www.4tracking.net Open in urlscan Pro
2606:4700:3033::6815:275  Malicious Activity! Public Scan

Submitted URL: http://4tracking.net/
Effective URL: https://www.4tracking.net/
Submission: On May 05 via manual from IL — Scanned from DE

Summary

This website contacted 17 IPs in 3 countries across 14 domains to perform 75 HTTP transactions. The main IP is 2606:4700:3033::6815:275, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.4tracking.net.
TLS certificate: Issued by GTS CA 1P5 on April 12th 2023. Valid for: 3 months.
This is the only time www.4tracking.net was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: DHL (Transportation)

Domain & IP information

Apex Domain
Subdomains
Transfer
35 cloudfront.net
dmws6zo5g7pcv.cloudfront.net
377 KB
15 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 94
tpc.googlesyndication.com — Cisco Umbrella Rank: 137
236 KB
7 yandex.com
mc.yandex.com — Cisco Umbrella Rank: 9100
3 KB
6 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 34
39 KB
3 google.com
adservice.google.com — Cisco Umbrella Rank: 70
www.google.com — Cisco Umbrella Rank: 2
2 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 30
region1.google-analytics.com — Cisco Umbrella Rank: 2587
21 KB
3 yandex.ru
mc.yandex.ru — Cisco Umbrella Rank: 3863
74 KB
3 4tracking.net
4tracking.net
www.4tracking.net
23 KB
2 gstatic.com
www.gstatic.com
fonts.gstatic.com
43 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 48
123 KB
1 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 188
49 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 37
1 KB
1 google.de
adservice.google.de — Cisco Umbrella Rank: 9108
531 B
1 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 945
606 B
75 14
Domain Requested by
35 dmws6zo5g7pcv.cloudfront.net www.4tracking.net
dmws6zo5g7pcv.cloudfront.net
8 pagead2.googlesyndication.com dmws6zo5g7pcv.cloudfront.net
pagead2.googlesyndication.com
tpc.googlesyndication.com
googleads.g.doubleclick.net
www.googletagservices.com
7 tpc.googlesyndication.com pagead2.googlesyndication.com
tpc.googlesyndication.com
googleads.g.doubleclick.net
7 mc.yandex.com 3 redirects www.4tracking.net
6 googleads.g.doubleclick.net pagead2.googlesyndication.com
googleads.g.doubleclick.net
3 mc.yandex.ru 2 redirects www.4tracking.net
2 www.google.com 1 redirects tpc.googlesyndication.com
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 www.googletagmanager.com www.4tracking.net
www.googletagmanager.com
2 4tracking.net 2 redirects
1 fonts.gstatic.com fonts.googleapis.com
1 www.gstatic.com googleads.g.doubleclick.net
1 www.googletagservices.com googleads.g.doubleclick.net
1 fonts.googleapis.com googleads.g.doubleclick.net
1 adservice.google.com pagead2.googlesyndication.com
1 adservice.google.de pagead2.googlesyndication.com
1 partner.googleadservices.com pagead2.googlesyndication.com
1 region1.google-analytics.com www.googletagmanager.com
1 www.4tracking.net
75 19

This site contains links to these domains. Also see Links.

Domain
fb.com
Subject Issuer Validity Valid
*.4tracking.net
GTS CA 1P5
2023-04-12 -
2023-07-11
3 months crt.sh
*.google-analytics.com
GTS CA 1C3
2023-04-17 -
2023-07-10
3 months crt.sh
mc.yandex.ru
GlobalSign ECC OV SSL CA 2018
2023-03-17 -
2023-08-27
5 months crt.sh
*.cloudfront.net
Amazon RSA 2048 M01
2022-12-08 -
2023-12-07
a year crt.sh
*.g.doubleclick.net
GTS CA 1C3
2023-04-17 -
2023-07-10
3 months crt.sh
*.googleadservices.com
GTS CA 1C3
2023-04-17 -
2023-07-10
3 months crt.sh
*.google.de
GTS CA 1C3
2023-04-17 -
2023-07-10
3 months crt.sh
*.google.com
GTS CA 1C3
2023-04-17 -
2023-07-10
3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3
2023-04-17 -
2023-07-10
3 months crt.sh
www.google.com
GTS CA 1C3
2023-04-17 -
2023-07-10
3 months crt.sh
upload.video.google.com
GTS CA 1C3
2023-04-17 -
2023-07-10
3 months crt.sh
*.gstatic.com
GTS CA 1C3
2023-04-17 -
2023-07-10
3 months crt.sh

This page contains 8 frames:

Primary Page: https://www.4tracking.net/
Frame ID: 7D77EBC7C0078708E2D03108B50A6F20
Requests: 56 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230502/r20190131/zrt_lookup.html
Frame ID: 19CD7591D22FC6C8F3C8F5F7E44D07E3
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5270614258572210&output=html&h=90&slotname=5848640411&adk=1435077868&adf=3229680868&pi=t.ma~as.5848640411&w=728&lmt=1683228166&rafmt=12&format=728x90&url=https%3A%2F%2Fwww.4tracking.net%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1683275008569&bpp=4&bdt=1252&idt=255&shv=r20230502&mjsv=m202305040101&ptt=9&saldr=aa&abxe=1&correlator=1046783675331&frm=20&pv=2&ga_vid=962754724.1683275008&ga_sid=1683275009&ga_hid=1420682137&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=451&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44773810%2C44759875%2C44759842%2C31074375%2C44788442%2C44790154&oid=2&pvsid=3569935117281894&tmod=2100584893&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=1&uci=a!1&fsb=1&xpc=S4qv80dpii&p=https%3A//www.4tracking.net&dtd=271
Frame ID: 18C837930F26CE64C934A44FAEC10B34
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5270614258572210&output=html&adk=1812271804&adf=3025194257&lmt=1683228166&plat=3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fwww.4tracking.net%2F&ea=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1683275008574&bpp=2&bdt=1258&idt=271&shv=r20230502&mjsv=m202305040101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90&nras=1&correlator=1046783675331&frm=20&pv=1&ga_vid=962754724.1683275008&ga_sid=1683275009&ga_hid=1420682137&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44773810%2C44759875%2C44759842%2C31074375%2C44788442%2C44790154&oid=2&pvsid=3569935117281894&tmod=2100584893&uas=0&nvt=1&fsapi=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=2&uci=a!2&fsb=1&dtd=292
Frame ID: 87B6F38A764CCAA601EE46ECCD5574EE
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: BC19937604892676525514C115D71293
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: A15C083190C0522997E8554F3432E084
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: E0BD145B30E8C45D4C4275B6326146BB
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/bm1_94Kb-kItKk9BUfYvqSgel0djyAicUnZvZLzBumQ.js
Frame ID: 449DD4FB0F5BD832E3AB2F410C8AA506
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

International package tracking - Track and trace parcels | 4Tracking

Page URL History Show full URLs

  1. http://4tracking.net/ HTTP 301
    https://4tracking.net/ HTTP 301
    https://www.4tracking.net/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • mc\.yandex\.ru/metrika/(?:tag|watch)\.js

Page Statistics

75
Requests

96 %
HTTPS

100 %
IPv6

14
Domains

19
Subdomains

17
IPs

3
Countries

989 kB
Transfer

2513 kB
Size

19
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://4tracking.net/ HTTP 301
    https://4tracking.net/ HTTP 301
    https://www.4tracking.net/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 8
  • https://mc.yandex.com/sync_cookie_image_check HTTP 302
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9992.kPB0HLaHtHQb4n29pQNuQ34bRhaKA4jKZQO9bWqgM0Ond-y1TnHsMqdk6NetAMfp.RGc7dUgnpiwcuHq0ju4GJSlMTao%2C HTTP 302
  • https://mc.yandex.com/sync_cookie_image_decide?token=9992.7gX2VlNmTM44DNP1M_owHKUc47vxnRUeKFX2MfQSEIMJvEFPHDkfitgHWFYQIJ6VfWV3JdO41PVt8gPaSpvPHDrDqaHqkgK1npHfU2il4XM%2C.cZFCHe1mxxmRNYQA_cemxhDAd3A%2C
Request Chain 14
  • https://mc.yandex.com/watch/73220287?wmode=7&page-url=https%3A%2F%2Fwww.4tracking.net%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Aihb4q796484i93c2xtzqhr%3Afp%3A438%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1012%3Acn%3A1%3Adp%3A0%3Als%3A213236323342%3Ahid%3A685912473%3Az%3A0%3Ai%3A20230505082327%3Aet%3A1683275008%3Ac%3A1%3Arn%3A635615242%3Arqn%3A1%3Au%3A1683275008685913442%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C0%2C33%2C4%2C308%2C0%2C%2C22%2C0%2C%2C%2C%2C378%3Aco%3A0%3Acpf%3A1%3Ans%3A1683275006963%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1683275008%3At%3AInternational%20package%20tracking%20-%20Track%20and%20trace%20parcels%20%7C%204Tracking&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)ti(2) HTTP 302
  • https://mc.yandex.com/watch/73220287/1?wmode=7&page-url=https%3A%2F%2Fwww.4tracking.net%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Aihb4q796484i93c2xtzqhr%3Afp%3A438%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1012%3Acn%3A1%3Adp%3A0%3Als%3A213236323342%3Ahid%3A685912473%3Az%3A0%3Ai%3A20230505082327%3Aet%3A1683275008%3Ac%3A1%3Arn%3A635615242%3Arqn%3A1%3Au%3A1683275008685913442%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C0%2C33%2C4%2C308%2C0%2C%2C22%2C0%2C%2C%2C%2C378%3Aco%3A0%3Acpf%3A1%3Ans%3A1683275006963%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1683275008%3At%3AInternational%20package%20tracking%20-%20Track%20and%20trace%20parcels%20%7C%204Tracking&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29
Request Chain 25
  • https://mc.yandex.com/sync_cookie_image_check_secondary HTTP 302
  • https://mc.yandex.ru/sync_cookie_image_start_secondary?redirect_domain=mc.yandex.com&token=9992.1UG2sZDwGz0bZvCb_Nc7VLthqJzOPlEIWEU8X-tgQTpB8QmX8Qo31f-ZTtEK2OyI.1R5DAtwJ2GLFxRyX82NNiIwSl8g%2C HTTP 302
  • https://mc.yandex.com/sync_cookie_image_decide_secondary?token=9992.vWFcPCiGNe60IbNAREQvdUk7uYEtrGlZ7m-Yfu4OAtywcIAfTniz5sPIc1wVdQ7r9RSjCp25lWurtAShnmFzj8i2F3xNLZWYJD3CzAul24g%2C.wgA_WaztCopJgBr48d0SjysD6bo%2C
Request Chain 74
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

75 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
www.4tracking.net/
Redirect Chain
  • http://4tracking.net/
  • https://4tracking.net/
  • https://www.4tracking.net/
90 KB
22 KB
Document
General
Full URL
https://www.4tracking.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::6815:275 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e41bf711499a80a6fe2535f793bbe6d41d8d8e747cfd7eb1b2cfa6b5e39d0427

