urlscan.io logo urlscan.io
SecurityTrails logo

ktby.net Open in urlscan Pro
2606:4700:3036::ac43:c8ee  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://ktby.net/
Effective URL: https://ktby.net/
Submission Tags: tranco_l324
Submission: On November 06 via api from DE — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 20 IPs in 4 countries across 14 domains to perform 93 HTTP transactions. The main IP is 2606:4700:3036::ac43:c8ee, located in United States and belongs to CLOUDFLARENET, US. The main domain is ktby.net.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 11th 2021. Valid for: a year.
This is the only time ktby.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

11    2606:4700:3036::ac43:c8ee (United States)

ASN13335 (CLOUDFLARENET, US)
ktby.net
11    2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
12    2606:4700:3032::6815:da (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.ktbby.net
1    2a00:1450:4001:82b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
1    2606:4700:3030::ac43:d70c (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.ktbby.com
3    2606:4700::6812:e134 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.onesignal.com
onesignal.com
1    46.105.201.240 (France)

ASN16276 (OVH, FR)
s10.histats.com
2    2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
11    2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    192.99.0.58 (Canada)

ASN16276 (OVH, FR)
PTR: ns500326.ip-192-99-0.net
s4.histats.com
1    142.250.186.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net
partner.googleadservices.com
2    2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
2    2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
19    2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
3    2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
3    2a00:1450:4001:808::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
2    2a00:1450:4001:80f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
4    2a00:1450:4001:802::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
7    2a00:1450:4001:830::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
static.doubleclick.net
Domain Requested by
19 tpc.googlesyndication.com 1 redirects googleads.g.doubleclick.net
pagead2.googlesyndication.com
tpc.googlesyndication.com
12 cdn.ktbby.net ktby.net
11 googleads.g.doubleclick.net pagead2.googlesyndication.com
googleads.g.doubleclick.net
11 pagead2.googlesyndication.com ktby.net
pagead2.googlesyndication.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
www.googletagservices.com
11 ktby.net 1 redirects ktby.net
7 static.doubleclick.net googleads.g.doubleclick.net
4 www.gstatic.com googleads.g.doubleclick.net
3 www.google.com 2 redirects tpc.googlesyndication.com
3 www.googletagservices.com googleads.g.doubleclick.net
2 fonts.googleapis.com googleads.g.doubleclick.net
2 adservice.google.com pagead2.googlesyndication.com
2 adservice.google.de pagead2.googlesyndication.com
2 www.google-analytics.com ktby.net
www.google-analytics.com
2 cdn.onesignal.com ktby.net
cdn.onesignal.com
1 onesignal.com cdn.onesignal.com
1 partner.googleadservices.com pagead2.googlesyndication.com
1 s4.histats.com s10.histats.com
1 s10.histats.com ktby.net
1 cdn.ktbby.com ktby.net
1 ajax.googleapis.com ktby.net
93 20

This site contains links to these domains. Also see Links.

Domain
quranline.com
www.facebook.com
bit.ly
twitter.com
cdn.ktbby.org
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-06-11 -
2022-06-10		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-10-18 -
2022-01-10		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2021-10-18 -
2022-01-10		 3 months crt.sh
histats.com
R3		 2021-10-27 -
2022-01-25		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-10-18 -
2022-01-10		 3 months crt.sh
*.googleadservices.com
GTS CA 1C3		 2021-10-18 -
2022-01-10		 3 months crt.sh
*.google.de
GTS CA 1C3		 2021-10-18 -
2022-01-10		 3 months crt.sh
*.google.com
GTS CA 1C3		 2021-10-18 -
2022-01-10		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2021-10-18 -
2022-01-10		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2021-10-18 -
2022-01-10		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2021-10-18 -
2022-01-10		 3 months crt.sh
www.google.com
GTS CA 1C3		 2021-10-18 -
2022-01-10		 3 months crt.sh

This page contains 14 frames:

Primary Page: https://ktby.net/
Frame ID: 7DCEA270BF67BDE76E62EC9D2DC0D991
Requests: 42 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20211103/r20190131/zrt_lookup.html
Frame ID: CDF01B6C76820C6999612D2AB4A0FAF1
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2189853987733853&output=html&adk=1812271804&adf=3025194257&lmt=1636079019&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fktby.net%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636163144109&bpp=2&bdt=166&idt=74&shv=r20211103&mjsv=m202111020101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3279405302800&frm=20&pv=2&ga_vid=1245411244.1636163144&ga_sid=1636163144&ga_hid=692690799&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062938%2C31062945%2C31062930&oid=2&pvsid=1017411801439681&pem=566&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=93
Frame ID: 4B0704E9014518EF2047F82113878DC5
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2189853987733853&output=html&h=90&slotname=2854277753&adk=3313486126&adf=407262749&pi=t.ma~as.2854277753&w=728&lmt=1636079019&rafmt=12&psa=0&format=728x90&url=https%3A%2F%2Fktby.net%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636163144111&bpp=2&bdt=167&idt=96&shv=r20211103&mjsv=m202111020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3279405302800&frm=20&pv=1&ga_vid=1245411244.1636163144&ga_sid=1636163144&ga_hid=692690799&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=722&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062938%2C31062945%2C31062930&oid=2&pvsid=1017411801439681&pem=566&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=2&uci=a!2&fsb=1&xpc=u0i5NDRBAx&p=https%3A//ktby.net&dtd=101
Frame ID: 10A934A0CA06616D741FE70592C38573
Requests: 18 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2189853987733853&output=html&h=280&slotname=7378578754&adk=4147339831&adf=3814482387&pi=t.ma~as.7378578754&w=1115&fwrn=4&fwrnh=100&lmt=1636079019&rafmt=1&psa=0&format=1115x280&url=https%3A%2F%2Fktby.net%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636163144113&bpp=1&bdt=169&idt=117&shv=r20211103&mjsv=m202111020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=3279405302800&frm=20&pv=1&ga_vid=1245411244.1636163144&ga_sid=1636163144&ga_hid=692690799&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=243&ady=1481&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062938%2C31062945%2C31062930&oid=2&pvsid=1017411801439681&pem=566&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=fGiNRnGOOT&p=https%3A//ktby.net&dtd=120
Frame ID: CC56F1112BA785F1CCB2CE1BCCAFC25F
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 17CC1AFF61326B6684C6F56E5A503953
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/zcxQrsBjZtkA-sIi55aDcbNRce-W4yNq16DL4AdK1J0.js
Frame ID: D0788C09737811F5E0103BC5069A9D3C
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20211103/r20110914/zrt_lookup.html?fsb=1
Frame ID: F299F36B4CBCC65052C5FBEC42175BFA
Requests: 5 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: 19A15871AF48930F1C9A381B24E317CE
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 58A067A0E6D484758219EAF5BD72D747
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/zcxQrsBjZtkA-sIi55aDcbNRce-W4yNq16DL4AdK1J0.js
Frame ID: CB0A26B5375352E59DD6796F5FF248B8
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/zcxQrsBjZtkA-sIi55aDcbNRce-W4yNq16DL4AdK1J0.js
Frame ID: 45503BD110A5BA9262233A6E5C372374
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: 5E273E64A79A6C6D7E973C245B4EF67C
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 18E8556BEAA8862B3071A4EB09E15018
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

موقع كتبي

Page URL History Show full URLs

  1. http://ktby.net/ HTTP 301
    https://ktby.net/ Page URL

Page Statistics

93
Requests

99 %
HTTPS

84 %
IPv6

14
Domains

20
Subdomains

20
IPs

4
Countries

1503 kB
Transfer

3016 kB
Size

14
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://ktby.net/ HTTP 301
    https://ktby.net/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 49
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 74
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 82
  • https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKC31PHYRhCABBiABDIICjxqqdEjz2U HTTP 301
  • https://tpc.googlesyndication.com/simgad/16601714642090414425

93 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
ktby.net/
Redirect Chain
  • http://ktby.net/
  • https://ktby.net/
43 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ktby.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::ac43:c8ee , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
09fad264da00c4af96ab5cf2be12a8954916da71a652db497102385c2e4acaf0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Sat, 06 Nov 2021 01:45:43 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
cache-control
max-age=3, must-revalidate max-age=86400
last-modified
Fri, 05 Nov 2021 02:23:39 GMT
expires
Sat, 06 Nov 2021 22:15:05 GMT
x-cache
HIT from Backend
strict-transport-security
max-age=31536000
x-xss-protection
1; mode=block
x-content-type-options
nosniff
cf-cache-status
HIT
age
12638
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BTU%2F3d3kktJahSZhwuyLkLES3gyDsmkzLcm6Y0IRHdm4hmnPvEUdt7ilFq5k8q8lR3aG4ON%2FQl2uYEAC%2FcNVE%2FJ3jnGl9dxuDGznA8KE5rb1ziU4y77PPkvhiaKypxPA7eKGrJfC1w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6a9aa4e18922434b-FRA
content-encoding
gzip
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

Date
Sat, 06 Nov 2021 01:45:43 GMT
Transfer-Encoding
chunked
Connection
keep-alive
Cache-Control
max-age=3600
Expires
Sat, 06 Nov 2021 02:45:43 GMT
Location
https://ktby.net/
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uYVMQbjb4EVxYBcTM%2FUfxO2A49feZRa3UU5MD3FLmyHgHgPC9aCXWBgx3CI3AB3TtVwZwgEFurzdk8D5ZnVkUhr%2FDd%2FU3BsbYsGwYbnYerUIMY8BgA6sPnrEVtPcAkCcP8bTPkPUag%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary
Accept-Encoding
Server
cloudflare
CF-RAY
6a9aa4e15ae8dfcb-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
jquery.min.js
ktby.net/wp-includes/js/jquery/ 		87 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ktby.net/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
Requested by
Host: ktby.net
URL: https://ktby.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::ac43:c8ee , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ktby.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 06 Nov 2021 01:45:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
413357
x-cache
HIT from Backend
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Sun, 22 Aug 2021 02:23:31 GMT
server
cloudflare
etag
W/"6121b523-15db1"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5T2NuVd%2BcWRAWpTLIbHbRGmk4ZZ1BRYmq7n8b%2BQZweeq0gFW7jfhLT09MNKFBI5z4YQnRSYDNUf%2Fip3Z%2BFguKZ0b51K%2FD233OOyWyS8YX0cAMO6bueYPrZ9R1HGuwHjj50opKPmaJg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
vary
Accept-Encoding
cache-control
max-age=315360000
cf-ray
6a9aa4e1c96b434b-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
jquery-migrate.min.js
ktby.net/wp-includes/js/jquery/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ktby.net/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
Requested by
Host: ktby.net
URL: https://ktby.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::ac43:c8ee , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ktby.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 06 Nov 2021 01:45:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
413357
x-cache
HIT from Backend
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Tue, 16 Feb 2021 05:45:43 GMT
server
cloudflare
etag
W/"602b5c07-2bd8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u2Vr479gbo29l7d5k5PxpFdPCZeJERq%2BI%2Fe5dzhn91zBmyrq1P4Z%2FHmctGpbjaSA4KpiO%2BQJ3UsaxSAZPP0WEBbnKjMVeB7cyaxeZBlhUrbA0uM2ZAy9%2ByBB%2FlLeiU0SIInfs7YVjg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
vary
Accept-Encoding
cache-control
max-age=315360000
cf-ray
6a9aa4e1c96d434b-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
scripts.js
ktby.net/wp-content/plugins/report-content/static/js/ 		2 KB
964 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ktby.net/wp-content/plugins/report-content/static/js/scripts.js?ver=5.8.1
Requested by
Host: ktby.net
URL: https://ktby.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::ac43:c8ee , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6d5d5639b82f5074dff77948bdae5dfd171e36f0e0fdadb9dbbdf270a87697bb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ktby.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 06 Nov 2021 01:45:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
413357
x-cache
HIT from Backend
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Sat, 17 Aug 2019 22:57:48 GMT
server
cloudflare
etag
W/"5d58866c-61e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g3bYzZGnXj%2BWPcZCYCJF35FFCvv1rOYqFwZapuRq5BV5%2B0zBQBpL2mrn1sXQEq%2Bvo7pCWAAoPeRky8zHNPf5seYQtqHkWBWwByi2Fgc99mKXP5zno%2BdFTiQ9WrM1ADBlwyTpRyrEXQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
vary
Accept-Encoding
cache-control
max-age=315360000
cf-ray
6a9aa4e1c96e434b-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		144 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: ktby.net
URL: https://ktby.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6ad71139814e3ac0ce09dc8d8e9f41fc87d1ede31a0d57404314652d80234441
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ktby.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 06 Nov 2021 01:45:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
51375
x-xss-protection
0
server
cafe
etag
7715589666198971785
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sat, 06 Nov 2021 01:45:44 GMT
ktbbylogo.png
ktby.net/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ktby.net/ktbbylogo.png
Requested by
Host: ktby.net
URL: https://ktby.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::ac43:c8ee , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fee95137f0d28fca6d0c570ad0cf5b40025573dc0a1705d64f23e61c2dbb7049
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ktby.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 06 Nov 2021 01:45:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
413358
x-cache
HIT from Backend
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Sat, 13 Oct 2018 11:54:17 GMT
server
cloudflare
etag
W/"5bc1dce9-1292"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SPt%2Fuv0RJ4%2B9yeuTldWlKwK9czzx%2Byt8A8tms0gVeS%2BxwS2TU6ZIZbgxuymPoiceCRVn%2FJVZDaZ5ZpaRQ0hvQ5UA1ws8o9ppc5a2AG7LCQeO51rZQ6Um%2Boe9KGuguOI7BuZyb3w%2F0Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
vary
Accept-Encoding
cache-control
max-age=315360000
cf-ray
6a9aa4e209b9434b-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
s1.png
cdn.ktbby.net/image/cat/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ktbby.net/image/cat/s1.png
Requested by
Host: ktby.net
URL: https://ktby.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::6815:da , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f0ac3aa652d2fd5feead11757dbe955909ada1235c97125edc98831f57b4f2c3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ktby.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 06 Nov 2021 01:45:44 GMT
cf-cache-status
HIT
last-modified
Wed, 08 Jul 2020 23:02:41 GMT
server
cloudflare
age
692750
etag
W/"287d-5a9f61ae40b82"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PR%2Bkykv1IbXjbrpgzH5%2FW9xyq4r4SgOmYor0yeY%2B%2BgV3zE2vuVYb0fKXEhhzJs48zY6Q99JoqZ3VFmST73o6kDd2qX82weUDMLho22WBGGNUInOadKzvs%2F5eFY5QG06bgkdAM5b%2FiAYuGHqk"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=2678400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6a9aa4e22d054a92-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
Sun, 28 Nov 2021 01:19:54 GMT
s2.png
cdn.ktbby.net/image/cat/ 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ktbby.net/image/cat/s2.png
Requested by
Host: ktby.net
URL: https://ktby.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::6815:da , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d1936af52bc4c8c593000d5ed26e28d10bd5fd13e0e487c8c136f8fa7435bbe5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ktby.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 06 Nov 2021 01:45:44 GMT
cf-cache-status
HIT
last-modified
Wed, 08 Jul 2020 23:02:44 GMT
server
cloudflare
age
692750
etag
W/"3156-5a9f61b086bf0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4kccAXw0YZYi3YHhH0pTR0AKTvVzwddI4EsdOiAdl9wysoUPiL27Ghi5ozpYg2JgetCKLdklaknUicYVTi90kcllajHw4wTva8mu1DaD860JPFIIg2Btfs8i1mlyWsFtFv7kRvbc6jvK8VmT"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=2678400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6a9aa4e22d074a92-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
Sun, 28 Nov 2021 01:19:54 GMT
s3.png
cdn.ktbby.net/image/cat/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ktbby.net/image/cat/s3.png
Requested by
Host: ktby.net
URL: https://ktby.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::6815:da , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5aac0e3458996426a1281c4bc65a598a856a4c039264e5d3a56f4a4dad9915de

