKUNnCUc2ee-qMlNQmLmzPSGcBDS1BiSDA6g1o6jfuABtyKgb2Ag8b3tgGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBAgAoB-gsCCAGADAHQFQGAFwGyFxoKGBIUcHViLTU5NDk2NDAwNTI4MzYzMjQYAA&sigh=xP4QKmlbjpg&uach_m=[UACH]&cid=CAQSGwBygQiD0fvqFBEYLuAMQr-YzaAmxsA3y4eOzhgB

Requested by

Host: otodiva.com
URL: https://otodiva.com/ip4xl/viewtopic.php?page=comerica-bank-credit-card

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20230413/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 19 Apr 2023 11:36:02 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Wed, 19 Apr 2023 11:36:02 GMT

GET
H2 200 notify
rtb.nl3.eu.criteo.com/google/auction/ Frame BC3A 0
0 56ms
14ms Fetch 2a02:2638:3::9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://rtb.nl3.eu.criteo.com/google/auction/notify?profile=14&payload=kKW_EMz6RO0HfJ2DYgICAAAARzSDLoHTXogQIdI_ZNkffoJvM3Zcn4EAABIAAAoKQVFVQkFRRUJBUQ&wp=ZD_SIQANvo4JHUMOAAAiWtpez0z6M7MKzFpBMQ

Requested by

Host: otodiva.com
URL: https://otodiva.com/ip4xl/viewtopic.php?page=comerica-bank-credit-card

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 19 Apr 2023 11:36:02 GMT
strict-transport-security: max-age=31536000; preload;
server-processing-duration-in-ticks: 126317
server: Kestrel
content-length: 0

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame 8478 183 KB
55 KB 149ms
93ms Document
text/html 2a02:2638:d::4
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=ZD_SIQANvo4JHUMOAAAiWtpez0z6M7MKzFpBMQ&u=%7C775fAfJMwZTFh3Paiy799Mh1yl%2FoicnjPZGDPZYIhEY%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANddNRPYHnj5twBJ-vtli4qThvn7Ai3s4nNMfTzEVAkD9Q4M_K1CnPg_F3CouNxzPhPXxSHxiN6aZETKfGXVrHP-C8FtAXjiRsokCfOpQV7lOQE4J2dQea7mQ5ODllXGCBdwJH4LMEn3EFzl2WHtZkZROwZNFW-YqK5f7lgJ4nMxrtLsKUE5raAQhizowmw3Vzm8unDn9yXibVc1NTFjvTEDUlR2qDYZsvybDJREFxE9Otns6BgioX6Ox3yyOaEpOeb7G6BYn7-nyBL4t4d7bFqZGxHKZHCbP4eC1lkYzeZhOoy--cly7CCuLi5EDMP8baj-qmfWVEskTpUqg_eBIBZ6y0NwQNpngvjbNLyZP0vyBEySQhpf5Tpl21UQ02TB77xKoiwIjN079tgyn0wi5jQAfn-fqWEHt7K49rKDScAevvdp531maaAD-h4YJttVEq3oTyXgTOBnWFbDznugXTCA-sNjAIaMKf1hqPBahChQnDuTlqIyfi3tgDPoZuyXris3zo-2CR69PU2unGy1x4YHHzS94A4k-CjsTjphRXFIS&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCDYsCIdI_ZI79No6G9fgP2sSAmAnJntKxXJWil_dwwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5NDk2NDAwNTI4MzYzMjTIAQmpAhFH6ZDxZrI-qAMBqgTrAU_QjlI0yEVYbOB0FrYqXNq8eEMU58JGBGcWs-YC0LXhmNrdv16mc8gM0PptNJ-5RUTfEPDS8Ys5CbrNL2I3yNB7_eOLL2RPMAN2QCnHjo5T1GHKBISZAEZ0bZ8xraeiYzIPtbLrTxoqW3scT6aRW-5OgfIpFgQW39CfCuoKIDMf0koH9U_zBUJb1DrWwidmU4o9PgpQJ_31Q7_9Z1BSzXXCrs2aKW7bjV8VgluHURNy9i_LSL5Os8YrW7ieNJsBm2Dweq-jFidsbQErqmQ3o1o4AqoxP7-BtStQrQh-7aLdVhwiBvC-nkTb6xOABtyKgb2Ag8b3tgGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3brLoHUt63Vh-t1F90yf2MrK_eaw%26client%3Dca-pub-5949640052836324%26adurl%3D

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230413/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::4 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

0d49779c18ebd3f8fd3bdcd0875328c20ed48b45d0724343fede4b7a435539d2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Wed, 19 Apr 2023 11:36:02 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=AkArbR3U8rZQCYNkfZtuUkQYlJ7RNl2jGPxI6pcQ479KLNN6cO-K567Ibjj89H9gvihT3c-DRjs7KoOeNHVeBhb3jrFr7JfeafuZm31Upu4rThAwBnKv9D95B3bwKegIp_t5tcdqCqvyuyqKUJcLFiLybdNAb3fe-WpScASJgleOkwwbGoCKd5Vkcv5LPKWvxWobdDfgyKxnxICxw5ijId93jY-L2BuaLhV-4dQV02xEKkR4UMvufkiqjAQ"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 68664965
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230413/r20110914/client/ Frame BC3A 3 KB
1 KB 135ms
40ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230413/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230413/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 18 Apr 2023 21:46:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 49765
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 02 May 2023 21:46:37 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230413/r20110914/client/ Frame BC3A 20 KB
9 KB 130ms
35ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230413/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230413/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b1b3b73852f7856f1a0f317701846bc7853eb5b127ba882c23c5073dbe6d022d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 19 Apr 2023 05:14:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22878
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8509
x-xss-protection: 0
server: cafe
etag: 3034682829645713766
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 03 May 2023 05:14:44 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame BC3A 159 KB
49 KB 67ms
51ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230413/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fcba6d68321742b971eda8d36254297a368c6a5dba5486f36076f25d66891d9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 19 Apr 2023 11:36:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49673
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1681775021301287"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 19 Apr 2023 11:36:02 GMT

GET
DATA 200
OK truncated
/ Frame BC3A 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: cc755790efd5c9836d68e3424e43a331a94e78b9097403d14fe94bfd9421c13a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame 8478 2 KB
1 KB 58ms
17ms Image
image/svg+xml 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZD_SIQANvo4JHUMOAAAiWtpez0z6M7MKzFpBMQ&u=%7C775fAfJMwZTFh3Paiy799Mh1yl%2FoicnjPZGDPZYIhEY%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANddNRPYHnj5twBJ-vtli4qThvn7Ai3s4nNMfTzEVAkD9Q4M_K1CnPg_F3CouNxzPhPXxSHxiN6aZETKfGXVrHP-C8FtAXjiRsokCfOpQV7lOQE4J2dQea7mQ5ODllXGCBdwJH4LMEn3EFzl2WHtZkZROwZNFW-YqK5f7lgJ4nMxrtLsKUE5raAQhizowmw3Vzm8unDn9yXibVc1NTFjvTEDUlR2qDYZsvybDJREFxE9Otns6BgioX6Ox3yyOaEpOeb7G6BYn7-nyBL4t4d7bFqZGxHKZHCbP4eC1lkYzeZhOoy--cly7CCuLi5EDMP8baj-qmfWVEskTpUqg_eBIBZ6y0NwQNpngvjbNLyZP0vyBEySQhpf5Tpl21UQ02TB77xKoiwIjN079tgyn0wi5jQAfn-fqWEHt7K49rKDScAevvdp531maaAD-h4YJttVEq3oTyXgTOBnWFbDznugXTCA-sNjAIaMKf1hqPBahChQnDuTlqIyfi3tgDPoZuyXris3zo-2CR69PU2unGy1x4YHHzS94A4k-CjsTjphRXFIS&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCDYsCIdI_ZI79No6G9fgP2sSAmAnJntKxXJWil_dwwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5NDk2NDAwNTI4MzYzMjTIAQmpAhFH6ZDxZrI-qAMBqgTrAU_QjlI0yEVYbOB0FrYqXNq8eEMU58JGBGcWs-YC0LXhmNrdv16mc8gM0PptNJ-5RUTfEPDS8Ys5CbrNL2I3yNB7_eOLL2RPMAN2QCnHjo5T1GHKBISZAEZ0bZ8xraeiYzIPtbLrTxoqW3scT6aRW-5OgfIpFgQW39CfCuoKIDMf0koH9U_zBUJb1DrWwidmU4o9PgpQJ_31Q7_9Z1BSzXXCrs2aKW7bjV8VgluHURNy9i_LSL5Os8YrW7ieNJsBm2Dweq-jFidsbQErqmQ3o1o4AqoxP7-BtStQrQh-7aLdVhwiBvC-nkTb6xOABtyKgb2Ag8b3tgGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3brLoHUt63Vh-t1F90yf2MrK_eaw%26client%3Dca-pub-5949640052836324%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 19 Apr 2023 11:36:02 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 13 Apr 2024 11:36:02 GMT

GET
H2 200 adchoices_de.svg
static.criteo.net/flash/icon/ Frame 8478 2 KB
1 KB 58ms
18ms Image
image/svg+xml 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_de.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 19 Apr 2023 11:36:02 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-763"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 13 Apr 2024 11:36:02 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame 8478 308 B
636 B 55ms
21ms Image
image/svg+xml 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 19 Apr 2023 11:36:02 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Sat, 13 Apr 2024 11:36:02 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame 8478 293 B
621 B 54ms
20ms Image
image/svg+xml 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 19 Apr 2023 11:36:02 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Sat, 13 Apr 2024 11:36:02 GMT

GET
H2 200 lg.php
cat.fr3.eu.criteo.com/delivery/ Frame 8478 43 B
348 B 64ms
18ms Image
image/gif 178.250.7.9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.fr3.eu.criteo.com/delivery/lg.php?cppv=3&cpp=kZfeMXsnO68UYrYiDu2RaQt1qcwTd-n-4EP3o1i44BQrIXP4GFsJUVTeOgHpnVhqk4iXUn74auh2WRuapcXzdgmd2g3u9o2yOJ5-B0ESZHQmGBsJBaJxTJDWRlMQ1m1RfJR-iHJVa7QDlJ-Qq94NYY_FFqyzJT116bc51qMNS4J1NS6mL71lqCc0T8Z16gyHLilXaPFN9OheFMAqNYDGOhaqtQlakatftahQstjMWiEmqhXyFjGhZjU-OKQBRgWO_BqFhGEAsZ9VIHtjUxCTMzZNLSbzJMOcxmQ27j3hV9qB7lO67w_wfQxFkHq611nocMOmtaf-5oF5iT6gWQXHp913S_H5XXuP1TKPd8EPilAcUnNGPQn8vtVEs5Yo83-7BdBUmF9e-JIHTzOxzrAzj17ajpvl9q2EWfL0HvkArUFfqUDC

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.7.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 19 Apr 2023 11:36:01 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 1574173
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 webfontloader.js Show response
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame 8478 12 KB
5 KB 53ms
21ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 19 Apr 2023 11:36:02 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 491292
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4420
last-modified: Mon, 04 May 2020 16:17:52 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb04030-30d9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1NTvFdITiKoSkOzIJ2IFVEu6kQ9YMGPK%2BHopPSEAgzVufinJVMk3qBcEGrUFfQbyN19OxCqaWFM7KeRZuQxOx8BWgKplKUXVmgI3iyG%2FfSi%2F3nbTH2ncceUy2ubpF%2B5SLRBqnmcFjWxuU4o5moLB0r0E"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7ba4d8f93d852be4-FRA
expires: Mon, 08 Apr 2024 11:36:02 GMT

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame 8478 12 KB
6 KB 44ms
19ms Script
text/javascript 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 19 Apr 2023 11:36:02 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 13 Apr 2024 11:36:02 GMT

GET
H2 200 ec51d215a5904df99ebfe8eacf21246e_ubuntu-light.woff
static.criteo.net/design/dt/ Frame 8478 46 KB
46 KB 63ms
31ms Font
application/octet-stream 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/dt/ec51d215a5904df99ebfe8eacf21246e_ubuntu-light.woff

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8d6af87f2e8ab6ba751d5bda81faf18aed637f3c43f3f5c25acfcdb8dc674a92

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
Origin: https://ads.eu.criteo.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 19 Apr 2023 11:36:02 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 02 Oct 2018 14:57:25 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5bb38755-b778"
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 13 Apr 2024 11:36:02 GMT

GET
H2 200 0d5410bc9c3e437daf6999836d04f18f_ubuntu-medium.woff
static.criteo.net/design/dt/ Frame 8478 38 KB
38 KB 83ms
50ms Font
application/octet-stream 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/dt/0d5410bc9c3e437daf6999836d04f18f_ubuntu-medium.woff

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

ce8b0ce00b853304b4500a3e0273c2ee8123ec998d9ea4bc1a2b3e97c573b61f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
Origin: https://ads.eu.criteo.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 19 Apr 2023 11:36:02 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 02 Oct 2018 14:57:25 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5bb38755-97a8"
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 13 Apr 2024 11:36:02 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 8478 3 KB
4 KB 64ms
14ms Image
image/png 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?h=244&m=0&partner=3018&q=80&r=0&u=http%3A%2F%2Fstatic.fr3.eu.criteo.net%2Fdesign%2Fdt%2F9764%2F230413%2Fb8a0d8b433a241a9a4040de9c279f11d_logo_n_horizontal_4.png&v=3&w=196&s=GKGx5eO0rlvOBQBRdurVAZFU

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

c239f25cc0dd9c52307c39af6ff09742b27dc765f8e5693c1bf70b42462fa5d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 19 Apr 2023 11:36:02 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/png
cache-control: public, max-age=31104000
content-length: 3486
expires: Sun, 07 Apr 2024 13:28:21 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 8478 22 KB
22 KB 77ms
27ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=3018&q=80&r=2&u=https%3A%2F%2Fimage01.bonprix.de%2Fassets%2F1400x1960%2F1610625481%2F21006829-MGonjyUc.jpg&v=3&w=800&s=QPtDS3uIUZZCqiFlPZ7qKl0V&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

1da40a6c62203202ea5b3473a5d95c95b2d26667e3f096e6680ed99517626b7d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 19 Apr 2023 11:36:02 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=604800
content-length: 22172
expires: Thu, 20 Apr 2023 21:33:48 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 8478 361 B
551 B 65ms
15ms Image
image/png 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?h=400&m=0&partner=3018&q=80&r=0&u=http%3A%2F%2Fstatic.fr3.eu.criteo.net%2Fdesign%2Fbonprix%2Fstarrating%2Fstar_4.png&v=3&w=400&s=UdxTIBiHmbzzj32H5IqUoDr0

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

b6590bfbd3f1ab50bf2fdf722884daf671624ee66131f2cb2ced7ef3648ccae8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 19 Apr 2023 11:36:02 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/png
cache-control: public, max-age=31104000
content-length: 361
expires: Sat, 30 Mar 2024 08:48:34 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 8478 13 KB
13 KB 88ms
38ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=3018&q=80&r=2&u=https%3A%2F%2Fimage01.bonprix.de%2Fassets%2F1400x1960%2F1550221296%2F18248383-LYD7xIVt.jpg&v=3&w=800&s=sEThqZL5mMkxtfsloH2EnQ30&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

71b7385da88429fe481307698d5a1c7f35bde3b48dc53a95f1e9382f583603c6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 19 Apr 2023 11:36:02 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=604800
content-length: 12950
expires: Fri, 21 Apr 2023 07:05:34 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 8478 11 KB
11 KB 82ms
33ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=3018&q=80&r=2&u=https%3A%2F%2Fimage01.bonprix.de%2Fassets%2F1400x1960%2F0%2F21061501-Cwa5WTPE.jpg&v=3&w=800&s=hZWuODQ-mZklGCN5BoGPiGVW&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

9c35f53c887fd9af285dca6e99881e7f57dc0da8d226a282cf462c0349e4dc98

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 19 Apr 2023 11:36:02 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=604800
content-length: 11350
expires: Wed, 19 Apr 2023 21:35:01 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 8478 311 B
501 B 83ms
34ms Image
image/png 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?h=400&m=0&partner=3018&q=80&r=0&u=http%3A%2F%2Fstatic.fr3.eu.criteo.net%2Fdesign%2Fbonprix%2Fstarrating%2Fstar_5.png&v=3&w=400&s=7OlY7s66zaSgj4dhz0H6nsSx

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

ffbbdb917a08d399b7e075624930914a8a0674155a41acb42a135fa70efb5745

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 19 Apr 2023 11:36:02 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/png
cache-control: public, max-age=31104000
content-length: 311
expires: Sat, 30 Mar 2024 08:48:34 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 8478 9 KB
9 KB 42ms
42ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=3018&q=80&r=2&u=https%3A%2F%2Fimage01.bonprix.de%2Fassets%2F1400x1960%2F1541573180%2F18316508-Fn21UoMR.jpg&v=3&w=800&s=co6OEhde-eK9UjDvCdJMNJ2Z&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

42de4c706cb11215305adaef950fcc4d1f99bc15b7a40db694279ed9ca2928c1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 19 Apr 2023 11:36:02 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=604800
content-length: 8736
expires: Thu, 20 Apr 2023 16:17:59 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 8478 22 KB
22 KB 44ms
44ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=3018&q=80&r=2&u=https%3A%2F%2Fimage01.bonprix.de%2Fassets%2F1400x1960%2F1594983169%2F20117059-0kCtbvjw.jpg&v=3&w=800&s=BQWHN832cg-M-1ASjWx7tafW&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

830bde98f84de1d3b00b26c1267f5b16cd3b868e05b198336453c2967cd88542

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 19 Apr 2023 11:36:02 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=604800
content-length: 22384
expires: Thu, 20 Apr 2023 16:08:17 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 8478 14 KB
15 KB 31ms
31ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=3018&q=80&r=2&u=https%3A%2F%2Fimage01.bonprix.de%2Fassets%2F1400x1960%2F1675803603%2F23015100-OMzofw2b.jpg&v=3&w=800&s=Q1LW2COSaklXJg-v82WKkY2O&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

363f0d9b7b2d636387468c551dae759b648af11e87267e7ae07621c5e19eb6ce

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 19 Apr 2023 11:36:02 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=604800
content-length: 14780
expires: Fri, 21 Apr 2023 11:55:49 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 8478 8 KB
8 KB 28ms
27ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=3018&q=80&r=2&u=https%3A%2F%2Fimage01.bonprix.de%2Fassets%2F1400x1960%2F0%2F17274531-2W1ANuZK.jpg&v=3&w=800&s=26qRO2LJ_qAIGSqdSEzcTjfc&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e1f7427362df024745fd40242d4aff4fd579b8be37d94509a806494c117358b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 19 Apr 2023 11:36:02 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=604800
content-length: 8240
expires: Mon, 24 Apr 2023 18:36:53 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 8478 13 KB
13 KB 27ms
26ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=3018&q=80&r=2&u=https%3A%2F%2Fimage01.bonprix.de%2Fassets%2F1400x1960%2F0%2F23020955-bGSXDLsG.jpg&v=3&w=800&s=qy-hA-4zc7RbOJ04VE-dncgw&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

cc360f79b59cf7aa3d67eb037905aa173433334802764ab1025bff78aef1fcaa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 19 Apr 2023 11:36:02 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=604800
content-length: 13070
expires: Sat, 22 Apr 2023 13:32:39 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 8478 10 KB
10 KB 41ms
41ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=3018&q=80&r=2&u=https%3A%2F%2Fimage01.bonprix.de%2Fassets%2F1400x1960%2F0%2F23019507-ISebh04n.jpg&v=3&w=800&s=WKOOuglfUEcy7PUDO_vm4VRy&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

04ab3a7cacc0abe55fab532aee5f5cbe3dba52f86835d34b5ad1677a17fa79c5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 19 Apr 2023 11:36:02 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=604800
content-length: 10190
expires: Fri, 21 Apr 2023 10:00:51 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 8478 59 KB
59 KB 35ms
34ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?h=1200&m=0&partner=3018&q=80&r=0&u=http%3A%2F%2Fstatic.fr3.eu.criteo.net%2Fdesign%2Fdt%2F9764%2F230413%2F242cee3bd67c48b3b7d4eeb5606437f9_img_horizontal_1.jpg&v=3&w=1200&s=_jV_s3moCNkInciu2fKP0kCN

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

a6aa3fc50401f434cb70bf68c36f865b6eb8947cc7681e4840da98e13aab1f5d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 19 Apr 2023 11:36:01 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
content-length: 60640
expires: Sun, 07 Apr 2024 13:29:47 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame 8478 0
128 B 66ms
15ms Ping
text/plain 2a02:2638:3::1a
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=AkArbR3U8rZQCYNkfZtuUkQYlJ7RNl2jGPxI6pcQ479KLNN6cO-K567Ibjj89H9gvihT3c-DRjs7KoOeNHVeBhb3jrFr7JfeafuZm31Upu4rThAwBnKv9D95B3bwKegIp_t5tcdqCqvyuyqKUJcLFiLybdNAb3fe-WpScASJgleOkwwbGoCKd5Vkcv5LPKWvxWobdDfgyKxnxICxw5ijId93jY-L2BuaLhV-4dQV02xEKkR4UMvufkiqjAQ&sds=2&rev=85712&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Wed, 19 Apr 2023 11:36:02 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 8478 2 KB
1 KB 19ms
18ms Image
image/svg+xml 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 19 Apr 2023 11:36:02 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 13 Apr 2024 11:36:02 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame 8478 2 KB
1 KB 16ms
16ms Image
image/svg+xml 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 19 Apr 2023 11:36:02 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 13 Apr 2024 11:36:02 GMT

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 53ms
52ms Script
application/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=otodiva.com

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://otodiva.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 19 Apr 2023 11:36:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 53ms
52ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=otodiva.com