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
46579
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
max-age=120
cf-cache-status
HIT
cf-ray
7c2794db8db83653-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Fri, 05 May 2023 08:23:27 GMT
last-modified
Thu, 04 May 2023 19:22:46 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=k7X6UN3UzI154roYR9oZQdp8cb0Sw4%2FSlBiKyKtHgfGLweC1Rr9Q8JgyPQchvlQZDlc6Tbu2oiNOeJVtpuUfUI8Lfkrubzaz6TcvwevD%2BBj7gpaPr2aus4qL0WtW1%2FE7UDy0Uks1K9%2B%2B20obYEVG6g%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
7c2794dafd343653-FRA
content-type
text/html
date
Fri, 05 May 2023 08:23:27 GMT
location
https://www.4tracking.net/
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e5I03Isr%2Fa6K7IVNGhtw9Rnx1IW5QTn7YAIacPzoz8jeSRwjGHV%2BGQxi6K9FkAL4Dod9Cr1AciY9q9%2BgdTXT8iELxbareJPM2ZBtyT0qHXhr%2F91hmKcZD70s6xZz4QbRVopGcpnQS9pfK3Fs"}],"group":"cf-nel","max_age":604800}
server
cloudflare
js
www.googletagmanager.com/gtag/
118 KB
46 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-166841275-1
Requested by
Host: www.4tracking.net
URL: https://www.4tracking.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
cad0665838239c3131cb1c2c167e98a2da46b4d2074e88df81ba5ba9a5f20071
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.4tracking.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Fri, 05 May 2023 08:23:27 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
46791
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Fri, 05 May 2023 08:23:27 GMT
tag.js
mc.yandex.ru/metrika/
213 KB
73 KB
Script
General
Full URL
https://mc.yandex.ru/metrika/tag.js
Requested by
Host: www.4tracking.net
URL: https://www.4tracking.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
5aeff5501617f2cb02daf2cca4a6dbe95f4b6ba4460f0a2a4d0ed2a131d7214d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.4tracking.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Fri, 05 May 2023 08:23:27 GMT
content-encoding
br
strict-transport-security
max-age=31536000
last-modified
Thu, 04 May 2023 17:11:32 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag
"6453bd14-122bc"
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
content-length
74428
expires
Fri, 05 May 2023 09:23:27 GMT
truncated
/
46 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8d9b4b794affc5daf4eafa12e0c6294ab31aaeed330886145676bd6b832e8b98

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
3 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5dd15667324ece0bfda84551cea4bb1d8b2acc06ffb06382e0e1cac83fed6c90

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Content-Type
image/svg+xml
js
www.googletagmanager.com/gtag/
218 KB
77 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-4LD9851YLQ&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-166841275-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
37bf03c73c9cb5dd26189cdf94b1eea28e91956ddadeca9e6f6dbdd630d44699
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.4tracking.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Fri, 05 May 2023 08:23:27 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
78996
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Fri, 05 May 2023 08:23:27 GMT
analytics.js
www.google-analytics.com/
51 KB
21 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-166841275-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.4tracking.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 05 May 2023 07:05:04 GMT
last-modified
Mon, 17 Apr 2023 22:36:01 GMT
server
Golfe2
age
4703
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20737
expires
Fri, 05 May 2023 09:05:04 GMT
collect
region1.google-analytics.com/g/
0
256 B
Ping
General
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-4LD9851YLQ&gtm=45je3530&_p=1420682137&cid=962754724.1683275008&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1683275007&sct=1&seg=0&dl=https%3A%2F%2Fwww.4tracking.net%2F&dt=International%20package%20tracking%20-%20Track%20and%20trace%20parcels%20%7C%204Tracking&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-4LD9851YLQ&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.4tracking.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 05 May 2023 08:23:27 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.4tracking.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/
1 B
208 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j100&a=1420682137&t=pageview&_s=1&dl=https%3A%2F%2Fwww.4tracking.net%2F&ul=en-us&de=UTF-8&dt=International%20package%20tracking%20-%20Track%20and%20trace%20parcels%20%7C%204Tracking&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=396539118&gjid=273691492&cid=962754724.1683275008&tid=UA-166841275-1&_gid=998473871.1683275008&_r=1&gtm=457e3530&jsscut=1&z=2077216139
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.4tracking.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 05 May 2023 08:23:27 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.4tracking.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
sync_cookie_image_decide
mc.yandex.com/
Redirect Chain
  • https://mc.yandex.com/sync_cookie_image_check
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9992.kPB0HLaHtHQb4n29pQNuQ34bRhaKA4jKZQO9bWqgM0Ond-y1TnHsMqdk6NetAMfp.RGc7dUgnpiwcuHq0ju4GJSlMTao%2C
  • https://mc.yandex.com/sync_cookie_image_decide?token=9992.7gX2VlNmTM44DNP1M_owHKUc47vxnRUeKFX2MfQSEIMJvEFPHDkfitgHWFYQIJ6VfWV3JdO41PVt8gPaSpvPHDrDqaHqkgK1npHfU2il4XM%2C.cZFCHe1mxxmRNYQA_cemxhDAd3A%2C
43 B
91 B
Image
General
Full URL
https://mc.yandex.com/sync_cookie_image_decide?token=9992.7gX2VlNmTM44DNP1M_owHKUc47vxnRUeKFX2MfQSEIMJvEFPHDkfitgHWFYQIJ6VfWV3JdO41PVt8gPaSpvPHDrDqaHqkgK1npHfU2il4XM%2C.cZFCHe1mxxmRNYQA_cemxhDAd3A%2C
Requested by
Host: www.4tracking.net
URL: https://www.4tracking.net/
Protocol
H2
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.4tracking.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Fri, 05 May 2023 08:23:28 GMT
strict-transport-security
max-age=31536000
content-length
43
x-xss-protection
1; mode=block
content-type
image/gif

Redirect headers

location
https://mc.yandex.com/sync_cookie_image_decide?token=9992.7gX2VlNmTM44DNP1M_owHKUc47vxnRUeKFX2MfQSEIMJvEFPHDkfitgHWFYQIJ6VfWV3JdO41PVt8gPaSpvPHDrDqaHqkgK1npHfU2il4XM%2C.cZFCHe1mxxmRNYQA_cemxhDAd3A%2C
date
Fri, 05 May 2023 08:23:27 GMT
strict-transport-security
max-age=31536000
x-xss-protection
1; mode=block
advert.gif
mc.yandex.com/metrika/
43 B
113 B
Image
General
Full URL
https://mc.yandex.com/metrika/advert.gif
Requested by
Host: www.4tracking.net
URL: https://www.4tracking.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.4tracking.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Fri, 05 May 2023 08:23:27 GMT
strict-transport-security
max-age=31536000
last-modified
Thu, 04 May 2023 17:11:32 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag
"6453bd14-2b"
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
content-length
43
expires
Fri, 05 May 2023 09:23:27 GMT
line-awesome.css
dmws6zo5g7pcv.cloudfront.net/lib/css/
87 KB
16 KB
Stylesheet
General
Full URL
https://dmws6zo5g7pcv.cloudfront.net/lib/css/line-awesome.css?v=a179e9ebb9
Requested by
Host: www.4tracking.net
URL: https://www.4tracking.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:a200:7:39c0:7c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0dd17dd7ad7f943d8e6ca96d71aac8c51c849972a7d513f44b4610df0628e879
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.4tracking.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Tue, 18 Oct 2022 12:43:52 GMT
content-encoding
gzip
via
1.1 3a21078459f955a33f79dacf082781c4.cloudfront.net (CloudFront)
x-amz-version-id
CmIslYKG0gU.0cZqONPstNgkpVZW.8FX
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
x-amz-cf-pop
FRA56-P5
age
17177977
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Sat, 13 Nov 2021 19:48:27 GMT
server
AmazonS3
etag
W/"944f77ddc05009d022361da53ba6bc26"
vary
Accept-Encoding, Origin
x-frame-options
SAMEORIGIN
content-type
text/css
cache-control
public, max-age=31536000
x-amz-cf-id
jwui3jjpKjtQniQwFs_zP3xL2jWI27uZkulXRM_7wgGVO3fFGbIZcQ==
roboto.css
dmws6zo5g7pcv.cloudfront.net/lib/css/
376 B
937 B
Stylesheet
General
Full URL
https://dmws6zo5g7pcv.cloudfront.net/lib/css/roboto.css?v=a179e9ebb9
Requested by
Host: www.4tracking.net
URL: https://www.4tracking.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:a200:7:39c0:7c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0db09a391baac16aac73981e79e3e633568e827ea1ccf14df6418c6c06f0424f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.4tracking.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Wed, 12 Apr 2023 00:52:28 GMT
x-amz-version-id
MbssNPlK8f_rVLu21zhn3XaUNJiyago5
via
1.1 3a21078459f955a33f79dacf082781c4.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
x-amz-cf-pop
FRA56-P5
age
2014261
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
376
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Sat, 13 Nov 2021 19:48:27 GMT
server
AmazonS3
etag
"264d65e87cc5c8abc02c8f1928cc14e1"
x-frame-options
SAMEORIGIN
vary
Origin
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
x-amz-cf-id
b2RgkIVjKxZKI7ybIp7YD89jnsApKdknG406mo6jfvNi5sxfrcbUeg==
core.js
dmws6zo5g7pcv.cloudfront.net/lib/js/
126 KB
44 KB
Script
General
Full URL
https://dmws6zo5g7pcv.cloudfront.net/lib/js/core.js?v=a179e9ebb9
Requested by
Host: www.4tracking.net
URL: https://www.4tracking.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:a200:7:39c0:7c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d108caa0362a6f440847dd0e29015022d163d44e662ca14d1725eaf4f9dbb54e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.4tracking.net/
Origin
https://www.4tracking.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Wed, 26 Apr 2023 00:54:13 GMT
x-amz-version-id
Dcx.WX94CjQC3ixn5cI.OWMzDGVD6E5r
content-encoding
br
x-content-type-options
nosniff
via
1.1 91dc0292eef4e22508a3ae73fe64bbf4.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000
x-amz-cf-pop
FRA56-P5
age
804556
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Wed, 26 Apr 2023 00:49:10 GMT
server
AmazonS3
etag
W/"201ff16cda8858ed252ea243cf619e6a"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000
x-amz-cf-id
_p1bLeQqq0SzQxOGt3R-G9FPW1H7RCSTgQdGplwJfJFQi3mWoKgcWA==
cm.js
dmws6zo5g7pcv.cloudfront.net/lib/js/
171 KB
57 KB
Script
General
Full URL
https://dmws6zo5g7pcv.cloudfront.net/lib/js/cm.js?v=a179e9ebb9
Requested by
Host: www.4tracking.net
URL: https://www.4tracking.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:a200:7:39c0:7c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c92bba1d7ac0690363e7de5af3343e1f9048da7cd5402371a8be3eadfe751551
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.4tracking.net/
Origin
https://www.4tracking.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 10:26:27 GMT
content-encoding
gzip
via
1.1 91dc0292eef4e22508a3ae73fe64bbf4.cloudfront.net (CloudFront)
x-amz-version-id
q_G5cjm58KddgouFIgGer144zBXnGdLY
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
x-amz-cf-pop
FRA56-P5
age
12347822
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Sat, 13 Nov 2021 19:48:36 GMT
server
AmazonS3
etag
W/"660dfa078761c61168ee2905b647e316"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000
x-amz-cf-id
RDHJTQ2gWniEe-i2Ey7Ns4ylT1LeDkHWCjGwFBJotdHvrYwY730xLw==
1
mc.yandex.com/watch/73220287/
Redirect Chain
  • https://mc.yandex.com/watch/73220287?wmode=7&page-url=https%3A%2F%2Fwww.4tracking.net%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Aihb4q796484i93c2xtzqhr%3Afp%3A438%3Afu%3A0%3Aen%3Aut...
  • https://mc.yandex.com/watch/73220287/1?wmode=7&page-url=https%3A%2F%2Fwww.4tracking.net%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Aihb4q796484i93c2xtzqhr%3Afp%3A438%3Afu%3A0%3Aen%3A...
428 B
511 B
XHR
General
Full URL
https://mc.yandex.com/watch/73220287/1?wmode=7&page-url=https%3A%2F%2Fwww.4tracking.net%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Aihb4q796484i93c2xtzqhr%3Afp%3A438%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1012%3Acn%3A1%3Adp%3A0%3Als%3A213236323342%3Ahid%3A685912473%3Az%3A0%3Ai%3A20230505082327%3Aet%3A1683275008%3Ac%3A1%3Arn%3A635615242%3Arqn%3A1%3Au%3A1683275008685913442%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C0%2C33%2C4%2C308%2C0%2C%2C22%2C0%2C%2C%2C%2C378%3Aco%3A0%3Acpf%3A1%3Ans%3A1683275006963%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1683275008%3At%3AInternational%20package%20tracking%20-%20Track%20and%20trace%20parcels%20%7C%204Tracking&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29
Protocol
H2
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
3f9f546baec3fbb93af4453a98590a8e24bdc74fad166220c44aa051e4cf9dbc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.4tracking.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 05 May 2023 08:23:28 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
last-modified
Fri, 05-May-2023 08:23:28 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.4tracking.net
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
428
x-xss-protection
1; mode=block
expires
Fri, 05-May-2023 08:23:28 GMT