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ktby.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 06 Nov 2021 01:45:44 GMT
cf-cache-status
HIT
last-modified
Wed, 08 Jul 2020 23:02:44 GMT
server
cloudflare
age
867649
etag
W/"2869-5a9f61b0efb9c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=21u0Q2eKn1B6R%2F5%2F8H%2FwsVvRNkbEHPxnpD%2FQ7HdzT5LxJLudSVUi%2Fc2kVKRmkMaHSpfyfyP%2FJcid62Etm8pLPWzh42DlkgCgmYhmdCl%2BX%2FjpJ0PpYNP4ZR%2BGVUMwFMg7aMghXADblqJzMzYx"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=2678400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6a9aa4e22d084a92-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
Fri, 26 Nov 2021 00:44:55 GMT
s4.png
cdn.ktbby.net/image/cat/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ktbby.net/image/cat/s4.png
Requested by
Host: ktby.net
URL: https://ktby.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::6815:da , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ffb93e6537ef4200462b83b5e433f12ef6215c8baf206423e2c9a4c7e5e15f7e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ktby.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 06 Nov 2021 01:45:44 GMT
cf-cache-status
HIT
last-modified
Wed, 08 Jul 2020 23:02:45 GMT
server
cloudflare
age
1833920
etag
W/"2ca2-5a9f61b160079"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n3gMIYEtUnKqZWv5SW940DV9VmF2aevsIQaF2PzMJQALTqGe9vKFHmbehyD5c0PmRdADWt2K3FXLlMnup9zD5OwAI6G51IFjDXrjefTH%2FeBZZehOgtwumb8%2BB4CpV%2BX%2F4Zwa7pcAf63MPAhK"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=2678400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6a9aa4e22d0a4a92-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
Sun, 14 Nov 2021 20:20:24 GMT
s5.png
cdn.ktbby.net/image/cat/ 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ktbby.net/image/cat/s5.png
Requested by
Host: ktby.net
URL: https://ktby.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::6815:da , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
09bdd641b03e2501936f11ce3c00d53393a5f0de06fbbfad1f9ea27c28f959ad

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ktby.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 06 Nov 2021 01:45:44 GMT
cf-cache-status
HIT
last-modified
Wed, 08 Jul 2020 23:02:45 GMT
server
cloudflare
age
1833920
etag
W/"38d8-5a9f61b1ea74c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zL1PYT%2BYAuyFaj245GUPh6eoSJN5cN0sf6EXW15QZ4sqqVYK4n701%2FYUXdHpAtsMDV1h%2B4Pa%2BqwxacjTagmjDqUSfn0Pcmi6HjRwXWXwAb1pfKcMz8AU7B4RtO8n6c5gy5hK0UcUgw1A8skq"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=2678400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6a9aa4e22d0c4a92-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
Sun, 14 Nov 2021 20:20:24 GMT
s6.png
cdn.ktbby.net/image/cat/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ktbby.net/image/cat/s6.png
Requested by
Host: ktby.net
URL: https://ktby.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::6815:da , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
537867d50a5b6843315955688a042b030e1cca316c2ad526a04c740060b8aa4b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ktby.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 06 Nov 2021 01:45:44 GMT
cf-cache-status
HIT
last-modified
Wed, 08 Jul 2020 23:02:46 GMT
server
cloudflare
age
1833920
etag
W/"2f5c-5a9f61b2565d9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m3lgBG%2FTOCsmsfUFUN1wd7IEMTpIbFN%2BwnnfyWPgdnsuoHR2eXN0QQur8JA2WQaccyG5lU9JxnOU8DYb9oIQ3tEd7%2BO%2BQy%2BkKLCSUmG%2BQFKPE%2Basy7mnGF%2BE0OKuQY2X0anNeFj5kF83yNR4"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=2678400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6a9aa4e22d0d4a92-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
Sun, 14 Nov 2021 20:20:24 GMT
s7.png
cdn.ktbby.net/image/cat/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ktbby.net/image/cat/s7.png
Requested by
Host: ktby.net
URL: https://ktby.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::6815:da , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1913146e6ed3d20df58607acb609cd07c0d58c0cd1f8a6be449cd47bfb89748e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ktby.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 06 Nov 2021 01:45:44 GMT
cf-cache-status
HIT
last-modified
Wed, 08 Jul 2020 23:02:46 GMT
server
cloudflare
age
1833920
etag
W/"2788-5a9f61b2c6e9d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=usGcRJt%2BzwBCxKkyloYpiNNyCosJXT9pvTUQH7%2BHZBggmCX2EOaVQuCX0QuacatU1HxMC683EvcmLnp1ZB8QOvZ11CUmUswRvN%2FfTz1UXiYh3POKoPLV0qB95tQ9JTP3JhIuh953rbtqE3y2"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=2678400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6a9aa4e23d104a92-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
Sun, 14 Nov 2021 20:20:24 GMT
s8.png
cdn.ktbby.net/image/cat/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ktbby.net/image/cat/s8.png
Requested by
Host: ktby.net
URL: https://ktby.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::6815:da , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
916c5d83b84e05c9c52c4a6734c65d90d957ce9aca15f36874169d55a81ea6a1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ktby.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 06 Nov 2021 01:45:44 GMT
cf-cache-status
HIT
last-modified
Wed, 08 Jul 2020 23:02:47 GMT
server
cloudflare
age
768361
etag
W/"2fad-5a9f61b361359"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I0UNrM0mQhb8ehlEgidYjhpQi4inW%2ByyoGraOQO0fmv7EUPsuBK5lUMKF0ekuITCaCXopwtDZ3L3HHTeyinZuqUUO4Bts4SR98Avqs8s%2BZ03JJyjPtfPiBxXrTnioZHFPIA37DGT3Vo0WdBa"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=2678400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6a9aa4e23d114a92-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
Sat, 27 Nov 2021 04:19:43 GMT
s9.png
cdn.ktbby.net/image/cat/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ktbby.net/image/cat/s9.png
Requested by
Host: ktby.net
URL: https://ktby.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::6815:da , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
83353cdb1a30087b5edc96a999fffdc469c94b3eef9507ea8aaee4b95ef4ed66

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ktby.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 06 Nov 2021 01:45:44 GMT
cf-cache-status
HIT
last-modified
Wed, 08 Jul 2020 23:02:47 GMT
server
cloudflare
age
66754
etag
W/"32cc-5a9f61b3ca305"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=htrTapNu9WYVkQpRYKu7n3HB0XHku8cg4e7ivBttTm%2FkE8Gr3hdox27k4LttuNHe6GWxGmLrcc%2F0j%2B0%2B6G0d0al2%2Be74MMkePwaS6droWIAe5thjxS2moeNY6AVrDdyszM6rZC8pFpXV0IO5"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=2678400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6a9aa4e23d144a92-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
Sun, 05 Dec 2021 07:13:10 GMT
s10v3.png
cdn.ktbby.net/image/cat/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ktbby.net/image/cat/s10v3.png
Requested by
Host: ktby.net
URL: https://ktby.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::6815:da , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
09f21669cd2bf674c4993842c1905167ecda4f4c8206c6b981d0b2579088914e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ktby.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 06 Nov 2021 01:45:44 GMT
cf-cache-status
HIT
last-modified
Wed, 08 Jul 2020 23:02:43 GMT
server
cloudflare
age
1833920
etag
W/"3c92-5a9f61b01c8bb"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=47v8VXyhcEcJVAZaK2H3YD6399YoHwB97I4l1kgozmUdba5x92%2FwNEMnCBkO7nfIma3uH9sS4l5mffJ757617yZzaby7W0wUTwMRGHpGvTUlob9TKq9d0jqF2BPN8%2BhdL7uOWHV%2FP7WQz4eO"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=2678400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6a9aa4e23d154a92-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
Sun, 14 Nov 2021 20:20:24 GMT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/2.1.1/ 		82 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/2.1.1/jquery.min.js
Requested by
Host: ktby.net
URL: https://ktby.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
874706b2b1311a0719b5267f7d1cf803057e367e94ae1ff7bf78c5450d30f5d4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ktby.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 02 Nov 2021 18:12:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
286408
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29671
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="hosted-libraries-pushers"
expires
Wed, 02 Nov 2022 18:12:16 GMT
friday.jpg
cdn.ktbby.com/image/ 		80 KB
81 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ktbby.com/image/friday.jpg
Requested by
Host: ktby.net
URL: https://ktby.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:d70c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0d6eb41a82ca992c4017d011d4994fefad35f81c506075c2254c6026362abb49
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ktby.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 06 Nov 2021 01:45:44 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
48067
x-server-powered-by
G-Fiber
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
82404
x-xss-protection
1; mode=block
x-nginx-upstream-cache-status
BYPASS
last-modified
Fri, 14 Feb 2020 20:30:16 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T4I%2BLJ9EZQ6IKQ7gA8d%2B%2BIgeDzrqHvfITtAuPwlAh3HsE95duVIIOLdZViGUhPARYK6LnqrvNT9qYuYAJiibvbbYKMoveucd1D7C%2FAl7nD6NC2B1Ir5yIx9DCOSwtbztSeauh%2FVJwutspf2X"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=5184000
accept-ranges
bytes
cf-ray
6a9aa4e23aa05c62-FRA
expires
Tue, 04 Jan 2022 12:24:37 GMT
saudi4.png
cdn.ktbby.net/image/ 		117 KB
117 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ktbby.net/image/saudi4.png
Requested by
Host: ktby.net
URL: https://ktby.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::6815:da , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8f1fdb5289629e31a5bb9b8b21087651dbb98d0222908726bdccc1635e096e77