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://otodiva.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 19 Apr 2023 11:36:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 5875 27 KB
12 KB 212ms
212ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5949640052836324&output=html&h=90&slotname=2863858251&adk=2398503812&adf=1183505835&pi=t.ma~as.2863858251&w=728&lmt=1681904162&format=728x90&url=https%3A%2F%2Fotodiva.com%2Fip4xl%2Fviewtopic.php%3Fpage%3Dcomerica-bank-credit-card&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1681904162953&bpp=2&bdt=2989&idt=2&shv=r20230413&mjsv=m202304060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dba9d1d706eb74bb0-22fbdd2e9fdd0005%3AT%3D1681904161%3ART%3D1681904161%3AS%3DALNI_MZCtg48KIieZivJeOJmgS1rWPGVsA&gpic=UID%3D00000bd82b6da175%3AT%3D1681904161%3ART%3D1681904161%3AS%3DALNI_MYBiT-n50zk-cvrrEm2XFJNC8Rx9w&prev_fmts=0x0%2C1005x124&nras=2&correlator=8669149600763&frm=20&pv=1&ga_vid=493008130.1681904162&ga_sid=1681904162&ga_hid=1645194008&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=606&ady=57&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42532089%2C44759837%2C44759875%2C44759926%2C42532185&oid=2&psts=AHQMDFeIBO6NtcrPVW5HCN-KLZOWQHZ4wrj7nFqv1xWCFZBeJyKCfl-JVEIxjv5pKBI-zbSuALPcL2S2FkecRXLNfq7FaufU9I1tdnPUres&pvsid=1222634675579513&tmod=635692072&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaE%7C&abl=CA&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=0EGeRu6X4Q&p=https%3A//otodiva.com&dtd=8

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cb6910ad21e44d1e420c6c3523f0d7d99fce21ac1a2f0380d2904230c0e2ba7c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://otodiva.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 12357
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 19 Apr 2023 11:36:03 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
11 KB 177ms
96ms XHR
application/json 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230413&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8acb3ebece5084734309f26390b7569fd1e29fae4d3ba17d5db546ffdd96d0d3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://otodiva.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 19 Apr 2023 11:36:03 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11256
x-xss-protection: 0

GET
H3 200 1.jpg
otodiva.com/wp-content/uploads/2019/11/ 74 KB
0 1279ms
1276ms Image
image/jpeg 2606:4700:3034::6815:1bab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://otodiva.com/wp-content/uploads/2019/11/1.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::6815:1bab , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e39f152f8116a53dcdb917dbd0d6ffaea88999842e7cbf87edc487a8cd28f105

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer

Response headers

date: Wed, 19 Apr 2023 11:36:02 GMT
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 75586
x-xss-protection: 1; mode=block
last-modified: Thu, 17 Feb 2022 09:33:25 GMT
server: cloudflare
etag: "620e1665-12742"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sA01q4Cdog8%2FaYkkS2ByrfX7MYMV1eV0eHRr8VKuHhxfaLUajnav%2B4nZgbbHHA%2BypaGhUGdUox2kL8C8bg9gR0iX4J6XM6joPy6RRbUb2PFXVchhr0CgmpjsggzQsTRdjBz5Fq%2Fqynq7UA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31104000
accept-ranges: bytes
cf-ray: 7ba4d8f0aa65373e-FRA
expires: Sat, 13 Apr 2024 11:36:02 GMT

GET
H3 200 1.jpg
otodiva.com/wp-content/uploads/2019/11/ 74 KB
0 1279ms
1276ms Image
image/jpeg 2606:4700:3034::6815:1bab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://otodiva.com/wp-content/uploads/2019/11/1.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::6815:1bab , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e39f152f8116a53dcdb917dbd0d6ffaea88999842e7cbf87edc487a8cd28f105

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer

Response headers

date: Wed, 19 Apr 2023 11:36:02 GMT
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 75586
x-xss-protection: 1; mode=block
last-modified: Thu, 17 Feb 2022 09:33:25 GMT
server: cloudflare
etag: "620e1665-12742"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sA01q4Cdog8%2FaYkkS2ByrfX7MYMV1eV0eHRr8VKuHhxfaLUajnav%2B4nZgbbHHA%2BypaGhUGdUox2kL8C8bg9gR0iX4J6XM6joPy6RRbUb2PFXVchhr0CgmpjsggzQsTRdjBz5Fq%2Fqynq7UA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31104000
accept-ranges: bytes
cf-ray: 7ba4d8f0aa65373e-FRA
expires: Sat, 13 Apr 2024 11:36:02 GMT

GET
H3 200 Peluncuran-e-Bike-ebagai-salah-satu-komitmen-Blibli-dalam-membangun-bisnis-yang-berkelanjutan-218x150.jpg
otodiva.com/wp-content/uploads/2022/07/ 9 KB
9 KB 791ms
791ms Image
image/jpeg 2606:4700:3034::6815:1bab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://otodiva.com/wp-content/uploads/2022/07/Peluncuran-e-Bike-ebagai-salah-satu-komitmen-Blibli-dalam-membangun-bisnis-yang-berkelanjutan-218x150.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::6815:1bab , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4c2cada4aef44330a9ec7431a59681fa7adc1039a5cb7c4cf53440f9c03e94aa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://otodiva.com/ip4xl/viewtopic.php?page=comerica-bank-credit-card
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 19 Apr 2023 11:36:03 GMT
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 8844
x-xss-protection: 1; mode=block
last-modified: Sat, 23 Jul 2022 03:28:31 GMT
server: cloudflare
etag: "62db6adf-228c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FOlnyMlSH9ydmyMQkgXzN6Rn6XM0Hl%2FuG9wcapTmqHgIC90hkUlhKjsGgTSB6je%2Bv0wrClDmfhofi9twqiw%2FFuL6XUkePvp98KAdxrX7v%2BCozuugsVbTKi%2FdwRMNIRp3eF%2FvvgXMWMEB%2FQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31104000
accept-ranges: bytes
cf-ray: 7ba4d8faaf8b373e-FRA
expires: Sat, 13 Apr 2024 11:36:03 GMT

GET
H3 200 awal-218x150.jpg
otodiva.com/wp-content/uploads/2022/05/ 10 KB
11 KB 1020ms
1020ms Image
image/jpeg 2606:4700:3034::6815:1bab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://otodiva.com/wp-content/uploads/2022/05/awal-218x150.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::6815:1bab , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e434d92d534c2af35ba2838f1809e35052b15e4a06cc516c16f86f7910990f8f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://otodiva.com/ip4xl/viewtopic.php?page=comerica-bank-credit-card
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 19 Apr 2023 11:36:04 GMT
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 10708
x-xss-protection: 1; mode=block
last-modified: Fri, 27 May 2022 22:11:29 GMT
server: cloudflare
etag: "62914c91-29d4"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5bRUQ5Q7JKqrG2TwurD%2BUhRYhz3%2BguOJ4mak8P%2BGhAu3VbVqFD85k70RBNvnUMTqYaLdTERxgrhC%2BTObQaFZqxODxA9UTPDPH6TDeGaGLSMnp6CQTHaqAPge2AvkjvtlyQWFNpiOAymMZA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31104000
accept-ranges: bytes
cf-ray: 7ba4d8fadfb8373e-FRA
expires: Sat, 13 Apr 2024 11:36:03 GMT

GET
H3 200 Gogoro-Skuter-218x150.jpg
otodiva.com/wp-content/uploads/2022/05/ 32 KB
33 KB 1032ms
1032ms Image
image/jpeg 2606:4700:3034::6815:1bab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://otodiva.com/wp-content/uploads/2022/05/Gogoro-Skuter-218x150.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::6815:1bab , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

59dfbc11001fe3c07ac5d377e9dfd2f3c33cb5585e72532defabce50109931c6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://otodiva.com/ip4xl/viewtopic.php?page=comerica-bank-credit-card
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 19 Apr 2023 11:36:04 GMT
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 32862
x-xss-protection: 1; mode=block
last-modified: Fri, 27 May 2022 22:11:29 GMT
server: cloudflare
etag: "62914c91-805e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rX8tzJQrvyJRv6n3JCynAmun6OvKWs6HVsT3Oq4lrD8lU1Vbb8BtGWtASUYcTSsvlcRAJGLJs3sGlBeNjNqtfMx0k0yQ3zJY8oAhjnqxnj6kD3SdG1kaEIqZbsPHSMiMQvFF3ZC0Yyyzcw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31104000
accept-ranges: bytes
cf-ray: 7ba4d8faffdd373e-FRA
expires: Sat, 13 Apr 2024 11:36:03 GMT

GET
H3 200 Indikator-Mesin-Motor-218x150.jpg
otodiva.com/wp-content/uploads/2022/05/ 23 KB
23 KB 1028ms
1027ms Image
image/jpeg 2606:4700:3034::6815:1bab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://otodiva.com/wp-content/uploads/2022/05/Indikator-Mesin-Motor-218x150.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::6815:1bab , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4f207e85c8170f700689fe1a8b77772d2f4213fb220d36938f634432df3890e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://otodiva.com/ip4xl/viewtopic.php?page=comerica-bank-credit-card
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 19 Apr 2023 11:36:04 GMT
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 23200
x-xss-protection: 1; mode=block
last-modified: Fri, 27 May 2022 22:11:29 GMT
server: cloudflare
etag: "62914c91-5aa0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6%2BmjJNbOEUmoicZwIQAf884QVB3HfVJxPWHaRiHSahp5VOUoXDWRPzaX8ejO5sJIa7NTe3ATx4EVphOHSck7Z%2BEP7T7N1ftPcnP91V46GNwcrs7CK9n4bD1X6qYJzFrrsqGP0sR%2B6l4JjA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31104000
accept-ranges: bytes
cf-ray: 7ba4d8fb080c373e-FRA
expires: Sat, 13 Apr 2024 11:36:03 GMT

GET
H3 200 Tips-Beli-Motor-Bekas-218x150.jpg
otodiva.com/wp-content/uploads/2022/05/ 7 KB
8 KB 281ms
281ms Image
image/jpeg 2606:4700:3034::6815:1bab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://otodiva.com/wp-content/uploads/2022/05/Tips-Beli-Motor-Bekas-218x150.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::6815:1bab , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2fc5e4d2ec8e703db912ea1834a035b96961ffa0c8bc3aa6d4b68e0c7fd12ab6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://otodiva.com/ip4xl/viewtopic.php?page=comerica-bank-credit-card
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 19 Apr 2023 11:36:03 GMT
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 7236
x-xss-protection: 1; mode=block
last-modified: Fri, 27 May 2022 22:11:29 GMT
server: cloudflare
etag: "62914c91-1c44"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wWyP3AVybjEyOcMJdIaJsdMOPpyX2Xfa0fNKRpk%2F73TPDRV29crWOQn7Rf7R6%2BN0%2B0rV1exQDQK3VSAeZPo9PM6miLqyXmbzdoBXD%2F0RCITDGXlXkFVYsUmH3z2oRfzJEeCk05Yi9mfxAg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31104000
accept-ranges: bytes
cf-ray: 7ba4d8fb2825373e-FRA
expires: Sat, 13 Apr 2024 11:36:03 GMT

GET
H3 200 JAGUAR-INDONESIA-Re-Charge_Ki-Ka_Bhavin-Zavery-Amey-Tingare-James-Barclay-Gerry-C.-Kertowidjojo-Sam-Bird-Mitch-Evans-Irvino-Edwardly-Susilo-Darmawan-218x150.jpg
otodiva.com/wp-content/uploads/2022/06/ 11 KB
12 KB 1005ms
1005ms Image
image/jpeg 2606:4700:3034::6815:1bab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://otodiva.com/wp-content/uploads/2022/06/JAGUAR-INDONESIA-Re-Charge_Ki-Ka_Bhavin-Zavery-Amey-Tingare-James-Barclay-Gerry-C.-Kertowidjojo-Sam-Bird-Mitch-Evans-Irvino-Edwardly-Susilo-Darmawan-218x150.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::6815:1bab , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

69b6c5964112ce4e8e53110896582831b5f8aace102ed20a1791958ecb19a624

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://otodiva.com/ip4xl/viewtopic.php?page=comerica-bank-credit-card
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 19 Apr 2023 11:36:04 GMT
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 11465
x-xss-protection: 1; mode=block
last-modified: Thu, 02 Jun 2022 21:36:13 GMT
server: cloudflare
etag: "62992d4d-2cc9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Vx41e5Ff%2FNvihhaF7zffU96X9VE2YUlAklYUcvXHP2Q255HZhSslx7LWY20fKYMT59oH%2FkV%2BvZTrFYF4dfBGQCotgDegmVs1G%2FKN6x0sHLkv8u7cBlPanejkaUeVAYp%2BlQb5tYZJJekCnw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31104000
accept-ranges: bytes
cf-ray: 7ba4d8fb4849373e-FRA
expires: Sat, 13 Apr 2024 11:36:03 GMT

GET
H3 200 BTS-XL-Axiata_3-1-218x150.jpg
otodiva.com/wp-content/uploads/2022/06/ 13 KB
14 KB 1013ms
1012ms Image
image/jpeg 2606:4700:3034::6815:1bab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://otodiva.com/wp-content/uploads/2022/06/BTS-XL-Axiata_3-1-218x150.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::6815:1bab , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

817d80040eab94290d414cc4ecc347559b00bf76ebddd34776e50cb7199ee933

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://otodiva.com/ip4xl/viewtopic.php?page=comerica-bank-credit-card
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 19 Apr 2023 11:36:04 GMT
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 13468
x-xss-protection: 1; mode=block
last-modified: Thu, 02 Jun 2022 21:36:13 GMT
server: cloudflare
etag: "62992d4d-349c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FaTXbWfHWIq4pQZ2clvIBj%2FaOJVCdC0f%2F1y6WTjbNzKsfhHdRXvafVnAfmhZOjz6mZkD34YTvAIF4XUQxWg2qn8%2By7E2Adrjwx94yR19SQp29H1e%2Bw80OFMAph3lN9oURIzHJhDtX%2FHefw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31104000
accept-ranges: bytes
cf-ray: 7ba4d8fb686a373e-FRA
expires: Sat, 13 Apr 2024 11:36:03 GMT

GET
H3 200 Penyebab-munculnya-kerak-karbon-pada-mesin-218x150.jpeg
otodiva.com/wp-content/uploads/2022/05/ 9 KB
10 KB 262ms
262ms Image
image/jpeg 2606:4700:3034::6815:1bab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://otodiva.com/wp-content/uploads/2022/05/Penyebab-munculnya-kerak-karbon-pada-mesin-218x150.jpeg

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::6815:1bab , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

33957b9ce68e37d05b5930c7ed96d40b4a3da4630f861d5416017de17a9b5f1e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://otodiva.com/ip4xl/viewtopic.php?page=comerica-bank-credit-card
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 19 Apr 2023 11:36:03 GMT
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 9653
x-xss-protection: 1; mode=block
last-modified: Fri, 27 May 2022 22:11:29 GMT
server: cloudflare
etag: "62914c91-25b5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HpL4LZTdwARV8dPm3jBJxIOn7iRh26pKQU3dr%2Fu4DIP3RrAtEmZg8cD0EjBaW0C0hx2KpwdfcXCopoqF0h1NIZvsLq8LaxvMeXcDIrYLK10%2B3R6Kwsqygk5VK8GmacspRfzBDvL3woR5hg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31104000
accept-ranges: bytes
cf-ray: 7ba4d8fb7898373e-FRA
expires: Sat, 13 Apr 2024 11:36:03 GMT

GET
H3 200 Keramik-Busi-Retak-218x150.jpeg
otodiva.com/wp-content/uploads/2022/05/ 8 KB
9 KB 285ms
285ms Image
image/jpeg 2606:4700:3034::6815:1bab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://otodiva.com/wp-content/uploads/2022/05/Keramik-Busi-Retak-218x150.jpeg

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::6815:1bab , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e5bc429ca7f9d0ec4b8456528da09a550e2603707eacfaa93f6f2fa57eebe376

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://otodiva.com/ip4xl/viewtopic.php?page=comerica-bank-credit-card
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 19 Apr 2023 11:36:03 GMT
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 8226
x-xss-protection: 1; mode=block
last-modified: Fri, 27 May 2022 22:11:29 GMT
server: cloudflare
etag: "62914c91-2022"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iq65GQ%2BgdkNJKs4sa8k1JDOqnasfoOsa6VSAKXT%2FtNbHZjxHYXNBL5Ep0mETMxiEGQ%2B3wlwdgi4jpTCV80F5TR37iivQwgyVsutkbuUXce4Y%2FyaPeKScEi6FH1xJlH6Mjrh4fe%2BRI37Wxw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31104000
accept-ranges: bytes
cf-ray: 7ba4d8fb98c0373e-FRA
expires: Sat, 13 Apr 2024 11:36:03 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 53ms
53ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://otodiva.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 19 Apr 2023 11:36:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 19 Apr 2023 11:36:03 GMT

GET
H3 200 Kopling-Mobil-218x150.jpg
otodiva.com/wp-content/uploads/2022/05/ 22 KB
22 KB 1013ms
1013ms Image
image/jpeg 2606:4700:3034::6815:1bab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://otodiva.com/wp-content/uploads/2022/05/Kopling-Mobil-218x150.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::6815:1bab , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

01608d0d09b86704d6c31e69cae838a2c78b018d52598e27ec04e1e1eb8a6962

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://otodiva.com/ip4xl/viewtopic.php?page=comerica-bank-credit-card
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 19 Apr 2023 11:36:04 GMT
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 22115
x-xss-protection: 1; mode=block
last-modified: Fri, 27 May 2022 22:11:29 GMT
server: cloudflare
etag: "62914c91-5663"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=auaJbcXf75ZwBsLjNN20AnzuL6rObPUAqE07esPo1XGdTcmjqKANb88QMNj7zou3E2vhQJqIoeb7WDEuqgmOdTgD7E3JaC0BW7NrT470iRojFuA04ilXTTdEGuGFZSwJ8b28Wa%2FP0p4tAQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31104000
accept-ranges: bytes
cf-ray: 7ba4d8fbb8df373e-FRA
expires: Sat, 13 Apr 2024 11:36:03 GMT

GET
H3 200 viral-emak-emak-masukkan-motor-ke-igd-rumah-sakit-1_11-218x150.jpeg
otodiva.com/wp-content/uploads/2021/08/ 7 KB
8 KB 790ms
789ms Image
image/jpeg 2606:4700:3034::6815:1bab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://otodiva.com/wp-content/uploads/2021/08/viral-emak-emak-masukkan-motor-ke-igd-rumah-sakit-1_11-218x150.jpeg

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::6815:1bab , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f160fccb80792ceb1964410646f9d01f5dec118a16f48246bce0b3811991e931

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://otodiva.com/ip4xl/viewtopic.php?page=comerica-bank-credit-card
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 19 Apr 2023 11:36:03 GMT
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 7449
x-xss-protection: 1; mode=block
last-modified: Thu, 17 Feb 2022 09:33:24 GMT
server: cloudflare
etag: "620e1664-1d19"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fBoHx67sr0yH0vt7MelGOgeMHIVuXTulfWfvoPRvlK4BGXv3kViXcr4niF9WwZZoPuBY1sBtua1FxOreWafjJlHLCqE4ABzbr3sztDLBquydPiKGQ26qbKeLhRKAc8nbyBzm4hZVvRX9lA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31104000
accept-ranges: bytes
cf-ray: 7ba4d8fbc907373e-FRA
expires: Sat, 13 Apr 2024 11:36:03 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230413/r20110914/client/ Frame 5875 3 KB
1 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230413/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5949640052836324&output=html&h=90&slotname=2863858251&adk=2398503812&adf=1183505835&pi=t.ma~as.2863858251&w=728&lmt=1681904162&format=728x90&url=https%3A%2F%2Fotodiva.com%2Fip4xl%2Fviewtopic.php%3Fpage%3Dcomerica-bank-credit-card&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1681904162953&bpp=2&bdt=2989&idt=2&shv=r20230413&mjsv=m202304060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dba9d1d706eb74bb0-22fbdd2e9fdd0005%3AT%3D1681904161%3ART%3D1681904161%3AS%3DALNI_MZCtg48KIieZivJeOJmgS1rWPGVsA&gpic=UID%3D00000bd82b6da175%3AT%3D1681904161%3ART%3D1681904161%3AS%3DALNI_MYBiT-n50zk-cvrrEm2XFJNC8Rx9w&prev_fmts=0x0%2C1005x124&nras=2&correlator=8669149600763&frm=20&pv=1&ga_vid=493008130.1681904162&ga_sid=1681904162&ga_hid=1645194008&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=606&ady=57&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42532089%2C44759837%2C44759875%2C44759926%2C42532185&oid=2&psts=AHQMDFeIBO6NtcrPVW5HCN-KLZOWQHZ4wrj7nFqv1xWCFZBeJyKCfl-JVEIxjv5pKBI-zbSuALPcL2S2FkecRXLNfq7FaufU9I1tdnPUres&pvsid=1222634675579513&tmod=635692072&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaE%7C&abl=CA&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=0EGeRu6X4Q&p=https%3A//otodiva.com&dtd=8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 18 Apr 2023 21:46:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 49766
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 02 May 2023 21:46:37 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230413/r20110914/client/ Frame 5875 20 KB
8 KB 35ms
35ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230413/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b1b3b73852f7856f1a0f317701846bc7853eb5b127ba882c23c5073dbe6d022d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 19 Apr 2023 05:14:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22879
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8509
x-xss-protection: 0
server: cafe
etag: 3034682829645713766
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 03 May 2023 05:14:44 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 5875 0
0 45ms
44ms Image
text/html 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaS7rN7B5c-aXELhtlOx-ifT7NOKTkdCIc2Ppdq_D8BMDmqYLPTddBZNehTV5be8vp_LNNpbsZuWkABfTWn3zZCrov382Q
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5949640052836324&output=html&h=90&slotname=2863858251&adk=2398503812&adf=1183505835&pi=t.ma~as.2863858251&w=728&lmt=1681904162&format=728x90&url=https%3A%2F%2Fotodiva.com%2Fip4xl%2Fviewtopic.php%3Fpage%3Dcomerica-bank-credit-card&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1681904162953&bpp=2&bdt=2989&idt=2&shv=r20230413&mjsv=m202304060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dba9d1d706eb74bb0-22fbdd2e9fdd0005%3AT%3D1681904161%3ART%3D1681904161%3AS%3DALNI_MZCtg48KIieZivJeOJmgS1rWPGVsA&gpic=UID%3D00000bd82b6da175%3AT%3D1681904161%3ART%3D1681904161%3AS%3DALNI_MYBiT-n50zk-cvrrEm2XFJNC8Rx9w&prev_fmts=0x0%2C1005x124&nras=2&correlator=8669149600763&frm=20&pv=1&ga_vid=493008130.1681904162&ga_sid=1681904162&ga_hid=1645194008&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=606&ady=57&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42532089%2C44759837%2C44759875%2C44759926%2C42532185&oid=2&psts=AHQMDFeIBO6NtcrPVW5HCN-KLZOWQHZ4wrj7nFqv1xWCFZBeJyKCfl-JVEIxjv5pKBI-zbSuALPcL2S2FkecRXLNfq7FaufU9I1tdnPUres&pvsid=1222634675579513&tmod=635692072&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaE%7C&abl=CA&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=0EGeRu6X4Q&p=https%3A//otodiva.com&dtd=8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 5875 159 KB
49 KB 52ms
52ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fcba6d68321742b971eda8d36254297a368c6a5dba5486f36076f25d66891d9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 19 Apr 2023 11:36:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49673
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1681775021301287"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 19 Apr 2023 11:36:03 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 5875 0
0 82ms
82ms Fetch
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=Cl_7NItI_ZKWrPK2O9fgPsr-WwAqQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi01OTQ5NjQwMDUyODM2MzI0yAEJqQIP8eY_0GKyPqgDAaoE5gFP0GJI4MAKD6xiOx8uPQ3vnMufW-uAdY9Kzdk84P0Yeze4HEd09NZOb8ZBfdOR7WFC4SryqemRuiHwZ-ezYxdXlfgQPkd7SywEsKJKJaxpqwBBExnGOf-AjWHwIVzJotiPSbBf5jrcvESMNRScuUwOwV5hbWEj-NLUaBI12kDKKCZ65dXEzQX6-8ydCaLivCSL29god4BPYuQGrOFNrRGZMAoL7HLQ4cVrnSB96O1_w7dk2Bs9j_duiJUdxJi303zcdG7hrhXoSkhYZvvb2My3f9X_12Nluc_99mE_KghUBdTwWFnC5IAGueqywdfTjrq-AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgECACgH6CwIIAYAMAdAVAYAXAbIXGgoYEhRwdWItNTk0OTY0MDA1MjgzNjMyNBgA&sigh=s37ISVWEy8c&uach_m=[UACH]&cid=CAQSPABygQiDNWiEPUF57mcP2FgBJsYj-H6vtxu9vee307cWgY0ZjMm0uv1_JFK-_Q2Cntap4rAWThsGm-KC2RgB