Redirect headers

pragma
no-cache
date
Fri, 05 May 2023 08:23:28 GMT
strict-transport-security
max-age=31536000
last-modified
Fri, 05-May-2023 08:23:28 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
location
/watch/73220287/1?wmode=7&page-url=https%3A%2F%2Fwww.4tracking.net%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Aihb4q796484i93c2xtzqhr%3Afp%3A438%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1012%3Acn%3A1%3Adp%3A0%3Als%3A213236323342%3Ahid%3A685912473%3Az%3A0%3Ai%3A20230505082327%3Aet%3A1683275008%3Ac%3A1%3Arn%3A635615242%3Arqn%3A1%3Au%3A1683275008685913442%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C0%2C33%2C4%2C308%2C0%2C%2C22%2C0%2C%2C%2C%2C378%3Aco%3A0%3Acpf%3A1%3Ans%3A1683275006963%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1683275008%3At%3AInternational%20package%20tracking%20-%20Track%20and%20trace%20parcels%20%7C%204Tracking&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29
access-control-allow-origin
https://www.4tracking.net
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
x-xss-protection
1; mode=block
expires
Fri, 05-May-2023 08:23:28 GMT
roboto.css
dmws6zo5g7pcv.cloudfront.net/lib/css/
376 B
937 B
Stylesheet
General
Full URL
https://dmws6zo5g7pcv.cloudfront.net/lib/css/roboto.css?v=a179e9ebb9
Requested by
Host: www.4tracking.net
URL: https://www.4tracking.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:a200:7:39c0:7c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0db09a391baac16aac73981e79e3e633568e827ea1ccf14df6418c6c06f0424f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.4tracking.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Wed, 12 Apr 2023 00:52:28 GMT
x-amz-version-id
MbssNPlK8f_rVLu21zhn3XaUNJiyago5
via
1.1 3a21078459f955a33f79dacf082781c4.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
x-amz-cf-pop
FRA56-P5
age
2014261
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
376
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Sat, 13 Nov 2021 19:48:27 GMT
server
AmazonS3
etag
"264d65e87cc5c8abc02c8f1928cc14e1"
x-frame-options
SAMEORIGIN
vary
Origin
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
x-amz-cf-id
qd-Cg9qqip82b82lZpFcDiJydGNl1M7i2Gayv2R4mtbkTsxGf6YrYw==
line-awesome.css
dmws6zo5g7pcv.cloudfront.net/lib/css/
87 KB
16 KB
Stylesheet
General
Full URL
https://dmws6zo5g7pcv.cloudfront.net/lib/css/line-awesome.css?v=a179e9ebb9
Requested by
Host: www.4tracking.net
URL: https://www.4tracking.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:a200:7:39c0:7c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0dd17dd7ad7f943d8e6ca96d71aac8c51c849972a7d513f44b4610df0628e879
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.4tracking.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Tue, 18 Oct 2022 12:43:52 GMT
content-encoding
gzip
via
1.1 3a21078459f955a33f79dacf082781c4.cloudfront.net (CloudFront)
x-amz-version-id
CmIslYKG0gU.0cZqONPstNgkpVZW.8FX
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
x-amz-cf-pop
FRA56-P5
age
17177977
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Sat, 13 Nov 2021 19:48:27 GMT
server
AmazonS3
etag
W/"944f77ddc05009d022361da53ba6bc26"
vary
Accept-Encoding, Origin
x-frame-options
SAMEORIGIN
content-type
text/css
cache-control
public, max-age=31536000
x-amz-cf-id
HT7Rtb2o3BX-Aj0YEuYomfTFW8bwkHQ5Z-R7_6qK9l7pG3DwH0HNLA==
world2.svg
dmws6zo5g7pcv.cloudfront.net/lib/img/
29 KB
12 KB
Image
General
Full URL
https://dmws6zo5g7pcv.cloudfront.net/lib/img/world2.svg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:223f:a200:7:39c0:7c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d6730a05e9d8fe70d4ee3f56ef8124382f7d61d4eed429257f9401814cfbcd42
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.4tracking.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 24 May 2022 10:41:39 GMT
x-content-type-options
nosniff
x-amz-version-id
kUZG5PJQAVRgpLIBNIgkh.v3KXgCdOo_
content-encoding
gzip
x-amz-cf-pop
FRA56-P5
age
29886110
via
1.1 342054511f9732c450e11bade76323dc.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Sat, 13 Nov 2021 19:48:36 GMT
server
AmazonS3
etag
W/"099a7b6aa760b2315b5be7e0943fcf45"
vary
Accept-Encoding, Origin
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
cache-control
public, max-age=31536000
x-amz-cf-id
f4MA820TbU5LEs5bosugWlBlv09mPTPHf0atc_00UIIZ0Ger2wiedA==
dhl-express.svg
dmws6zo5g7pcv.cloudfront.net/lib/img/carriers/
1 KB
965 B
Image
General
Full URL
https://dmws6zo5g7pcv.cloudfront.net/lib/img/carriers/dhl-express.svg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:223f:a200:7:39c0:7c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
386a0486e50aeb2e12ea21fcb15c785b93d83fa2739e425d834a389038578eab
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.4tracking.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sun, 22 May 2022 09:41:57 GMT
x-content-type-options
nosniff
x-amz-version-id
sAzyqVMpy2sROBr5fBRMmkfDu.QR_3FU
content-encoding
gzip
x-amz-cf-pop
FRA56-P5
age
30062492
via
1.1 342054511f9732c450e11bade76323dc.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Sat, 13 Nov 2021 19:48:29 GMT
server
AmazonS3
etag
W/"f49e5233e1eb7e11a8a109b3e9a33865"
vary
Accept-Encoding, Origin
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
cache-control
public, max-age=31536000
x-amz-cf-id
AW0zHu-TrfZA1ZMHXOGxbt9FuqVE9LbIKprqXW7B7qB46i1963m3zA==
usps.svg
dmws6zo5g7pcv.cloudfront.net/lib/img/carriers/
1 KB
1 KB
Image
General
Full URL
https://dmws6zo5g7pcv.cloudfront.net/lib/img/carriers/usps.svg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:223f:a200:7:39c0:7c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
424608008607b39674e00bca2428b48325f526d231ed04887c653decdd5ab445
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.4tracking.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sun, 22 May 2022 06:06:30 GMT
x-content-type-options
nosniff
x-amz-version-id
56ZL8L2Dwo7I0ceUdkIp1Ka7.AJ6ka6d
content-encoding
br
x-amz-cf-pop
FRA56-P5
age
30075419
via
1.1 342054511f9732c450e11bade76323dc.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Sat, 13 Nov 2021 19:48:32 GMT
server
AmazonS3
etag
W/"6da9d824cdb6a915510ad362f87bdc0a"
vary
Accept-Encoding, Origin
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
cache-control
public, max-age=31536000
x-amz-cf-id
7JYf4vWzIvdewjMiP2bqajzEzv4IIdMvA6sH7gC-Bf2zVyRGakat7g==
ups.svg
dmws6zo5g7pcv.cloudfront.net/lib/img/carriers/
4 KB
2 KB
Image
General
Full URL
https://dmws6zo5g7pcv.cloudfront.net/lib/img/carriers/ups.svg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:223f:a200:7:39c0:7c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
cb97badeb08d7f30d333fd8bd238a615e1e40165d76f9f34d4ed3a0050e3c588
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.4tracking.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sun, 22 May 2022 15:38:54 GMT
x-content-type-options
nosniff
x-amz-version-id
X0YjyiHwnjAaNezkH1Qo1SJne07Qa6L1
content-encoding
gzip
x-amz-cf-pop
FRA56-P5
age
30041075
via
1.1 342054511f9732c450e11bade76323dc.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Sat, 13 Nov 2021 19:48:32 GMT
server
AmazonS3
etag
W/"1146d63ecc27e5e77a8de1fb9c6e36bf"
vary
Accept-Encoding, Origin
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
cache-control
public, max-age=31536000
x-amz-cf-id
VeVW--kOtsku1VPTQ4g_Ym7DmTRthWVA6el9Orhis4zASKS5KoaxCA==
deutsche-post.svg
dmws6zo5g7pcv.cloudfront.net/lib/img/carriers/
732 B
1 KB
Image
General
Full URL
https://dmws6zo5g7pcv.cloudfront.net/lib/img/carriers/deutsche-post.svg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:223f:a200:7:39c0:7c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5f0668649977e9ecf834f8d2632be25ca35d3edac697774ec1a51640d9b3c996
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.4tracking.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 13:36:46 GMT
x-amz-version-id
N_i5E1ZVSvSgRZh7X5I._DFqWPdcw2H5
via
1.1 342054511f9732c450e11bade76323dc.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
x-amz-cf-pop
FRA56-P5
age
17606803
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
732
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Sat, 13 Nov 2021 19:48:29 GMT
server
AmazonS3
etag
"3ac46162544c76df4d66ae6c1788e305"
vary
Origin
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
cache-control
public, max-age=31536000
accept-ranges
bytes
x-amz-cf-id
sIIFjZuUgG6b87fXS47ptHKgnEjSrGw_o93h0ObMrUkQUDS_hVSmQQ==
china-post.svg
dmws6zo5g7pcv.cloudfront.net/lib/img/carriers/
1 KB
1019 B
Image
General
Full URL
https://dmws6zo5g7pcv.cloudfront.net/lib/img/carriers/china-post.svg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:223f:a200:7:39c0:7c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2c839e6966a8fc1a5efa387397e910918ae859d980e42b0763a17b7a8c0b005f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.4tracking.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 23 May 2022 03:39:21 GMT
x-content-type-options
nosniff
x-amz-version-id
m8KcUFP8R8oY4t4ldZ1KyFb2lA014Fae
content-encoding
br
x-amz-cf-pop
FRA56-P5
age
29997848
via
1.1 342054511f9732c450e11bade76323dc.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Sat, 13 Nov 2021 19:48:29 GMT
server
AmazonS3
etag
W/"3ca16446631671223c0a06dea7114ab3"
vary
Accept-Encoding, Origin
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
cache-control
public, max-age=31536000
x-amz-cf-id
kn7w8fLZSxEEQT4fCRNFHZiR5bb4HvYPlp4TwRiaA1gBq9QbbapvRQ==
line-awesome.css
dmws6zo5g7pcv.cloudfront.net/lib/css/
87 KB
16 KB
Stylesheet
General
Full URL
https://dmws6zo5g7pcv.cloudfront.net/lib/css/line-awesome.css?v=a179e9ebb9
Requested by
Host: www.4tracking.net
URL: https://www.4tracking.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:223f:a200:7:39c0:7c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0dd17dd7ad7f943d8e6ca96d71aac8c51c849972a7d513f44b4610df0628e879
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.4tracking.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 18 Oct 2022 12:43:52 GMT
x-content-type-options
nosniff
x-amz-version-id
CmIslYKG0gU.0cZqONPstNgkpVZW.8FX
content-encoding
gzip
x-amz-cf-pop
FRA56-P5
age
17177977
via
1.1 342054511f9732c450e11bade76323dc.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Sat, 13 Nov 2021 19:48:27 GMT
server
AmazonS3
etag
W/"944f77ddc05009d022361da53ba6bc26"
vary
Accept-Encoding, Origin
x-frame-options
SAMEORIGIN
content-type
text/css
cache-control
public, max-age=31536000
x-amz-cf-id
enndLDf4P4rGM6PsFQkpTz6EsGmNlAjmobVCd3FRFbO3yRMJo3_3Bw==
roboto.css
dmws6zo5g7pcv.cloudfront.net/lib/css/
376 B
752 B
Stylesheet
General
Full URL
https://dmws6zo5g7pcv.cloudfront.net/lib/css/roboto.css?v=a179e9ebb9
Requested by
Host: www.4tracking.net
URL: https://www.4tracking.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:223f:a200:7:39c0:7c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0db09a391baac16aac73981e79e3e633568e827ea1ccf14df6418c6c06f0424f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.4tracking.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Wed, 12 Apr 2023 00:52:28 GMT
x-amz-version-id
MbssNPlK8f_rVLu21zhn3XaUNJiyago5
via
1.1 342054511f9732c450e11bade76323dc.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
x-amz-cf-pop
FRA56-P5
age
2014261
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
376
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Sat, 13 Nov 2021 19:48:27 GMT
server
AmazonS3
etag
"264d65e87cc5c8abc02c8f1928cc14e1"
vary
Origin
x-frame-options
SAMEORIGIN
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
x-amz-cf-id
VOKUNcvc8IfLHeHw_eH9j9A36YRlobyAyLEIUNES0ZfC0vASNVPN8A==
sync_cookie_image_decide_secondary
mc.yandex.com/
Redirect Chain
  • https://mc.yandex.com/sync_cookie_image_check_secondary
  • https://mc.yandex.ru/sync_cookie_image_start_secondary?redirect_domain=mc.yandex.com&token=9992.1UG2sZDwGz0bZvCb_Nc7VLthqJzOPlEIWEU8X-tgQTpB8QmX8Qo31f-ZTtEK2OyI.1R5DAtwJ2GLFxRyX82NNiIwSl8g%2C
  • https://mc.yandex.com/sync_cookie_image_decide_secondary?token=9992.vWFcPCiGNe60IbNAREQvdUk7uYEtrGlZ7m-Yfu4OAtywcIAfTniz5sPIc1wVdQ7r9RSjCp25lWurtAShnmFzj8i2F3xNLZWYJD3CzAul24g%2C.wgA_WaztCopJgBr48d...
43 B
91 B
Image
General
Full URL
https://mc.yandex.com/sync_cookie_image_decide_secondary?token=9992.vWFcPCiGNe60IbNAREQvdUk7uYEtrGlZ7m-Yfu4OAtywcIAfTniz5sPIc1wVdQ7r9RSjCp25lWurtAShnmFzj8i2F3xNLZWYJD3CzAul24g%2C.wgA_WaztCopJgBr48d0SjysD6bo%2C
Protocol
H2
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.4tracking.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Fri, 05 May 2023 08:23:28 GMT
strict-transport-security
max-age=31536000
content-length
43
x-xss-protection
1; mode=block
content-type
image/gif