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ktby.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 06 Nov 2021 01:45:44 GMT
cf-cache-status
HIT
last-modified
Wed, 08 Jul 2020 23:01:58 GMT
server
cloudflare
age
1833919
etag
W/"1d27a-5a9f61852a00a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vtlf3PXfjDp07bnsM1zm1ErN7umACwETSTDMorMW2aFBYWMJC7g52fqYIw6udhyQgtk2AOBWGUg%2BavT0Eta5XzopyNj7sPHv62yW2oM3%2BYEIZCYk404UeHKEY4Ndi0YDrbciOYk1xU%2BxQXcg"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=2678400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6a9aa4e23d164a92-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
Sun, 14 Nov 2021 20:20:25 GMT
OneSignalSDK.js
cdn.onesignal.com/sdks/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.onesignal.com/sdks/OneSignalSDK.js
Requested by
Host: ktby.net
URL: https://ktby.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:e134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa081436fdbf78060847f4dbd6cc95f88a435c2f995e03aedf16cae94bb48762

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ktby.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 06 Nov 2021 01:45:44 GMT
content-encoding
br
cf-cache-status
HIT
server
cloudflare
age
680
etag
W/"d24a6d0ec1286eeadae131b33275a983"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
cf-ray
6a9aa4e2390e5c20-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
Tue, 09 Nov 2021 01:45:44 GMT
wp-emoji-release.min.js
ktby.net/wp-includes/js/ 		18 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ktby.net/wp-includes/js/wp-emoji-release.min.js?ver=5.8.1
Requested by
Host: ktby.net
URL: https://ktby.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::ac43:c8ee , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ktby.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 06 Nov 2021 01:45:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
413358
x-cache
HIT from Backend
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Sun, 22 Aug 2021 02:23:31 GMT
server
cloudflare
etag
W/"6121b523-4705"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Mf8ENu%2Fx5w%2FuSKyFbUDpVkGvwFSbycjMgGx5Di38JIlhD4NFLxUjQ1NCtEAN0alz%2F0tnwjYAzdea1lx4HIJHNoMgiSkTs5YwJqw6kMJp9LyqAMG8t06nu%2Fj%2Fmr97BX8bw6CCqUECEw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
vary
Accept-Encoding
cache-control
max-age=315360000
cf-ray
6a9aa4e209bb434b-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
bg.jpg
ktby.net/ 		59 KB
55 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ktby.net/bg.jpg
Requested by
Host: ktby.net
URL: https://ktby.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::ac43:c8ee , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
74bf829a6f70c8864e09837efb8ce29fa5b0c2379179f6389cead1e02ecc2fbc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ktby.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 06 Nov 2021 01:45:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
413357
x-cache
HIT from Backend
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Tue, 09 Oct 2018 15:03:12 GMT
server
cloudflare
etag
W/"5bbcc330-eafd"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n1uWx3U%2BtfWphVpYo2anRVtx%2FmF0TpQEaJiGjulO3Bp4F4Ir9BrnH6PkoSRGtLa8He4gj%2BcFZuNkyszm97%2BBvC%2FBSGb%2B%2BafqQWKAlXqEqsHnzI%2BwIcOCPmaWX9nZAa67KlZQABd%2Buw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
vary
Accept-Encoding
cache-control
max-age=315360000
cf-ray
6a9aa4e209bc434b-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
pattern1.jpg
cdn.ktbby.net/image/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ktbby.net/image/pattern1.jpg
Requested by
Host: ktby.net
URL: https://ktby.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::6815:da , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9fb37bd6725445cf2cdf1333ddde9feba241ad40efc43d18d5ccb7be92577a9e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ktby.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 06 Nov 2021 01:45:44 GMT
cf-cache-status
HIT
last-modified
Wed, 08 Jul 2020 23:01:53 GMT
server
cloudflare
age
1833932
etag
W/"10bc-5a9f617fd7f3d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KiW5vPvZX55oK92O1dHfNucNv0SaOXBvg6Y6Fj9TVd6iBvDoAsreesDirv45Oz8I6GASCyRGnMcG6eQ2FPQWnq3qG9vBT5cRNpczx87Xlw3s1KgkSOI%2FrFesOy%2FtQnUeaF7eHuGq75Icy7Hz"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=2678400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6a9aa4e23d174a92-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
Sun, 14 Nov 2021 20:20:12 GMT
ktbby.woff
ktby.net/wp-content/themes/ktbby/font/ 		34 KB
34 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://ktby.net/wp-content/themes/ktbby/font/ktbby.woff
Requested by
Host: ktby.net
URL: https://ktby.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::ac43:c8ee , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
befacc9e7e968a1a8e8923804ffe6e2ff22aa0e2b94e78c71d1426ad1577ecb5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ktby.net/
Origin
https://ktby.net
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 06 Nov 2021 01:45:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
413357
x-cache
HIT from Backend
strict-transport-security
max-age=31536000
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Mon, 08 Oct 2018 21:22:32 GMT
server
cloudflare
etag
W/"5bbbca98-89bc"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4gh98QPx6iC1M9rfAoaGfAj1Vixmkm8MKz1nj4B7h0Pd3yuPiwsLqNN1MYajn3PPxzcySmwmTZBmyWzWUDRdyipFsJkjTSRkVunghOnsR3Ms3j5rstHUzW8fl%2B6eEXMDoZgITofRHA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/font-woff
cache-control
max-age=315360000
cf-ray
6a9aa4e209c1434b-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
search.png
ktby.net/ 		264 B
905 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ktby.net/search.png
Requested by
Host: ktby.net
URL: https://ktby.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::ac43:c8ee , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f241138584bca7e6bee454486f68d978f485833f4a4491cb3c5cede5c84dc55f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ktby.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 06 Nov 2021 01:45:44 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
413357
x-cache
HIT from Backend
strict-transport-security
max-age=31536000
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
264
x-xss-protection
1; mode=block
last-modified
Tue, 27 Nov 2018 17:47:31 GMT
server
cloudflare
etag
"5bfd8333-108"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uD4FEzpuYIxtstHiJ5PhaOQ2XnZGyPp3N9NQQKySYlcftA41I%2BHgjTSNpThmYpxQoxLctifxqIwItoYzk89R3sED8fPhixzcjV%2Ftb0%2BU%2F3W0tX94x3Cf1wyyY57EbSxvbRHCHr%2FTfw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
6a9aa4e219cb434b-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
ktbby-bold.woff
ktby.net/wp-content/themes/ktbby/font/ 		33 KB
32 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://ktby.net/wp-content/themes/ktbby/font/ktbby-bold.woff
Requested by
Host: ktby.net
URL: https://ktby.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::ac43:c8ee , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
67e23d8d3769f6e3ffaf38745858509883973ae5b45f44910a62efe70ff20010
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ktby.net/
Origin
https://ktby.net
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 06 Nov 2021 01:45:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
413357
x-cache
HIT from Backend
strict-transport-security
max-age=31536000
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Mon, 04 Feb 2019 23:42:13 GMT
server
cloudflare
etag
W/"5c58cdd5-820c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o%2FQKbPxXmYYjZXncRZelWJg%2FkNNgqPjxI0H0RhySZaYiJAFZBFSDVirMAmKKa2KY%2B%2BgM5xcDbVQi3zRzE0QbsB0%2F2WZ06lKPjIk9xLlr%2FxOHR4D9%2BwhOUST4PNyYvfCgUkEjiTdZ8g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/font-woff
cache-control
max-age=315360000
cf-ray
6a9aa4e219cc434b-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
js15_as.js
s10.histats.com/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s10.histats.com/js15_as.js
Requested by
Host: ktby.net
URL: https://ktby.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.105.201.240 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ktby.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 06 Nov 2021 01:44:55 GMT
content-encoding
br
last-modified
Thu, 16 Apr 2020 10:44:16 GMT
x-cdn-pop-ip
137.74.120.0/27
etag
"-375139978"
x-cacheable
Matched cache
content-type
text/javascript
x-cdn-pop
sbg
accept-ranges
bytes
content-length
4364
x-request-id
225282193
analytics.js
www.google-analytics.com/ 		48 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: ktby.net
URL: https://ktby.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ktby.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 26 Oct 2021 23:24:02 GMT
server
Golfe2
age
6278
date
Sat, 06 Nov 2021 00:01:06 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19747
expires
Sat, 06 Nov 2021 02:01:06 GMT
show_ads_impl_with_ama_fy2019.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111020101/ 		268 KB
96 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111020101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2189853987733853&plah=ktby.net
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f98081076194f6885070d6ff9f5b86eb631716f88436a9e787850e6bb110acad
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ktby.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 06 Nov 2021 01:45:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
98224
x-xss-protection
0
server
cafe
etag
9040437908421206644
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sat, 06 Nov 2021 01:45:44 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20211103/r20190131/ Frame CDF0 		11 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20211103/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
097ee9cf7679385b826098b24be6ed2e5c6b660342513932a8018203cc0497bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ktby.net/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Fri, 05 Nov 2021 18:47:13 GMT
expires
Fri, 19 Nov 2021 18:47:13 GMT
content-type
text/html; charset=UTF-8
etag
2948287274155451234
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4905
x-xss-protection
0
age
25111
cache-control
public, max-age=1209600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
OneSignalPageSDKES6.js
cdn.onesignal.com/sdks/ 		284 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151509
Requested by
Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:e134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a0be76c911338a04a147d23494fe0bba1e96cb78a4c6efce737b072466c8a346