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5949640052836324&output=html&h=90&slotname=2863858251&adk=2398503812&adf=1183505835&pi=t.ma~as.2863858251&w=728&lmt=1681904162&format=728x90&url=https%3A%2F%2Fotodiva.com%2Fip4xl%2Fviewtopic.php%3Fpage%3Dcomerica-bank-credit-card&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1681904162953&bpp=2&bdt=2989&idt=2&shv=r20230413&mjsv=m202304060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dba9d1d706eb74bb0-22fbdd2e9fdd0005%3AT%3D1681904161%3ART%3D1681904161%3AS%3DALNI_MZCtg48KIieZivJeOJmgS1rWPGVsA&gpic=UID%3D00000bd82b6da175%3AT%3D1681904161%3ART%3D1681904161%3AS%3DALNI_MYBiT-n50zk-cvrrEm2XFJNC8Rx9w&prev_fmts=0x0%2C1005x124&nras=2&correlator=8669149600763&frm=20&pv=1&ga_vid=493008130.1681904162&ga_sid=1681904162&ga_hid=1645194008&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=606&ady=57&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42532089%2C44759837%2C44759875%2C44759926%2C42532185&oid=2&psts=AHQMDFeIBO6NtcrPVW5HCN-KLZOWQHZ4wrj7nFqv1xWCFZBeJyKCfl-JVEIxjv5pKBI-zbSuALPcL2S2FkecRXLNfq7FaufU9I1tdnPUres&pvsid=1222634675579513&tmod=635692072&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaE%7C&abl=CA&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=0EGeRu6X4Q&p=https%3A//otodiva.com&dtd=8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 19 Apr 2023 11:36:03 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 204 winResponse
prod-rtb.ad4mat.net/ Frame 5875 0
0 64ms
23ms Fetch
image/gif 2600:1901:0:76b9::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://prod-rtb.ad4mat.net/winResponse?a=1kbmf3zvjk407v53wb5aptgc29a1vame316ttcrztvc8krn4m3f4w61w0sf5tewf2k1hv2fmbn8r2sx8q17swmtavr3xbyk10mjztky187bcb5zh411k08z178frdvar5kay7ct7v2q8gr2dxydqm6qdtjtn5cnbkg4ah9pj59ta17qvfr7h8a9krzjt6v9expxba4hx2psk5y2kgt7m1z9n3w8pxqg2qa5mfreqn0v4hyk3t062gqxjtea8jn927sxbhnda5tyc28mn9ej935sfsvmcrf79tgpvdh5v1pqv4bzyr35dynpe7sv68dyrr3sa3z4wasrqtvr8qj9ydgnrs61kf2gh49nvezef7xzcn24sbhpz5fdbd6p8361d88kpfcy68bcwzy8&b=ZD_SIgAPFaUJHUctAAWfshaoeB6NPT2CynWygA
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5949640052836324&output=html&h=90&slotname=2863858251&adk=2398503812&adf=1183505835&pi=t.ma~as.2863858251&w=728&lmt=1681904162&format=728x90&url=https%3A%2F%2Fotodiva.com%2Fip4xl%2Fviewtopic.php%3Fpage%3Dcomerica-bank-credit-card&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1681904162953&bpp=2&bdt=2989&idt=2&shv=r20230413&mjsv=m202304060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dba9d1d706eb74bb0-22fbdd2e9fdd0005%3AT%3D1681904161%3ART%3D1681904161%3AS%3DALNI_MZCtg48KIieZivJeOJmgS1rWPGVsA&gpic=UID%3D00000bd82b6da175%3AT%3D1681904161%3ART%3D1681904161%3AS%3DALNI_MYBiT-n50zk-cvrrEm2XFJNC8Rx9w&prev_fmts=0x0%2C1005x124&nras=2&correlator=8669149600763&frm=20&pv=1&ga_vid=493008130.1681904162&ga_sid=1681904162&ga_hid=1645194008&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=606&ady=57&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42532089%2C44759837%2C44759875%2C44759926%2C42532185&oid=2&psts=AHQMDFeIBO6NtcrPVW5HCN-KLZOWQHZ4wrj7nFqv1xWCFZBeJyKCfl-JVEIxjv5pKBI-zbSuALPcL2S2FkecRXLNfq7FaufU9I1tdnPUres&pvsid=1222634675579513&tmod=635692072&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaE%7C&abl=CA&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=0EGeRu6X4Q&p=https%3A//otodiva.com&dtd=8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 19 Apr 2023 11:36:03 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: image/gif

GET
H2 200 dr Show response
as.ad4m.at/ad/ Frame AB49 2 KB
3 KB 61ms
35ms Document
text/html 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/dr?ed=1jpyxp762gbftcmqnqd8g821q0r2kyfj1tb4wkex4e3metwzn6bvnvj1s1bba6wvgktn9kg6wg16mr66kz2d96ajbdyc1fqt6z0r21gp14t30jan6p6y9bcqkye77v2z7s4dknhqsz847gktq9ns9mks9ykf6tk5xvm6r0jdryght9gdfjb3pyej4sawtecqw7tj9nj3r78k34vcv03sem94zqgm07345dav4bbtqqcaprbabvc45xdqg185zt12e4f2xynhbfys5rqdc9jkebjyqxzmb69nw162hk56j125s6aaz4bxvf7f1gnzy79jxzk2wmkzbcwac1f3v6wc2e6dsecmw6thpbws28hdsqdfbkb18hrcjg7qsb0a9yjaja685nvdh90vycc00venawd453hk1nkm8pb2xnw1scay9bncyfrsk5mmevfdnd5gpsb58za8&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCfWh1ItI_ZKWrPK2O9fgPsr-WwAqQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi01OTQ5NjQwMDUyODM2MzI0yAEJqQIP8eY_0GKyPqgDAaoE6QFP0GJI4MAKD6xiOx8uPQ3vnMufW-uAdY9Kzdk84P0Yeze4HEd09NZOb8ZBfdOR7WFC4SryqemRuiHwZ-ezYxdXlfgQPkd7SywEsKJKJaxpqwBBExnGOf-AjWHwIVzJotiPSbBf5jrcvESMNRScuUwOwV5hbWEj-NLUaBI12kDKKCZ65dXEzQX6-8ydCaLivCSL29god4BPYuQGrOFNrRGZMAoL7HLQ4cVrnSB96O1_w7dk2Bs9j_duiJUdxJi303yedk9zeexvCoDfLm0BkV5FRsH1emlLoRJ9NCit0pxKKcwlhMaCLG7iWYAGueqywdfTjrq-AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0bFhc_6d0lYmSzpRiDsxHAXKHfdg%26client%3Dca-pub-5949640052836324%26adurl%3D

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

eedd07643ced2ab37bedd26d36d5ceaab0a2aa13f868fc4d67287d52368c9578

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-src ;img-src data:;manifest-src 'none';media-src 'none';object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 7ba4d8fc1a0d8fd0-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Wed, 19 Apr 2023 11:36:03 GMT
expires: 0
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 1C70 1 KB
643 B 36ms
35ms Document
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 1757
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 19 Apr 2023 11:06:46 GMT
etag: 48472445140208031
expires: Thu, 20 Apr 2023 11:06:46 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 old-1283201_1280.jpg
otodiva.com/wp-content/uploads/2019/12/ 59 KB
60 KB 1304ms
1303ms Image
image/jpeg 2606:4700:3034::6815:1bab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://otodiva.com/wp-content/uploads/2019/12/old-1283201_1280.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::6815:1bab , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c863cdd62f08d0ce87a9b38e66a98ad4335b7f980b3f61e22b9e1958285a5431

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://otodiva.com/ip4xl/viewtopic.php?page=comerica-bank-credit-card
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 19 Apr 2023 11:36:04 GMT
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 60764
x-xss-protection: 1; mode=block
last-modified: Thu, 17 Feb 2022 09:33:25 GMT
server: cloudflare
etag: "620e1665-ed5c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p8L9Xm1IXxWtMtN4qx0lZBspGAFzXYL%2F%2FbXO34xTzsBqdMbuhKDrc5a0lqtvWQ2UKwaItU3YxWrXTSuaWEE%2BYnTkGUT0JH9KPy1ie6LcOyGeCLjtROlsrtTB9CEWRcFXoGOTzuJE4od5xA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31104000
accept-ranges: bytes
cf-ray: 7ba4d8fbe92c373e-FRA
expires: Sat, 13 Apr 2024 11:36:03 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 0B05 13 KB
5 KB 37ms
36ms Document
text/html 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://otodiva.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 9955
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 19 Apr 2023 08:50:08 GMT
expires: Thu, 18 Apr 2024 08:50:08 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame ED0E 783 B
969 B 48ms
47ms Document
text/html 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

182e0738c8087e74049a16fda5d2fcc0a841f13b6ac8da3b909151ea4639372f

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-4dNi9nDNXTeUab8s25gMGA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://otodiva.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-4dNi9nDNXTeUab8s25gMGA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 19 Apr 2023 11:36:03 GMT
expires: Wed, 19 Apr 2023 11:36:03 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 petrol-996617_1280.jpg
otodiva.com/wp-content/uploads/2019/12/ 34 KB
35 KB 1070ms
1070ms Image
image/jpeg 2606:4700:3034::6815:1bab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://otodiva.com/wp-content/uploads/2019/12/petrol-996617_1280.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::6815:1bab , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ed56f55a3172715bbbf8763b0750fd37b8de0596526a1fc347c540d99f8835ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://otodiva.com/ip4xl/viewtopic.php?page=comerica-bank-credit-card
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 19 Apr 2023 11:36:04 GMT
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 34890
x-xss-protection: 1; mode=block
last-modified: Thu, 17 Feb 2022 09:33:25 GMT
server: cloudflare
etag: "620e1665-884a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ULv31SNv28u6jaD0w2vOSNwF1uTBXsRwx1NBzfl5YXed6wXaRlCejXI%2FByIZLTjS9LhgRol64Sjfx7aFpCX%2FoHbYi4lEhNO0QZGDrsu67OGbdUusl6qWy8uZYykviCx6up3AZb5Pv1dNEA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31104000
accept-ranges: bytes
cf-ray: 7ba4d8fc094a373e-FRA
expires: Sat, 13 Apr 2024 11:36:03 GMT

GET
H3 200 Honda-Brio-Virtual-Modification-218x150.jpg
otodiva.com/wp-content/uploads/2022/05/ 11 KB
12 KB 999ms
998ms Image
image/jpeg 2606:4700:3034::6815:1bab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://otodiva.com/wp-content/uploads/2022/05/Honda-Brio-Virtual-Modification-218x150.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::6815:1bab , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

39594554ce584228b1113f19d2ee73099de4691de165ab1be148946b5e4c496d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://otodiva.com/ip4xl/viewtopic.php?page=comerica-bank-credit-card
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 19 Apr 2023 11:36:04 GMT
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 11722
x-xss-protection: 1; mode=block
last-modified: Fri, 27 May 2022 22:11:29 GMT
server: cloudflare
etag: "62914c91-2dca"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZqtouDGYditvMlJZb90cZxYXLY6ezbnv%2BngxptOZy%2FJ8zZWthvbCDcUZH5bsUtTAD8i%2B95OmJzg%2B3VAYFiD0ykFpAwNTZOzqiHebj%2BoA8maBB1UqEYYv4E%2FAnMCbRvGlvJat5LD4mzvMkA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31104000
accept-ranges: bytes
cf-ray: 7ba4d8fc397c373e-FRA
expires: Sat, 13 Apr 2024 11:36:03 GMT

GET
DATA 200
OK truncated
/ Frame 5875 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c19f7515c0e6872457bcc2c4cc58f95aa6e968891d65d21dffd321bb2fda7574

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type: image/png

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 1C70
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESELyPPcc_1X_dwIjzPs_Gs6g&google_push=Aer7DvJN8R3yxBJQJcmNQtcjw4eyihbp-bByIoA53CTJ38q_J12j6IxIt1...

170 B
232 B

51ms
49ms

Image
image/png

142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESELyPPcc_1X_dwIjzPs_Gs6g&google_push=Aer7DvJN8R3yxBJQJcmNQtcjw4eyihbp-bByIoA53CTJ38q_J12j6IxIt1oy2Tpq9nMorRx_H1UwBcl2f3fgXEMJrMoh_IXjt-p4Vpw

Protocol

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 19 Apr 2023 11:36:03 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by: cache-fra-eddf8230113-FRA
pragma: no-cache
date: Wed, 19 Apr 2023 11:36:03 GMT
via: 1.1 varnish
server: Jetty(9.4.35.v20201120)
x-timer: S1681904163.299365,VS0,VE92
x-cache: MISS
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin: *
location: https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESELyPPcc_1X_dwIjzPs_Gs6g&google_push=Aer7DvJN8R3yxBJQJcmNQtcjw4eyihbp-bByIoA53CTJ38q_J12j6IxIt1oy2Tpq9nMorRx_H1UwBcl2f3fgXEMJrMoh_IXjt-p4Vpw
cache-control: no-cache
accept-ranges: bytes
content-length: 0
x-cache-hits: 0

GET
H2 200 google
match.adsrvr.org/track/cmf/ Frame 1C70 70 B
265 B 107ms
34ms Image
image/gif 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/google?google_gid=CAESELUJumqNKWRX7NdNbEvmisM&google_cver=1&google_push=Aer7DvLVvNGTEGkTKzv0x39KT5lH5mOoZHK_qyfMtSscPEpWh2jTe-PRFi0QXt9HhaB4yiBYpzzY9ZtKOk26mnWdl4KDgqGROntXCV4
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5949640052836324&output=html&h=90&slotname=2863858251&adk=2398503812&adf=1183505835&pi=t.ma~as.2863858251&w=728&lmt=1681904162&format=728x90&url=https%3A%2F%2Fotodiva.com%2Fip4xl%2Fviewtopic.php%3Fpage%3Dcomerica-bank-credit-card&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1681904162953&bpp=2&bdt=2989&idt=2&shv=r20230413&mjsv=m202304060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dba9d1d706eb74bb0-22fbdd2e9fdd0005%3AT%3D1681904161%3ART%3D1681904161%3AS%3DALNI_MZCtg48KIieZivJeOJmgS1rWPGVsA&gpic=UID%3D00000bd82b6da175%3AT%3D1681904161%3ART%3D1681904161%3AS%3DALNI_MYBiT-n50zk-cvrrEm2XFJNC8Rx9w&prev_fmts=0x0%2C1005x124&nras=2&correlator=8669149600763&frm=20&pv=1&ga_vid=493008130.1681904162&ga_sid=1681904162&ga_hid=1645194008&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=606&ady=57&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42532089%2C44759837%2C44759875%2C44759926%2C42532185&oid=2&psts=AHQMDFeIBO6NtcrPVW5HCN-KLZOWQHZ4wrj7nFqv1xWCFZBeJyKCfl-JVEIxjv5pKBI-zbSuALPcL2S2FkecRXLNfq7FaufU9I1tdnPUres&pvsid=1222634675579513&tmod=635692072&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaE%7C&abl=CA&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=0EGeRu6X4Q&p=https%3A//otodiva.com&dtd=8
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Wed, 19 Apr 2023 11:36:03 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 1C70
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEI3kQCbK0e-xZU8OtdpHGhE&google_cver=1&google_push=Aer7DvLgnaUP69dVOSWA4F6lKthW7GvLfMQW0OM9XsyL61XhOHAR0jxHvO7xHv57X8hW6Uv_gwdOb2XC68fd8tFzC3GdkIq...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=Aer7DvLgnaUP69dVOSWA4F6lKthW7GvLfMQW0OM9XsyL61XhOHAR0jxHvO7xHv57X8hW6Uv_gwdOb2XC68fd8tFzC3GdkIqBYZ8fr4U&google_hm=eS1fU0dLZkJSRTJwR2N...

170 B
232 B

50ms
50ms

Image
image/png

142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=Aer7DvLgnaUP69dVOSWA4F6lKthW7GvLfMQW0OM9XsyL61XhOHAR0jxHvO7xHv57X8hW6Uv_gwdOb2XC68fd8tFzC3GdkIqBYZ8fr4U&google_hm=eS1fU0dLZkJSRTJwR2N6eklJSThsYkI0NkZwUFdsOU5UUH5B

Requested by

Protocol

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 19 Apr 2023 11:36:03 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Wed, 19 Apr 2023 11:36:03 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=Aer7DvLgnaUP69dVOSWA4F6lKthW7GvLfMQW0OM9XsyL61XhOHAR0jxHvO7xHv57X8hW6Uv_gwdOb2XC68fd8tFzC3GdkIqBYZ8fr4U&google_hm=eS1fU0dLZkJSRTJwR2N6eklJSThsYkI0NkZwUFdsOU5UUH5B
content-length: 0

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 1C70
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEA9alINSqepsqwWIDpdwziw&google_cver=1&google_push=Aer7DvK1EtcPAoNBU-Cw5zvgZyiX7CV7rxBqDvL5WRxxqvSY_7FRyyeu-I-qWmNDbHg-2yVb1Y_TMVo5...
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEA9alINSqepsqwWIDpdwziw&google_cver=1&google_push=Aer7DvK1EtcPAoNBU-Cw5zvgZyiX7CV7rxBqDvL5WRxxqvSY_7FRyyeu-I-qWmNDbHg-2yVb1Y_...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=Nzk0OTMzMDg3ODk5OTkyNTMzNA&google_push=Aer7DvK1EtcPAoNBU-Cw5zvgZyiX7CV7rxBqDvL5WRxxqvSY_7FRyyeu-I-qWmNDbHg-2yVb1Y_TMV...