Redirect headers

location
https://mc.yandex.com/sync_cookie_image_decide_secondary?token=9992.vWFcPCiGNe60IbNAREQvdUk7uYEtrGlZ7m-Yfu4OAtywcIAfTniz5sPIc1wVdQ7r9RSjCp25lWurtAShnmFzj8i2F3xNLZWYJD3CzAul24g%2C.wgA_WaztCopJgBr48d0SjysD6bo%2C
date
Fri, 05 May 2023 08:23:28 GMT
strict-transport-security
max-age=31536000
x-xss-protection
1; mode=block
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/
139 KB
47 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: dmws6zo5g7pcv.cloudfront.net
URL: https://dmws6zo5g7pcv.cloudfront.net/lib/js/core.js?v=a179e9ebb9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
858210ab243d1ab89ceb89864d3f07ef3d3fd2946a65842a6e6b62fc5166c955
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.4tracking.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Fri, 05 May 2023 08:23:28 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
47548
x-xss-protection
0
server
cafe
etag
5151798350049206809
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Fri, 05 May 2023 08:23:28 GMT
la-brands-400.woff2
dmws6zo5g7pcv.cloudfront.net/lib/fonts/
83 KB
83 KB
Font
General
Full URL
https://dmws6zo5g7pcv.cloudfront.net/lib/fonts/la-brands-400.woff2
Requested by
Host: dmws6zo5g7pcv.cloudfront.net
URL: https://dmws6zo5g7pcv.cloudfront.net/lib/css/line-awesome.css?v=a179e9ebb9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:a200:7:39c0:7c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ff70c9bc4650cf5e6b12d1feaa7af29ebf0681993fc0c5ffe3658cea0dbd5403
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://dmws6zo5g7pcv.cloudfront.net/lib/css/line-awesome.css?v=a179e9ebb9
Origin
https://www.4tracking.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Mon, 23 May 2022 03:20:16 GMT
x-amz-version-id
YNOYBEoA2TEC40GSyALAKGuD_JjmjCq9
via
1.1 91dc0292eef4e22508a3ae73fe64bbf4.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
x-amz-cf-pop
FRA56-P5
age
29998993
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
84772
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Sat, 13 Nov 2021 19:48:28 GMT
server
AmazonS3
etag
"54b0b4e7de85711c3796882b2b19eb00"
x-frame-options
SAMEORIGIN
content-type
binary/octet-stream
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-amz-cf-id
P-LnTlk7N493cVjkvxK9t7GQfzAwSvGvCF9L0a5gcTMwahe3ZthGCg==
la-solid-900.woff2
dmws6zo5g7pcv.cloudfront.net/lib/fonts/
94 KB
95 KB
Font
General
Full URL
https://dmws6zo5g7pcv.cloudfront.net/lib/fonts/la-solid-900.woff2
Requested by
Host: dmws6zo5g7pcv.cloudfront.net
URL: https://dmws6zo5g7pcv.cloudfront.net/lib/css/line-awesome.css?v=a179e9ebb9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:a200:7:39c0:7c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
10a68e01209d939afa9318ee71601b0a6e10f025d4cd6d98a492d340b73941fb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://dmws6zo5g7pcv.cloudfront.net/lib/css/line-awesome.css?v=a179e9ebb9
Origin
https://www.4tracking.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Mon, 23 May 2022 03:20:16 GMT
x-amz-version-id
DfMNxR_lCZLxqWbma9KrUYpRKichJLB.
via
1.1 91dc0292eef4e22508a3ae73fe64bbf4.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
x-amz-cf-pop
FRA56-P5
age
29998993
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
96752
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Sat, 13 Nov 2021 19:48:28 GMT
server
AmazonS3
etag
"36fc297902c9a2e857858baa6ac25f2c"
x-frame-options
SAMEORIGIN
content-type
binary/octet-stream
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-amz-cf-id
s--5s6RDPogpZY8ItaW-Ulkcte8eVm5p3yMPhjYxrDeQWRdrkypKjQ==
singapore-post.svg
dmws6zo5g7pcv.cloudfront.net/lib/img/carriers/
7 KB
3 KB
Image
General
Full URL
https://dmws6zo5g7pcv.cloudfront.net/lib/img/carriers/singapore-post.svg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:223f:a200:7:39c0:7c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7d784d7f7f94e5a9339af2407aee24dc7f831c2bcf9a466873ad3bd264975a80
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.4tracking.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sun, 22 May 2022 06:06:30 GMT
x-content-type-options
nosniff
x-amz-version-id
bjSxXQV02bpUcJRbGJSEWH90cg_ldjXi
content-encoding
br
x-amz-cf-pop
FRA56-P5
age
30075419
via
1.1 342054511f9732c450e11bade76323dc.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Sat, 13 Nov 2021 19:48:32 GMT
server
AmazonS3
etag
W/"e33a3dda3ded495d0652ca944057ae49"
vary
Accept-Encoding, Origin
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
cache-control
public, max-age=31536000
x-amz-cf-id
EnMhpIz0zWzA877p7fEngOtg2hJ6b0rksUlhwcSy0H0kkbOF4ypvaQ==
tnt.svg
dmws6zo5g7pcv.cloudfront.net/lib/img/carriers/
1 KB
995 B
Image
General
Full URL
https://dmws6zo5g7pcv.cloudfront.net/lib/img/carriers/tnt.svg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:223f:a200:7:39c0:7c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
586c099a757627b53f44ceb074ded074aad6b7f5be072baa2e49629f0c552d22
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.4tracking.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 23 May 2022 04:05:06 GMT
x-content-type-options
nosniff
x-amz-version-id
NugW1G2n3bEP3y7chWMtMvtkINYuXWgw
content-encoding
br
x-amz-cf-pop
FRA56-P5
age
29996303
via
1.1 342054511f9732c450e11bade76323dc.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Sat, 13 Nov 2021 19:48:32 GMT
server
AmazonS3
etag
W/"1ca1b6150bd654c896f1402b3543a9a5"
vary
Accept-Encoding, Origin
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
cache-control
public, max-age=31536000
x-amz-cf-id
kn6eXYRvNblBauKzTGpbKgsDWXfMe20hzdxC-ftYNgUzE1CADRYskA==
brazil-correios.svg
dmws6zo5g7pcv.cloudfront.net/lib/img/carriers/
3 KB
2 KB
Image
General
Full URL
https://dmws6zo5g7pcv.cloudfront.net/lib/img/carriers/brazil-correios.svg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:223f:a200:7:39c0:7c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
804c3aa6184b3009516c9330c448306ce0a8861d7deb244ff5881aff79cebe3e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.4tracking.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sun, 22 May 2022 22:30:11 GMT
x-content-type-options
nosniff
x-amz-version-id
V5Bpb2SedONVrUQGxmsStXuerTxAQBJf
content-encoding
br
x-amz-cf-pop
FRA56-P5
age
30016398
via
1.1 342054511f9732c450e11bade76323dc.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Sat, 13 Nov 2021 19:48:29 GMT
server
AmazonS3
etag
W/"9ae385cec13f12aa3316d7a9eec5f02b"
vary
Accept-Encoding, Origin
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
cache-control
public, max-age=31536000
x-amz-cf-id
yalKmx6CVGIcaLS-FOSHsPXVeX2hfhprxukxfA_ezbxVYyVahYCLAA==
royal-mail.svg
dmws6zo5g7pcv.cloudfront.net/lib/img/carriers/
4 KB
2 KB
Image
General
Full URL
https://dmws6zo5g7pcv.cloudfront.net/lib/img/carriers/royal-mail.svg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:223f:a200:7:39c0:7c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
291dd884f4e40a1a76f756adf2da11bcd369a054573da7f455e533e306f9c471
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.4tracking.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sun, 22 May 2022 09:37:57 GMT
x-content-type-options
nosniff
x-amz-version-id
AlLJMqxFTxRtp1IqICtCqPCGsWDK.ThI
content-encoding
br
x-amz-cf-pop
FRA56-P5
age
30062732
via
1.1 342054511f9732c450e11bade76323dc.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Sat, 13 Nov 2021 19:48:31 GMT
server
AmazonS3
etag
W/"3e82294077172dbd609a0b461776bbf1"
vary
Accept-Encoding, Origin
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
cache-control
public, max-age=31536000
x-amz-cf-id
uYVpGxVruEZSInTwFVt4DbSPuQgIVx4PJiT7iXWZHjAtfnuY0QuOxA==
canada-post.svg
dmws6zo5g7pcv.cloudfront.net/lib/img/carriers/
512 B
903 B
Image
General
Full URL
https://dmws6zo5g7pcv.cloudfront.net/lib/img/carriers/canada-post.svg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:223f:a200:7:39c0:7c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a3208f29d81ac1b864d1e2b65dca1a1b19443de4b29f0f4a91882e64ed5294e7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.4tracking.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Mon, 23 May 2022 05:33:54 GMT
x-amz-version-id
2RjPWSoiFoSG2vedglvExVgG5IvDZ4fH
via
1.1 342054511f9732c450e11bade76323dc.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
x-amz-cf-pop
FRA56-P5
age
29990975
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
512
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Sat, 13 Nov 2021 19:48:29 GMT
server
AmazonS3
etag
"20831a297bd547dda8f934ceb61ba668"
vary
Origin
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
cache-control
public, max-age=31536000
accept-ranges
bytes
x-amz-cf-id
PxTKunWcuG3hotDrWxxhiDuUhNUhHCqplNRCIdDMJwvrTVxKe7M38A==
russian-post.svg
dmws6zo5g7pcv.cloudfront.net/lib/img/carriers/
4 KB
2 KB
Image
General
Full URL
https://dmws6zo5g7pcv.cloudfront.net/lib/img/carriers/russian-post.svg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:223f:a200:7:39c0:7c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bc5ceb62932646b61fc1724ae1280fca194feeaf470f89de876056531ecf9150
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.4tracking.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sun, 22 May 2022 15:38:54 GMT
x-content-type-options
nosniff
x-amz-version-id
dMRfYvz53pe3PVXg1lGPhuIydr5fnSED
content-encoding
gzip
x-amz-cf-pop
FRA56-P5
age
30041075
via
1.1 342054511f9732c450e11bade76323dc.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Sat, 13 Nov 2021 19:48:31 GMT
server
AmazonS3
etag
W/"ff9ba704c3a181723cf84ce50124e574"
vary
Accept-Encoding, Origin
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
cache-control
public, max-age=31536000
x-amz-cf-id
sbOLaUx1GFQ97XnoJsOiReD95iyBtuPjvnS0Qnc47tx2EcsIMMRZjA==
morocco-post.svg
dmws6zo5g7pcv.cloudfront.net/lib/img/carriers/
9 KB
4 KB
Image
General
Full URL
https://dmws6zo5g7pcv.cloudfront.net/lib/img/carriers/morocco-post.svg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:223f:a200:7:39c0:7c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d6bbcca6a56e95bfdac0eaedc26c740c6e999a8d823acb4eda3b52500e3538af
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.4tracking.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sun, 22 May 2022 06:06:31 GMT
x-content-type-options
nosniff
x-amz-version-id
1YkXO2JyekMotSsUWMA.bHOJh7JZ94WG
content-encoding
br
x-amz-cf-pop
FRA56-P5
age
30075418
via
1.1 342054511f9732c450e11bade76323dc.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Sat, 13 Nov 2021 19:48:31 GMT
server
AmazonS3
etag
W/"1c45f7448dec816710793af52be50861"
vary
Accept-Encoding, Origin
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
cache-control
public, max-age=31536000
x-amz-cf-id
wWH_fJMvbkKcL_WzQC88REgRl7FrdHohfEvKNRwAneI0TPet-8xP_w==
amana.svg
dmws6zo5g7pcv.cloudfront.net/lib/img/carriers/
3 KB
2 KB
Image
General
Full URL
https://dmws6zo5g7pcv.cloudfront.net/lib/img/carriers/amana.svg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:223f:a200:7:39c0:7c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2ba4822e338fdd56532a0ee740aebb6415f5853f5f55425c584bbfa20232bd57
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.4tracking.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 23 May 2022 03:39:21 GMT
x-content-type-options
nosniff
x-amz-version-id
HYNvA5Aq21Ph5JbDUfLpHdumLtb22Cxm
content-encoding
br
x-amz-cf-pop
FRA56-P5
age
29997848
via
1.1 342054511f9732c450e11bade76323dc.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Sat, 13 Nov 2021 19:48:28 GMT
server
AmazonS3
etag
W/"5f69f98ded8f11021bdcb28a20ce2d21"
vary
Accept-Encoding, Origin
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
cache-control
public, max-age=31536000
x-amz-cf-id
cAamyqtaH2bJnKP7BvCml50fDNAhb5aQ3WuEpVcLxEgNilz5cauq7g==
4px.svg
dmws6zo5g7pcv.cloudfront.net/lib/img/carriers/
570 B
960 B
Image
General
Full URL
https://dmws6zo5g7pcv.cloudfront.net/lib/img/carriers/4px.svg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:223f:a200:7:39c0:7c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9bede90624851ed107c8c9c95eac1abc5d99a065129b6cadeaa0a12137011eed
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.4tracking.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Sun, 09 Oct 2022 18:58:34 GMT
x-amz-version-id
DbUvxDVDVjCHtgY8CzT18LAEXvFxsNmp
via
1.1 342054511f9732c450e11bade76323dc.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
x-amz-cf-pop
FRA56-P5
age
17933095
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
570
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Sat, 13 Nov 2021 19:48:28 GMT
server
AmazonS3
etag
"b2b8ef31bcdf8b62e3e411e9e85a21ca"
vary
Origin
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
cache-control
public, max-age=31536000
accept-ranges
bytes
x-amz-cf-id
ZiL0_8_7oSMZenhQdd7kfrMFnW8iiXjM3Gac2zPjzYeOb3_SIeCmcg==
china-ems.svg
dmws6zo5g7pcv.cloudfront.net/lib/img/carriers/
2 KB
1 KB
Image
General
Full URL
https://dmws6zo5g7pcv.cloudfront.net/lib/img/carriers/china-ems.svg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:223f:a200:7:39c0:7c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bde129d054b39c1c28483ca6bb88e16742f4d6b3d2cedaf7fb2af5f201471fd5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.4tracking.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sun, 22 May 2022 05:38:31 GMT
x-content-type-options
nosniff
x-amz-version-id
D3wMKrU7IKLBCpDxKfbDp_R8Td94zTgt
content-encoding
br
x-amz-cf-pop
FRA56-P5
age
30077098
via
1.1 342054511f9732c450e11bade76323dc.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Sat, 13 Nov 2021 19:48:29 GMT
server
AmazonS3
etag
W/"0fa23d62670e3ea4ccb3ebb7f935cad2"
vary
Accept-Encoding, Origin
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
cache-control
public, max-age=31536000
x-amz-cf-id
QbORFzYCmLQs4p0yYujixZDCLwHPiPv2j1TA5tAOQdXza7wGo_Q5mA==
fedex.svg
dmws6zo5g7pcv.cloudfront.net/lib/img/carriers/
1 KB
973 B
Image
General
Full URL
https://dmws6zo5g7pcv.cloudfront.net/lib/img/carriers/fedex.svg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:223f:a200:7:39c0:7c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
28df7da4aa712323b65cbceabded81777805223bedd32f6ac5f7a5c31365fb25
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.4tracking.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sun, 22 May 2022 22:30:11 GMT
x-content-type-options
nosniff
x-amz-version-id
qbw6U8n7YpkFB_7Wz63OK_hV1aOT0Lg3
content-encoding
br
x-amz-cf-pop
FRA56-P5
age
30016398
via
1.1 342054511f9732c450e11bade76323dc.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Sat, 13 Nov 2021 19:48:30 GMT
server
AmazonS3
etag
W/"225088b9eccf95bea50d8be424669e60"
vary
Accept-Encoding, Origin
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
cache-control
public, max-age=31536000
x-amz-cf-id
ZatMUPduTrgn5IS5v9xvssrSHDuhFznykvjpgO9A9Zhv7Z782bJThg==
yanwen.svg
dmws6zo5g7pcv.cloudfront.net/lib/img/carriers/
795 B
1 KB
Image
General
Full URL
https://dmws6zo5g7pcv.cloudfront.net/lib/img/carriers/yanwen.svg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:223f:a200:7:39c0:7c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