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ktby.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 06 Nov 2021 01:45:44 GMT
content-encoding
br
cf-cache-status
HIT
server
cloudflare
age
512
etag
W/"f5b476c39d3850a1e9c745df927a7adc"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
cf-ray
6a9aa4e2e9ac5c20-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
Tue, 09 Nov 2021 01:45:44 GMT
0.php
s4.histats.com/stats/ 		52 B
186 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s4.histats.com/stats/0.php?4165023&@f16&@g1&@h1&@i1&@j1636163144145&@k0&@l1&@m%D9%85%D9%88%D9%82%D8%B9%20%D9%83%D8%AA%D8%A8%D9%8A&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1600&@b1:-13572612&@b3:1636163144&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Fktby.net%2F&@w
Requested by
Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.99.0.58 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ns500326.ip-192-99-0.net
Software
/
Resource Hash
8adfa56977d1aac71ff78f5be90d8dfa9b81e4c1e20a27523136b95476c3db22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ktby.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Sat, 06 Nov 2021 01:45:44 GMT
Connection
close
Content-Length
52
Content-Type
text/html;charset=UTF-8
collect
www.google-analytics.com/j/ 		2 B
202 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j93&a=692690799&t=pageview&_s=1&dl=https%3A%2F%2Fktby.net%2F&ul=en-us&de=UTF-8&dt=%D9%85%D9%88%D9%82%D8%B9%20%D9%83%D8%AA%D8%A8%D9%8A&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=1539064657&gjid=1012589981&cid=1245411244.1636163144&tid=UA-98498605-3&_gid=1419895411.1636163144&_r=1&_slc=1&z=607769484
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://ktby.net/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 06 Nov 2021 01:45:44 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://ktby.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
cookie.js
partner.googleadservices.com/gampad/ 		198 B
636 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=ktby.net&callback=_gfp_s_&client=ca-pub-2189853987733853
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111020101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2189853987733853&plah=ktby.net
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
be4ef236f66f31408041ce41f2aabdb0330b0c2753cb780f83dde302bc4dfbec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ktby.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 06 Nov 2021 01:45:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
192
x-xss-protection
0
integrator.js
adservice.google.de/adsid/ 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=ktby.net
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111020101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2189853987733853&plah=ktby.net
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ktby.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 06 Nov 2021 01:45:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=ktby.net
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111020101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2189853987733853&plah=ktby.net
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ktby.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 06 Nov 2021 01:45:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 4B07 		150 KB
41 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2189853987733853&output=html&adk=1812271804&adf=3025194257&lmt=1636079019&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fktby.net%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636163144109&bpp=2&bdt=166&idt=74&shv=r20211103&mjsv=m202111020101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3279405302800&frm=20&pv=2&ga_vid=1245411244.1636163144&ga_sid=1636163144&ga_hid=692690799&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062938%2C31062945%2C31062930&oid=2&pvsid=1017411801439681&pem=566&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=93
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111020101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2189853987733853&plah=ktby.net
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
bc91cf686ebb7af97aeb6082d4f3f662d4219f891e0b537e647dbf18e94ffdba
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ktby.net/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Sat, 06 Nov 2021 01:45:44 GMT
server
cafe
content-length
41412
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Sat, 06 Nov 2021 01:45:44 GMT
cache-control
private
ads
googleads.g.doubleclick.net/pagead/ Frame 10A9 		101 KB
29 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2189853987733853&output=html&h=90&slotname=2854277753&adk=3313486126&adf=407262749&pi=t.ma~as.2854277753&w=728&lmt=1636079019&rafmt=12&psa=0&format=728x90&url=https%3A%2F%2Fktby.net%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636163144111&bpp=2&bdt=167&idt=96&shv=r20211103&mjsv=m202111020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3279405302800&frm=20&pv=1&ga_vid=1245411244.1636163144&ga_sid=1636163144&ga_hid=692690799&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=722&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062938%2C31062945%2C31062930&oid=2&pvsid=1017411801439681&pem=566&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=2&uci=a!2&fsb=1&xpc=u0i5NDRBAx&p=https%3A//ktby.net&dtd=101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111020101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2189853987733853&plah=ktby.net
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7800b21c71f175e9a4ceaa8fcf2fbcb006838dc3d20209f1e6901f85fcaf17b5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ktby.net/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Sat, 06 Nov 2021 01:45:44 GMT
server
cafe
content-length
29464
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Sat, 06 Nov 2021 01:45:44 GMT
cache-control
private
web
onesignal.com/api/v1/sync/b559d2ab-6bce-4501-a873-c2e62667d750/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://onesignal.com/api/v1/sync/b559d2ab-6bce-4501-a873-c2e62667d750/web?callback=__jp0
Requested by
Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151509
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:e134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b52d5b543fe6656602132f50b561f45b4ea2947d71af6e98d0cd03decfebe10c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ktby.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 06 Nov 2021 01:45:44 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
1191
cf-polished
origSize=4518
status
200 OK
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection
1; mode=block
x-request-id
c164846d-6688-4e79-914e-b2261f220eec
x-runtime
0.024934
referrer-policy
strict-origin-when-cross-origin
cf-bgj
minify
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"b481a2dfc81e5bef7ec17c967774b13a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=3600
cf-ray
6a9aa4e37a505c20-FRA
access-control-allow-headers
SDK-Version
expires
Sat, 06 Nov 2021 02:45:44 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame CC56 		92 KB
29 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2189853987733853&output=html&h=280&slotname=7378578754&adk=4147339831&adf=3814482387&pi=t.ma~as.7378578754&w=1115&fwrn=4&fwrnh=100&lmt=1636079019&rafmt=1&psa=0&format=1115x280&url=https%3A%2F%2Fktby.net%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636163144113&bpp=1&bdt=169&idt=117&shv=r20211103&mjsv=m202111020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=3279405302800&frm=20&pv=1&ga_vid=1245411244.1636163144&ga_sid=1636163144&ga_hid=692690799&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=243&ady=1481&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062938%2C31062945%2C31062930&oid=2&pvsid=1017411801439681&pem=566&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=fGiNRnGOOT&p=https%3A//ktby.net&dtd=120
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111020101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2189853987733853&plah=ktby.net
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5a5b1ec701b85769c9e77779a41c2ca80ff8d5d4024a9627f19dce831fffad8b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ktby.net/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Sat, 06 Nov 2021 01:45:44 GMT
server
cafe
content-length
29028
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Sat, 06 Nov 2021 01:45:44 GMT
cache-control
private
11135040977780650923
tpc.googlesyndication.com/simgad/ Frame CC56 		100 KB
101 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/11135040977780650923?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qk43VzszrYTu01Hty7KRkCgtinjWg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2189853987733853&output=html&h=280&slotname=7378578754&adk=4147339831&adf=3814482387&pi=t.ma~as.7378578754&w=1115&fwrn=4&fwrnh=100&lmt=1636079019&rafmt=1&psa=0&format=1115x280&url=https%3A%2F%2Fktby.net%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636163144113&bpp=1&bdt=169&idt=117&shv=r20211103&mjsv=m202111020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=3279405302800&frm=20&pv=1&ga_vid=1245411244.1636163144&ga_sid=1636163144&ga_hid=692690799&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=243&ady=1481&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062938%2C31062945%2C31062930&oid=2&pvsid=1017411801439681&pem=566&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=fGiNRnGOOT&p=https%3A//ktby.net&dtd=120
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
038952f25fb0caef40129d96220518a7e40776f93ef5c59072a83be476e5e228
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 04 Nov 2021 06:23:23 GMT
x-content-type-options
nosniff
age
156141
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
102803
x-xss-protection
0
last-modified
Wed, 19 May 2021 11:00:00 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Fri, 04 Nov 2022 06:23:23 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211103/r20110914/ Frame CC56 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211103/r20110914/abg_lite_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2189853987733853&output=html&h=280&slotname=7378578754&adk=4147339831&adf=3814482387&pi=t.ma~as.7378578754&w=1115&fwrn=4&fwrnh=100&lmt=1636079019&rafmt=1&psa=0&format=1115x280&url=https%3A%2F%2Fktby.net%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636163144113&bpp=1&bdt=169&idt=117&shv=r20211103&mjsv=m202111020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=3279405302800&frm=20&pv=1&ga_vid=1245411244.1636163144&ga_sid=1636163144&ga_hid=692690799&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=243&ady=1481&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062938%2C31062945%2C31062930&oid=2&pvsid=1017411801439681&pem=566&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=fGiNRnGOOT&p=https%3A//ktby.net&dtd=120
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4c9d68e6fcd7df4461d8628656db38b9b67c9f193e49fdd74e0ab213c56e3581
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 06 Nov 2021 01:14:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1857
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7933
x-xss-protection
0
server
cafe
etag
7671872550847203596
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 20 Nov 2021 01:14:47 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211103/r20110914/client/ Frame CC56 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211103/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2189853987733853&output=html&h=280&slotname=7378578754&adk=4147339831&adf=3814482387&pi=t.ma~as.7378578754&w=1115&fwrn=4&fwrnh=100&lmt=1636079019&rafmt=1&psa=0&format=1115x280&url=https%3A%2F%2Fktby.net%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636163144113&bpp=1&bdt=169&idt=117&shv=r20211103&mjsv=m202111020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=3279405302800&frm=20&pv=1&ga_vid=1245411244.1636163144&ga_sid=1636163144&ga_hid=692690799&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=243&ady=1481&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062938%2C31062945%2C31062930&oid=2&pvsid=1017411801439681&pem=566&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=fGiNRnGOOT&p=https%3A//ktby.net&dtd=120
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4af635698cb6488a8df86b99febedbc979c76e04f675f3a9cdc66f7b4d86aff6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 06 Nov 2021 01:35:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
631
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1470
x-xss-protection
0
server
cafe
etag
9165589572046851897
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 20 Nov 2021 01:35:13 GMT
transparent.png
tpc.googlesyndication.com/pagead/images/ Frame CC56 		67 B
196 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/transparent.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2189853987733853&output=html&h=280&slotname=7378578754&adk=4147339831&adf=3814482387&pi=t.ma~as.7378578754&w=1115&fwrn=4&fwrnh=100&lmt=1636079019&rafmt=1&psa=0&format=1115x280&url=https%3A%2F%2Fktby.net%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636163144113&bpp=1&bdt=169&idt=117&shv=r20211103&mjsv=m202111020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=3279405302800&frm=20&pv=1&ga_vid=1245411244.1636163144&ga_sid=1636163144&ga_hid=692690799&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=243&ady=1481&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062938%2C31062945%2C31062930&oid=2&pvsid=1017411801439681&pem=566&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=fGiNRnGOOT&p=https%3A//ktby.net&dtd=120
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
bdf72009ad226c17f1954ba602292902a780b80af07dbcbab1322bdf5c32be66
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 05 Nov 2021 18:14:59 GMT
x-content-type-options
nosniff
server
cafe
age
27045
etag
2462972746714251406
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
67
x-xss-protection
0
expires
Sat, 06 Nov 2021 18:14:59 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame CC56 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CI0EDSN6FYcm0D8rE7_UPwqKviAmniNabZpTn0-ynDp64iLaDAxABIJmWriJglbqsgrQHoAHd-qHSAcgBAqkCcIwVx5Nnsz6oAwHIA8kEqgTCAU_QdwIKBaGJHL8-rfpZkLNuAfO1SSss_i55Bw5JJ92Lc9XcjWLE9riqyRSvxorP3N-ZtNJngb8bIBNqDj-BICELiD8xJu-41Jk51Q-BJxSUpyoQxHKcTbUlfRSuC_gvAQI6BN1c9C0UZfS_oS7xifNUHhyrpGWOLMQ83VPaiRRRz5DiOLfvSpd4j2kzVef1LTdT_cn3xLBQLnZpAQVIhvheIfnoKN8a76jF1NvJY50GrbGKzgUORYEv5ItA_OK4akxiwATXh5aYyAOSBQQIBBgBkgUECAUYBKAGAoAH-aXmrQKoB_DZG6gH8tkbqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhvYBwHyBwQQ7NUD0ggJCIDhgHAQARhfgAoByAsB2BMN0BUBgBcBshccChoIABIUcHViLTIxODk4NTM5ODc3MzM4NTMYAA&sigh=J62HGQOYC5Y&uach_m=[UACH]
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2189853987733853&output=html&h=280&slotname=7378578754&adk=4147339831&adf=3814482387&pi=t.ma~as.7378578754&w=1115&fwrn=4&fwrnh=100&lmt=1636079019&rafmt=1&psa=0&format=1115x280&url=https%3A%2F%2Fktby.net%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636163144113&bpp=1&bdt=169&idt=117&shv=r20211103&mjsv=m202111020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=3279405302800&frm=20&pv=1&ga_vid=1245411244.1636163144&ga_sid=1636163144&ga_hid=692690799&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=243&ady=1481&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062938%2C31062945%2C31062930&oid=2&pvsid=1017411801439681&pem=566&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=fGiNRnGOOT&p=https%3A//ktby.net&dtd=120
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2189853987733853&output=html&h=280&slotname=7378578754&adk=4147339831&adf=3814482387&pi=t.ma~as.7378578754&w=1115&fwrn=4&fwrnh=100&lmt=1636079019&rafmt=1&psa=0&format=1115x280&url=https%3A%2F%2Fktby.net%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636163144113&bpp=1&bdt=169&idt=117&shv=r20211103&mjsv=m202111020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=3279405302800&frm=20&pv=1&ga_vid=1245411244.1636163144&ga_sid=1636163144&ga_hid=692690799&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=243&ady=1481&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062938%2C31062945%2C31062930&oid=2&pvsid=1017411801439681&pem=566&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=fGiNRnGOOT&p=https%3A//ktby.net&dtd=120
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Sat, 06 Nov 2021 01:45:44 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Sat, 06 Nov 2021 01:45:44 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211103/r20110914/client/ Frame CC56 		15 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211103/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2189853987733853&output=html&h=280&slotname=7378578754&adk=4147339831&adf=3814482387&pi=t.ma~as.7378578754&w=1115&fwrn=4&fwrnh=100&lmt=1636079019&rafmt=1&psa=0&format=1115x280&url=https%3A%2F%2Fktby.net%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636163144113&bpp=1&bdt=169&idt=117&shv=r20211103&mjsv=m202111020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=3279405302800&frm=20&pv=1&ga_vid=1245411244.1636163144&ga_sid=1636163144&ga_hid=692690799&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=243&ady=1481&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062938%2C31062945%2C31062930&oid=2&pvsid=1017411801439681&pem=566&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=fGiNRnGOOT&p=https%3A//ktby.net&dtd=120
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
69a051355ad02c286b388a0013340d02657eb3f463d628f7fc1069c40ab8a7e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 06 Nov 2021 01:41:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
273
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6619
x-xss-protection
0
server
cafe
etag
4215814365075848680
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 20 Nov 2021 01:41:11 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame CC56 		120 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2189853987733853&output=html&h=280&slotname=7378578754&adk=4147339831&adf=3814482387&pi=t.ma~as.7378578754&w=1115&fwrn=4&fwrnh=100&lmt=1636079019&rafmt=1&psa=0&format=1115x280&url=https%3A%2F%2Fktby.net%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636163144113&bpp=1&bdt=169&idt=117&shv=r20211103&mjsv=m202111020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=3279405302800&frm=20&pv=1&ga_vid=1245411244.1636163144&ga_sid=1636163144&ga_hid=692690799&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=243&ady=1481&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062938%2C31062945%2C31062930&oid=2&pvsid=1017411801439681&pem=566&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=fGiNRnGOOT&p=https%3A//ktby.net&dtd=120
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a889ed53ea224d3134512762ff0cde5c4b0426379110a6592f9d0e337b859e95
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 06 Nov 2021 01:45:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37686
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1635939303405469"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 06 Nov 2021 01:45:44 GMT
one_click_handler_one_afma_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211103/r20110914/client/ Frame CC56 		27 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211103/r20110914/client/one_click_handler_one_afma_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2189853987733853&output=html&h=280&slotname=7378578754&adk=4147339831&adf=3814482387&pi=t.ma~as.7378578754&w=1115&fwrn=4&fwrnh=100&lmt=1636079019&rafmt=1&psa=0&format=1115x280&url=https%3A%2F%2Fktby.net%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636163144113&bpp=1&bdt=169&idt=117&shv=r20211103&mjsv=m202111020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=3279405302800&frm=20&pv=1&ga_vid=1245411244.1636163144&ga_sid=1636163144&ga_hid=692690799&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=243&ady=1481&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062938%2C31062945%2C31062930&oid=2&pvsid=1017411801439681&pem=566&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=fGiNRnGOOT&p=https%3A//ktby.net&dtd=120
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
958cb8992e75141f60d67383af5df25397e04446753f027dd317be9d51136ab0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 05 Nov 2021 10:19:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
55577
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11538
x-xss-protection
0
server
cafe
etag
16299297374704173702
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 19 Nov 2021 10:19:27 GMT
s
googleads.g.doubleclick.net/pagead/drt/ Frame 17CC 		143 B
222 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2189853987733853&output=html&h=280&slotname=7378578754&adk=4147339831&adf=3814482387&pi=t.ma~as.7378578754&w=1115&fwrn=4&fwrnh=100&lmt=1636079019&rafmt=1&psa=0&format=1115x280&url=https%3A%2F%2Fktby.net%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636163144113&bpp=1&bdt=169&idt=117&shv=r20211103&mjsv=m202111020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=3279405302800&frm=20&pv=1&ga_vid=1245411244.1636163144&ga_sid=1636163144&ga_hid=692690799&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=243&ady=1481&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062938%2C31062945%2C31062930&oid=2&pvsid=1017411801439681&pem=566&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=fGiNRnGOOT&p=https%3A//ktby.net&dtd=120
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2189853987733853&output=html&h=280&slotname=7378578754&adk=4147339831&adf=3814482387&pi=t.ma~as.7378578754&w=1115&fwrn=4&fwrnh=100&lmt=1636079019&rafmt=1&psa=0&format=1115x280&url=https%3A%2F%2Fktby.net%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636163144113&bpp=1&bdt=169&idt=117&shv=r20211103&mjsv=m202111020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=3279405302800&frm=20&pv=1&ga_vid=1245411244.1636163144&ga_sid=1636163144&ga_hid=692690799&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=243&ady=1481&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062938%2C31062945%2C31062930&oid=2&pvsid=1017411801439681&pem=566&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=fGiNRnGOOT&p=https%3A//ktby.net&dtd=120