170 B
232 B

50ms
50ms

Image
image/png

142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=Nzk0OTMzMDg3ODk5OTkyNTMzNA&google_push=Aer7DvK1EtcPAoNBU-Cw5zvgZyiX7CV7rxBqDvL5WRxxqvSY_7FRyyeu-I-qWmNDbHg-2yVb1Y_TMVo5oFleUITfnp80KXq3BhciyQ

Requested by

Protocol

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 19 Apr 2023 11:36:03 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 19 Apr 2023 11:36:03 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=Nzk0OTMzMDg3ODk5OTkyNTMzNA&google_push=Aer7DvK1EtcPAoNBU-Cw5zvgZyiX7CV7rxBqDvL5WRxxqvSY_7FRyyeu-I-qWmNDbHg-2yVb1Y_TMVo5oFleUITfnp80KXq3BhciyQ
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 1C70
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=wjOQF9JAQ_i1aMkUf6LQkQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
232 B

66ms
50ms

Image
image/png

142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=wjOQF9JAQ_i1aMkUf6LQkQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=Aer7DvJQD6AOosweEjubamp9JTAAz0RjA-4rG_hn7O0vrgbdnAImj1-3-IeY78r17mA96jUtDYySeDMsCWhtovDtBjFWafmRrS6WC78

Requested by

Protocol

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 19 Apr 2023 11:36:03 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=wjOQF9JAQ_i1aMkUf6LQkQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=Aer7DvJQD6AOosweEjubamp9JTAAz0RjA-4rG_hn7O0vrgbdnAImj1-3-IeY78r17mA96jUtDYySeDMsCWhtovDtBjFWafmRrS6WC78
date: Wed, 19 Apr 2023 11:36:03 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 1C70
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEDXEhvgjsWRTSwb3mAQgehY&google_cver=1&google_push=Aer7DvLyPOGsa6zU2Q-qT0TIN2G86SWrORRfNaRDHvlpvuSGcvUAJ6H--ShU_FdN18TDPn2sUsR...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEdOTUJBM1AtMjItR01MQg==&google_push=Aer7DvLyPOGsa6zU2Q-qT0TIN2G86SWrORRfNaRDHvlpvuSGcvUAJ6H--ShU_FdN18TDPn2sUsROy8NQ9d91vsFWsCtw74X8VYwjMQ

170 B
329 B

82ms
50ms

Image
image/png

142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEdOTUJBM1AtMjItR01MQg==&google_push=Aer7DvLyPOGsa6zU2Q-qT0TIN2G86SWrORRfNaRDHvlpvuSGcvUAJ6H--ShU_FdN18TDPn2sUsROy8NQ9d91vsFWsCtw74X8VYwjMQ

Requested by

Protocol

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 19 Apr 2023 11:36:03 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEdOTUJBM1AtMjItR01MQg==&google_push=Aer7DvLyPOGsa6zU2Q-qT0TIN2G86SWrORRfNaRDHvlpvuSGcvUAJ6H--ShU_FdN18TDPn2sUsROy8NQ9d91vsFWsCtw74X8VYwjMQ
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 54ae5f20a7acdd83fd00ddb00e96a2c1
Expires: 0

GET
H2

200

report
sync.teads.tv/um/ Frame 1C70
Redirect Chain

https://sync.teads.tv/um?eid=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEP-6PveuM5ZrAIZ3f60-UEc&...
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=Aer7DvKWttxwHMxrdihli-_zCvZk-em2l_nbfHYWKd0Vlyw_WuZNoG4hNXhLEvgcbNVjpnb1gKg94h27BsgpWzSe3n9EAq0VWtQAoQ8
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

23 B
172 B

31ms
31ms

Image
image/gif

104.111.217.42
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Protocol: H2
Server: 104.111.217.42 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-217-42.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.10 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

expires: Wed, 19 Apr 2023 11:36:03 GMT
pragma: no-cache
date: Wed, 19 Apr 2023 11:36:03 GMT
cache-control: max-age=0, no-cache, no-store
server: akka-http/10.2.10
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Wed, 19 Apr 2023 11:36:03 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 260
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 1C70 0
130 B 149ms
48ms Image
text/html 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IBxi-nsBlNfSgVRq4smeu1XK4rWOHtZ4r_J6kPNYvAj5X4vTLZTGWbXKz_869Vtlw7uyDa8w

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 19 Apr 2023 11:36:03 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 5-Aplikasi-Petunjuk-jalan-218x150.jpg
otodiva.com/wp-content/uploads/2022/05/ 9 KB
9 KB 783ms
783ms Image
image/jpeg 2606:4700:3034::6815:1bab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://otodiva.com/wp-content/uploads/2022/05/5-Aplikasi-Petunjuk-jalan-218x150.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::6815:1bab , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

356d3b3c00ed5b44e720b3fb80fb6b314ef7bd48e8266c528ce539c3dd4f0b51

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://otodiva.com/ip4xl/viewtopic.php?page=comerica-bank-credit-card
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 19 Apr 2023 11:36:04 GMT
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 8722
x-xss-protection: 1; mode=block
last-modified: Fri, 27 May 2022 22:11:29 GMT
server: cloudflare
etag: "62914c91-2212"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=M7SNekry47MHbp4t5Pbl2EpXdkVZXVbhbmkMu1Q9osyCJRDbtFban8iIVASV2s52nv23U9dN4JR345HcHFbq%2Bt40bV6AjcjSJIOTxMPKWFt1236ZiZnIxMWZDn4Yz%2B94Ub4BRwJL9MNdaA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31104000
accept-ranges: bytes
cf-ray: 7ba4d8fc599d373e-FRA
expires: Sat, 13 Apr 2024 11:36:03 GMT

GET
H2 200 default.css
as.ad4m.at/ad/style/0.1.39/one-ad/ Frame AB49 94 KB
12 KB 19ms
17ms Stylesheet
text/css 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.39/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1jpyxp762gbftcmqnqd8g821q0r2kyfj1tb4wkex4e3metwzn6bvnvj1s1bba6wvgktn9kg6wg16mr66kz2d96ajbdyc1fqt6z0r21gp14t30jan6p6y9bcqkye77v2z7s4dknhqsz847gktq9ns9mks9ykf6tk5xvm6r0jdryght9gdfjb3pyej4sawtecqw7tj9nj3r78k34vcv03sem94zqgm07345dav4bbtqqcaprbabvc45xdqg185zt12e4f2xynhbfys5rqdc9jkebjyqxzmb69nw162hk56j125s6aaz4bxvf7f1gnzy79jxzk2wmkzbcwac1f3v6wc2e6dsecmw6thpbws28hdsqdfbkb18hrcjg7qsb0a9yjaja685nvdh90vycc00venawd453hk1nkm8pb2xnw1scay9bncyfrsk5mmevfdnd5gpsb58za8&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCfWh1ItI_ZKWrPK2O9fgPsr-WwAqQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi01OTQ5NjQwMDUyODM2MzI0yAEJqQIP8eY_0GKyPqgDAaoE6QFP0GJI4MAKD6xiOx8uPQ3vnMufW-uAdY9Kzdk84P0Yeze4HEd09NZOb8ZBfdOR7WFC4SryqemRuiHwZ-ezYxdXlfgQPkd7SywEsKJKJaxpqwBBExnGOf-AjWHwIVzJotiPSbBf5jrcvESMNRScuUwOwV5hbWEj-NLUaBI12kDKKCZ65dXEzQX6-8ydCaLivCSL29god4BPYuQGrOFNrRGZMAoL7HLQ4cVrnSB96O1_w7dk2Bs9j_duiJUdxJi303yedk9zeexvCoDfLm0BkV5FRsH1emlLoRJ9NCit0pxKKcwlhMaCLG7iWYAGueqywdfTjrq-AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0bFhc_6d0lYmSzpRiDsxHAXKHfdg%26client%3Dca-pub-5949640052836324%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 926a4ca073c39c40cabffbf1b0371803f245f084cdb9177fc7b3f9d81c0e394d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/dr?ed=1jpyxp762gbftcmqnqd8g821q0r2kyfj1tb4wkex4e3metwzn6bvnvj1s1bba6wvgktn9kg6wg16mr66kz2d96ajbdyc1fqt6z0r21gp14t30jan6p6y9bcqkye77v2z7s4dknhqsz847gktq9ns9mks9ykf6tk5xvm6r0jdryght9gdfjb3pyej4sawtecqw7tj9nj3r78k34vcv03sem94zqgm07345dav4bbtqqcaprbabvc45xdqg185zt12e4f2xynhbfys5rqdc9jkebjyqxzmb69nw162hk56j125s6aaz4bxvf7f1gnzy79jxzk2wmkzbcwac1f3v6wc2e6dsecmw6thpbws28hdsqdfbkb18hrcjg7qsb0a9yjaja685nvdh90vycc00venawd453hk1nkm8pb2xnw1scay9bncyfrsk5mmevfdnd5gpsb58za8&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCfWh1ItI_ZKWrPK2O9fgPsr-WwAqQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi01OTQ5NjQwMDUyODM2MzI0yAEJqQIP8eY_0GKyPqgDAaoE6QFP0GJI4MAKD6xiOx8uPQ3vnMufW-uAdY9Kzdk84P0Yeze4HEd09NZOb8ZBfdOR7WFC4SryqemRuiHwZ-ezYxdXlfgQPkd7SywEsKJKJaxpqwBBExnGOf-AjWHwIVzJotiPSbBf5jrcvESMNRScuUwOwV5hbWEj-NLUaBI12kDKKCZ65dXEzQX6-8ydCaLivCSL29god4BPYuQGrOFNrRGZMAoL7HLQ4cVrnSB96O1_w7dk2Bs9j_duiJUdxJi303yedk9zeexvCoDfLm0BkV5FRsH1emlLoRJ9NCit0pxKKcwlhMaCLG7iWYAGueqywdfTjrq-AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0bFhc_6d0lYmSzpRiDsxHAXKHfdg%26client%3Dca-pub-5949640052836324%26adurl%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 19 Apr 2023 11:36:03 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime: 1681210094
age: 693082
cf-polished: origSize=96968
x-guploader-uploadid: ADPycdvBbBiAc2P41l3MPJ5-hXFPGXaQa8w7XhcYj92Xp8MLJ9mGx2Nxcd1NoISwl-CtOMwuiwBdZgqbw_DNCnSmQ168J3QFTvKy
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Tue, 11 Apr 2023 10:48:50 GMT
server: cloudflare
etag: W/"6110dc3a24c902508647a582294bcc25"
vary: Accept-Encoding
x-goog-generation: 1681210130860508
content-type: text/css
x-goog-hash: crc32c=6qzuyQ==, md5=YRDcOiTJAlCGR6WCKUvMJQ==
cache-control: public, max-age=3600
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=10w0rD%2By9G3AMq%2Fd9NJC%2BkC%2B1glhvhS77mEO46FRIrsRArGSZQBxXa4v11m47d6qsi%2FrQXdQxYtHJChHzgWnKX63Aj36itkOI2WgOs6tcTRORmY%2BGJeXLFIBelyk%2FK0mFd11khOYsRI%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 96968
cf-ray: 7ba4d8fc6a618fd0-FRA
expires: Wed, 19 Apr 2023 12:36:03 GMT

GET
H2 200 r62eglto.js Show response
ad4m.at/ Frame AB49 25 KB
10 KB 29ms
18ms Script
application/javascript 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/r62eglto.js
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1jpyxp762gbftcmqnqd8g821q0r2kyfj1tb4wkex4e3metwzn6bvnvj1s1bba6wvgktn9kg6wg16mr66kz2d96ajbdyc1fqt6z0r21gp14t30jan6p6y9bcqkye77v2z7s4dknhqsz847gktq9ns9mks9ykf6tk5xvm6r0jdryght9gdfjb3pyej4sawtecqw7tj9nj3r78k34vcv03sem94zqgm07345dav4bbtqqcaprbabvc45xdqg185zt12e4f2xynhbfys5rqdc9jkebjyqxzmb69nw162hk56j125s6aaz4bxvf7f1gnzy79jxzk2wmkzbcwac1f3v6wc2e6dsecmw6thpbws28hdsqdfbkb18hrcjg7qsb0a9yjaja685nvdh90vycc00venawd453hk1nkm8pb2xnw1scay9bncyfrsk5mmevfdnd5gpsb58za8&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCfWh1ItI_ZKWrPK2O9fgPsr-WwAqQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi01OTQ5NjQwMDUyODM2MzI0yAEJqQIP8eY_0GKyPqgDAaoE6QFP0GJI4MAKD6xiOx8uPQ3vnMufW-uAdY9Kzdk84P0Yeze4HEd09NZOb8ZBfdOR7WFC4SryqemRuiHwZ-ezYxdXlfgQPkd7SywEsKJKJaxpqwBBExnGOf-AjWHwIVzJotiPSbBf5jrcvESMNRScuUwOwV5hbWEj-NLUaBI12kDKKCZ65dXEzQX6-8ydCaLivCSL29god4BPYuQGrOFNrRGZMAoL7HLQ4cVrnSB96O1_w7dk2Bs9j_duiJUdxJi303yedk9zeexvCoDfLm0BkV5FRsH1emlLoRJ9NCit0pxKKcwlhMaCLG7iWYAGueqywdfTjrq-AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0bFhc_6d0lYmSzpRiDsxHAXKHfdg%26client%3Dca-pub-5949640052836324%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2d5e67a38c9a11424cac19ce192c9fd124a6d74e64d3791a01561dbd3e39c0b4

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 19 Apr 2023 11:36:03 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 14 Mar 2023 13:45:21 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 579560
etag: W/"fcb2a26b07bd76d9a925cae661d6d94d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PZneMFK3iEQ6S3%2F3SYgettmBSKIkZOrMTe5LgPaCfDgfF95ue68kS6GdLHfmyWejBaxg6YU1%2FT0p1Lx73RzVObDgrfFYkDlGP7qv8RtbOh5dYiE96J56qijPeYlWMAsm0PFnfgk%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray: 7ba4d8fc7a758fd0-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Tue, 11 Apr 2023 13:45:44 GMT

GET
H3 200 4-motor-legendaris-218x150.jpeg
otodiva.com/wp-content/uploads/2022/05/ 12 KB
12 KB 1002ms
1002ms Image
image/jpeg 2606:4700:3034::6815:1bab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://otodiva.com/wp-content/uploads/2022/05/4-motor-legendaris-218x150.jpeg

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::6815:1bab , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a2b8b6891d80ca3011f9319fd015be66a1b05ef6febc67ef76d18ab3176bf793

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://otodiva.com/ip4xl/viewtopic.php?page=comerica-bank-credit-card
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 19 Apr 2023 11:36:04 GMT
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 11971
x-xss-protection: 1; mode=block
last-modified: Fri, 27 May 2022 22:11:29 GMT
server: cloudflare
etag: "62914c91-2ec3"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u%2B2cabHzqaKbJChXpvOc8AVBWqM4i4FNXa5N5DNP6%2BAMISeMa5wK7RMLDr7dN3cNXqAM4gP4Vt1jUPW9MsFCmDOrFKc3ouPXOiVyqC0UZTo0x7PL8CEG%2Bijb5sEyfwo%2Bljw8a1j5kPnixw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31104000
accept-ranges: bytes
cf-ray: 7ba4d8fc99fb373e-FRA
expires: Sat, 13 Apr 2024 11:36:03 GMT

GET
H3 200 sT94e_Y9T67XXT_Bc0Lekmp70Liu2pVFNITCmIvtqgQ.js Show response
pagead2.googlesyndication.com/bg/ Frame 0B05 36 KB
14 KB 36ms
35ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/sT94e_Y9T67XXT_Bc0Lekmp70Liu2pVFNITCmIvtqgQ.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b13f787bf63d4faed75d3fc17342de926a7bd0b8aeda95453484c2988bedaa04

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 17 Apr 2023 06:50:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 189928
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14077
x-xss-protection: 0
last-modified: Tue, 11 Apr 2023 10:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 16 Apr 2024 06:50:35 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame ED0E 0
0 69ms
69ms Image
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230413&jk=1222634675579513&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

GET
H2 200 adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame AB49 3 KB
4 KB 48ms
21ms Image
image/png 2606:4700:20::ac43:444e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/style/0.1.39/one-ad/default.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:444e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 19 Apr 2023 11:36:03 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 806
x-guploader-uploadid: ADPycdvuqSd5z7x-P6zciDvJguhfevnTZzPv-sFvdv4VVTj2cCVUndir5fZqBzjNPOlq80uW-sAFhIkV33WDoT1aRSnwIseHrQ
x-goog-storage-class: STANDARD
x-goog-custom-time: 1970-01-01T00:00:00Z
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3262
x-goog-meta-
last-modified: Wed, 09 Jun 2021 12:35:14 GMT
server: cloudflare
etag: "794c84d30e213ec6a144d64215f07551"
vary: Accept-Encoding
x-goog-generation: 1623242114099744
content-type: image/png
x-goog-hash: crc32c=v7nNsg==, md5=eUyE0w4hPsahRNZCFfB1UQ==
cache-control: public, max-age=31536000, immutable
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ac9wkFZ9s%2BHbaVLkjEg%2FSKqjt6dgHn8kZ9Z12bD4dBrnpCg%2FdPBaidHszHX85moZBb4SODoEJw3MJsSNggJqy13lA3HxvJ0upbzKkZDy94zqSLFHPMbzgI378P4qD6cvgULhznXXunev3BDczlcCB5fd"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 3262
accept-ranges: bytes
cf-ray: 7ba4d8fcdacf6961-FRA
expires: Wed, 19 Apr 2023 12:22:37 GMT

GET
H3 200 frame.html Show response
ad4m.at/ Frame 73E5 2 KB
1 KB 30ms
29ms Document
text/html 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/frame.html
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 1318814
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: public, max-age=3600
cf-cache-status: HIT
cf-ray: 7ba4d8fcb85a36e0-FRA
content-encoding: br
content-language: en
content-type: text/html; charset=utf-8
date: Wed, 19 Apr 2023 11:36:03 GMT
expires: Thu, 30 Mar 2023 21:56:13 GMT
last-modified: Thu, 25 Aug 2022 14:12:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=khl9JTa76GkLybU5H%2BVuN8VT1TMUM0KQot3cElCyHDnw5s6qJ3cpBkFDmu47jr23cpUwwD5y7F5FlprIhtLUMOAWQ%2F2q%2FCNmDWXxUMC9arpwiM0%2B4e9cGrR9f4VhhcM90ECefM8%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H3 200 Wanita-Mengendarai-Motor-218x150.jpg
otodiva.com/wp-content/uploads/2021/08/ 12 KB
12 KB 996ms
996ms Image
image/jpeg 2606:4700:3034::6815:1bab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://otodiva.com/wp-content/uploads/2021/08/Wanita-Mengendarai-Motor-218x150.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::6815:1bab , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0d217fff2f412129b99bc37c416534bb2298d291228b217c4928a77feb9cd198

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://otodiva.com/ip4xl/viewtopic.php?page=comerica-bank-credit-card
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 19 Apr 2023 11:36:04 GMT
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 12166
x-xss-protection: 1; mode=block
last-modified: Thu, 17 Feb 2022 09:33:24 GMT
server: cloudflare
etag: "620e1664-2f86"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CxqgtqqWsbXztO3nj3jYO9JLi8wYQahyM%2FAH24aEd12Ar4IHbDd9LRduZuNr8raDF9e3EYoVg1WBm%2F%2F5R7l3dzISMQcX0cabGOqwgpqXI%2F6UP%2F511u5HKwNl8Q2j%2FSmApcbO%2FwRvJIwC0A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31104000
accept-ranges: bytes
cf-ray: 7ba4d8fcba21373e-FRA
expires: Sat, 13 Apr 2024 11:36:03 GMT

GET
H3 200 Pengendara-Wanita-218x150.jpg
otodiva.com/wp-content/uploads/2021/08/ 7 KB
8 KB 783ms
783ms Image
image/jpeg 2606:4700:3034::6815:1bab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://otodiva.com/wp-content/uploads/2021/08/Pengendara-Wanita-218x150.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::6815:1bab , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2bb016f0e03354f4a5591e0240be2cad82c40ddb494cc5f90698be790a1ea97d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://otodiva.com/ip4xl/viewtopic.php?page=comerica-bank-credit-card
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 19 Apr 2023 11:36:04 GMT
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 7401
x-xss-protection: 1; mode=block
last-modified: Thu, 17 Feb 2022 09:33:24 GMT
server: cloudflare
etag: "620e1664-1ce9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s%2B52tEXOvVf5v5m1HTCH1iGH9zKtuvRDhK2BqA%2B8gqGLEaBHCJVXEXAjvNuf%2Fi5P8dAtHkCJBEwCfs6YwT95NHPos0ALXvdGncopmnvE0TFgm%2Bvv%2BYkYdpv3QcsNKBVmMU0RC8uuNlwsfg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31104000
accept-ranges: bytes
cf-ray: 7ba4d8fcca4b373e-FRA
expires: Sat, 13 Apr 2024 11:36:03 GMT

GET
H3 200 Cara-Membaca-Ukuran-Ban-Mobil-218x150.png
otodiva.com/wp-content/uploads/2022/05/ 55 KB
56 KB 1274ms
1273ms Image
image/png 2606:4700:3034::6815:1bab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://otodiva.com/wp-content/uploads/2022/05/Cara-Membaca-Ukuran-Ban-Mobil-218x150.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::6815:1bab , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ef9e18fb10d75fcdb5a9d8f7b7b45c8295d396155a9509a6af39481bd1153509

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://otodiva.com/ip4xl/viewtopic.php?page=comerica-bank-credit-card
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 19 Apr 2023 11:36:04 GMT
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 56392
x-xss-protection: 1; mode=block
last-modified: Fri, 27 May 2022 22:11:29 GMT
server: cloudflare
etag: "62914c91-dc48"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mRwYOaIgFHj5f1YS6ddC9m3luztZeR3RFlxABSa%2BFiVnan6zVfa5TjYmMgSeDWLk0r7LdMD5r1QTPEUUm1PgjZQ2gi16bAgpSyQA%2BEBHUeMOJRc3pfs%2BvwbNExJBLP3CeylSh1ZaBYPTMw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31104000
accept-ranges: bytes
cf-ray: 7ba4d8fd0a8f373e-FRA
expires: Sat, 13 Apr 2024 11:36:03 GMT

GET
H3 200 Manfaat-Service-Spare-part-Mobil-218x150.png
otodiva.com/wp-content/uploads/2022/05/ 51 KB
52 KB 1244ms
1243ms Image
image/png 2606:4700:3034::6815:1bab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://otodiva.com/wp-content/uploads/2022/05/Manfaat-Service-Spare-part-Mobil-218x150.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::6815:1bab , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

03495c0171294fa73bd0425a58f7d34defa4df787ffab900354d9d3d92f336b7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://otodiva.com/ip4xl/viewtopic.php?page=comerica-bank-credit-card
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 19 Apr 2023 11:36:04 GMT
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 52183
x-xss-protection: 1; mode=block
last-modified: Fri, 27 May 2022 22:11:29 GMT
server: cloudflare
etag: "62914c91-cbd7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aBdURXTEdENc8sKiK5e2M4QiCOHgjqEeOG5YipBNf3jcubtxVcDsZhYsxcAhqtqxsLdahqQY7927bEnYKfCsLu%2BnX1%2BBzM%2Fj7UcThqYgkyEkrWWFCSeLyDezfXix%2FYLXLknuHFbneZyZCQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31104000
accept-ranges: bytes
cf-ray: 7ba4d8fd5afe373e-FRA
expires: Sat, 13 Apr 2024 11:36:04 GMT

OPTIONS
H3 200 rs
ad4m.at/ Frame 0
0 40ms
29ms Preflight
text/plain 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://as.ad4m.at
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin: https://as.ad4m.at
access-control-max-age: 1800
allow: HEAD,POST,GET,OPTIONS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7ba4d8fd8eb12d04-FRA
content-length: 24
content-type: text/plain
date: Wed, 19 Apr 2023 11:36:03 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g1Dm8IGqMQGwC04adoi9HpEqqO6BNZenq3k3Xl8ggtx5DnjhJeebeEH7g1tMeStQxypND0CkN%2BOXBfbMu457lZ5jlMPc7KhvvB5esJ90yGSAOltL7BAsSOoszw5ux%2Br8PuERnIU%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
via: 1.1 google
x-backend-server: aa-reachservice-group-europe-west1-pvdv