68c24818c6f6154da2512ad8c5e7a65e807515b77bd20181bb7b1fa9dce174dc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.4tracking.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Tue, 24 Jan 2023 22:34:53 GMT
x-amz-version-id
Ied.wssjZBMtxm_tvyFb62_AMOwZTYar
via
1.1 342054511f9732c450e11bade76323dc.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
x-amz-cf-pop
FRA56-P5
age
8675316
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
795
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Sat, 13 Nov 2021 19:48:33 GMT
server
AmazonS3
etag
"672b0f87e445635d81cd83c5fcddcefe"
vary
Origin
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
cache-control
public, max-age=31536000
accept-ranges
bytes
x-amz-cf-id
eTI1soSrbRnzGwAS2KkyTZl7ie7cW0yhKfiEPX86p0D3cIQbodjQ8Q==
sypost.svg
dmws6zo5g7pcv.cloudfront.net/lib/img/carriers/
3 KB
2 KB
Image
General
Full URL
https://dmws6zo5g7pcv.cloudfront.net/lib/img/carriers/sypost.svg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:223f:a200:7:39c0:7c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7d6e5d1bbd1eb1dccde29043833a9e31bfc6b3d62c096f681e81cf0e4976675d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.4tracking.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sun, 22 May 2022 06:06:31 GMT
x-content-type-options
nosniff
x-amz-version-id
WchNc80u2U0JFRcxVMcAQslqCyFoPw8u
content-encoding
br
x-amz-cf-pop
FRA56-P5
age
30075418
via
1.1 342054511f9732c450e11bade76323dc.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Sat, 13 Nov 2021 19:48:32 GMT
server
AmazonS3
etag
W/"9995c3318e02d1153fb4cf624c98f6bd"
vary
Accept-Encoding, Origin
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
cache-control
public, max-age=31536000
x-amz-cf-id
H3dUR8vJlqLD8rDrQWg-BPXsyeklYLOGqcqVkK51KCqZs5ff5jMLBg==
malaysia-post.svg
dmws6zo5g7pcv.cloudfront.net/lib/img/carriers/
2 KB
1 KB
Image
General
Full URL
https://dmws6zo5g7pcv.cloudfront.net/lib/img/carriers/malaysia-post.svg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:223f:a200:7:39c0:7c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c560777099eaee85b8b70876660aaec906d2c34b3d95a7be54835c7578202b68
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.4tracking.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sun, 22 May 2022 06:06:31 GMT
x-content-type-options
nosniff
x-amz-version-id
AyoIpOJT3Dmb_mhHann.OuBTMaYFkzUd
content-encoding
br
x-amz-cf-pop
FRA56-P5
age
30075418
via
1.1 342054511f9732c450e11bade76323dc.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Sat, 13 Nov 2021 19:48:31 GMT
server
AmazonS3
etag
W/"d39d106bf46bd73c7faaa49b0bd53e74"
vary
Accept-Encoding, Origin
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
cache-control
public, max-age=31536000
x-amz-cf-id
B4mLCKHpPnMQ89CnOeydn8lLlFOH9wtexG-n2MijW4DvX4PeGD8VhQ==
dhl-ecommerce.svg
dmws6zo5g7pcv.cloudfront.net/lib/img/carriers/
1 KB
1 KB
Image
General
Full URL
https://dmws6zo5g7pcv.cloudfront.net/lib/img/carriers/dhl-ecommerce.svg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:223f:a200:7:39c0:7c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
650d4cf8d49a2d6ea2225fed9729a014cee737704311c8ac56ca613261495668
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.4tracking.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sun, 22 May 2022 09:29:34 GMT
x-content-type-options
nosniff
x-amz-version-id
27p3mpyIVOj.1_EtXVUDmaQsJ05U7Dmu
content-encoding
br
x-amz-cf-pop
FRA56-P5
age
30063235
via
1.1 342054511f9732c450e11bade76323dc.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Sat, 13 Nov 2021 19:48:29 GMT
server
AmazonS3
etag
W/"dd65639459b3870fb40af397443d2539"
vary
Accept-Encoding, Origin
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
cache-control
public, max-age=31536000
x-amz-cf-id
bFdM2g02jmht_XNATyy0rdkk1jMKS37bNNU2uINGcCD2zyqN37lbgA==
posten-norge.svg
dmws6zo5g7pcv.cloudfront.net/lib/img/carriers/
1004 B
803 B
Image
General
Full URL
https://dmws6zo5g7pcv.cloudfront.net/lib/img/carriers/posten-norge.svg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:223f:a200:7:39c0:7c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7ecc8f7948d19b7bc65ceaec9d6b42b8d1bd8e00ffd0a99359cf298d2912f44f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.4tracking.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sun, 22 May 2022 06:06:31 GMT
x-content-type-options
nosniff
x-amz-version-id
v6tpqSbEtglD6u3sZOvN9GttZ2dh7Yww
content-encoding
br
x-amz-cf-pop
FRA56-P5
age
30075418
via
1.1 342054511f9732c450e11bade76323dc.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Sat, 13 Nov 2021 19:48:31 GMT
server
AmazonS3
etag
W/"7147aeb2929fc3f16c2dca6432cd3722"
vary
Accept-Encoding, Origin
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
cache-control
public, max-age=31536000
x-amz-cf-id
gTYHz1kWaXaRU_PVs-hsqAU6ggUk7xxyUe4CJfoNIzj3KBPvuaovig==
hong-kong-post.svg
dmws6zo5g7pcv.cloudfront.net/lib/img/carriers/
1 KB
885 B
Image
General
Full URL
https://dmws6zo5g7pcv.cloudfront.net/lib/img/carriers/hong-kong-post.svg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:223f:a200:7:39c0:7c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6102d04c941d6210d46440fa9b49fd2e9c306044191f4d804235e467dbd128ec
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.4tracking.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sun, 22 May 2022 05:38:33 GMT
x-content-type-options
nosniff
x-amz-version-id
_6cgYk2M0hNVMu5tCBsh6KVrM1WUwnWI
content-encoding
br
x-amz-cf-pop
FRA56-P5
age
30077096
via
1.1 342054511f9732c450e11bade76323dc.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Sat, 13 Nov 2021 19:48:30 GMT
server
AmazonS3
etag
W/"9d1635dcf9e3e72a2d045605d7407a9a"
vary
Accept-Encoding, Origin
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
cache-control
public, max-age=31536000
x-amz-cf-id
HeU60HG9PDMiozSoDUkYKeOprunqSn2krUb5zYBifitHv7DOtcpgjg==
australia-post.svg
dmws6zo5g7pcv.cloudfront.net/lib/img/carriers/
503 B
892 B
Image
General
Full URL
https://dmws6zo5g7pcv.cloudfront.net/lib/img/carriers/australia-post.svg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:223f:a200:7:39c0:7c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b5b33956a685abfb1f8f3dbeb318600204952fbeda827b252add64721e02d691
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.4tracking.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Wed, 15 Mar 2023 15:33:37 GMT
x-amz-version-id
TEdhvyEa2vqgATMTj5_659ugSDA7M3sJ
via
1.1 342054511f9732c450e11bade76323dc.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
x-amz-cf-pop
FRA56-P5
age
4380592
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
503
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Sat, 13 Nov 2021 19:48:29 GMT
server
AmazonS3
etag
"1790179d063fb4f48c37086de40b2b24"
vary
Origin
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
cache-control
public, max-age=31536000
accept-ranges
bytes
x-amz-cf-id
iebtrlVRnxhues7vmLSXsp4UdH-TcrwZrsLVnt9IFGsGGj7tfxO83A==
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20230502/r20190131/ Frame 19CD
10 KB
5 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20230502/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
eb7a209e3af2f5e7045a326f81414b39f02551eb158e859c190a7a84db7c4d5d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.4tracking.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
2850
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4540
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 05 May 2023 07:35:58 GMT
etag
15057649708203361565
expires
Fri, 19 May 2023 07:35:58 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305040101/
355 KB
120 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305040101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5270614258572210&plah=www.4tracking.net&bust=31074375
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c0acd32e2d4ee35ebc9307debe66ca22971302ebcc2758d6370a5f106feebf04
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.4tracking.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Fri, 05 May 2023 08:23:28 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
122341
x-xss-protection
0
server
cafe
etag
15266249925505203313
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Fri, 05 May 2023 08:23:28 GMT
cookie.js
partner.googleadservices.com/gampad/
393 B
606 B
Script
General
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=www.4tracking.net&callback=_gfp_s_&client=ca-pub-5270614258572210
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305040101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5270614258572210&plah=www.4tracking.net&bust=31074375
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ae6ad5e2a9cb266f689ad8463c67f9b7da15432c911f2921ba7f33603fbccc72
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.4tracking.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Fri, 05 May 2023 08:23:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
254
x-xss-protection
0
integrator.js
adservice.google.de/adsid/
107 B
531 B
Script
General
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.4tracking.net
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305040101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5270614258572210&plah=www.4tracking.net&bust=31074375
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.4tracking.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Fri, 05 May 2023 08:23:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/
107 B
456 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.4tracking.net
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305040101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5270614258572210&plah=www.4tracking.net&bust=31074375
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.4tracking.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Fri, 05 May 2023 08:23:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 18C8
97 KB
33 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5270614258572210&output=html&h=90&slotname=5848640411&adk=1435077868&adf=3229680868&pi=t.ma~as.5848640411&w=728&lmt=1683228166&rafmt=12&format=728x90&url=https%3A%2F%2Fwww.4tracking.net%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1683275008569&bpp=4&bdt=1252&idt=255&shv=r20230502&mjsv=m202305040101&ptt=9&saldr=aa&abxe=1&correlator=1046783675331&frm=20&pv=2&ga_vid=962754724.1683275008&ga_sid=1683275009&ga_hid=1420682137&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=451&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44773810%2C44759875%2C44759842%2C31074375%2C44788442%2C44790154&oid=2&pvsid=3569935117281894&tmod=2100584893&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=1&uci=a!1&fsb=1&xpc=S4qv80dpii&p=https%3A//www.4tracking.net&dtd=271
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305040101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5270614258572210&plah=www.4tracking.net&bust=31074375
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3dac1ed800c6eac116cc9b4401034d759594c69fe39a7a4bbc8b8a05d19d030c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.4tracking.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
34088
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 05 May 2023 08:23:30 GMT
expires
Fri, 05 May 2023 08:23:30 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/
15 KB
11 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230502&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305040101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5270614258572210&plah=www.4tracking.net&bust=31074375
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
69fe2095aa8eb0968f01a97d73aa29888f499ed9727eb4ab41426e5a595567d1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.4tracking.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Fri, 05 May 2023 08:23:28 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11235
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 87B6
0
179 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5270614258572210&output=html&adk=1812271804&adf=3025194257&lmt=1683228166&plat=3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fwww.4tracking.net%2F&ea=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1683275008574&bpp=2&bdt=1258&idt=271&shv=r20230502&mjsv=m202305040101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90&nras=1&correlator=1046783675331&frm=20&pv=1&ga_vid=962754724.1683275008&ga_sid=1683275009&ga_hid=1420682137&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44773810%2C44759875%2C44759842%2C31074375%2C44788442%2C44790154&oid=2&pvsid=3569935117281894&tmod=2100584893&uas=0&nvt=1&fsapi=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=2&uci=a!2&fsb=1&dtd=292
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305040101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5270614258572210&plah=www.4tracking.net&bust=31074375
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.4tracking.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 05 May 2023 08:23:29 GMT
expires
Fri, 05 May 2023 08:23:29 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/
17 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305040101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5270614258572210&plah=www.4tracking.net&bust=31074375
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.4tracking.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Fri, 05 May 2023 08:23:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 05 May 2023 08:23:29 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame BC19
13 KB
5 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.4tracking.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1487
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 05 May 2023 07:58:42 GMT
expires
Sat, 04 May 2024 07:58:42 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame A15C
783 B
1 KB
Document
General
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
07fcca520be35d667be1609db403289fb0abf3d3ef26afade401d391d9299a4a
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-20NFqocRcxddggqIBXtYPQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.4tracking.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-length
511
content-security-policy
script-src 'report-sample' 'nonce-20NFqocRcxddggqIBXtYPQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 05 May 2023 08:23:29 GMT
expires
Fri, 05 May 2023 08:23:29 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
bm1_94Kb-kItKk9BUfYvqSgel0djyAicUnZvZLzBumQ.js
pagead2.googlesyndication.com/bg/ Frame BC19
37 KB
14 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/bm1_94Kb-kItKk9BUfYvqSgel0djyAicUnZvZLzBumQ.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6e6d7ff7829bfa422d2a4f4151f62fa9281e974763c8089c52766f64bcc1ba64
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Tue, 02 May 2023 18:15:27 GMT
content-encoding
br
x-content-type-options
nosniff
age
223682
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14581
x-xss-protection
0
last-modified
Mon, 01 May 2023 14:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 01 May 2024 18:15:27 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame A15C
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230502&jk=3569935117281894&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