Response headers

content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Sat, 06 Nov 2021 01:37:38 GMT
server
cafe
content-length
145
x-xss-protection
0
cache-control
public, max-age=3600
age
486
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame CC56 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
206de59f1f591b65bece8861feab3bad88bc05d148da8376aae5c77669b1f521

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type
image/png
si
googleads.g.doubleclick.net/pagead/drt/ Frame 17CC
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
225 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2189853987733853&output=html&h=280&slotname=7378578754&adk=4147339831&adf=3814482387&pi=t.ma~as.7378578754&w=1115&fwrn=4&fwrnh=100&lmt=1636079019&rafmt=1&psa=0&format=1115x280&url=https%3A%2F%2Fktby.net%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636163144113&bpp=1&bdt=169&idt=117&shv=r20211103&mjsv=m202111020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=3279405302800&frm=20&pv=1&ga_vid=1245411244.1636163144&ga_sid=1636163144&ga_hid=692690799&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=243&ady=1481&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062938%2C31062945%2C31062930&oid=2&pvsid=1017411801439681&pem=566&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=fGiNRnGOOT&p=https%3A//ktby.net&dtd=120
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Sat, 06 Nov 2021 01:45:44 GMT
server
cafe
content-length
0
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Sat, 06 Nov 2021 01:45:44 GMT
cache-control
private

Redirect headers

location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control
private
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Sat, 06 Nov 2021 01:45:44 GMT
server
cafe
content-length
0
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
zcxQrsBjZtkA-sIi55aDcbNRce-W4yNq16DL4AdK1J0.js
pagead2.googlesyndication.com/bg/ Frame D078 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/zcxQrsBjZtkA-sIi55aDcbNRce-W4yNq16DL4AdK1J0.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2189853987733853&output=html&h=280&slotname=7378578754&adk=4147339831&adf=3814482387&pi=t.ma~as.7378578754&w=1115&fwrn=4&fwrnh=100&lmt=1636079019&rafmt=1&psa=0&format=1115x280&url=https%3A%2F%2Fktby.net%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636163144113&bpp=1&bdt=169&idt=117&shv=r20211103&mjsv=m202111020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=3279405302800&frm=20&pv=1&ga_vid=1245411244.1636163144&ga_sid=1636163144&ga_hid=692690799&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=243&ady=1481&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062938%2C31062945%2C31062930&oid=2&pvsid=1017411801439681&pem=566&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=fGiNRnGOOT&p=https%3A//ktby.net&dtd=120
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cdcc50aec06366d900fac222e7968371b35171ef96e3236ad7a0cbe0074ad49d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 01 Nov 2021 21:09:29 GMT
content-encoding
br
x-content-type-options
nosniff
age
362175
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13399
x-xss-protection
0
last-modified
Fri, 29 Oct 2021 13:38:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="botguard-scs"
expires
Tue, 01 Nov 2022 21:09:29 GMT
reactive_library_fy2019.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111020101/ 		148 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111020101/reactive_library_fy2019.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111020101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2189853987733853&plah=ktby.net
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
da0fb6564d80588b19e1e16d735a49ad2a497754e89185116a7f86ecd57bdafb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ktby.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 06 Nov 2021 01:45:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
53630
x-xss-protection
0
server
cafe
etag
15976513875689127474
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Sat, 06 Nov 2021 01:45:44 GMT
integrator.js
adservice.google.de/adsid/ 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=ktby.net
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111020101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2189853987733853&plah=ktby.net
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ktby.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 06 Nov 2021 01:45:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=ktby.net
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111020101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2189853987733853&plah=ktby.net
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ktby.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 06 Nov 2021 01:45:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20211103/r20110914/ Frame F299 		11 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20211103/r20110914/zrt_lookup.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111020101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2189853987733853&plah=ktby.net
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
097ee9cf7679385b826098b24be6ed2e5c6b660342513932a8018203cc0497bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ktby.net/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Fri, 05 Nov 2021 18:47:31 GMT
expires
Fri, 19 Nov 2021 18:47:31 GMT
content-type
text/html; charset=UTF-8
etag
2948287274155451234
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4905
x-xss-protection
0
age
25093
cache-control
public, max-age=1209600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
css2
fonts.googleapis.com/ Frame F299 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211103/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ab7475d461d9f613ef90faa375ec3387987dd7536af23c13cacd6be9c0c0e370
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sat, 06 Nov 2021 00:43:14 GMT
server
ESF
date
Sat, 06 Nov 2021 01:45:44 GMT
x-frame-options
SAMEORIGIN
report-to
{"group":"AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"}]}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only
same-origin; report-to="AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"
expires
Sat, 06 Nov 2021 01:45:44 GMT
feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame F299 		205 B
744 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211103/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 04 Nov 2021 01:20:13 GMT
x-content-type-options
nosniff
age
174331
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
205
x-xss-protection
0
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Fri, 04 Nov 2022 01:20:13 GMT
settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame F299 		604 B
695 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211103/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 05 Nov 2021 21:38:54 GMT
x-content-type-options
nosniff
age
14810
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
604
x-xss-protection
0
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Sat, 05 Nov 2022 21:38:54 GMT
interstitial_ad_frame_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211103/r20110914/elements/html/ Frame F299 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211103/r20110914/elements/html/interstitial_ad_frame_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211103/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b6e53c942b19db58c2d7f74fd56324abaaa5624df6aa559aaab50c56d13c69f1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 06 Nov 2021 01:38:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
410
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8166
x-xss-protection
0
server
cafe
etag
3013067873597081824
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 20 Nov 2021 01:38:54 GMT
css
fonts.googleapis.com/ Frame 19A1 		3 KB
653 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211103/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
32b5c88160bab78ae20a39de4a8abe015f4f4c5d48be8300a6686d32a570ccfb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sat, 06 Nov 2021 00:44:50 GMT
server
ESF
date
Sat, 06 Nov 2021 01:45:44 GMT
x-frame-options
SAMEORIGIN
report-to
{"group":"AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"}]}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only
same-origin; report-to="AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"
expires
Sat, 06 Nov 2021 01:45:44 GMT
load_preloaded_resource_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211103/r20110914/client/ Frame 19A1 		2 KB
991 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211103/r20110914/client/load_preloaded_resource_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211103/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1b4e852fde612daeb72f1f4cca801a99cc2730875048c5ac3faa9f5ca5854155
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 06 Nov 2021 00:08:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
5847
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
885
x-xss-protection
0
server
cafe
etag
638833322182864030
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 20 Nov 2021 00:08:17 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211103/r20110914/ Frame 19A1 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211103/r20110914/abg_lite_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211103/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4c9d68e6fcd7df4461d8628656db38b9b67c9f193e49fdd74e0ab213c56e3581
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 06 Nov 2021 01:14:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1857
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7933
x-xss-protection
0
server
cafe
etag
7671872550847203596
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 20 Nov 2021 01:14:47 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211103/r20110914/client/ Frame 19A1 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211103/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211103/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4af635698cb6488a8df86b99febedbc979c76e04f675f3a9cdc66f7b4d86aff6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 06 Nov 2021 01:35:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
631
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1470
x-xss-protection
0
server
cafe
etag
9165589572046851897
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 20 Nov 2021 01:35:13 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 19A1 		120 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211103/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a889ed53ea224d3134512762ff0cde5c4b0426379110a6592f9d0e337b859e95
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 06 Nov 2021 01:45:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37686
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1635939303405469"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 06 Nov 2021 01:45:44 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211103/r20110914/client/ Frame 19A1 		15 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211103/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211103/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
69a051355ad02c286b388a0013340d02657eb3f463d628f7fc1069c40ab8a7e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 06 Nov 2021 01:41:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
273
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6619
x-xss-protection
0
server
cafe
etag
4215814365075848680
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 20 Nov 2021 01:41:11 GMT
5193475774055ccce470a7af02e48ef6.js
www.gstatic.com/mysidia/ Frame 19A1 		27 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/5193475774055ccce470a7af02e48ef6.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211103/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
024bf58839434bcdbb669f44e683ecbb58be25cde0d0e721d68031a67a40dd40
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 01 Nov 2021 21:11:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
362027
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11340
x-xss-protection
0
last-modified
Thu, 28 Oct 2021 04:53:03 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="mysidia"
expires
Sun, 30 Jan 2022 21:11:57 GMT
s
googleads.g.doubleclick.net/pagead/drt/ Frame 58A0 		143 B
198 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211103/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/html/r20211103/r20110914/zrt_lookup.html?fsb=1