POST
H3 200 rs Show response
ad4m.at/ Frame AB49 2 KB
2 KB 47ms
46ms XHR
text/plain 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8af22f22d1bc49a3b43baa9f288d53a6b67bd7f3a238a19bc92fecb13c1abbc0

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 19 Apr 2023 11:36:03 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=q4TMFIOPn48qltfbjHs7i3TqqceqDfMrrH7CQJl5UamQ5Ag2IWywnbaRZW0uAlxdoD26bzzXlD2OA%2BY9ez4W5z880K1U9QLWGifPK9Ow8mxqA%2Bzk8uNtFfjTlj%2BXvcqkcCosd54%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain
access-control-allow-origin: https://as.ad4m.at
access-control-allow-credentials: true
cf-ray: 7ba4d8fdbf042d04-FRA
x-backend-server: aa-reachservice-group-europe-west1-pvdv
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 Cara-Impor-Mobil-Bekas-dari-Luar-Negeri-218x150.jpg
otodiva.com/wp-content/uploads/2022/05/ 14 KB
14 KB 1001ms
1001ms Image
image/jpeg 2606:4700:3034::6815:1bab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://otodiva.com/wp-content/uploads/2022/05/Cara-Impor-Mobil-Bekas-dari-Luar-Negeri-218x150.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::6815:1bab , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ea42a029b40609f833cc23513d22825e2d0114329051e90f9e7012b0bd8cc0e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://otodiva.com/ip4xl/viewtopic.php?page=comerica-bank-credit-card
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 19 Apr 2023 11:36:04 GMT
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 14294
x-xss-protection: 1; mode=block
last-modified: Fri, 27 May 2022 22:11:29 GMT
server: cloudflare
etag: "62914c91-37d6"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oFDOZDbad2ngQUfAXK9jJpo7GLdL154T8pqfyfEAjucNdqf02idEl0A6BeLGdbJC4MzeUMplg0uwV1BCP4pgmUovhv7EIMom%2BD12FnVBiRKj4x0ecJCYQNH9%2BYTakqyhFrXakiNMivJeKw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31104000
accept-ranges: bytes
cf-ray: 7ba4d8fd8b26373e-FRA
expires: Sat, 13 Apr 2024 11:36:04 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 0B05 0
10 B 35ms
35ms Image
text/plain 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?0mkOhA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 19 Apr 2023 11:36:03 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 Jenis-jenis-Spare-Part-pada-Mobil-218x150.png
otodiva.com/wp-content/uploads/2022/05/ 20 KB
21 KB 1033ms
1032ms Image
image/png 2606:4700:3034::6815:1bab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://otodiva.com/wp-content/uploads/2022/05/Jenis-jenis-Spare-Part-pada-Mobil-218x150.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::6815:1bab , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

297d2be33ffc830e30c38cfd948b000b8cbd70921f6bc160f5610d2914243c72

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://otodiva.com/ip4xl/viewtopic.php?page=comerica-bank-credit-card
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 19 Apr 2023 11:36:04 GMT
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 20645
x-xss-protection: 1; mode=block
last-modified: Fri, 27 May 2022 22:11:29 GMT
server: cloudflare
etag: "62914c91-50a5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mD7Klk2y59ZS3IKRs4SwYeOFTR46kysqLwP9BHx80qZNqz99DbnknzbKKlCySfgl2pBeexywtCS508VF4RL%2FsSQCaIw5u96TLJHDcotYvouYmPTNPhPDgnuYcoUJWHLIyIGc63FOf9cswA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31104000
accept-ranges: bytes
cf-ray: 7ba4d8fddb7d373e-FRA
expires: Sat, 13 Apr 2024 11:36:04 GMT

GET
H3 200 rar Show response
as.ad4m.at/ad/ Frame BD48 11 KB
5 KB 41ms
40ms Document
text/html 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/rar?a=117569%2C19458%2C197862&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2CZ28fwfBf6wRUmHDHDt3tJJZC6SXTQQefY5jB%2C3qjcpf4fXWQdC7HrHAtEtrQ4XsPSWTKKMsg2Y3&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2C9kMaMfmfxEVFKHBH2tzCrr9U9SmTzzmSrbBX%2CWPefrfdfZbxRaYH5HjtDC8qQ7u3SETVVmU9Q8W&c=728&d=90&e=&g=d8984c1d5e79e5ca6811f7dd83fb16d1%2F18242259206932164465&i=29981%2C20774%2C71725&j=16%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1681904163491&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1k0dtnzgevjk2563w6gyjp90sxqstpjz94kbhdzjn00nn4xnmy2grxg5wyp31j56qdcnk9trbz155a9a0r1pqw7nd3wc3vsbb4bmkx0r455kdfyeh410p0azhaf8b2f7d6h8jgse52rwe78wpaa0vh0wz6s01dc15q3b2t8mz8pw8wg1thqc6tfjtcn5x8rsb34btpxrz0qyvkch15t8yqw0k0x8t5w44xv4hk1464kmz8cqfc9hzzcekx87880r0hr57bd2wk4e0a0rhy46c63v%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCfWh1ItI_ZKWrPK2O9fgPsr-WwAqQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi01OTQ5NjQwMDUyODM2MzI0yAEJqQIP8eY_0GKyPqgDAaoE6QFP0GJI4MAKD6xiOx8uPQ3vnMufW-uAdY9Kzdk84P0Yeze4HEd09NZOb8ZBfdOR7WFC4SryqemRuiHwZ-ezYxdXlfgQPkd7SywEsKJKJaxpqwBBExnGOf-AjWHwIVzJotiPSbBf5jrcvESMNRScuUwOwV5hbWEj-NLUaBI12kDKKCZ65dXEzQX6-8ydCaLivCSL29god4BPYuQGrOFNrRGZMAoL7HLQ4cVrnSB96O1_w7dk2Bs9j_duiJUdxJi303yedk9zeexvCoDfLm0BkV5FRsH1emlLoRJ9NCit0pxKKcwlhMaCLG7iWYAGueqywdfTjrq-AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0bFhc_6d0lYmSzpRiDsxHAXKHfdg%2526client%253Dca-pub-5949640052836324%2526adurl%253D&y=1&s=&z=0

Requested by

Host: ad4m.at
URL: https://ad4m.at/r62eglto.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9eec0653a08bd83578207b0705c52bbefd0b54a66100ab5b9e822d3026b8a7d8

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-src ;img-src data:;manifest-src 'none';media-src 'none';object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://as.ad4m.at/ad/dr?ed=1jpyxp762gbftcmqnqd8g821q0r2kyfj1tb4wkex4e3metwzn6bvnvj1s1bba6wvgktn9kg6wg16mr66kz2d96ajbdyc1fqt6z0r21gp14t30jan6p6y9bcqkye77v2z7s4dknhqsz847gktq9ns9mks9ykf6tk5xvm6r0jdryght9gdfjb3pyej4sawtecqw7tj9nj3r78k34vcv03sem94zqgm07345dav4bbtqqcaprbabvc45xdqg185zt12e4f2xynhbfys5rqdc9jkebjyqxzmb69nw162hk56j125s6aaz4bxvf7f1gnzy79jxzk2wmkzbcwac1f3v6wc2e6dsecmw6thpbws28hdsqdfbkb18hrcjg7qsb0a9yjaja685nvdh90vycc00venawd453hk1nkm8pb2xnw1scay9bncyfrsk5mmevfdnd5gpsb58za8&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCfWh1ItI_ZKWrPK2O9fgPsr-WwAqQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi01OTQ5NjQwMDUyODM2MzI0yAEJqQIP8eY_0GKyPqgDAaoE6QFP0GJI4MAKD6xiOx8uPQ3vnMufW-uAdY9Kzdk84P0Yeze4HEd09NZOb8ZBfdOR7WFC4SryqemRuiHwZ-ezYxdXlfgQPkd7SywEsKJKJaxpqwBBExnGOf-AjWHwIVzJotiPSbBf5jrcvESMNRScuUwOwV5hbWEj-NLUaBI12kDKKCZ65dXEzQX6-8ydCaLivCSL29god4BPYuQGrOFNrRGZMAoL7HLQ4cVrnSB96O1_w7dk2Bs9j_duiJUdxJi303yedk9zeexvCoDfLm0BkV5FRsH1emlLoRJ9NCit0pxKKcwlhMaCLG7iWYAGueqywdfTjrq-AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0bFhc_6d0lYmSzpRiDsxHAXKHfdg%26client%3Dca-pub-5949640052836324%26adurl%3D
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 7ba4d8fe0a6736e0-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Wed, 19 Apr 2023 11:36:03 GMT
expires: 0
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H3 200 404.jpg
otodiva.com/wp-content/uploads/2019/11/ 198 KB
199 KB 1301ms
1300ms Image
image/jpeg 2606:4700:3034::6815:1bab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://otodiva.com/wp-content/uploads/2019/11/404.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::6815:1bab , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c38599467206486ce5cb2ce2dc3c533d63b09ca4eba8307097d4d2d99bdaee62

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://otodiva.com/ip4xl/viewtopic.php?page=comerica-bank-credit-card
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 19 Apr 2023 11:36:04 GMT
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 202832
x-xss-protection: 1; mode=block
last-modified: Thu, 17 Feb 2022 09:33:25 GMT
server: cloudflare
etag: "620e1665-31850"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TLBYn1huglJ45gY88etAjtipc5idGBXJaMNHEHcS1%2BZBnY8pT%2BCPhOJgdj58EE5dKaaiT8OZPdr1ZFP%2FtpVccRngrukf0kRTTM0K8TkA7DmcPkvHCz8c7Wlr7Dg8FQ7l1JKW43fAPCohIA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31104000
accept-ranges: bytes
cf-ray: 7ba4d8fe1bb8373e-FRA
expires: Sat, 13 Apr 2024 11:36:04 GMT

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.39/one-ad/ Frame BD48 94 KB
12 KB 27ms
26ms Stylesheet
text/css 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.39/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=117569%2C19458%2C197862&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2CZ28fwfBf6wRUmHDHDt3tJJZC6SXTQQefY5jB%2C3qjcpf4fXWQdC7HrHAtEtrQ4XsPSWTKKMsg2Y3&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2C9kMaMfmfxEVFKHBH2tzCrr9U9SmTzzmSrbBX%2CWPefrfdfZbxRaYH5HjtDC8qQ7u3SETVVmU9Q8W&c=728&d=90&e=&g=d8984c1d5e79e5ca6811f7dd83fb16d1%2F18242259206932164465&i=29981%2C20774%2C71725&j=16%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1681904163491&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1k0dtnzgevjk2563w6gyjp90sxqstpjz94kbhdzjn00nn4xnmy2grxg5wyp31j56qdcnk9trbz155a9a0r1pqw7nd3wc3vsbb4bmkx0r455kdfyeh410p0azhaf8b2f7d6h8jgse52rwe78wpaa0vh0wz6s01dc15q3b2t8mz8pw8wg1thqc6tfjtcn5x8rsb34btpxrz0qyvkch15t8yqw0k0x8t5w44xv4hk1464kmz8cqfc9hzzcekx87880r0hr57bd2wk4e0a0rhy46c63v%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCfWh1ItI_ZKWrPK2O9fgPsr-WwAqQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi01OTQ5NjQwMDUyODM2MzI0yAEJqQIP8eY_0GKyPqgDAaoE6QFP0GJI4MAKD6xiOx8uPQ3vnMufW-uAdY9Kzdk84P0Yeze4HEd09NZOb8ZBfdOR7WFC4SryqemRuiHwZ-ezYxdXlfgQPkd7SywEsKJKJaxpqwBBExnGOf-AjWHwIVzJotiPSbBf5jrcvESMNRScuUwOwV5hbWEj-NLUaBI12kDKKCZ65dXEzQX6-8ydCaLivCSL29god4BPYuQGrOFNrRGZMAoL7HLQ4cVrnSB96O1_w7dk2Bs9j_duiJUdxJi303yedk9zeexvCoDfLm0BkV5FRsH1emlLoRJ9NCit0pxKKcwlhMaCLG7iWYAGueqywdfTjrq-AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0bFhc_6d0lYmSzpRiDsxHAXKHfdg%2526client%253Dca-pub-5949640052836324%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 926a4ca073c39c40cabffbf1b0371803f245f084cdb9177fc7b3f9d81c0e394d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/rar?a=117569%2C19458%2C197862&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2CZ28fwfBf6wRUmHDHDt3tJJZC6SXTQQefY5jB%2C3qjcpf4fXWQdC7HrHAtEtrQ4XsPSWTKKMsg2Y3&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2C9kMaMfmfxEVFKHBH2tzCrr9U9SmTzzmSrbBX%2CWPefrfdfZbxRaYH5HjtDC8qQ7u3SETVVmU9Q8W&c=728&d=90&e=&g=d8984c1d5e79e5ca6811f7dd83fb16d1%2F18242259206932164465&i=29981%2C20774%2C71725&j=16%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1681904163491&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1k0dtnzgevjk2563w6gyjp90sxqstpjz94kbhdzjn00nn4xnmy2grxg5wyp31j56qdcnk9trbz155a9a0r1pqw7nd3wc3vsbb4bmkx0r455kdfyeh410p0azhaf8b2f7d6h8jgse52rwe78wpaa0vh0wz6s01dc15q3b2t8mz8pw8wg1thqc6tfjtcn5x8rsb34btpxrz0qyvkch15t8yqw0k0x8t5w44xv4hk1464kmz8cqfc9hzzcekx87880r0hr57bd2wk4e0a0rhy46c63v%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCfWh1ItI_ZKWrPK2O9fgPsr-WwAqQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi01OTQ5NjQwMDUyODM2MzI0yAEJqQIP8eY_0GKyPqgDAaoE6QFP0GJI4MAKD6xiOx8uPQ3vnMufW-uAdY9Kzdk84P0Yeze4HEd09NZOb8ZBfdOR7WFC4SryqemRuiHwZ-ezYxdXlfgQPkd7SywEsKJKJaxpqwBBExnGOf-AjWHwIVzJotiPSbBf5jrcvESMNRScuUwOwV5hbWEj-NLUaBI12kDKKCZ65dXEzQX6-8ydCaLivCSL29god4BPYuQGrOFNrRGZMAoL7HLQ4cVrnSB96O1_w7dk2Bs9j_duiJUdxJi303yedk9zeexvCoDfLm0BkV5FRsH1emlLoRJ9NCit0pxKKcwlhMaCLG7iWYAGueqywdfTjrq-AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0bFhc_6d0lYmSzpRiDsxHAXKHfdg%2526client%253Dca-pub-5949640052836324%2526adurl%253D&y=1&s=&z=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 19 Apr 2023 11:36:03 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime: 1681210094
age: 693082
cf-polished: origSize=96968
x-guploader-uploadid: ADPycdvBbBiAc2P41l3MPJ5-hXFPGXaQa8w7XhcYj92Xp8MLJ9mGx2Nxcd1NoISwl-CtOMwuiwBdZgqbw_DNCnSmQ168J3QFTvKy
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Tue, 11 Apr 2023 10:48:50 GMT
server: cloudflare
etag: W/"6110dc3a24c902508647a582294bcc25"
vary: Accept-Encoding
x-goog-generation: 1681210130860508
content-type: text/css
x-goog-hash: crc32c=6qzuyQ==, md5=YRDcOiTJAlCGR6WCKUvMJQ==
cache-control: public, max-age=3600
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tumsXlLMRmN9ahHoyxkLRa0ABVHRUebNUr4RopPkjqe2EkYsIsZ37E75G0ZS%2BA5ThpqauoloHUVItxzyEAha5Z50ktx8HrQU3wPg9oOHG0FKVxvxYE2rvYGdUcWsU7RfJazekJhWcxY%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 96968
cf-ray: 7ba4d8fe5adc36e0-FRA
expires: Wed, 19 Apr 2023 12:36:03 GMT

GET
H2 200 A0843E9156C9D7335C02FDBAB8781B4AFFEEE9E59ABD085E1EDF62037D970710A817E95DBBFD727CE4E28B26524C9A8F4A33EB1E826BD3A7B2541F094E39D266
assets.ad4m.at/logo/ Frame BD48 2 KB
3 KB 27ms
17ms Image
image/webp 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/A0843E9156C9D7335C02FDBAB8781B4AFFEEE9E59ABD085E1EDF62037D970710A817E95DBBFD727CE4E28B26524C9A8F4A33EB1E826BD3A7B2541F094E39D266
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=117569%2C19458%2C197862&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2CZ28fwfBf6wRUmHDHDt3tJJZC6SXTQQefY5jB%2C3qjcpf4fXWQdC7HrHAtEtrQ4XsPSWTKKMsg2Y3&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2C9kMaMfmfxEVFKHBH2tzCrr9U9SmTzzmSrbBX%2CWPefrfdfZbxRaYH5HjtDC8qQ7u3SETVVmU9Q8W&c=728&d=90&e=&g=d8984c1d5e79e5ca6811f7dd83fb16d1%2F18242259206932164465&i=29981%2C20774%2C71725&j=16%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1681904163491&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1k0dtnzgevjk2563w6gyjp90sxqstpjz94kbhdzjn00nn4xnmy2grxg5wyp31j56qdcnk9trbz155a9a0r1pqw7nd3wc3vsbb4bmkx0r455kdfyeh410p0azhaf8b2f7d6h8jgse52rwe78wpaa0vh0wz6s01dc15q3b2t8mz8pw8wg1thqc6tfjtcn5x8rsb34btpxrz0qyvkch15t8yqw0k0x8t5w44xv4hk1464kmz8cqfc9hzzcekx87880r0hr57bd2wk4e0a0rhy46c63v%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCfWh1ItI_ZKWrPK2O9fgPsr-WwAqQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi01OTQ5NjQwMDUyODM2MzI0yAEJqQIP8eY_0GKyPqgDAaoE6QFP0GJI4MAKD6xiOx8uPQ3vnMufW-uAdY9Kzdk84P0Yeze4HEd09NZOb8ZBfdOR7WFC4SryqemRuiHwZ-ezYxdXlfgQPkd7SywEsKJKJaxpqwBBExnGOf-AjWHwIVzJotiPSbBf5jrcvESMNRScuUwOwV5hbWEj-NLUaBI12kDKKCZ65dXEzQX6-8ydCaLivCSL29god4BPYuQGrOFNrRGZMAoL7HLQ4cVrnSB96O1_w7dk2Bs9j_duiJUdxJi303yedk9zeexvCoDfLm0BkV5FRsH1emlLoRJ9NCit0pxKKcwlhMaCLG7iWYAGueqywdfTjrq-AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0bFhc_6d0lYmSzpRiDsxHAXKHfdg%2526client%253Dca-pub-5949640052836324%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: af7a66542220ecfb2b8fa0286b60ffa95c1c8047df094654a90e1ff75f848ef5

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 19 Apr 2023 11:36:03 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 830769
cf-polished: origFmt=png, origSize=9357
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2330
cf-bgj: imgq:85,h2pri
last-modified: Thu, 08 Apr 2021 14:26:03 GMT
server: cloudflare
etag: "8cc161b392f5744da5319a4da549b763"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dMR64b0oLFZGYkr5foMkgRW%2FsgWWqsmKzGL%2FxCNFgdMrhDGD1YNj6xE39oZFBvdIwt35x0N86GImILzZwWZXxUSfZJjgHZByYVX6Zy1iHhFpU5lAcKMqEMPuD%2FiD%2BGUwM%2F8pz%2BJPmBoqH6E1"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7ba4d8fe6cad8fd0-FRA
expires: Thu, 20 Apr 2023 11:36:03 GMT

GET
H2 200 B0EFBB0208E9EF8D30A7C89B72C086F1DD36F5D7A5F0A9551729DDFC67E85BCDECDB196EB4EAB3FEC6BC55A4A1442682559F8312D8959CED1C6B0F52B22CF45C
assets.ad4m.at/product_image/ Frame BD48 339 KB
340 KB 32ms
25ms Image
image/webp 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/B0EFBB0208E9EF8D30A7C89B72C086F1DD36F5D7A5F0A9551729DDFC67E85BCDECDB196EB4EAB3FEC6BC55A4A1442682559F8312D8959CED1C6B0F52B22CF45C
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=117569%2C19458%2C197862&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2CZ28fwfBf6wRUmHDHDt3tJJZC6SXTQQefY5jB%2C3qjcpf4fXWQdC7HrHAtEtrQ4XsPSWTKKMsg2Y3&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2C9kMaMfmfxEVFKHBH2tzCrr9U9SmTzzmSrbBX%2CWPefrfdfZbxRaYH5HjtDC8qQ7u3SETVVmU9Q8W&c=728&d=90&e=&g=d8984c1d5e79e5ca6811f7dd83fb16d1%2F18242259206932164465&i=29981%2C20774%2C71725&j=16%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1681904163491&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1k0dtnzgevjk2563w6gyjp90sxqstpjz94kbhdzjn00nn4xnmy2grxg5wyp31j56qdcnk9trbz155a9a0r1pqw7nd3wc3vsbb4bmkx0r455kdfyeh410p0azhaf8b2f7d6h8jgse52rwe78wpaa0vh0wz6s01dc15q3b2t8mz8pw8wg1thqc6tfjtcn5x8rsb34btpxrz0qyvkch15t8yqw0k0x8t5w44xv4hk1464kmz8cqfc9hzzcekx87880r0hr57bd2wk4e0a0rhy46c63v%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCfWh1ItI_ZKWrPK2O9fgPsr-WwAqQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi01OTQ5NjQwMDUyODM2MzI0yAEJqQIP8eY_0GKyPqgDAaoE6QFP0GJI4MAKD6xiOx8uPQ3vnMufW-uAdY9Kzdk84P0Yeze4HEd09NZOb8ZBfdOR7WFC4SryqemRuiHwZ-ezYxdXlfgQPkd7SywEsKJKJaxpqwBBExnGOf-AjWHwIVzJotiPSbBf5jrcvESMNRScuUwOwV5hbWEj-NLUaBI12kDKKCZ65dXEzQX6-8ydCaLivCSL29god4BPYuQGrOFNrRGZMAoL7HLQ4cVrnSB96O1_w7dk2Bs9j_duiJUdxJi303yedk9zeexvCoDfLm0BkV5FRsH1emlLoRJ9NCit0pxKKcwlhMaCLG7iWYAGueqywdfTjrq-AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0bFhc_6d0lYmSzpRiDsxHAXKHfdg%2526client%253Dca-pub-5949640052836324%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 42e8de9192dee3b3ee8a7529c5883dac20b868000168362d9f287125c95e18a8