generate_204
tpc.googlesyndication.com/ Frame BC19
0
10 B
Image
General
Full URL
https://tpc.googlesyndication.com/generate_204?yBnd_w
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Fri, 05 May 2023 08:23:29 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
man-thinking.svg
dmws6zo5g7pcv.cloudfront.net/lib/img/
2 KB
1 KB
Image
General
Full URL
https://dmws6zo5g7pcv.cloudfront.net/lib/img/man-thinking.svg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:223f:a200:7:39c0:7c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3ef3f7f2ef974d7690d16e36e4598cfb649eab643d0490257d10271a2d3108ac
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.4tracking.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 23 May 2022 05:24:11 GMT
x-content-type-options
nosniff
x-amz-version-id
p1ob_iE1tnO40huAjFmMlEOubzAVzadS
content-encoding
br
x-amz-cf-pop
FRA56-P5
age
29991559
via
1.1 342054511f9732c450e11bade76323dc.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Sat, 13 Nov 2021 19:48:36 GMT
server
AmazonS3
etag
W/"5de3bc870858eb6628b829f4ee91c65f"
vary
Accept-Encoding, Origin
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
cache-control
public, max-age=31536000
x-amz-cf-id
ywcib7EgUmYCWUs8tVf9pQ1Wzm3qLjAav-IYiK4zHI2844wYOHO3Rw==
sodar
pagead2.googlesyndication.com/pagead/
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230502&jk=3569935117281894&bg=!n5ylnMjNAAYV_mUANf47ADkAdvg8WocFxpaZ2f8LJV3tPK-Gt33pQ6xEEVMY8Wg3Fv7dV8s-QBBLyaQuHmZXXRXB6EXimD-Q7f0CAAAAW1IAAAADaAEHmQLBuM2ect1n7DLz0y6E3UIDxjSP1PhlUj28f8rGGmMHd5x3k8sGqXgzIx1SbCRGQvS6aKxYeWPtEn_zOK9RgsSrZ7OdjmjiGwrP0DUr_hvKWcSYY-pzB_fh2wwFB8MiUK9wmPTYHN0r6klKKv9tSC6CgD4BCtWjrTG0QROIINvYKqwTaoFR73_DBSKY6mBWGllARvPAtyuYhDN6qww6iegstbFO49ORS1-LAla7u3xhjTTUiLDfmzy-BN9aSk-ysYPmcMAYaHjQDCm7vqc9jVaPjiHtNEBnNC-N57EyK9pPXxOCH4S1V4gCdSC0awoQwX2D8CGA4wClqFf-wfldtEKfM80NJYXVvp-IWDafVTPdCZ3WIrTUMd4T2XFzN6ZXILunhGt2IR4JnEKvtSv-AdB4u5yupIBxe-p22xPGPP8L67_uxCt5s1qfwBrOJ6cAdvYjsRqS65fM3ONqZDrtusMlwM6cOMyZz_E8AA-aO13Ds0g8RK8cYQv_5a9DmIp-IkZmsCRBMbq-ve52pbak-dFon7jJXeFmCq2ZwVGYiXG1ouxZXA8oKrd50BtLmjPTlUH92rVkyo8qwnR6-VJJQP2WnINJ0oFIDrFpFKNtroCxp4lppRmFT8YTJjHas9ANWxWFRNrJWwkVGKGSLK2N_SI2ROkZvWC5tj86RDbMIt6dlbSxbZHw655FxqHKhruA6spJWY0-qNQ7ylHle0u2HIa4GG1eYrIcMw6eP4sJkkyF2u6zqP5HdlR2jWF6s1M7GLb_pEUCB8JCBLs-RiJ4GXR4k0O-fFAvMyFbL27pEfH4ZCGPIkdeHZqQSBHNPWTKx9j5xDCAG2mkhL6Z46kHXKBYBXEIAMTxtSFKmbhf3b2wq9irOJ69aEnqVlO5O_6IRmaNjVA9f_SUOrapxw1mlUqlYXPCG-XQKaMXQkgmPxV2V6wd
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.4tracking.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