Response headers

content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Sat, 06 Nov 2021 01:37:38 GMT
server
cafe
content-length
145
x-xss-protection
0
cache-control
public, max-age=3600
age
486
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
load_preloaded_resource_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211103/r20110914/client/ Frame 10A9 		2 KB
946 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211103/r20110914/client/load_preloaded_resource_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2189853987733853&output=html&h=90&slotname=2854277753&adk=3313486126&adf=407262749&pi=t.ma~as.2854277753&w=728&lmt=1636079019&rafmt=12&psa=0&format=728x90&url=https%3A%2F%2Fktby.net%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636163144111&bpp=2&bdt=167&idt=96&shv=r20211103&mjsv=m202111020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3279405302800&frm=20&pv=1&ga_vid=1245411244.1636163144&ga_sid=1636163144&ga_hid=692690799&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=722&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062938%2C31062945%2C31062930&oid=2&pvsid=1017411801439681&pem=566&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=2&uci=a!2&fsb=1&xpc=u0i5NDRBAx&p=https%3A//ktby.net&dtd=101
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1b4e852fde612daeb72f1f4cca801a99cc2730875048c5ac3faa9f5ca5854155
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 06 Nov 2021 00:08:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
5847
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
885
x-xss-protection
0
server
cafe
etag
638833322182864030
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 20 Nov 2021 00:08:17 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211103/r20110914/ Frame 10A9 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211103/r20110914/abg_lite_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2189853987733853&output=html&h=90&slotname=2854277753&adk=3313486126&adf=407262749&pi=t.ma~as.2854277753&w=728&lmt=1636079019&rafmt=12&psa=0&format=728x90&url=https%3A%2F%2Fktby.net%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636163144111&bpp=2&bdt=167&idt=96&shv=r20211103&mjsv=m202111020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3279405302800&frm=20&pv=1&ga_vid=1245411244.1636163144&ga_sid=1636163144&ga_hid=692690799&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=722&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062938%2C31062945%2C31062930&oid=2&pvsid=1017411801439681&pem=566&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=2&uci=a!2&fsb=1&xpc=u0i5NDRBAx&p=https%3A//ktby.net&dtd=101
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4c9d68e6fcd7df4461d8628656db38b9b67c9f193e49fdd74e0ab213c56e3581
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 06 Nov 2021 01:14:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1857
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7933
x-xss-protection
0
server
cafe
etag
7671872550847203596
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 20 Nov 2021 01:14:47 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211103/r20110914/client/ Frame 10A9 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211103/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2189853987733853&output=html&h=90&slotname=2854277753&adk=3313486126&adf=407262749&pi=t.ma~as.2854277753&w=728&lmt=1636079019&rafmt=12&psa=0&format=728x90&url=https%3A%2F%2Fktby.net%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636163144111&bpp=2&bdt=167&idt=96&shv=r20211103&mjsv=m202111020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3279405302800&frm=20&pv=1&ga_vid=1245411244.1636163144&ga_sid=1636163144&ga_hid=692690799&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=722&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062938%2C31062945%2C31062930&oid=2&pvsid=1017411801439681&pem=566&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=2&uci=a!2&fsb=1&xpc=u0i5NDRBAx&p=https%3A//ktby.net&dtd=101
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4af635698cb6488a8df86b99febedbc979c76e04f675f3a9cdc66f7b4d86aff6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 06 Nov 2021 01:35:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
631
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1470
x-xss-protection
0
server
cafe
etag
9165589572046851897
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 20 Nov 2021 01:35:13 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 10A9 		120 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2189853987733853&output=html&h=90&slotname=2854277753&adk=3313486126&adf=407262749&pi=t.ma~as.2854277753&w=728&lmt=1636079019&rafmt=12&psa=0&format=728x90&url=https%3A%2F%2Fktby.net%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636163144111&bpp=2&bdt=167&idt=96&shv=r20211103&mjsv=m202111020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3279405302800&frm=20&pv=1&ga_vid=1245411244.1636163144&ga_sid=1636163144&ga_hid=692690799&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=722&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062938%2C31062945%2C31062930&oid=2&pvsid=1017411801439681&pem=566&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=2&uci=a!2&fsb=1&xpc=u0i5NDRBAx&p=https%3A//ktby.net&dtd=101
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a889ed53ea224d3134512762ff0cde5c4b0426379110a6592f9d0e337b859e95
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 06 Nov 2021 01:45:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37686
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1635939303405469"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 06 Nov 2021 01:45:44 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211103/r20110914/client/ Frame 10A9 		15 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211103/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2189853987733853&output=html&h=90&slotname=2854277753&adk=3313486126&adf=407262749&pi=t.ma~as.2854277753&w=728&lmt=1636079019&rafmt=12&psa=0&format=728x90&url=https%3A%2F%2Fktby.net%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636163144111&bpp=2&bdt=167&idt=96&shv=r20211103&mjsv=m202111020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3279405302800&frm=20&pv=1&ga_vid=1245411244.1636163144&ga_sid=1636163144&ga_hid=692690799&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=722&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062938%2C31062945%2C31062930&oid=2&pvsid=1017411801439681&pem=566&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=2&uci=a!2&fsb=1&xpc=u0i5NDRBAx&p=https%3A//ktby.net&dtd=101
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
69a051355ad02c286b388a0013340d02657eb3f463d628f7fc1069c40ab8a7e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 06 Nov 2021 01:41:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
273
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6619
x-xss-protection
0
server
cafe
etag
4215814365075848680
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 20 Nov 2021 01:41:11 GMT
5193475774055ccce470a7af02e48ef6.js
www.gstatic.com/mysidia/ Frame 10A9 		27 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/5193475774055ccce470a7af02e48ef6.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2189853987733853&output=html&h=90&slotname=2854277753&adk=3313486126&adf=407262749&pi=t.ma~as.2854277753&w=728&lmt=1636079019&rafmt=12&psa=0&format=728x90&url=https%3A%2F%2Fktby.net%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636163144111&bpp=2&bdt=167&idt=96&shv=r20211103&mjsv=m202111020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3279405302800&frm=20&pv=1&ga_vid=1245411244.1636163144&ga_sid=1636163144&ga_hid=692690799&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=722&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062938%2C31062945%2C31062930&oid=2&pvsid=1017411801439681&pem=566&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=2&uci=a!2&fsb=1&xpc=u0i5NDRBAx&p=https%3A//ktby.net&dtd=101
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
024bf58839434bcdbb669f44e683ecbb58be25cde0d0e721d68031a67a40dd40
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 01 Nov 2021 21:11:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
362027
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11340
x-xss-protection
0
last-modified
Thu, 28 Oct 2021 04:53:03 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="mysidia"
expires
Sun, 30 Jan 2022 21:11:57 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame 10A9 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CjU0uSN6FYe7zDcWO7_UP1eCLmAuZpaK_XbeVq9WnDeqqlfmZGxABIJmWriJglbqsgrQHoAGkpa_FA8gBCakC66QydtQ-gT6oAwHIA8sEqgTAAU_QyTdNwvfw6tsnpPZTLYQPKukGQPkR3dFCLZvPfwOJ0wF6aGCExuauwxQ3jYdSWnRVgPxsQ7j4Voi-rd-l85hwhvPqFIBlhfIaJu-k9Zq0yaPUNkcWPM256f8VOxUf05d7_ZtBn6Zmzem2T6MDTmW5n-il2zIgnSQjxpssFGtHltNChmThvMAA_SME27NT_grGMYDhAW1jQYJMMtR0riGYgstWKBDaqpDuNWN3P5R2fCkdx059xsmLRZHjxjsp4MAEy6r9vJADkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBi6AB8Ta0DqoB_DZG6gH8tkbqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpr4b2AcA8gcEEJ3DBdIICQiA4YBwEAEYX4AKAcgLAdgTDNAVAZgWAYAXAbIXHAoaCAASFHB1Yi0yMTg5ODUzOTg3NzMzODUzGAA&sigh=_xL7wxuXVms&uach_m=[UACH]&template_id=494
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2189853987733853&output=html&h=90&slotname=2854277753&adk=3313486126&adf=407262749&pi=t.ma~as.2854277753&w=728&lmt=1636079019&rafmt=12&psa=0&format=728x90&url=https%3A%2F%2Fktby.net%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636163144111&bpp=2&bdt=167&idt=96&shv=r20211103&mjsv=m202111020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3279405302800&frm=20&pv=1&ga_vid=1245411244.1636163144&ga_sid=1636163144&ga_hid=692690799&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=722&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062938%2C31062945%2C31062930&oid=2&pvsid=1017411801439681&pem=566&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=2&uci=a!2&fsb=1&xpc=u0i5NDRBAx&p=https%3A//ktby.net&dtd=101
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2189853987733853&output=html&h=90&slotname=2854277753&adk=3313486126&adf=407262749&pi=t.ma~as.2854277753&w=728&lmt=1636079019&rafmt=12&psa=0&format=728x90&url=https%3A%2F%2Fktby.net%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636163144111&bpp=2&bdt=167&idt=96&shv=r20211103&mjsv=m202111020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3279405302800&frm=20&pv=1&ga_vid=1245411244.1636163144&ga_sid=1636163144&ga_hid=692690799&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=722&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062938%2C31062945%2C31062930&oid=2&pvsid=1017411801439681&pem=566&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=2&uci=a!2&fsb=1&xpc=u0i5NDRBAx&p=https%3A//ktby.net&dtd=101
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Sat, 06 Nov 2021 01:45:44 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
si
googleads.g.doubleclick.net/pagead/drt/ Frame 58A0
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
225 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211103/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Sat, 06 Nov 2021 01:45:44 GMT
server
cafe
content-length
0
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Sat, 06 Nov 2021 01:45:44 GMT
cache-control
private