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 19 Apr 2023 11:36:03 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 491752
cf-polished: origFmt=png, origSize=563367
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 347098
cf-bgj: imgq:85,h2pri
last-modified: Fri, 09 Apr 2021 07:22:09 GMT
server: cloudflare
etag: "ff5ac113643d20bec15acfffe32cb75e"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4rOaFIZDu4bpdGq5v9QedmYdSgX0XqV18NpDfIXAKCqQCCOMRS6zJFP1%2BnsL38Ka1Q7Q28VlyVPQ%2BWa4%2BRKzT3tuJMAX0YBSIcb6Ku26Rf71xFlRIBoxwmal3R0X2WEhc3SpWDAx1%2Bri7442"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7ba4d8fe6ca78fd0-FRA
expires: Thu, 20 Apr 2023 11:36:03 GMT

GET
H/1.1 200
OK cshow.php
www.awin1.com/ Frame BD48 43 B
702 B 90ms
57ms Image
image/gif 23.210.125.176
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.awin1.com/cshow.php?s=2904924&v=20044&q=415363&r=412871&pv=1&pref3=oneidJMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eYoneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&gdpr_pd=0

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=117569%2C19458%2C197862&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2CZ28fwfBf6wRUmHDHDt3tJJZC6SXTQQefY5jB%2C3qjcpf4fXWQdC7HrHAtEtrQ4XsPSWTKKMsg2Y3&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2C9kMaMfmfxEVFKHBH2tzCrr9U9SmTzzmSrbBX%2CWPefrfdfZbxRaYH5HjtDC8qQ7u3SETVVmU9Q8W&c=728&d=90&e=&g=d8984c1d5e79e5ca6811f7dd83fb16d1%2F18242259206932164465&i=29981%2C20774%2C71725&j=16%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1681904163491&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1k0dtnzgevjk2563w6gyjp90sxqstpjz94kbhdzjn00nn4xnmy2grxg5wyp31j56qdcnk9trbz155a9a0r1pqw7nd3wc3vsbb4bmkx0r455kdfyeh410p0azhaf8b2f7d6h8jgse52rwe78wpaa0vh0wz6s01dc15q3b2t8mz8pw8wg1thqc6tfjtcn5x8rsb34btpxrz0qyvkch15t8yqw0k0x8t5w44xv4hk1464kmz8cqfc9hzzcekx87880r0hr57bd2wk4e0a0rhy46c63v%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCfWh1ItI_ZKWrPK2O9fgPsr-WwAqQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi01OTQ5NjQwMDUyODM2MzI0yAEJqQIP8eY_0GKyPqgDAaoE6QFP0GJI4MAKD6xiOx8uPQ3vnMufW-uAdY9Kzdk84P0Yeze4HEd09NZOb8ZBfdOR7WFC4SryqemRuiHwZ-ezYxdXlfgQPkd7SywEsKJKJaxpqwBBExnGOf-AjWHwIVzJotiPSbBf5jrcvESMNRScuUwOwV5hbWEj-NLUaBI12kDKKCZ65dXEzQX6-8ydCaLivCSL29god4BPYuQGrOFNrRGZMAoL7HLQ4cVrnSB96O1_w7dk2Bs9j_duiJUdxJi303yedk9zeexvCoDfLm0BkV5FRsH1emlLoRJ9NCit0pxKKcwlhMaCLG7iWYAGueqywdfTjrq-AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0bFhc_6d0lYmSzpRiDsxHAXKHfdg%2526client%253Dca-pub-5949640052836324%2526adurl%253D&y=1&s=&z=0

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.210.125.176 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-210-125-176.deploy.static.akamaitechnologies.com

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 19 Apr 2023 11:36:03 GMT
Strict-Transport-Security: max-age=86400
Node: Helix
Content-Type: image/gif
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set: default
Connection: keep-alive
Content-Length: 43
Expires: 0

GET
H2 200 D694B3AB12381C049B127B34DC11A792684BA8B6EE8B598D6E4045678591B7D0DC6B2CEF7528F06BB05FC11826A1D16CF24DA68FCFC2416343996FBFC05A3155
assets.ad4m.at/logo/ Frame BD48 53 KB
54 KB 32ms
25ms Image
image/webp 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/D694B3AB12381C049B127B34DC11A792684BA8B6EE8B598D6E4045678591B7D0DC6B2CEF7528F06BB05FC11826A1D16CF24DA68FCFC2416343996FBFC05A3155
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=117569%2C19458%2C197862&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2CZ28fwfBf6wRUmHDHDt3tJJZC6SXTQQefY5jB%2C3qjcpf4fXWQdC7HrHAtEtrQ4XsPSWTKKMsg2Y3&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2C9kMaMfmfxEVFKHBH2tzCrr9U9SmTzzmSrbBX%2CWPefrfdfZbxRaYH5HjtDC8qQ7u3SETVVmU9Q8W&c=728&d=90&e=&g=d8984c1d5e79e5ca6811f7dd83fb16d1%2F18242259206932164465&i=29981%2C20774%2C71725&j=16%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1681904163491&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1k0dtnzgevjk2563w6gyjp90sxqstpjz94kbhdzjn00nn4xnmy2grxg5wyp31j56qdcnk9trbz155a9a0r1pqw7nd3wc3vsbb4bmkx0r455kdfyeh410p0azhaf8b2f7d6h8jgse52rwe78wpaa0vh0wz6s01dc15q3b2t8mz8pw8wg1thqc6tfjtcn5x8rsb34btpxrz0qyvkch15t8yqw0k0x8t5w44xv4hk1464kmz8cqfc9hzzcekx87880r0hr57bd2wk4e0a0rhy46c63v%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCfWh1ItI_ZKWrPK2O9fgPsr-WwAqQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi01OTQ5NjQwMDUyODM2MzI0yAEJqQIP8eY_0GKyPqgDAaoE6QFP0GJI4MAKD6xiOx8uPQ3vnMufW-uAdY9Kzdk84P0Yeze4HEd09NZOb8ZBfdOR7WFC4SryqemRuiHwZ-ezYxdXlfgQPkd7SywEsKJKJaxpqwBBExnGOf-AjWHwIVzJotiPSbBf5jrcvESMNRScuUwOwV5hbWEj-NLUaBI12kDKKCZ65dXEzQX6-8ydCaLivCSL29god4BPYuQGrOFNrRGZMAoL7HLQ4cVrnSB96O1_w7dk2Bs9j_duiJUdxJi303yedk9zeexvCoDfLm0BkV5FRsH1emlLoRJ9NCit0pxKKcwlhMaCLG7iWYAGueqywdfTjrq-AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0bFhc_6d0lYmSzpRiDsxHAXKHfdg%2526client%253Dca-pub-5949640052836324%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ccc415761dc5487c6d953e1ff0de4904b7bca42512371811d84e712253628f97

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 19 Apr 2023 11:36:03 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1267250
cf-polished: origFmt=png, origSize=115129
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 54554
cf-bgj: imgq:85,h2pri
last-modified: Tue, 09 Feb 2021 15:11:24 GMT
server: cloudflare
etag: "0a277d59efca0369a6983645e273659e"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jrq9bWbhURJKlcpNPGNl3y9MI1K4LPLDLjRAn0jMbMji3M5B7XuTDxCGlTI%2B5L%2FCm%2FP1vs%2Bw2S4%2FeZiUC%2BN87qHaNkiIhQ7ZoUPH9LnKWttMCbZ4auUscPhoc4cR%2BMFQEo%2F%2FJjmgK3tXRzdJ"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7ba4d8fe6cae8fd0-FRA
expires: Thu, 20 Apr 2023 11:36:03 GMT

GET
H2 200 1D53E9CF3821E81F5644C8C6FD10FC3C1E53F2F21748B14D50333BD8E08058E50BE70BEE9D071C4FD38992D3B57467DAA70308BF0B8E9E5A740263D0F5C9EE6D
assets.ad4m.at/product_image/ Frame BD48 21 KB
22 KB 25ms
17ms Image
image/webp 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/1D53E9CF3821E81F5644C8C6FD10FC3C1E53F2F21748B14D50333BD8E08058E50BE70BEE9D071C4FD38992D3B57467DAA70308BF0B8E9E5A740263D0F5C9EE6D
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=117569%2C19458%2C197862&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2CZ28fwfBf6wRUmHDHDt3tJJZC6SXTQQefY5jB%2C3qjcpf4fXWQdC7HrHAtEtrQ4XsPSWTKKMsg2Y3&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2C9kMaMfmfxEVFKHBH2tzCrr9U9SmTzzmSrbBX%2CWPefrfdfZbxRaYH5HjtDC8qQ7u3SETVVmU9Q8W&c=728&d=90&e=&g=d8984c1d5e79e5ca6811f7dd83fb16d1%2F18242259206932164465&i=29981%2C20774%2C71725&j=16%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1681904163491&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1k0dtnzgevjk2563w6gyjp90sxqstpjz94kbhdzjn00nn4xnmy2grxg5wyp31j56qdcnk9trbz155a9a0r1pqw7nd3wc3vsbb4bmkx0r455kdfyeh410p0azhaf8b2f7d6h8jgse52rwe78wpaa0vh0wz6s01dc15q3b2t8mz8pw8wg1thqc6tfjtcn5x8rsb34btpxrz0qyvkch15t8yqw0k0x8t5w44xv4hk1464kmz8cqfc9hzzcekx87880r0hr57bd2wk4e0a0rhy46c63v%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCfWh1ItI_ZKWrPK2O9fgPsr-WwAqQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi01OTQ5NjQwMDUyODM2MzI0yAEJqQIP8eY_0GKyPqgDAaoE6QFP0GJI4MAKD6xiOx8uPQ3vnMufW-uAdY9Kzdk84P0Yeze4HEd09NZOb8ZBfdOR7WFC4SryqemRuiHwZ-ezYxdXlfgQPkd7SywEsKJKJaxpqwBBExnGOf-AjWHwIVzJotiPSbBf5jrcvESMNRScuUwOwV5hbWEj-NLUaBI12kDKKCZ65dXEzQX6-8ydCaLivCSL29god4BPYuQGrOFNrRGZMAoL7HLQ4cVrnSB96O1_w7dk2Bs9j_duiJUdxJi303yedk9zeexvCoDfLm0BkV5FRsH1emlLoRJ9NCit0pxKKcwlhMaCLG7iWYAGueqywdfTjrq-AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0bFhc_6d0lYmSzpRiDsxHAXKHfdg%2526client%253Dca-pub-5949640052836324%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ea39dba2b498dfe4e18255e241acf246f9229c8deb54e5b2530cadb51a25bd58

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 19 Apr 2023 11:36:03 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1867254
cf-polished: qual=85, origFmt=jpeg, origSize=60655
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 21982
cf-bgj: imgq:85,h2pri
last-modified: Fri, 11 Dec 2020 13:58:13 GMT
server: cloudflare
etag: "39d52f1648dac315ebcc9c4fa4ed5728"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qi8u70pkItgaqCAHmGaKqs5gFSJc7CwVN4IpsDvPa%2Bz9tnxZd%2FIIV7QNZYkaJzr2SmWRSaKAnXRVTqhtbTvLzNBNuzPZ4l9C4%2BCL1XSsr7Bikrt3WPC4HOxNZM6HQRNBuUyr3dhOPO0W3r1N"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7ba4d8fe6cab8fd0-FRA
expires: Thu, 20 Apr 2023 11:36:03 GMT

GET
H/1.1

200
OK

/
partner.o2online.de/a/ Frame BD48
Redirect Chain

https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_t...
https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_pre=CP3p46Httf4CFcaB3godi-IAVg;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=...
https://www.telefonica-partner.de/tpv.php?t=112793V1226132702M&subid=viewoneidZ28fwfBf6wRUmHDHDt3tJJZC6SXTQQefY5jBoneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&gdpr_pd=0
https://www.lead-alliance.net/tpv.php?t=112793V1226132702M&subid=viewoneidZ28fwfBf6wRUmHDHDt3tJJZC6SXTQQefY5jBoneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&gdpr_pd=0
https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=112793&s_id=2023041913360384076032895X112793V1226132702MSviewoneidZ28fwfBf6wRUmHDHDt3tJJZC6SXTQQefY5jBoneid__suite...

49 B
1 KB

51ms
17ms

Image
image/gif

167.233.13.224
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=112793&s_id=2023041913360384076032895X112793V1226132702MSviewoneidZ28fwfBf6wRUmHDHDt3tJJZC6SXTQQefY5jBoneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&cons=0&spid=2023041913360384076032895X112793V1226132702MSviewoneidZ28fwfBf6wRUmHDHDt3tJJZC6SXTQQefY5jBoneid__suite_Netmix_Reach121_BESTPERFORMER&wfid=112793&partnerid=12218
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=117569%2C19458%2C197862&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2CZ28fwfBf6wRUmHDHDt3tJJZC6SXTQQefY5jB%2C3qjcpf4fXWQdC7HrHAtEtrQ4XsPSWTKKMsg2Y3&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2C9kMaMfmfxEVFKHBH2tzCrr9U9SmTzzmSrbBX%2CWPefrfdfZbxRaYH5HjtDC8qQ7u3SETVVmU9Q8W&c=728&d=90&e=&g=d8984c1d5e79e5ca6811f7dd83fb16d1%2F18242259206932164465&i=29981%2C20774%2C71725&j=16%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1681904163491&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1k0dtnzgevjk2563w6gyjp90sxqstpjz94kbhdzjn00nn4xnmy2grxg5wyp31j56qdcnk9trbz155a9a0r1pqw7nd3wc3vsbb4bmkx0r455kdfyeh410p0azhaf8b2f7d6h8jgse52rwe78wpaa0vh0wz6s01dc15q3b2t8mz8pw8wg1thqc6tfjtcn5x8rsb34btpxrz0qyvkch15t8yqw0k0x8t5w44xv4hk1464kmz8cqfc9hzzcekx87880r0hr57bd2wk4e0a0rhy46c63v%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCfWh1ItI_ZKWrPK2O9fgPsr-WwAqQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi01OTQ5NjQwMDUyODM2MzI0yAEJqQIP8eY_0GKyPqgDAaoE6QFP0GJI4MAKD6xiOx8uPQ3vnMufW-uAdY9Kzdk84P0Yeze4HEd09NZOb8ZBfdOR7WFC4SryqemRuiHwZ-ezYxdXlfgQPkd7SywEsKJKJaxpqwBBExnGOf-AjWHwIVzJotiPSbBf5jrcvESMNRScuUwOwV5hbWEj-NLUaBI12kDKKCZ65dXEzQX6-8ydCaLivCSL29god4BPYuQGrOFNrRGZMAoL7HLQ4cVrnSB96O1_w7dk2Bs9j_duiJUdxJi303yedk9zeexvCoDfLm0BkV5FRsH1emlLoRJ9NCit0pxKKcwlhMaCLG7iWYAGueqywdfTjrq-AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0bFhc_6d0lYmSzpRiDsxHAXKHfdg%2526client%253Dca-pub-5949640052836324%2526adurl%253D&y=1&s=&z=0
Protocol: HTTP/1.1
Server: 167.233.13.224 Hallbergmoos, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.224.13.233.167.clients.your-server.de
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Wed, 19 Apr 2023 11:36:03 GMT
X-NODEIP: 46.4.41.145
Server: nginx/1.14.0 (Ubuntu)
RM-PrivacyPolicy: https://www.nonstoppartner.net/
Content-Type: image/gif
P3P: policyref="https://a.nonstoppartner.net/w3c/p3p.a.xml", CP="NOI CUR OUR STP"
Connection: keep-alive
Keep-Alive: timeout=10
Content-Length: 49

Redirect headers

location: https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=112793&s_id=2023041913360384076032895X112793V1226132702MSviewoneidZ28fwfBf6wRUmHDHDt3tJJZC6SXTQQefY5jBoneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&cons=0&spid=2023041913360384076032895X112793V1226132702MSviewoneidZ28fwfBf6wRUmHDHDt3tJJZC6SXTQQefY5jBoneid__suite_Netmix_Reach121_BESTPERFORMER&wfid=112793&partnerid=12218
date: Wed, 19 Apr 2023 11:36:03 GMT
x-content-type-options: nosniff
server: nginx
x-xss-protection: 1; mode=block
content-type: text/html; charset=UTF-8

GET
H2 200 C3FCB3AB04505A8F1D79D1D5953F5207FE6F49EF4C517E920A79B423A52F9E2DCCD658FDD21E3D8209A640CEE47D02AAD52D272924710EAE6BAB80FD9B483022
assets.ad4m.at/logo/ Frame BD48 5 KB
5 KB 31ms
24ms Image
image/webp 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/C3FCB3AB04505A8F1D79D1D5953F5207FE6F49EF4C517E920A79B423A52F9E2DCCD658FDD21E3D8209A640CEE47D02AAD52D272924710EAE6BAB80FD9B483022
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=117569%2C19458%2C197862&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2CZ28fwfBf6wRUmHDHDt3tJJZC6SXTQQefY5jB%2C3qjcpf4fXWQdC7HrHAtEtrQ4XsPSWTKKMsg2Y3&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2C9kMaMfmfxEVFKHBH2tzCrr9U9SmTzzmSrbBX%2CWPefrfdfZbxRaYH5HjtDC8qQ7u3SETVVmU9Q8W&c=728&d=90&e=&g=d8984c1d5e79e5ca6811f7dd83fb16d1%2F18242259206932164465&i=29981%2C20774%2C71725&j=16%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1681904163491&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1k0dtnzgevjk2563w6gyjp90sxqstpjz94kbhdzjn00nn4xnmy2grxg5wyp31j56qdcnk9trbz155a9a0r1pqw7nd3wc3vsbb4bmkx0r455kdfyeh410p0azhaf8b2f7d6h8jgse52rwe78wpaa0vh0wz6s01dc15q3b2t8mz8pw8wg1thqc6tfjtcn5x8rsb34btpxrz0qyvkch15t8yqw0k0x8t5w44xv4hk1464kmz8cqfc9hzzcekx87880r0hr57bd2wk4e0a0rhy46c63v%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCfWh1ItI_ZKWrPK2O9fgPsr-WwAqQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi01OTQ5NjQwMDUyODM2MzI0yAEJqQIP8eY_0GKyPqgDAaoE6QFP0GJI4MAKD6xiOx8uPQ3vnMufW-uAdY9Kzdk84P0Yeze4HEd09NZOb8ZBfdOR7WFC4SryqemRuiHwZ-ezYxdXlfgQPkd7SywEsKJKJaxpqwBBExnGOf-AjWHwIVzJotiPSbBf5jrcvESMNRScuUwOwV5hbWEj-NLUaBI12kDKKCZ65dXEzQX6-8ydCaLivCSL29god4BPYuQGrOFNrRGZMAoL7HLQ4cVrnSB96O1_w7dk2Bs9j_duiJUdxJi303yedk9zeexvCoDfLm0BkV5FRsH1emlLoRJ9NCit0pxKKcwlhMaCLG7iWYAGueqywdfTjrq-AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0bFhc_6d0lYmSzpRiDsxHAXKHfdg%2526client%253Dca-pub-5949640052836324%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9c63890b7f3f2e513fa085cd7b198f9ab91721a9e8aa7180806ff4aa7b4089a4

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 19 Apr 2023 11:36:03 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 572056
cf-polished: origFmt=png, origSize=10283
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4736
cf-bgj: imgq:85,h2pri
last-modified: Thu, 06 Apr 2023 12:21:02 GMT
server: cloudflare
etag: "b90d04a587c2a1ab6749e51d8bb195d1"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2BhFSJ4ulAt5j%2FNa%2F9QCYv32J2DSMyLfSOL5DL1j94d3JZfeZTep85nT094lN226ztl9udyYyRpl1n8xB2MPjyFGxh8p%2FKp7CEDnYxQSlZlYTSv39FjdS%2BNAajyksBIr%2FLewoLrNskSI0tgS"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7ba4d8fe6cb08fd0-FRA
expires: Thu, 20 Apr 2023 11:36:03 GMT

GET
H2 200 A36DAD0D440985CF6ABFA23492945CE5BC6D94350A66B19418CB771AFE823AD9B48ADE8E2F007546F0A50A710172EEFC2CAC1468E38852CE2028C22592AAFB75
assets.ad4m.at/product_image/ Frame BD48 54 KB
55 KB 25ms
18ms Image
image/webp 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/A36DAD0D440985CF6ABFA23492945CE5BC6D94350A66B19418CB771AFE823AD9B48ADE8E2F007546F0A50A710172EEFC2CAC1468E38852CE2028C22592AAFB75
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=117569%2C19458%2C197862&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2CZ28fwfBf6wRUmHDHDt3tJJZC6SXTQQefY5jB%2C3qjcpf4fXWQdC7HrHAtEtrQ4XsPSWTKKMsg2Y3&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2C9kMaMfmfxEVFKHBH2tzCrr9U9SmTzzmSrbBX%2CWPefrfdfZbxRaYH5HjtDC8qQ7u3SETVVmU9Q8W&c=728&d=90&e=&g=d8984c1d5e79e5ca6811f7dd83fb16d1%2F18242259206932164465&i=29981%2C20774%2C71725&j=16%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1681904163491&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1k0dtnzgevjk2563w6gyjp90sxqstpjz94kbhdzjn00nn4xnmy2grxg5wyp31j56qdcnk9trbz155a9a0r1pqw7nd3wc3vsbb4bmkx0r455kdfyeh410p0azhaf8b2f7d6h8jgse52rwe78wpaa0vh0wz6s01dc15q3b2t8mz8pw8wg1thqc6tfjtcn5x8rsb34btpxrz0qyvkch15t8yqw0k0x8t5w44xv4hk1464kmz8cqfc9hzzcekx87880r0hr57bd2wk4e0a0rhy46c63v%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCfWh1ItI_ZKWrPK2O9fgPsr-WwAqQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi01OTQ5NjQwMDUyODM2MzI0yAEJqQIP8eY_0GKyPqgDAaoE6QFP0GJI4MAKD6xiOx8uPQ3vnMufW-uAdY9Kzdk84P0Yeze4HEd09NZOb8ZBfdOR7WFC4SryqemRuiHwZ-ezYxdXlfgQPkd7SywEsKJKJaxpqwBBExnGOf-AjWHwIVzJotiPSbBf5jrcvESMNRScuUwOwV5hbWEj-NLUaBI12kDKKCZ65dXEzQX6-8ydCaLivCSL29god4BPYuQGrOFNrRGZMAoL7HLQ4cVrnSB96O1_w7dk2Bs9j_duiJUdxJi303yedk9zeexvCoDfLm0BkV5FRsH1emlLoRJ9NCit0pxKKcwlhMaCLG7iWYAGueqywdfTjrq-AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0bFhc_6d0lYmSzpRiDsxHAXKHfdg%2526client%253Dca-pub-5949640052836324%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d8928a20b6d9520af9bfb5e9748259fc3c1ed52ee4e430920d7e70897af5c065