css
fonts.googleapis.com/ Frame 18C8
9 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5270614258572210&output=html&h=90&slotname=5848640411&adk=1435077868&adf=3229680868&pi=t.ma~as.5848640411&w=728&lmt=1683228166&rafmt=12&format=728x90&url=https%3A%2F%2Fwww.4tracking.net%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1683275008569&bpp=4&bdt=1252&idt=255&shv=r20230502&mjsv=m202305040101&ptt=9&saldr=aa&abxe=1&correlator=1046783675331&frm=20&pv=2&ga_vid=962754724.1683275008&ga_sid=1683275009&ga_hid=1420682137&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=451&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44773810%2C44759875%2C44759842%2C31074375%2C44788442%2C44790154&oid=2&pvsid=3569935117281894&tmod=2100584893&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=1&uci=a!1&fsb=1&xpc=S4qv80dpii&p=https%3A//www.4tracking.net&dtd=271
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
b1289ccca476df0a33259965671579525261926bf8ea0a9f4fb3ba67535c4f69
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 05 May 2023 08:23:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 05 May 2023 08:12:30 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 05 May 2023 08:23:30 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230502/r20110914/client/ Frame 18C8
2 KB
765 B
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230502/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5270614258572210&output=html&h=90&slotname=5848640411&adk=1435077868&adf=3229680868&pi=t.ma~as.5848640411&w=728&lmt=1683228166&rafmt=12&format=728x90&url=https%3A%2F%2Fwww.4tracking.net%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1683275008569&bpp=4&bdt=1252&idt=255&shv=r20230502&mjsv=m202305040101&ptt=9&saldr=aa&abxe=1&correlator=1046783675331&frm=20&pv=2&ga_vid=962754724.1683275008&ga_sid=1683275009&ga_hid=1420682137&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=451&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44773810%2C44759875%2C44759842%2C31074375%2C44788442%2C44790154&oid=2&pvsid=3569935117281894&tmod=2100584893&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=1&uci=a!1&fsb=1&xpc=S4qv80dpii&p=https%3A//www.4tracking.net&dtd=271
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Thu, 04 May 2023 17:56:47 GMT
content-encoding
br
x-content-type-options
nosniff
age
52003
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
738
x-xss-protection
0
server
cafe
etag
1394486882873449110
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 18 May 2023 17:56:47 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame 18C8
0
0
Fetch
General
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=C45KeAL1UZOqENdGgkdUPks-9-AbZ4Nu2cJaiiKmuEbrh6JnLARABIOSulx9glYKAgLQHoAHc36m4AcgBAakCuEm_tTNnsj6oAwHIA8sEqgTEAU_QzVrV77mwXUtYxCTc7-xh9xNOlD3Nbr2zWc8IzM9mRr6zaUiaWkQ9B-MLSvTuXmqfQzYKJVz-Hp2dFjuovFvI6Obdm4t5v0GsMAsoignu-C6hpL3CGmul8LgXOn-PDjtfZWRAYBKCEr-D6K7RnI7hwVvdVzXviUrfe6KJpxEqFy2SCM8Soaf6jo5RN-Q61U-A179OjeZwgZAIbfrC5M1FuhJqhQAqRikwgEilx9mITruatSxYIAt8t011AIyDkssTJ8jABJOlmbO-BJIFBAgEGAGSBQQIBRgEgAeMoNbHAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcFEKCVwAHSCBYIgOGAEBABGB8yAqoCOgKAQEi9_cE6gAoByAsB2BMCiBQC0BUBgBcBshccChoIABIUcHViLTUyNzA2MTQyNTg1NzIyMTAYAA&sigh=sgfoZb4G8Ck&uach_m=[UACH]&cid=CAQSGwBygQiDuLOYxUYf8L4DkK_J8No_AldBwuBifxgB
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5270614258572210&output=html&h=90&slotname=5848640411&adk=1435077868&adf=3229680868&pi=t.ma~as.5848640411&w=728&lmt=1683228166&rafmt=12&format=728x90&url=https%3A%2F%2Fwww.4tracking.net%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1683275008569&bpp=4&bdt=1252&idt=255&shv=r20230502&mjsv=m202305040101&ptt=9&saldr=aa&abxe=1&correlator=1046783675331&frm=20&pv=2&ga_vid=962754724.1683275008&ga_sid=1683275009&ga_hid=1420682137&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=451&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44773810%2C44759875%2C44759842%2C31074375%2C44788442%2C44790154&oid=2&pvsid=3569935117281894&tmod=2100584893&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=1&uci=a!1&fsb=1&xpc=S4qv80dpii&p=https%3A//www.4tracking.net&dtd=271
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5270614258572210&output=html&h=90&slotname=5848640411&adk=1435077868&adf=3229680868&pi=t.ma~as.5848640411&w=728&lmt=1683228166&rafmt=12&format=728x90&url=https%3A%2F%2Fwww.4tracking.net%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1683275008569&bpp=4&bdt=1252&idt=255&shv=r20230502&mjsv=m202305040101&ptt=9&saldr=aa&abxe=1&correlator=1046783675331&frm=20&pv=2&ga_vid=962754724.1683275008&ga_sid=1683275009&ga_hid=1420682137&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=451&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44773810%2C44759875%2C44759842%2C31074375%2C44788442%2C44790154&oid=2&pvsid=3569935117281894&tmod=2100584893&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=1&uci=a!1&fsb=1&xpc=S4qv80dpii&p=https%3A//www.4tracking.net&dtd=271
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Fri, 05 May 2023 08:23:30 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 05 May 2023 08:23:30 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230502/r20110914/ Frame 18C8
22 KB
9 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230502/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5270614258572210&output=html&h=90&slotname=5848640411&adk=1435077868&adf=3229680868&pi=t.ma~as.5848640411&w=728&lmt=1683228166&rafmt=12&format=728x90&url=https%3A%2F%2Fwww.4tracking.net%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1683275008569&bpp=4&bdt=1252&idt=255&shv=r20230502&mjsv=m202305040101&ptt=9&saldr=aa&abxe=1&correlator=1046783675331&frm=20&pv=2&ga_vid=962754724.1683275008&ga_sid=1683275009&ga_hid=1420682137&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=451&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44773810%2C44759875%2C44759842%2C31074375%2C44788442%2C44790154&oid=2&pvsid=3569935117281894&tmod=2100584893&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=1&uci=a!1&fsb=1&xpc=S4qv80dpii&p=https%3A//www.4tracking.net&dtd=271
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7d25d283cffb27454f0defc451d2f1d42ea8ce681aa56a395817871b895420cd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Thu, 04 May 2023 17:55:58 GMT
content-encoding
br
x-content-type-options
nosniff
age
52052
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8767
x-xss-protection
0
server
cafe
etag
1250930375877819641
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 18 May 2023 17:55:58 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230502/r20110914/client/ Frame 18C8
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230502/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5270614258572210&output=html&h=90&slotname=5848640411&adk=1435077868&adf=3229680868&pi=t.ma~as.5848640411&w=728&lmt=1683228166&rafmt=12&format=728x90&url=https%3A%2F%2Fwww.4tracking.net%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1683275008569&bpp=4&bdt=1252&idt=255&shv=r20230502&mjsv=m202305040101&ptt=9&saldr=aa&abxe=1&correlator=1046783675331&frm=20&pv=2&ga_vid=962754724.1683275008&ga_sid=1683275009&ga_hid=1420682137&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=451&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44773810%2C44759875%2C44759842%2C31074375%2C44788442%2C44790154&oid=2&pvsid=3569935117281894&tmod=2100584893&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=1&uci=a!1&fsb=1&xpc=S4qv80dpii&p=https%3A//www.4tracking.net&dtd=271
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Thu, 04 May 2023 09:18:53 GMT
content-encoding
br
x-content-type-options
nosniff
age
83077
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 18 May 2023 09:18:53 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230502/r20110914/client/ Frame 18C8
19 KB
8 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230502/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5270614258572210&output=html&h=90&slotname=5848640411&adk=1435077868&adf=3229680868&pi=t.ma~as.5848640411&w=728&lmt=1683228166&rafmt=12&format=728x90&url=https%3A%2F%2Fwww.4tracking.net%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1683275008569&bpp=4&bdt=1252&idt=255&shv=r20230502&mjsv=m202305040101&ptt=9&saldr=aa&abxe=1&correlator=1046783675331&frm=20&pv=2&ga_vid=962754724.1683275008&ga_sid=1683275009&ga_hid=1420682137&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=451&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44773810%2C44759875%2C44759842%2C31074375%2C44788442%2C44790154&oid=2&pvsid=3569935117281894&tmod=2100584893&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=1&uci=a!1&fsb=1&xpc=S4qv80dpii&p=https%3A//www.4tracking.net&dtd=271
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e0be8ceb2d04986e171369b3adac55b939dd5aa721857190ed77868420c95b59
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Thu, 04 May 2023 17:56:47 GMT
content-encoding
br
x-content-type-options
nosniff
age
52003
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7943
x-xss-protection
0
server
cafe
etag
8166942304926428282
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 18 May 2023 17:56:47 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 18C8
160 KB
49 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5270614258572210&output=html&h=90&slotname=5848640411&adk=1435077868&adf=3229680868&pi=t.ma~as.5848640411&w=728&lmt=1683228166&rafmt=12&format=728x90&url=https%3A%2F%2Fwww.4tracking.net%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1683275008569&bpp=4&bdt=1252&idt=255&shv=r20230502&mjsv=m202305040101&ptt=9&saldr=aa&abxe=1&correlator=1046783675331&frm=20&pv=2&ga_vid=962754724.1683275008&ga_sid=1683275009&ga_hid=1420682137&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=451&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44773810%2C44759875%2C44759842%2C31074375%2C44788442%2C44790154&oid=2&pvsid=3569935117281894&tmod=2100584893&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=1&uci=a!1&fsb=1&xpc=S4qv80dpii&p=https%3A//www.4tracking.net&dtd=271
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
dbe21c3c1f5415a40c7af9b0441a8515ac4a160ac5f4149717c3288046cda78e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Fri, 05 May 2023 08:23:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
50014
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1683113006724128"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 05 May 2023 08:23:31 GMT
edd8a89eee97155325ac5eb40edd3aca.js
www.gstatic.com/mysidia/ Frame 18C8
32 KB
14 KB
Script
General
Full URL
https://www.gstatic.com/mysidia/edd8a89eee97155325ac5eb40edd3aca.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5270614258572210&output=html&h=90&slotname=5848640411&adk=1435077868&adf=3229680868&pi=t.ma~as.5848640411&w=728&lmt=1683228166&rafmt=12&format=728x90&url=https%3A%2F%2Fwww.4tracking.net%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1683275008569&bpp=4&bdt=1252&idt=255&shv=r20230502&mjsv=m202305040101&ptt=9&saldr=aa&abxe=1&correlator=1046783675331&frm=20&pv=2&ga_vid=962754724.1683275008&ga_sid=1683275009&ga_hid=1420682137&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=451&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44773810%2C44759875%2C44759842%2C31074375%2C44788442%2C44790154&oid=2&pvsid=3569935117281894&tmod=2100584893&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=1&uci=a!1&fsb=1&xpc=S4qv80dpii&p=https%3A//www.4tracking.net&dtd=271
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d48ce98c517477b521a4aef635b943cac461fc3b6f52b4f4b6fbe0d83a6e06d4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Tue, 02 May 2023 18:54:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
221369
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13633
x-xss-protection
0
last-modified
Tue, 02 May 2023 18:37:16 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Mon, 31 Jul 2023 18:54:01 GMT
truncated
/ Frame 18C8
161 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
29e4c24a2fa1b6c2218b217e252a8d838cb65819a3b959a73c1a3565067ec0d9