Redirect headers

location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control
private
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Sat, 06 Nov 2021 01:45:44 GMT
server
cafe
content-length
0
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
4825605275401550467_17640743392951118681.png
static.doubleclick.net/dynamic/5/83933682/ Frame 10A9 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.doubleclick.net/dynamic/5/83933682/4825605275401550467_17640743392951118681.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2189853987733853&output=html&h=90&slotname=2854277753&adk=3313486126&adf=407262749&pi=t.ma~as.2854277753&w=728&lmt=1636079019&rafmt=12&psa=0&format=728x90&url=https%3A%2F%2Fktby.net%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636163144111&bpp=2&bdt=167&idt=96&shv=r20211103&mjsv=m202111020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3279405302800&frm=20&pv=1&ga_vid=1245411244.1636163144&ga_sid=1636163144&ga_hid=692690799&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=722&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062938%2C31062945%2C31062930&oid=2&pvsid=1017411801439681&pem=566&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=2&uci=a!2&fsb=1&xpc=u0i5NDRBAx&p=https%3A//ktby.net&dtd=101
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2c837dd4644fcc5c00e0446093d3b0e270839e45e360fb37c8b35a906b169066
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 04 Nov 2021 11:35:25 GMT
x-content-type-options
nosniff
age
137419
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13085
x-xss-protection
0
last-modified
Fri, 27 Dec 2019 20:50:51 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-programmable"
report-to
{"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 04 Nov 2022 11:35:25 GMT
14687992510527584665_13134855359079020217.jpeg
static.doubleclick.net/dynamic/5/83933682/ Frame 10A9 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.doubleclick.net/dynamic/5/83933682/14687992510527584665_13134855359079020217.jpeg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2189853987733853&output=html&h=90&slotname=2854277753&adk=3313486126&adf=407262749&pi=t.ma~as.2854277753&w=728&lmt=1636079019&rafmt=12&psa=0&format=728x90&url=https%3A%2F%2Fktby.net%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636163144111&bpp=2&bdt=167&idt=96&shv=r20211103&mjsv=m202111020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3279405302800&frm=20&pv=1&ga_vid=1245411244.1636163144&ga_sid=1636163144&ga_hid=692690799&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=722&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062938%2C31062945%2C31062930&oid=2&pvsid=1017411801439681&pem=566&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=2&uci=a!2&fsb=1&xpc=u0i5NDRBAx&p=https%3A//ktby.net&dtd=101
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7ee7ef6a0cb12e4e66fab382233a7c0514837acc2ef7b387b58224fbad34c565
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 04 Nov 2021 15:51:36 GMT
x-content-type-options
nosniff
age
122048
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9648
x-xss-protection
0
last-modified
Tue, 06 Jul 2021 15:50:26 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-programmable"
report-to
{"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 04 Nov 2022 15:51:36 GMT
2179583938320427860_995757667700144001.jpeg
static.doubleclick.net/dynamic/5/83933682/ Frame 10A9 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.doubleclick.net/dynamic/5/83933682/2179583938320427860_995757667700144001.jpeg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2189853987733853&output=html&h=90&slotname=2854277753&adk=3313486126&adf=407262749&pi=t.ma~as.2854277753&w=728&lmt=1636079019&rafmt=12&psa=0&format=728x90&url=https%3A%2F%2Fktby.net%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636163144111&bpp=2&bdt=167&idt=96&shv=r20211103&mjsv=m202111020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3279405302800&frm=20&pv=1&ga_vid=1245411244.1636163144&ga_sid=1636163144&ga_hid=692690799&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=722&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062938%2C31062945%2C31062930&oid=2&pvsid=1017411801439681&pem=566&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=2&uci=a!2&fsb=1&xpc=u0i5NDRBAx&p=https%3A//ktby.net&dtd=101
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f363a484295a87ddcc868c353257c71422f512ccb42866f5b3479f46c8a19aa8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 05 Nov 2021 02:02:04 GMT
x-content-type-options
nosniff
age
85420
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12522
x-xss-protection
0
last-modified
Fri, 17 May 2019 20:58:59 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-programmable"
report-to
{"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 05 Nov 2022 02:02:04 GMT
11631560529291161341_15573949333364182738.jpeg
static.doubleclick.net/dynamic/5/83933682/ Frame 10A9 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.doubleclick.net/dynamic/5/83933682/11631560529291161341_15573949333364182738.jpeg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2189853987733853&output=html&h=90&slotname=2854277753&adk=3313486126&adf=407262749&pi=t.ma~as.2854277753&w=728&lmt=1636079019&rafmt=12&psa=0&format=728x90&url=https%3A%2F%2Fktby.net%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636163144111&bpp=2&bdt=167&idt=96&shv=r20211103&mjsv=m202111020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3279405302800&frm=20&pv=1&ga_vid=1245411244.1636163144&ga_sid=1636163144&ga_hid=692690799&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=722&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062938%2C31062945%2C31062930&oid=2&pvsid=1017411801439681&pem=566&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=2&uci=a!2&fsb=1&xpc=u0i5NDRBAx&p=https%3A//ktby.net&dtd=101
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
44c4dadb22fb073f7a1a8a75d01bf385c40261b0036b7940948bacc606877719
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 04 Nov 2021 08:57:11 GMT
x-content-type-options
nosniff
age
146913
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10372
x-xss-protection
0
last-modified
Tue, 10 Aug 2021 15:12:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-programmable"
report-to
{"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 04 Nov 2022 08:57:11 GMT
14779884529277471695_5779848087768760067.jpeg
static.doubleclick.net/dynamic/5/83933682/ Frame 10A9 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.doubleclick.net/dynamic/5/83933682/14779884529277471695_5779848087768760067.jpeg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2189853987733853&output=html&h=90&slotname=2854277753&adk=3313486126&adf=407262749&pi=t.ma~as.2854277753&w=728&lmt=1636079019&rafmt=12&psa=0&format=728x90&url=https%3A%2F%2Fktby.net%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636163144111&bpp=2&bdt=167&idt=96&shv=r20211103&mjsv=m202111020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3279405302800&frm=20&pv=1&ga_vid=1245411244.1636163144&ga_sid=1636163144&ga_hid=692690799&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=722&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062938%2C31062945%2C31062930&oid=2&pvsid=1017411801439681&pem=566&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=2&uci=a!2&fsb=1&xpc=u0i5NDRBAx&p=https%3A//ktby.net&dtd=101
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a6541fd16277e1cf9e5717386806cdb46b5deb8e306a7bf8225fb3c1309c0658
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 04 Nov 2021 13:24:38 GMT
x-content-type-options
nosniff
age
130866
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9884
x-xss-protection
0
last-modified
Mon, 22 Feb 2021 16:29:20 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-programmable"
report-to
{"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 04 Nov 2022 13:24:38 GMT
16928933512071875018_10649201908143228687.jpeg
static.doubleclick.net/dynamic/5/83933682/ Frame 10A9 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.doubleclick.net/dynamic/5/83933682/16928933512071875018_10649201908143228687.jpeg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2189853987733853&output=html&h=90&slotname=2854277753&adk=3313486126&adf=407262749&pi=t.ma~as.2854277753&w=728&lmt=1636079019&rafmt=12&psa=0&format=728x90&url=https%3A%2F%2Fktby.net%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636163144111&bpp=2&bdt=167&idt=96&shv=r20211103&mjsv=m202111020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3279405302800&frm=20&pv=1&ga_vid=1245411244.1636163144&ga_sid=1636163144&ga_hid=692690799&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=722&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062938%2C31062945%2C31062930&oid=2&pvsid=1017411801439681&pem=566&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=2&uci=a!2&fsb=1&xpc=u0i5NDRBAx&p=https%3A//ktby.net&dtd=101
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
77b898909b7d12006bb3887862ed2c38411d407cb6b7c3be0bbd7477f32a5ae8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 04 Nov 2021 08:16:42 GMT
x-content-type-options
nosniff
age
149342
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5025
x-xss-protection
0
last-modified
Tue, 15 Jun 2021 19:02:32 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-programmable"
report-to
{"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 04 Nov 2022 08:16:42 GMT
12978411117903458795_8827272134848545894.png
static.doubleclick.net/dynamic/5/83933682/ Frame 10A9 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.doubleclick.net/dynamic/5/83933682/12978411117903458795_8827272134848545894.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2189853987733853&output=html&h=90&slotname=2854277753&adk=3313486126&adf=407262749&pi=t.ma~as.2854277753&w=728&lmt=1636079019&rafmt=12&psa=0&format=728x90&url=https%3A%2F%2Fktby.net%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636163144111&bpp=2&bdt=167&idt=96&shv=r20211103&mjsv=m202111020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3279405302800&frm=20&pv=1&ga_vid=1245411244.1636163144&ga_sid=1636163144&ga_hid=692690799&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=722&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062938%2C31062945%2C31062930&oid=2&pvsid=1017411801439681&pem=566&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=2&uci=a!2&fsb=1&xpc=u0i5NDRBAx&p=https%3A//ktby.net&dtd=101
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8eb46df5697de9fd0ce0abe32b5e8ab623b5ce28fefbefec48c4f40a30de81a1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 01 Nov 2021 21:12:17 GMT
x-content-type-options
nosniff
age
362007
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20712
x-xss-protection
0
last-modified
Wed, 07 Nov 2018 14:56:08 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-programmable"
report-to
{"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 01 Nov 2022 21:12:17 GMT
16601714642090414425
tpc.googlesyndication.com/simgad/ Frame 10A9
Redirect Chain
  • https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKC31PHYRhCABBiABDIICjxqqdEjz2U
  • https://tpc.googlesyndication.com/simgad/16601714642090414425
95 KB
96 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/16601714642090414425
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2189853987733853&output=html&h=90&slotname=2854277753&adk=3313486126&adf=407262749&pi=t.ma~as.2854277753&w=728&lmt=1636079019&rafmt=12&psa=0&format=728x90&url=https%3A%2F%2Fktby.net%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636163144111&bpp=2&bdt=167&idt=96&shv=r20211103&mjsv=m202111020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3279405302800&frm=20&pv=1&ga_vid=1245411244.1636163144&ga_sid=1636163144&ga_hid=692690799&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=722&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062938%2C31062945%2C31062930&oid=2&pvsid=1017411801439681&pem=566&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=2&uci=a!2&fsb=1&xpc=u0i5NDRBAx&p=https%3A//ktby.net&dtd=101
Protocol
H2
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6f819cc09a49486b4aaf3139951e60601106f0909ab6a0bacad1f7af5d504a07
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 31 Oct 2021 11:16:32 GMT
x-content-type-options
nosniff
age
484152
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
97641
x-xss-protection
0
last-modified
Sat, 15 Aug 2020 18:33:52 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Mon, 31 Oct 2022 11:16:32 GMT

Redirect headers

timing-allow-origin
*
date
Fri, 05 Nov 2021 04:56:06 GMT
x-content-type-options
nosniff
server
cafe
age
74978
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location
https://tpc.googlesyndication.com/simgad/16601714642090414425
cache-control
public, max-age=2592000
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Sun, 05 Dec 2021 04:56:06 GMT
truncated
/ Frame 10A9 		217 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c3a8f84d27aa7856c0337afc0fb7c761278fddbad28a32089066c9ee6ee731bf

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type
image/png
zcxQrsBjZtkA-sIi55aDcbNRce-W4yNq16DL4AdK1J0.js
pagead2.googlesyndication.com/bg/ Frame CB0A 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/zcxQrsBjZtkA-sIi55aDcbNRce-W4yNq16DL4AdK1J0.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2189853987733853&output=html&h=90&slotname=2854277753&adk=3313486126&adf=407262749&pi=t.ma~as.2854277753&w=728&lmt=1636079019&rafmt=12&psa=0&format=728x90&url=https%3A%2F%2Fktby.net%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636163144111&bpp=2&bdt=167&idt=96&shv=r20211103&mjsv=m202111020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3279405302800&frm=20&pv=1&ga_vid=1245411244.1636163144&ga_sid=1636163144&ga_hid=692690799&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=722&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062938%2C31062945%2C31062930&oid=2&pvsid=1017411801439681&pem=566&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=2&uci=a!2&fsb=1&xpc=u0i5NDRBAx&p=https%3A//ktby.net&dtd=101
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cdcc50aec06366d900fac222e7968371b35171ef96e3236ad7a0cbe0074ad49d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 01 Nov 2021 21:09:29 GMT
content-encoding
br
x-content-type-options
nosniff
age
362175
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13399
x-xss-protection
0
last-modified
Fri, 29 Oct 2021 13:38:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="botguard-scs"
expires
Tue, 01 Nov 2022 21:09:29 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		12 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20211103&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111020101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2189853987733853&plah=ktby.net
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fb7cfc875533a3144c3e08ccead100b45db955afbc62954be6a1e3315e8b7b72
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ktby.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 06 Nov 2021 01:45:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9349
x-xss-protection
0
zcxQrsBjZtkA-sIi55aDcbNRce-W4yNq16DL4AdK1J0.js
pagead2.googlesyndication.com/bg/ Frame 4550 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/zcxQrsBjZtkA-sIi55aDcbNRce-W4yNq16DL4AdK1J0.js
Requested by
Host: ktby.net
URL: https://ktby.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cdcc50aec06366d900fac222e7968371b35171ef96e3236ad7a0cbe0074ad49d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 01 Nov 2021 21:09:29 GMT
content-encoding
br
x-content-type-options
nosniff
age
362175
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13399
x-xss-protection
0
last-modified
Fri, 29 Oct 2021 13:38:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="botguard-scs"
expires
Tue, 01 Nov 2022 21:09:29 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111020101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2189853987733853&plah=ktby.net
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ktby.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 06 Nov 2021 01:45:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1624308425655142"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6467
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
expires
Sat, 06 Nov 2021 01:45:45 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/224/ Frame 5E27 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ktby.net/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length
5029
date
Fri, 05 Nov 2021 21:47:04 GMT
expires
Sat, 05 Nov 2022 21:47:04 GMT
last-modified
Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
14321
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame 18E8 		783 B
997 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
5df9b825a5f55f84cb2478330243ba59ac9410759293dabc837d5ce82246cdc6
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-rwQ1/Uts7S6WdIigy0ApAg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ktby.net/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires
Sat, 06 Nov 2021 01:45:45 GMT
date
Sat, 06 Nov 2021 01:45:45 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-rwQ1/Uts7S6WdIigy0ApAg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
511
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
zcxQrsBjZtkA-sIi55aDcbNRce-W4yNq16DL4AdK1J0.js
pagead2.googlesyndication.com/bg/ Frame 5E27 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/zcxQrsBjZtkA-sIi55aDcbNRce-W4yNq16DL4AdK1J0.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cdcc50aec06366d900fac222e7968371b35171ef96e3236ad7a0cbe0074ad49d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 01 Nov 2021 21:09:29 GMT
content-encoding
br
x-content-type-options
nosniff
age
362176
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13399
x-xss-protection
0
last-modified
Fri, 29 Oct 2021 13:38:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="botguard-scs"
expires
Tue, 01 Nov 2022 21:09:29 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 18E8 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&li=gda_r20211103&jk=1017411801439681&rc=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers
gen_204
pagead2.googlesyndication.com/pagead/ 		0
119 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gda_r20211103&jk=1017411801439681&bg=!ExClEFTNAAYH3anuB907ACkAdvg8Wqs1uoWQ9kNSOTMG-N-DhkRMv4JFdHWAMFX34hJu9uCrrXuH8QIAAABmUgAAAAdoAQcKAMMQMX8ZvCDw_jDgAG1YkeHe2KiiY5vtqv3xF9mOZZrmxL_BonJWEEekRqYySt900K_xQREMGQEU0wRDBDGYfrlWjCbwiAksbITaicZExkZHmhEbXGLHpsBBiDfX_SKN9fc3hDmb-jyJavHjMpMYFWf7_iEkc6XiNPpjhYE19nAAvT7mk3BCOqJLJ0aay5uqfmM7A5iGI4pAK6zEKn7EUia0_Ubed_kNkb2OaPC3M7sse_jRfkqeJ02otZqXmrSLTkBALqqZAr6EZDre1ysujXdZWZ-mTZzSH4YtbqlcC4_VfoYDc5Qo6WosuBf40WkKV_X21koYNrEDvrXbrOG4z1vgA5A87pvfVa9pnx6ISSI3hPUS5DZNt2yEWwidmXxyYPOg8LCExx1U2auiachT81wyVnoADETn0AFF9dEbEQJXrwh3yadb7AFtHy98FNI4e4vwzqJwxaVt9Puon33wOZKIVCMKfoCSlMIsKH4Z-Je2KhAMnoRC_-1f8CEDPQ-rYcFnFiip-wE3npmW7d5TpfIaTS4GIfnS4VnfFwCcd1blygPJQkIYQSAB2hrtwWOAN4kc6TntXllTTcl1D8DiGKkXKoWekg_rKHFnyrdXTw2bBifqNdChJWq7_-hITmSxUL9ZmnqTXluOpAko_lAbgBY3lTMgmnQ74Qsu-62UBtXo1NKyHVjXUGd9FM7EQPmrXGRCND1tmD_QMmAELMoxzTr_VjkE7S7CLMsK3l1f-JW4OQy2tpS2G9N0-ldWpb750UXxhiKhuh6TeGRC8w7U-88ZsmWKtrCizerjNZHbnuGTeZyIPp8QbrgjRoQDs8Pr8KC-nE3MCCsj7cQZ_urwAswU-r1zxFfIj8JibTExeXuEw64joGlFKWcBhEqKZb0TtEXHzwd9DghbjPs2SSlJGZ6f4cKMm8FZUxJ4AC5piSDEnkZu_YC5bvbOa03jDDUUgR6JU5ujDywvbblARZnBP6LLbZ396ckFC0TjbW1vrUJEaQIp-T9x9QS8sLeiCk996icFiqnJNsdxy5ElIsQPo671CMpOvRbvHMg9XVMFoWbDrZABeviKRW71xTlLChP4HChRCntpUYcslntXN9UBbTqdCyJFQ4vw9AwNBT_5ScSAfa99_JidB2g5rVZQS0E3BBN0wzmRF9SkHuEyTfhFZLOjEMCJkdL-rwZdytD8-rINDcuMpdA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ktby.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 06 Nov 2021 01:45:45 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 10A9 		42 B
174 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvyzqO_86ROKC1bUmJuJDuJIrUJ7_I326YIo_-v7AzGXRCU50mqDxZkk7cSAH-OadcvBXAzXVtPdQBOyhh4Q44TwKzvBfbg4_VYKRgqKA-z-1BUiQyAkw&sai=AMfl-YT8IbKyTDL5ZcxzJvFU91GUnUBybmR3T5DqsyrFrBK73E0xuTeNDap5Rp51A_1Zv-15CUEYHdNKGhsC&sig=Cg0ArKJSzK6TXpAtcuIAEAE&id=lidar2&mcvt=1000&p=0,0,90,728&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20211103&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=22&adk=3313486126&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1636163144214&rpt=726&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 06 Nov 2021 01:45:45 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