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 19 Apr 2023 11:36:03 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 967539
cf-polished: origFmt=png, origSize=105738
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 55798
cf-bgj: imgq:85,h2pri
last-modified: Mon, 04 Jul 2022 08:55:40 GMT
server: cloudflare
etag: "147be38db57f89c69c9e65b05983ff0e"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S9Os3tGe6TC4RVfwhZZcGamVCpYVhdqOMtVjIl9%2BEGfk9WpL5JLL8O1aUMZXfVVmBBiBLLie1heoPSfOWXeIofrfXSh4ZqGuTxpp7fCc8NTWDw1e5Jn%2FU8NgE0XpYOR8IAuXrnCxFjuMpB7l"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7ba4d8fe6ca48fd0-FRA
expires: Thu, 20 Apr 2023 11:36:03 GMT

GET
H2 200 link.html Show response
track.webgains.com/ Frame BD48 2 KB
2 KB 146ms
89ms Script
text/html 3.9.84.205
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://track.webgains.com/link.html?wglinkid=3641431&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1k7vt25eze78prkdrckj8ghaw3vt90az84thk4ef9j7f1yx6e790en98276g3k5c65xmfvjaw0q6y68njmsekqvgtj8512qasamg6xfrzkbxpwfh78w8ftf4y1rbrr1d7grey5qq8erzpxqefsn5qfv6p9jbxxpmy4mjhkm02p9bge8y0ng25f5j5yv66z7j2b8tyvnew6y7960887se16sq8y1ykzyd9ggaas1x4jkqwnp3as46n69ccgn6824m8r7aa%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1k0dtnzgevjk2563w6gyjp90sxqstpjz94kbhdzjn00nn4xnmy2grxg5wyp31j56qdcnk9trbz155a9a0r1pqw7nd3wc3vsbb4bmkx0r455kdfyeh410p0azhaf8b2f7d6h8jgse52rwe78wpaa0vh0wz6s01dc15q3b2t8mz8pw8wg1thqc6tfjtcn5x8rsb34btpxrz0qyvkch15t8yqw0k0x8t5w44xv4hk1464kmz8cqfc9hzzcekx87880r0hr57bd2wk4e0a0rhy46c63v%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCfWh1ItI_ZKWrPK2O9fgPsr-WwAqQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi01OTQ5NjQwMDUyODM2MzI0yAEJqQIP8eY_0GKyPqgDAaoE6QFP0GJI4MAKD6xiOx8uPQ3vnMufW-uAdY9Kzdk84P0Yeze4HEd09NZOb8ZBfdOR7WFC4SryqemRuiHwZ-ezYxdXlfgQPkd7SywEsKJKJaxpqwBBExnGOf-AjWHwIVzJotiPSbBf5jrcvESMNRScuUwOwV5hbWEj-NLUaBI12kDKKCZ65dXEzQX6-8ydCaLivCSL29god4BPYuQGrOFNrRGZMAoL7HLQ4cVrnSB96O1_w7dk2Bs9j_duiJUdxJi303yedk9zeexvCoDfLm0BkV5FRsH1emlLoRJ9NCit0pxKKcwlhMaCLG7iWYAGueqywdfTjrq-AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_0bFhc_6d0lYmSzpRiDsxHAXKHfdg%252526client%25253Dca-pub-5949640052836324%252526adurl%25253D&clickref=oneidWPefrfdfZbxRaYH5HjtDC8qQ7u3SETVVmU9Q8Woneid__suite_Netmix_Reach121_BESTPERFORMER&viewref=oneid3qjcpf4fXWQdC7HrHAtEtrQ4XsPSWTKKMsg2Y3oneid__suite_Netmix_Reach121_BESTPERFORMER
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=117569%2C19458%2C197862&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2CZ28fwfBf6wRUmHDHDt3tJJZC6SXTQQefY5jB%2C3qjcpf4fXWQdC7HrHAtEtrQ4XsPSWTKKMsg2Y3&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2C9kMaMfmfxEVFKHBH2tzCrr9U9SmTzzmSrbBX%2CWPefrfdfZbxRaYH5HjtDC8qQ7u3SETVVmU9Q8W&c=728&d=90&e=&g=d8984c1d5e79e5ca6811f7dd83fb16d1%2F18242259206932164465&i=29981%2C20774%2C71725&j=16%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1681904163491&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1k0dtnzgevjk2563w6gyjp90sxqstpjz94kbhdzjn00nn4xnmy2grxg5wyp31j56qdcnk9trbz155a9a0r1pqw7nd3wc3vsbb4bmkx0r455kdfyeh410p0azhaf8b2f7d6h8jgse52rwe78wpaa0vh0wz6s01dc15q3b2t8mz8pw8wg1thqc6tfjtcn5x8rsb34btpxrz0qyvkch15t8yqw0k0x8t5w44xv4hk1464kmz8cqfc9hzzcekx87880r0hr57bd2wk4e0a0rhy46c63v%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCfWh1ItI_ZKWrPK2O9fgPsr-WwAqQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi01OTQ5NjQwMDUyODM2MzI0yAEJqQIP8eY_0GKyPqgDAaoE6QFP0GJI4MAKD6xiOx8uPQ3vnMufW-uAdY9Kzdk84P0Yeze4HEd09NZOb8ZBfdOR7WFC4SryqemRuiHwZ-ezYxdXlfgQPkd7SywEsKJKJaxpqwBBExnGOf-AjWHwIVzJotiPSbBf5jrcvESMNRScuUwOwV5hbWEj-NLUaBI12kDKKCZ65dXEzQX6-8ydCaLivCSL29god4BPYuQGrOFNrRGZMAoL7HLQ4cVrnSB96O1_w7dk2Bs9j_duiJUdxJi303yedk9zeexvCoDfLm0BkV5FRsH1emlLoRJ9NCit0pxKKcwlhMaCLG7iWYAGueqywdfTjrq-AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0bFhc_6d0lYmSzpRiDsxHAXKHfdg%2526client%253Dca-pub-5949640052836324%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.9.84.205 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-9-84-205.eu-west-2.compute.amazonaws.com
Software: nginx / PHP/7.4.26
Resource Hash: dd6148126b703eb34592e7a0cbe81d7cfc699d62ff32897468d64948dd243772

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 19 Apr 2023 11:36:03 GMT
last-modified: Wed, 19 Apr 2023 11:36:03 GMT
server: nginx
x-powered-by: PHP/7.4.26
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=60
access-control-allow-headers: Authorization
expires: Wed, 19 Apr 2023 11:37:03 GMT

GET
H2 200 pvClk.min.js Show response
analytics.webgains.io/ Frame BD48 85 KB
31 KB 52ms
7ms Script
text/javascript 18.66.147.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.webgains.io/pvClk.min.js
Requested by: Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=3641431&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1k7vt25eze78prkdrckj8ghaw3vt90az84thk4ef9j7f1yx6e790en98276g3k5c65xmfvjaw0q6y68njmsekqvgtj8512qasamg6xfrzkbxpwfh78w8ftf4y1rbrr1d7grey5qq8erzpxqefsn5qfv6p9jbxxpmy4mjhkm02p9bge8y0ng25f5j5yv66z7j2b8tyvnew6y7960887se16sq8y1ykzyd9ggaas1x4jkqwnp3as46n69ccgn6824m8r7aa%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1k0dtnzgevjk2563w6gyjp90sxqstpjz94kbhdzjn00nn4xnmy2grxg5wyp31j56qdcnk9trbz155a9a0r1pqw7nd3wc3vsbb4bmkx0r455kdfyeh410p0azhaf8b2f7d6h8jgse52rwe78wpaa0vh0wz6s01dc15q3b2t8mz8pw8wg1thqc6tfjtcn5x8rsb34btpxrz0qyvkch15t8yqw0k0x8t5w44xv4hk1464kmz8cqfc9hzzcekx87880r0hr57bd2wk4e0a0rhy46c63v%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCfWh1ItI_ZKWrPK2O9fgPsr-WwAqQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi01OTQ5NjQwMDUyODM2MzI0yAEJqQIP8eY_0GKyPqgDAaoE6QFP0GJI4MAKD6xiOx8uPQ3vnMufW-uAdY9Kzdk84P0Yeze4HEd09NZOb8ZBfdOR7WFC4SryqemRuiHwZ-ezYxdXlfgQPkd7SywEsKJKJaxpqwBBExnGOf-AjWHwIVzJotiPSbBf5jrcvESMNRScuUwOwV5hbWEj-NLUaBI12kDKKCZ65dXEzQX6-8ydCaLivCSL29god4BPYuQGrOFNrRGZMAoL7HLQ4cVrnSB96O1_w7dk2Bs9j_duiJUdxJi303yedk9zeexvCoDfLm0BkV5FRsH1emlLoRJ9NCit0pxKKcwlhMaCLG7iWYAGueqywdfTjrq-AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_0bFhc_6d0lYmSzpRiDsxHAXKHfdg%252526client%25253Dca-pub-5949640052836324%252526adurl%25253D&clickref=oneidWPefrfdfZbxRaYH5HjtDC8qQ7u3SETVVmU9Q8Woneid__suite_Netmix_Reach121_BESTPERFORMER&viewref=oneid3qjcpf4fXWQdC7HrHAtEtrQ4XsPSWTKKMsg2Y3oneid__suite_Netmix_Reach121_BESTPERFORMER
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-98.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 00c5621a3f56c052959f8f0591b65e893f132b49b1447fde20767966cacbfbfe

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 19 Apr 2023 10:19:46 GMT
content-encoding: gzip
via: 1.1 013a54c6b9caf01f403c247789c7256c.cloudfront.net (CloudFront)
last-modified: Wed, 15 Mar 2023 17:26:29 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P4
age: 4578
etag: W/"876c293e6c37046ecb0c11ce2e276942"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
x-amz-cf-id: -j88nkw4gq7D16UrZ20u_HgAV9JThhmn__bIFPw6jnd60H0la6P31w==

GET
H2 200 1619604937_fPkEZHu3MNy3GC7XuV3lA1s9E5XlSAcF.png
cdn.track.production.webgains.team/286305/ Frame BD48 15 KB
15 KB 53ms
8ms Image
image/png 99.86.4.52
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.track.production.webgains.team/286305/1619604937_fPkEZHu3MNy3GC7XuV3lA1s9E5XlSAcF.png?Expires=1681904463&Signature=inDRQgGjCq7lNHXAkZNepnMQcoccIsB4c~SuOqv7z~TYS3i-TZD6mxCt3Bf0kMVKmLAYIt5HQxd5pysTaqONY1G-Hl74hkXScmXiS2774Tf3H-Cy-skL32kp4I~Frjf4C7MWqJbWQole-eUH28X4YsPcc96a1rWg3xqa-kPDBCAr~HU9~7GasPcObczEUB~Su0QwxJtCu5sYbzh-RCS58YgaJWrs-a3X-XUjaPW2jh4o-J1S35VgjUtsMOkxf1kdD5lL08xiET5BA5dYQpS6V7Y4I7Dg8Zw7lxfwNzLDgkkHT9k3OPjtOwp8ik3QVG7TDPS~8v5KLia6dnJjplZ78w__&Key-Pair-Id=K28VXAGA7VWE0O
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=117569%2C19458%2C197862&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2CZ28fwfBf6wRUmHDHDt3tJJZC6SXTQQefY5jB%2C3qjcpf4fXWQdC7HrHAtEtrQ4XsPSWTKKMsg2Y3&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2C9kMaMfmfxEVFKHBH2tzCrr9U9SmTzzmSrbBX%2CWPefrfdfZbxRaYH5HjtDC8qQ7u3SETVVmU9Q8W&c=728&d=90&e=&g=d8984c1d5e79e5ca6811f7dd83fb16d1%2F18242259206932164465&i=29981%2C20774%2C71725&j=16%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1681904163491&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1k0dtnzgevjk2563w6gyjp90sxqstpjz94kbhdzjn00nn4xnmy2grxg5wyp31j56qdcnk9trbz155a9a0r1pqw7nd3wc3vsbb4bmkx0r455kdfyeh410p0azhaf8b2f7d6h8jgse52rwe78wpaa0vh0wz6s01dc15q3b2t8mz8pw8wg1thqc6tfjtcn5x8rsb34btpxrz0qyvkch15t8yqw0k0x8t5w44xv4hk1464kmz8cqfc9hzzcekx87880r0hr57bd2wk4e0a0rhy46c63v%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCfWh1ItI_ZKWrPK2O9fgPsr-WwAqQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi01OTQ5NjQwMDUyODM2MzI0yAEJqQIP8eY_0GKyPqgDAaoE6QFP0GJI4MAKD6xiOx8uPQ3vnMufW-uAdY9Kzdk84P0Yeze4HEd09NZOb8ZBfdOR7WFC4SryqemRuiHwZ-ezYxdXlfgQPkd7SywEsKJKJaxpqwBBExnGOf-AjWHwIVzJotiPSbBf5jrcvESMNRScuUwOwV5hbWEj-NLUaBI12kDKKCZ65dXEzQX6-8ydCaLivCSL29god4BPYuQGrOFNrRGZMAoL7HLQ4cVrnSB96O1_w7dk2Bs9j_duiJUdxJi303yedk9zeexvCoDfLm0BkV5FRsH1emlLoRJ9NCit0pxKKcwlhMaCLG7iWYAGueqywdfTjrq-AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0bFhc_6d0lYmSzpRiDsxHAXKHfdg%2526client%253Dca-pub-5949640052836324%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.52 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-52.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 60bf02832688d14251ec1c7b8acfda233a91f927f26c7202bdaba781a1f0fcdf

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id: null
date: Wed, 19 Apr 2023 02:19:11 GMT
via: 1.1 c275031486c6f7b744b8d30847e98b14.cloudfront.net (CloudFront)
last-modified: Fri, 06 May 2022 10:41:35 GMT
server: AmazonS3
x-amz-cf-pop: FRA6-C1
age: 33413
etag: "d4e8f970f24f6d19b53aa92b1907c1ef"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 15054
x-amz-cf-id: eLyC58Sd4bza0cTeN0jKmp1yEOmzDZZrzGxgg9XMzJcyyhw8YewxKw==

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame BC3A 42 B
64 B 71ms
71ms Fetch
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuF-fjZeQXYf9KCXOlBYJUcPsO4a-GLRwg6Ijdr1qk-ZVkMtTPyWuOczaiOhrQhuLAFyBmvp3KT530fospOLnmjy1A&sig=Cg0ArKJSzE98s_KdK2DLEAE&id=lidar2&mcvt=1000&p=0,0,124,1005&mtos=121,804,1000,1073,1186&tos=121,683,196,73,113&v=20230417&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1681904162450&rpt=249&met=ie&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 19 Apr 2023 11:36:03 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame 8478 0
127 B 15ms
15ms Ping
text/plain 2a02:2638:3::1a
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Wed, 19 Apr 2023 11:36:03 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 73ms
73ms Image
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230413&jk=1222634675579513&bg=!kZKlksbNAAZA7GLoYOw7ADkAdvg8WoOuvTT4DFKaMXssqpoBB-XL49UEJmqVrlnWLQpbeEx52NXlKtZNeLwdRi0LLVTKwy64PtoCAAAAnVIAAAADaAEHCgBSnN-XV3MRfDTd_CipRe-8EbmEDoTMPwzg8tFxNlyi4SjOXOgKhwpONlo29GWPr5NrADll4iC2NJ9OVVOSyohrJoyW7n6FABiLMcj7yFRnOjtSx5kC6w4-Bmq3dPl2btJi61Nbizb3fFtHAGXuRFmSW6CMj7UrTZRGwknFi_36NkjNDsWljJqsGfpfxZXyPKCKzCxrawlIiqEd6x9zpx4fqHDluyxpKaY7zPVKSiGQTFcb17PCO_VsmzA-dVpk_R3IKYKlqKnXX9l6dHVIcxHn8UCpjOo4SM6HvCnp9H-7km6jd9HQGF_TAWumLG2DS_H6n-dc8zFpJ7bqeCnH20kFNv0gapggHLZM6h91ex7a2E4EDQrQoXamf2YKPXgT-ywRmw90KP51BqcZHg233s7N_DXlU3QhWRmc19p49-IlOdPM_1WOOOAIdzJ6J3mpz_2mBSROfPCBes1nHSI1phTC_IkdWePuUYFLUu_cI2J8zXxIo8GiDxPj5DFIcybRgXtbYzCTtaGTch8yLoCKMbhczLycHZ8T1bq0gpzeAopppgzXVon8rp_OTZuTt81vG31z_Cs3qs1kijRoV0nIz1D4NHlwm-li03fkxdShaAM4WKs79RPhN7yBXeRvVby1Isv5I3IO0hNiIJi1IWWgWyvkR3mKFWRVhY-cJKx9Z7Nyuyieukz21eUcQ_5vmWP_9D6xLx3JK2oN7y0-KJ_ZculzWmJXps7CwboFSc7ZbH6hCAhbbeXSgW1-ST6GSOWqInRyb38gp1hMkgTEUVVIX7SR1qFQ-XTVCfYw5zVyijOKuk-s5b3diOyn8-iwxQIMNE8N9v60hw6RZwWL_u0u2xTnV0zNxCG3dthCyTisKRpwWW8rcVlmhLwRmoNOkHg3r8GdYPLPvLmgOMhcXMwVll-PZ-7FE_D0ey5LqqvY1s6IGfO-ZRVkcmXuon3AUUCGbgEtztDBDUpSqriZ90nl18Fr2DaZ-fvtKk2ERlT-rvYW6nMLG-UIQ2lX_bKX_4lq5jRLqKR3h-tlHvakFIsifrDSqSvIzsRnzUSB20wIb5myeEEYlD19xygC6KfnHt9RNMMHDepMLlCXv0o59a5dt7030w
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://otodiva.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 5875 42 B
64 B 70ms
70ms Fetch
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssrZ_VnqGsyqqRNeuBaQyCvt1_IWaOZfdo-SK-90W59sqgf52mJWI1La3eVJOzE-i5A3DFRrgS-SOkU9GzmZfyn4DU5&sig=Cg0ArKJSzCcK5_T974ADEAE&id=lidar2&mcvt=1000&p=0,0,90,728&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230417&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=2398503812&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1681904162962&rpt=326&met=ie&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 19 Apr 2023 11:36:04 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 tracking-event Show response
api.webgains.io/ Frame BD48 16 B
232 B 78ms
78ms Fetch
application/json 18.130.95.23
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.webgains.io/tracking-event

Requested by

Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.130.95.23 London, United Kingdom, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-130-95-23.eu-west-2.compute.amazonaws.com

Software

nginx / PHP/8.1.14

Resource Hash

c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 19 Apr 2023 11:36:04 GMT
x-content-type-options: nosniff
server: nginx
x-powered-by: PHP/8.1.14
x-frame-options: SAMEORIGIN
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, private
x-xss-protection: 1; mode=block

OPTIONS
H2 204 tracking-event
api.webgains.io/ Frame 0
0 73ms
20ms Preflight 18.130.95.23
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.webgains.io/tracking-event
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.130.95.23 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-130-95-23.eu-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://as.ad4m.at
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-headers: Authorization, Content-Type
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: *
date: Wed, 19 Apr 2023 11:36:04 GMT
server: nginx

GET
H3 200 404.jpg
otodiva.com/wp-content/uploads/2019/11/ 198 KB
199 KB 16ms
15ms Image
image/jpeg 2606:4700:3034::6815:1bab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://otodiva.com/wp-content/uploads/2019/11/404.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::6815:1bab , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c38599467206486ce5cb2ce2dc3c533d63b09ca4eba8307097d4d2d99bdaee62

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://otodiva.com/ip4xl/viewtopic.php?page=comerica-bank-credit-card
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 19 Apr 2023 11:36:05 GMT
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 202832
x-xss-protection: 1; mode=block
last-modified: Thu, 17 Feb 2022 09:33:25 GMT
server: cloudflare
etag: "620e1665-31850"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lyLIGZ2Ssm6CnlkNPwotO6xLtPW8prp%2FagkhfIkSlx67DtoNO3%2FPaOXXhZC0ADdtU%2Fg3wouFr0l9KGV%2Fyx9fZEfJK0tLgq55hsY62ecAtk3Bxg6y5Q1te9RT4TEysBvQnA%2FFS4qBlT5C6g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31104000
accept-ranges: bytes
cf-ray: 7ba4d9081ab0373e-FRA
expires: Sat, 13 Apr 2024 11:36:04 GMT

Verdicts & Comments Add Verdict or Comment

200 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

18 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.otodiva.com/	1970-01-20 20:47:44	Name: _ga_LY8D8YR8N2 Value: GS1.1.1681904161.1.0.1681904161.60.0.0
.otodiva.com/	1970-01-20 20:47:44	Name: _ga Value: GA1.2.493008130.1681904162
.otodiva.com/	1970-01-20 11:13:10	Name: _gid Value: GA1.2.1003568925.1681904162
.otodiva.com/	1970-01-20 11:11:44	Name: _gat_gtag_UA_109987058_3 Value: 1
.otodiva.com/	1970-01-20 20:33:20	Name: __gads Value: ID=ba9d1d706eb74bb0-22fbdd2e9fdd0005:T=1681904161:RT=1681904161:S=ALNI_MZCtg48KIieZivJeOJmgS1rWPGVsA
.otodiva.com/	1970-01-20 20:33:20	Name: __gpi Value: UID=00000bd82b6da175:T=1681904161:RT=1681904161:S=ALNI_MYBiT-n50zk-cvrrEm2XFJNC8Rx9w
.doubleclick.net/	1970-01-20 20:33:20	Name: IDE Value: AHWqTUmV37Mx62cZWLKau3La9lDgtJ-lnRgtc4lU2N_mQLlhTKicB29TICgHxTykgsE
.pubmatic.com/	1970-01-20 11:13:10	Name: KTPCACOOKIE Value: YES
.pubmatic.com/	1970-01-20 19:57:20	Name: KADUSERCOOKIE Value: C2339017-D240-43F8-B568-C9147FA2D091
.adform.net/	1970-01-20 11:54:56	Name: C Value: 1
.yahoo.com/	1970-01-20 19:57:41	Name: A3 Value: d=AQABBCPSP2QCEKuGvSs_J-PSrWW5ose3uY0FEgEBAQEjQWRJZAAAAAAA_eMAAA&S=AQAAAufWcxl9Hy62jSyCcduvkE0
.adform.net/	1970-01-20 12:38:08	Name: uid Value: 7949330878999925334
.everesttech.net/	1970-01-20 19:57:20	Name: everest_g_v2 Value: g_surferid~ZD-SIwAD7Zq6xwBa
.awin1.com/	1970-01-20 11:14:36	Name: awpv20044 Value: 412871\|1681904163\|5db4c9a0-dea6-11ed-bcf6-22336c0ce064
.awin1.com/	1969-12-31 23:59:59	Name: AWSESS Value: 415363:2904924
.o2online.de/	1970-01-20 11:21:48	Name: nscT485 Value: v01MTQyMTExMzExMTExMTExMTEwMTQyMTMyMDAwMDAwMDA2MTY4MTkwNDE2M3ZsZWExZGUyMDIzMDQxOTEzMzYwMzg0MDc2MDMyODk1WDExMjc5M1YxMjI2MTMyNzAyTVN2aWV3b25laWRaMjhmd2ZCZjZ3UlVtSERIRHQzdEpKWkM2U1hUUVFlZlk1akJvbmVpZF9fc3VpdGVfTmV0bWl4X1JlYWNoMTIxX0JFU1RQRVJGT1JNRVIxMTI3OTM
.o2online.de/	1970-01-20 11:21:48	Name: nscQ485 Value: V
.o2online.de/	1970-01-20 11:21:48	Name: webShopPV Value: ?partnerId=O2_AFF_RTG_EXA_15018&mediacode=AFF_la_112793_-HTLP&utm_term=AFF_la_112793_-HTLP&utm_content=O2_AFF_RTG_EXA_15018&spid=2023041913360384076032895X112793V1226132702MSviewoneidZ28fwfBf6wRUmHDHDt3tJJZC6SXTQQefY5jBoneid__suite_Netmix_Reach121_BESTPERFORMER&wfid=112793&affiliateId=v01MTQyMTExMzExMTExMTExMTEwMTQyMTMyMDAwMDAwMDA2MTY4MTkwNDE2M3ZsZWExZGUyMDIzMDQxOTEzMzYwMzg0MDc2MDMyODk1WDExMjc5M1YxMjI2MTMyNzAyT

11 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://otodiva.com/ip4xl/viewtopic.php?page=comerica-bank-credit-card Message: Failed to load resource: the server responded with a status of 404 ()
security	warning	URL: https://otodiva.com/ip4xl/viewtopic.php?page=comerica-bank-credit-card(Line 2431) Message: Mixed Content: The page at 'https://otodiva.com/ip4xl/viewtopic.php?page=comerica-bank-credit-card' was loaded over HTTPS, but requested an insecure element 'http://otodiva.com/wp-content/uploads/2019/11/1.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
other	warning	URL: https://googleads.g.doubleclick.net/pagead/html/r20230413/r20110914/zrt_lookup.html?fsb=1(Line 21) Message: Origin trial controlled feature not enabled: 'attribution-reporting'.
security	error	URL: https://as.ad4m.at/ad/dr?ed=1jpyxp762gbftcmqnqd8g821q0r2kyfj1tb4wkex4e3metwzn6bvnvj1s1bba6wvgktn9kg6wg16mr66kz2d96ajbdyc1fqt6z0r21gp14t30jan6p6y9bcqkye77v2z7s4dknhqsz847gktq9ns9mks9ykf6tk5xvm6r0jdryght9gdfjb3pyej4sawtecqw7tj9nj3r78k34vcv03sem94zqgm07345dav4bbtqqcaprbabvc45xdqg185zt12e4f2xynhbfys5rqdc9jkebjyqxzmb69nw162hk56j125s6aaz4bxvf7f1gnzy79jxzk2wmkzbcwac1f3v6wc2e6dsecmw6thpbws28hdsqdfbkb18hrcjg7qsb0a9yjaja685nvdh90vycc00venawd453hk1nkm8pb2xnw1scay9bncyfrsk5mmevfdnd5gpsb58za8&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCfWh1ItI_ZKWrPK2O9fgPsr-WwAqQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi01OTQ5NjQwMDUyODM2MzI0yAEJqQIP8eY_0GKyPqgDAaoE6QFP0GJI4MAKD6xiOx8uPQ3vnMufW-uAdY9Kzdk84P0Yeze4HEd09NZOb8ZBfdOR7WFC4SryqemRuiHwZ-ezYxdXlfgQPkd7SywEsKJKJaxpqwBBExnGOf-AjWHwIVzJotiPSbBf5jrcvESMNRScuUwOwV5hbWEj-NLUaBI12kDKKCZ65dXEzQX6-8ydCaLivCSL29god4BPYuQGrOFNrRGZMAoL7HLQ4cVrnSB96O1_w7dk2Bs9j_duiJUdxJi303yedk9zeexvCoDfLm0BkV5FRsH1emlLoRJ9NCit0pxKKcwlhMaCLG7iWYAGueqywdfTjrq-AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0bFhc_6d0lYmSzpRiDsxHAXKHfdg%26client%3Dca-pub-5949640052836324%26adurl%3D Message: Unrecognized Content-Security-Policy directive 'prefetch-src'.
security	error	URL: https://ad4m.at/r62eglto.js Message: Unrecognized Content-Security-Policy directive 'prefetch-src'.
security	error	URL: https://ad4m.at/r62eglto.js Message: Unrecognized Content-Security-Policy directive 'prefetch-src'.
security	error	URL: https://as.ad4m.at/ad/rar?a=117569%2C19458%2C197862&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2CZ28fwfBf6wRUmHDHDt3tJJZC6SXTQQefY5jB%2C3qjcpf4fXWQdC7HrHAtEtrQ4XsPSWTKKMsg2Y3&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2C9kMaMfmfxEVFKHBH2tzCrr9U9SmTzzmSrbBX%2CWPefrfdfZbxRaYH5HjtDC8qQ7u3SETVVmU9Q8W&c=728&d=90&e=&g=d8984c1d5e79e5ca6811f7dd83fb16d1%2F18242259206932164465&i=29981%2C20774%2C71725&j=16%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1681904163491&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1k0dtnzgevjk2563w6gyjp90sxqstpjz94kbhdzjn00nn4xnmy2grxg5wyp31j56qdcnk9trbz155a9a0r1pqw7nd3wc3vsbb4bmkx0r455kdfyeh410p0azhaf8b2f7d6h8jgse52rwe78wpaa0vh0wz6s01dc15q3b2t8mz8pw8wg1thqc6tfjtcn5x8rsb34btpxrz0qyvkch15t8yqw0k0x8t5w44xv4hk1464kmz8cqfc9hzzcekx87880r0hr57bd2wk4e0a0rhy46c63v%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCfWh1ItI_ZKWrPK2O9fgPsr-WwAqQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi01OTQ5NjQwMDUyODM2MzI0yAEJqQIP8eY_0GKyPqgDAaoE6QFP0GJI4MAKD6xiOx8uPQ3vnMufW-uAdY9Kzdk84P0Yeze4HEd09NZOb8ZBfdOR7WFC4SryqemRuiHwZ-ezYxdXlfgQPkd7SywEsKJKJaxpqwBBExnGOf-AjWHwIVzJotiPSbBf5jrcvESMNRScuUwOwV5hbWEj-NLUaBI12kDKKCZ65dXEzQX6-8ydCaLivCSL29god4BPYuQGrOFNrRGZMAoL7HLQ4cVrnSB96O1_w7dk2Bs9j_duiJUdxJi303yedk9zeexvCoDfLm0BkV5FRsH1emlLoRJ9NCit0pxKKcwlhMaCLG7iWYAGueqywdfTjrq-AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0bFhc_6d0lYmSzpRiDsxHAXKHfdg%2526client%253Dca-pub-5949640052836324%2526adurl%253D&y=1&s=&z=0 Message: Unrecognized Content-Security-Policy directive 'prefetch-src'.
security	error	URL: https://analytics.webgains.io/pvClk.min.js Message: Unrecognized Content-Security-Policy directive 'prefetch-src'.
security	error	URL: https://analytics.webgains.io/pvClk.min.js Message: Unrecognized Content-Security-Policy directive 'prefetch-src'.
security	error	URL: https://analytics.webgains.io/pvClk.min.js Message: Unrecognized Content-Security-Policy directive 'prefetch-src'.
security	error	URL: https://analytics.webgains.io/pvClk.min.js Message: Unrecognized Content-Security-Policy directive 'prefetch-src'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.doubleclick.net
ad4m.at
ads.eu.criteo.com
adservice.google.com
adservice.google.de
analytics.webgains.io
api.webgains.io
as.ad4m.at
assets.ad4m.at
c1.adform.net
cat.fr3.eu.criteo.com
cdn.track.production.webgains.team
cdnjs.cloudflare.com
cm.g.doubleclick.net
csm.eu.criteo.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
image6.pubmatic.com
imageproxy.eu.criteo.net
match.adsrvr.org
otodiva.com
pagead2.googlesyndication.com
partner.googleadservices.com
partner.o2online.de
pixel.rubiconproject.com
pr-bh.ybp.yahoo.com
prod-rtb.ad4mat.net
region1.analytics.google.com
rtb.nl3.eu.criteo.com
static-de.ad4mat.net
static.criteo.net
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.teads.tv
tpc.googlesyndication.com
track.webgains.com
www.awin1.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.lead-alliance.net
www.telefonica-partner.de
104.111.217.42
142.250.186.166
142.250.74.194
151.101.194.49
167.233.13.224
178.250.7.9
18.130.95.23
18.66.147.98
198.47.127.19
2001:4860:4802:32::36
23.210.125.176
2600:1901:0:76b9::
2606:4700:20::681a:bd1
2606:4700:20::ac43:444e
2606:4700:3034::6815:1bab
2606:4700:3035::ac43:a996
2606:4700::6811:190e
2a00:1450:4001:803::2002
2a00:1450:4001:808::200e
2a00:1450:4001:810::2002
2a00:1450:4001:810::2003
2a00:1450:4001:813::2001
2a00:1450:4001:813::2002
2a00:1450:4001:828::2002
2a00:1450:4001:828::2003
2a00:1450:4001:829::200a
2a00:1450:4001:82f::2004
2a00:1450:4001:830::2002
2a00:1450:4001:831::2008
2a00:1450:400c:c0a::9c
2a02:2638:3::10
2a02:2638:3::1a
2a02:2638:3::9
2a02:2638:d::2
2a02:2638:d::4
2a05:d018:d29:3605:321a:b7de:60de:298b
3.9.84.205
35.71.131.137
37.157.4.39
69.173.144.139
84.200.5.215
99.86.4.52
00c5621a3f56c052959f8f0591b65e893f132b49b1447fde20767966cacbfbfe
01608d0d09b86704d6c31e69cae838a2c78b018d52598e27ec04e1e1eb8a6962
03495c0171294fa73bd0425a58f7d34defa4df787ffab900354d9d3d92f336b7
04ab3a7cacc0abe55fab532aee5f5cbe3dba52f86835d34b5ad1677a17fa79c5
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0d217fff2f412129b99bc37c416534bb2298d291228b217c4928a77feb9cd198
0d49779c18ebd3f8fd3bdcd0875328c20ed48b45d0724343fede4b7a435539d2
1008e0fea1bcea71d721ce0187eba5979aee7626901ea11940898b0db51320c0
182e0738c8087e74049a16fda5d2fcc0a841f13b6ac8da3b909151ea4639372f
195cc8d1cc568e2ad7f92ec4d0ce8fb785476f79d603a785c542ec16ceaacf84
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944
1da40a6c62203202ea5b3473a5d95c95b2d26667e3f096e6680ed99517626b7d
249593749e31df1873df323187de6ce30bdfc0eb98d0703884a97e8c2ca6b361
297d2be33ffc830e30c38cfd948b000b8cbd70921f6bc160f5610d2914243c72
2bb016f0e03354f4a5591e0240be2cad82c40ddb494cc5f90698be790a1ea97d
2d5e67a38c9a11424cac19ce192c9fd124a6d74e64d3791a01561dbd3e39c0b4
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e
2fc5e4d2ec8e703db912ea1834a035b96961ffa0c8bc3aa6d4b68e0c7fd12ab6
30e042b99cb3bcd6aa503cb7a43efadd97d3670993c850c01d5fdfbc6b222661
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
33957b9ce68e37d05b5930c7ed96d40b4a3da4630f861d5416017de17a9b5f1e
356d3b3c00ed5b44e720b3fb80fb6b314ef7bd48e8266c528ce539c3dd4f0b51
363f0d9b7b2d636387468c551dae759b648af11e87267e7ae07621c5e19eb6ce
3870ef7428d7015e6ad76607ead8663e58f9e3a794e2bd196bd8a491871c3cc5
39594554ce584228b1113f19d2ee73099de4691de165ab1be148946b5e4c496d
3ed2e42d3ce5e24dcb11cddde4126e4f07c3afc590f708ad2cfbf7669002f92e
42de4c706cb11215305adaef950fcc4d1f99bc15b7a40db694279ed9ca2928c1
42e8de9192dee3b3ee8a7529c5883dac20b868000168362d9f287125c95e18a8
4c2cada4aef44330a9ec7431a59681fa7adc1039a5cb7c4cf53440f9c03e94aa
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e1f7427362df024745fd40242d4aff4fd579b8be37d94509a806494c117358b
4f207e85c8170f700689fe1a8b77772d2f4213fb220d36938f634432df3890e8
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230
51aa1f55f3d344d82ece24055a31012cf77d10cc4a2f9307f5dea293118d40f1
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
59dfbc11001fe3c07ac5d377e9dfd2f3c33cb5585e72532defabce50109931c6
5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab
60bf02832688d14251ec1c7b8acfda233a91f927f26c7202bdaba781a1f0fcdf
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
661d4b208656c006e7aab58acf7784857963123675de2302279fbe6c05313547
690b96d2559591f91a037476ec10a31fa8c92fcccd97dd48136223cfb70e6299
69b6c5964112ce4e8e53110896582831b5f8aace102ed20a1791958ecb19a624
6c8fbba5bac03e68ca24cb053b2552548375646d09a0273223ba8080d81498af
71b7385da88429fe481307698d5a1c7f35bde3b48dc53a95f1e9382f583603c6
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
726b820e44f6ab90ad991d30a4bf26d3a5d71493cbcd1fb1efd0d14e89b9df2a
7ab56986ff9a66c35dcce1d3e2e2991e562a690e4e9d7388ea94f107cf49393f
7ae5b52b01b37efb4547c3493f75abf51dc034326bb6f1ff6fc97348065716ba
817d80040eab94290d414cc4ecc347559b00bf76ebddd34776e50cb7199ee933
830bde98f84de1d3b00b26c1267f5b16cd3b868e05b198336453c2967cd88542
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84161c46238fff2c6920ebc28f02cddd7b710cf3d1107853f540b084320f6afd
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
887c12b910a8bbafc210fcefc731e2a5578a8418ffd1c9b7b5e05d56d7be298e
8acb3ebece5084734309f26390b7569fd1e29fae4d3ba17d5db546ffdd96d0d3
8af22f22d1bc49a3b43baa9f288d53a6b67bd7f3a238a19bc92fecb13c1abbc0
8d6af87f2e8ab6ba751d5bda81faf18aed637f3c43f3f5c25acfcdb8dc674a92
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
926a4ca073c39c40cabffbf1b0371803f245f084cdb9177fc7b3f9d81c0e394d
9810aee7e6d57d8cceaa96322b88e6df46710194689ae12b284149148cabc2f3
99b17728d81082e7a6e0f8ed2f61b8bb249f1b08c8fe07e9503c18f12a8d797e
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9c35f53c887fd9af285dca6e99881e7f57dc0da8d226a282cf462c0349e4dc98
9c63890b7f3f2e513fa085cd7b198f9ab91721a9e8aa7180806ff4aa7b4089a4
9eec0653a08bd83578207b0705c52bbefd0b54a66100ab5b9e822d3026b8a7d8
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a2b8b6891d80ca3011f9319fd015be66a1b05ef6febc67ef76d18ab3176bf793
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a6aa3fc50401f434cb70bf68c36f865b6eb8947cc7681e4840da98e13aab1f5d
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
aca566587618e75fa291a419c7c430be02e03fc72f6105658c1bc8e7d59a65e4
aca81375388e5168a0b776be758230812de2b740677dfad7a33e18e007669b9c
af7a66542220ecfb2b8fa0286b60ffa95c1c8047df094654a90e1ff75f848ef5
afacce23cb4feaaaef37997f8439819d8f827df4951f3ff02704c9f16fb7f53a
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b13f787bf63d4faed75d3fc17342de926a7bd0b8aeda95453484c2988bedaa04
b1b3b73852f7856f1a0f317701846bc7853eb5b127ba882c23c5073dbe6d022d
b2067e7c7ca9c94e85bf58c2471a1e4e4eb6fa98434c4db24b2eda9da4a0c49b
b6590bfbd3f1ab50bf2fdf722884daf671624ee66131f2cb2ced7ef3648ccae8
c19f7515c0e6872457bcc2c4cc58f95aa6e968891d65d21dffd321bb2fda7574
c239f25cc0dd9c52307c39af6ff09742b27dc765f8e5693c1bf70b42462fa5d6
c34299966d31c0354eac70bc6fc85bedcfa88a5ec90973ce4f3cdc6c5d103bd8
c38599467206486ce5cb2ce2dc3c533d63b09ca4eba8307097d4d2d99bdaee62
c863cdd62f08d0ce87a9b38e66a98ad4335b7f980b3f61e22b9e1958285a5431
c8821d06dfd34ed87aeddfc12c30cd9095bdbbb50e74f2a4e1fe4a6d77431287
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93
ca45ddecb9284a53b3a937f3675777c7fd93569896eaaa043c7f0be96e5f0af0
cb6910ad21e44d1e420c6c3523f0d7d99fce21ac1a2f0380d2904230c0e2ba7c
cc360f79b59cf7aa3d67eb037905aa173433334802764ab1025bff78aef1fcaa
cc755790efd5c9836d68e3424e43a331a94e78b9097403d14fe94bfd9421c13a
ccc415761dc5487c6d953e1ff0de4904b7bca42512371811d84e712253628f97
ce8b0ce00b853304b4500a3e0273c2ee8123ec998d9ea4bc1a2b3e97c573b61f
d0430beb254891a46106c24d7bd556893899b3417501cf55a9315f1dd9a07fd9
d2054b9fb412f742d8d13aa75a48e59b830094999f9000ae8c69916e11b8d805
d8928a20b6d9520af9bfb5e9748259fc3c1ed52ee4e430920d7e70897af5c065
dcd9f488bd62ba0ee403b07a97e40b9ffd63a0eff61091588c913b16d5153d48
dd6148126b703eb34592e7a0cbe81d7cfc699d62ff32897468d64948dd243772
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
e39f152f8116a53dcdb917dbd0d6ffaea88999842e7cbf87edc487a8cd28f105
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e434d92d534c2af35ba2838f1809e35052b15e4a06cc516c16f86f7910990f8f
e5bc429ca7f9d0ec4b8456528da09a550e2603707eacfaa93f6f2fa57eebe376
e76fc56db6a781f7f604b281948d4be6115b7fd1f95d0abc05ca22ec594f8b21
e895de4f58ade3e9cd2db4dcd61eb030c4d4f85274622bbb23755a34c41b870e
ea03bd5d723c75f6d0a9419d4f9651afd78ea2a4abfcee7f926cbde0681a2671
ea39dba2b498dfe4e18255e241acf246f9229c8deb54e5b2530cadb51a25bd58
ea42a029b40609f833cc23513d22825e2d0114329051e90f9e7012b0bd8cc0e1
ed56f55a3172715bbbf8763b0750fd37b8de0596526a1fc347c540d99f8835ef
eedd07643ced2ab37bedd26d36d5ceaab0a2aa13f868fc4d67287d52368c9578
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef9e18fb10d75fcdb5a9d8f7b7b45c8295d396155a9509a6af39481bd1153509
f160fccb80792ceb1964410646f9d01f5dec118a16f48246bce0b3811991e931
f186056cb772ee11e76e908eb01d3e3911f8aaf1e9489533f1e7ae98c9c8a6a1
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
f9fcd4d63b97ec18ab2e89c66e859401dc79e525a677325c1032443b258f363d
fa5dbe24fc5509da2371a56742591f7e7e888f68fb1be322a060ccd4c187a2aa
fcba6d68321742b971eda8d36254297a368c6a5dba5486f36076f25d66891d9c
ffbbdb917a08d399b7e075624930914a8a0674155a41acb42a135fa70efb5745

otodiva.com Open in urlscan Pro 2606:4700:3034::6815:1bab Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

159 Requests

96 %HTTPS

62 %IPv6

30 Domains

45 Subdomains

35 IPs

7 Countries

3008 kBTransfer

6336 kBSize

18 Cookies

6 Outgoing links

Page URL History

Redirected requests

159 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

otodiva.com Open in urlscan Pro
2606:4700:3034::6815:1bab Public Scan

Screenshot
Live screenshot

Full Image

159
Requests

96 %
HTTPS

62 %
IPv6

30
Domains

45
Subdomains

35
IPs

7
Countries

3008 kB
Transfer

6336 kB
Size

18
Cookies

159 HTTP transactions
3 data transactions