68 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| onbeforexrselect function| reportError boolean| originAgentCluster object| scheduler object| _wpemojiSettings function| $ function| jQuery object| wprcajaxhandler function| clickIE4 function| clickNS4 function| disableSelection object| adsbygoogle function| OneSignal object| _Hasync string| GoogleAnalyticsObject function| ga function| takemetodivktbby function| takemetodivktbby2 function| showhidektbby object| google_js_reporting_queue number| google_srt object| google_logging_queue object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_reactive_ads_global_state boolean| _gfp_a_ object| google_sa_queue object| google_sl_win function| google_process_slots object| google_persistent_state_async function| google_spfd number| google_unique_id object| google_sv_map number| google_lpabyc object| twemoji object| wp string| google_user_agent_client_hint function| chfh function| chfh2 string| _HST_cntval object| Histats object| google_tag_data object| gaplugins object| gaGlobal object| gaData function| google_sa_impl object| googleToken object| googleIMState boolean| _gfp_p_ function| processGoogleToken number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages number| __oneSignalSdkLoadCount function| __jp0 object| _HistatsCounterGraphics_0_setValues object| googletag object| google_llp object| GoogleGcLKhOms object| google_image_requests

14 Cookies

Domain/Path Name / Value
.ktbby.com/ Name: __cf_bm
Value: V3oZEcVOTT0GW3mCMlkHoFxtmCk8uL4g2k.777gt5F0-1636163144-0-AdxPlmGQ3bwgyjxsFzSvx+acps03JGArR8iKZOpW3hJG32YjOKWti5D7sM+uNjUPTNY9uymqNNMt4QFCOrAVHko=
ktby.net/ Name: HstCfa4165023
Value: 1636163144145
ktby.net/ Name: HstCla4165023
Value: 1636163144145
ktby.net/ Name: HstCmu4165023
Value: 1636163144145
ktby.net/ Name: HstPn4165023
Value: 1
ktby.net/ Name: HstPt4165023
Value: 1
ktby.net/ Name: HstCnv4165023
Value: 1
ktby.net/ Name: HstCns4165023
Value: 1
.ktby.net/ Name: _ga
Value: GA1.2.1245411244.1636163144
.ktby.net/ Name: _gid
Value: GA1.2.1419895411.1636163144
.ktby.net/ Name: _gat
Value: 1
.ktby.net/ Name: __gads
Value: ID=4fdfdae9d6f16590-22830df52dcb00b5:T=1636163144:RT=1636163144:S=ALNI_MYQ4AKrkB_V5z90OWOLl-4HM8x04Q
.doubleclick.net/ Name: IDE
Value: AHWqTUkkfS8coRxWRN9mdOOPGvQXs1kS3KKWfax1ivQ3qjAf1tCrOxS914d9jKJGq2w
.doubleclick.net/ Name: DSID
Value: NO_DATA

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
ajax.googleapis.com
cdn.ktbby.com
cdn.ktbby.net
cdn.onesignal.com
fonts.googleapis.com
googleads.g.doubleclick.net
ktby.net
onesignal.com
pagead2.googlesyndication.com
partner.googleadservices.com
s10.histats.com
s4.histats.com
static.doubleclick.net
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.googletagservices.com
www.gstatic.com
142.250.186.130
192.99.0.58
2606:4700:3030::ac43:d70c
2606:4700:3032::6815:da
2606:4700:3036::ac43:c8ee
2606:4700::6812:e134
2a00:1450:4001:802::2003
2a00:1450:4001:808::2004
2a00:1450:4001:808::200e
2a00:1450:4001:80f::2002
2a00:1450:4001:80f::200a
2a00:1450:4001:810::2002
2a00:1450:4001:811::2002
2a00:1450:4001:82a::2001
2a00:1450:4001:82a::2002
2a00:1450:4001:82b::200a
2a00:1450:4001:830::2006
2a00:1450:4001:831::2002
46.105.201.240
024bf58839434bcdbb669f44e683ecbb58be25cde0d0e721d68031a67a40dd40
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
038952f25fb0caef40129d96220518a7e40776f93ef5c59072a83be476e5e228
097ee9cf7679385b826098b24be6ed2e5c6b660342513932a8018203cc0497bc
09bdd641b03e2501936f11ce3c00d53393a5f0de06fbbfad1f9ea27c28f959ad
09f21669cd2bf674c4993842c1905167ecda4f4c8206c6b981d0b2579088914e
09fad264da00c4af96ab5cf2be12a8954916da71a652db497102385c2e4acaf0
0d6eb41a82ca992c4017d011d4994fefad35f81c506075c2254c6026362abb49
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1913146e6ed3d20df58607acb609cd07c0d58c0cd1f8a6be449cd47bfb89748e
1b4e852fde612daeb72f1f4cca801a99cc2730875048c5ac3faa9f5ca5854155
206de59f1f591b65bece8861feab3bad88bc05d148da8376aae5c77669b1f521
2c837dd4644fcc5c00e0446093d3b0e270839e45e360fb37c8b35a906b169066
2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede
32b5c88160bab78ae20a39de4a8abe015f4f4c5d48be8300a6686d32a570ccfb
44c4dadb22fb073f7a1a8a75d01bf385c40261b0036b7940948bacc606877719
4af635698cb6488a8df86b99febedbc979c76e04f675f3a9cdc66f7b4d86aff6
4c9d68e6fcd7df4461d8628656db38b9b67c9f193e49fdd74e0ab213c56e3581
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
537867d50a5b6843315955688a042b030e1cca316c2ad526a04c740060b8aa4b
5a5b1ec701b85769c9e77779a41c2ca80ff8d5d4024a9627f19dce831fffad8b
5aac0e3458996426a1281c4bc65a598a856a4c039264e5d3a56f4a4dad9915de
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5df9b825a5f55f84cb2478330243ba59ac9410759293dabc837d5ce82246cdc6
67e23d8d3769f6e3ffaf38745858509883973ae5b45f44910a62efe70ff20010
69a051355ad02c286b388a0013340d02657eb3f463d628f7fc1069c40ab8a7e5
6ad71139814e3ac0ce09dc8d8e9f41fc87d1ede31a0d57404314652d80234441
6d5d5639b82f5074dff77948bdae5dfd171e36f0e0fdadb9dbbdf270a87697bb
6f819cc09a49486b4aaf3139951e60601106f0909ab6a0bacad1f7af5d504a07
74bf829a6f70c8864e09837efb8ce29fa5b0c2379179f6389cead1e02ecc2fbc
77b898909b7d12006bb3887862ed2c38411d407cb6b7c3be0bbd7477f32a5ae8
7800b21c71f175e9a4ceaa8fcf2fbcb006838dc3d20209f1e6901f85fcaf17b5
7ee7ef6a0cb12e4e66fab382233a7c0514837acc2ef7b387b58224fbad34c565
83353cdb1a30087b5edc96a999fffdc469c94b3eef9507ea8aaee4b95ef4ed66
874706b2b1311a0719b5267f7d1cf803057e367e94ae1ff7bf78c5450d30f5d4
8adfa56977d1aac71ff78f5be90d8dfa9b81e4c1e20a27523136b95476c3db22
8eb46df5697de9fd0ce0abe32b5e8ab623b5ce28fefbefec48c4f40a30de81a1
8f1fdb5289629e31a5bb9b8b21087651dbb98d0222908726bdccc1635e096e77
916c5d83b84e05c9c52c4a6734c65d90d957ce9aca15f36874169d55a81ea6a1
958cb8992e75141f60d67383af5df25397e04446753f027dd317be9d51136ab0
9fb37bd6725445cf2cdf1333ddde9feba241ad40efc43d18d5ccb7be92577a9e
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a0be76c911338a04a147d23494fe0bba1e96cb78a4c6efce737b072466c8a346
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
a6541fd16277e1cf9e5717386806cdb46b5deb8e306a7bf8225fb3c1309c0658
a889ed53ea224d3134512762ff0cde5c4b0426379110a6592f9d0e337b859e95
aa081436fdbf78060847f4dbd6cc95f88a435c2f995e03aedf16cae94bb48762
ab7475d461d9f613ef90faa375ec3387987dd7536af23c13cacd6be9c0c0e370
b52d5b543fe6656602132f50b561f45b4ea2947d71af6e98d0cd03decfebe10c
b6e53c942b19db58c2d7f74fd56324abaaa5624df6aa559aaab50c56d13c69f1
bc91cf686ebb7af97aeb6082d4f3f662d4219f891e0b537e647dbf18e94ffdba
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
bdf72009ad226c17f1954ba602292902a780b80af07dbcbab1322bdf5c32be66
be4ef236f66f31408041ce41f2aabdb0330b0c2753cb780f83dde302bc4dfbec
befacc9e7e968a1a8e8923804ffe6e2ff22aa0e2b94e78c71d1426ad1577ecb5
c3a8f84d27aa7856c0337afc0fb7c761278fddbad28a32089066c9ee6ee731bf
cdcc50aec06366d900fac222e7968371b35171ef96e3236ad7a0cbe0074ad49d
d1936af52bc4c8c593000d5ed26e28d10bd5fd13e0e487c8c136f8fa7435bbe5
da0fb6564d80588b19e1e16d735a49ad2a497754e89185116a7f86ecd57bdafb
def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0ac3aa652d2fd5feead11757dbe955909ada1235c97125edc98831f57b4f2c3
f241138584bca7e6bee454486f68d978f485833f4a4491cb3c5cede5c84dc55f
f363a484295a87ddcc868c353257c71422f512ccb42866f5b3479f46c8a19aa8
f98081076194f6885070d6ff9f5b86eb631716f88436a9e787850e6bb110acad
fb7cfc875533a3144c3e08ccead100b45db955afbc62954be6a1e3315e8b7b72
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62
fee95137f0d28fca6d0c570ad0cf5b40025573dc0a1705d64f23e61c2dbb7049
ffb93e6537ef4200462b83b5e433f12ef6215c8baf206423e2c9a4c7e5e15f7e