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Content-Type
image/svg+xml
s
googleads.g.doubleclick.net/pagead/drt/ Frame E0BD
143 B
166 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5270614258572210&output=html&h=90&slotname=5848640411&adk=1435077868&adf=3229680868&pi=t.ma~as.5848640411&w=728&lmt=1683228166&rafmt=12&format=728x90&url=https%3A%2F%2Fwww.4tracking.net%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1683275008569&bpp=4&bdt=1252&idt=255&shv=r20230502&mjsv=m202305040101&ptt=9&saldr=aa&abxe=1&correlator=1046783675331&frm=20&pv=2&ga_vid=962754724.1683275008&ga_sid=1683275009&ga_hid=1420682137&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=451&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44773810%2C44759875%2C44759842%2C31074375%2C44788442%2C44790154&oid=2&pvsid=3569935117281894&tmod=2100584893&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=1&uci=a!1&fsb=1&xpc=S4qv80dpii&p=https%3A//www.4tracking.net&dtd=271
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5270614258572210&output=html&h=90&slotname=5848640411&adk=1435077868&adf=3229680868&pi=t.ma~as.5848640411&w=728&lmt=1683228166&rafmt=12&format=728x90&url=https%3A%2F%2Fwww.4tracking.net%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1683275008569&bpp=4&bdt=1252&idt=255&shv=r20230502&mjsv=m202305040101&ptt=9&saldr=aa&abxe=1&correlator=1046783675331&frm=20&pv=2&ga_vid=962754724.1683275008&ga_sid=1683275009&ga_hid=1420682137&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=451&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44773810%2C44759875%2C44759842%2C31074375%2C44788442%2C44790154&oid=2&pvsid=3569935117281894&tmod=2100584893&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=1&uci=a!1&fsb=1&xpc=S4qv80dpii&p=https%3A//www.4tracking.net&dtd=271
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
838
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 05 May 2023 08:09:32 GMT
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 18C8
216 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f4a84757ad23fc860151a83a98fa94790d0a8440e3b623c1abba40ee4a70ddcc

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Content-Type
image/png
si
googleads.g.doubleclick.net/pagead/drt/ Frame E0BD
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
17 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5270614258572210&output=html&h=90&slotname=5848640411&adk=1435077868&adf=3229680868&pi=t.ma~as.5848640411&w=728&lmt=1683228166&rafmt=12&format=728x90&url=https%3A%2F%2Fwww.4tracking.net%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1683275008569&bpp=4&bdt=1252&idt=255&shv=r20230502&mjsv=m202305040101&ptt=9&saldr=aa&abxe=1&correlator=1046783675331&frm=20&pv=2&ga_vid=962754724.1683275008&ga_sid=1683275009&ga_hid=1420682137&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=451&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44773810%2C44759875%2C44759842%2C31074375%2C44788442%2C44790154&oid=2&pvsid=3569935117281894&tmod=2100584893&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=1&uci=a!1&fsb=1&xpc=S4qv80dpii&p=https%3A//www.4tracking.net&dtd=271
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 05 May 2023 08:23:30 GMT
expires
Fri, 05 May 2023 08:23:30 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 05 May 2023 08:23:30 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v46/ Frame 18C8
29 KB
30 KB
Font
General
Full URL
https://fonts.gstatic.com/s/googlesans/v46/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
45a61a04904fc2115c440a349a65dc93d2965b0b24dc5a8172bd8b792bdbf103
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Sat, 29 Apr 2023 22:26:30 GMT
x-content-type-options
nosniff
age
467822
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29728
x-xss-protection
0
last-modified
Mon, 03 Apr 2023 16:59:50 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 28 Apr 2024 22:26:30 GMT
bm1_94Kb-kItKk9BUfYvqSgel0djyAicUnZvZLzBumQ.js
pagead2.googlesyndication.com/bg/ Frame 449D
37 KB
14 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/bm1_94Kb-kItKk9BUfYvqSgel0djyAicUnZvZLzBumQ.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5270614258572210&output=html&h=90&slotname=5848640411&adk=1435077868&adf=3229680868&pi=t.ma~as.5848640411&w=728&lmt=1683228166&rafmt=12&format=728x90&url=https%3A%2F%2Fwww.4tracking.net%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1683275008569&bpp=4&bdt=1252&idt=255&shv=r20230502&mjsv=m202305040101&ptt=9&saldr=aa&abxe=1&correlator=1046783675331&frm=20&pv=2&ga_vid=962754724.1683275008&ga_sid=1683275009&ga_hid=1420682137&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=451&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44773810%2C44759875%2C44759842%2C31074375%2C44788442%2C44790154&oid=2&pvsid=3569935117281894&tmod=2100584893&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=1&uci=a!1&fsb=1&xpc=S4qv80dpii&p=https%3A//www.4tracking.net&dtd=271
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6e6d7ff7829bfa422d2a4f4151f62fa9281e974763c8089c52766f64bcc1ba64
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Tue, 02 May 2023 18:15:27 GMT
content-encoding
br
x-content-type-options
nosniff
age
223685
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14581
x-xss-protection
0
last-modified
Mon, 01 May 2023 14:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 01 May 2024 18:15:27 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 18C8
42 B
64 B
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssnu4I0TEIJaBb5QR4QxdLzlZheFNLws7qd_8P-77-LGtnnw49rdbMO3YIqT3dABXL0q3pDZ2YSokcSTDs4QgXVKf9_1dJNVbxiDmaMndIAkGcBUgj18jmehTmZ1ol0eUQWrzU9Iw&sai=AMfl-YQL7xa9m8T7q7hWViFRUqPnGuzgmxPLAGfWRpmKkOrAM3hSgxCnVgUzPuJNK2lx5nQULybpAVoHQYAA&sig=Cg0ArKJSzJsKGZHP9KDiEAE&cid=CAQSGwBygQiDuLOYxUYf8L4DkK_J8No_AldBwuBifxgB&id=lidar2&mcvt=1000&p=0,0,90,728&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230503&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1435077868&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1683275008841&rpt=3210&met=mue&wmsd=0&pbe=0&vae=0&spb=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 05 May 2023 08:23:33 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: DHL (Transportation)

88 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 boolean| credentialless function| gtag object| dataLayer function| ym object| FT_OBJ function| loadCSS object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga function| onYouTubeIframeAPIReady object| gaGlobal object| gaplugins object| gaData object| Ya object| yaCounter73220287 function| jlooper object| CryptoJS object| CryptoJSAesJson object| Base64 function| af function| PositiveNumber function| myTrim function| isURL function| isObject function| uniqArr function| validtracking function| is_validID function| cjd function| ddwj function| gtk function| createCookie function| readCookie function| eraseCookie function| tryDecodeURIComponent function| isDefined function| IsJsonString function| $ function| jQuery object| lazySizes function| $_GET function| parseKeyValue function| CodeMirror function| tabs function| _popup object| cm function| ajaxRequest function| close_dialog function| resize_dialog function| ini_dialog function| update_dialog function| setCarrier object| google_js_reporting_queue number| google_srt object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac object| google_persistent_state_async boolean| google_measure_js_timing object| google_reactive_ads_global_state object| adsbygoogle string| google_user_agent_client_hint object| google_sa_queue function| google_process_slots boolean| google_apltlad function| google_spfd number| google_lpabyc number| google_unique_id object| google_sv_map object| google_ama_state number| google_rum_task_id_counter function| google_sa_impl object| googleToken object| googleIMState boolean| _gfp_p_ function| processGoogleToken number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages object| GoogleGcLKhOms object| google_image_requests object| googletag

19 Cookies

Domain/Path Name / Value
.4tracking.net/ Name: _ga_4LD9851YLQ
Value: GS1.1.1683275007.1.0.1683275007.0.0.0
.4tracking.net/ Name: _ga
Value: GA1.2.962754724.1683275008
.4tracking.net/ Name: _gid
Value: GA1.2.998473871.1683275008
.4tracking.net/ Name: _gat_gtag_UA_166841275_1
Value: 1
.4tracking.net/ Name: _ym_uid
Value: 1683275008685913442
.4tracking.net/ Name: _ym_d
Value: 1683275008
.mc.yandex.com/ Name: sync_cookie_csrf
Value: 1171642132fake
.4tracking.net/ Name: _ym_isad
Value: 2
.mc.yandex.ru/ Name: sync_cookie_csrf
Value: 2294814901fake
mc.yandex.com/ Name: yabs-sid
Value: 1640158011683275008
.yandex.com/ Name: i
Value: SfUTXrPNtxYuL77VGNuvpHO/eVBUqptgkZbOGa0w0wHYbEB2e7gGOyCN+6loirzUVXfrsm7lauy3VQl/pzzvX+X+woQ=
.yandex.com/ Name: yandexuid
Value: 7012290461683275008
.yandex.com/ Name: yuidss
Value: 7012290461683275008
.yandex.com/ Name: ymex
Value: 1714811008.yc.1683275008#1714811008.yrts.1683275008#1714811008.yrtsi.1683275008
.yandex.com/ Name: bh
Value: KgI/MA==
.4tracking.net/ Name: __gads
Value: ID=6f90b120ca5d0f93-229f6465bedd0057:T=1683275008:RT=1683275008:S=ALNI_MZQnl6h02EpXKJWdDBgebHgHkND2g
.4tracking.net/ Name: __gpi
Value: UID=00000bf663d1ed45:T=1683275008:RT=1683275008:S=ALNI_MZMQ3xFx6JllZ1KJBfFvuFeehvvLA
.doubleclick.net/ Name: IDE
Value: AHWqTUkOAPvUnlNPqVx0tFD8UuiCcttekwHY3zAQau4t6GfhN5Iyaj3RXxLCcdi_4fI
.doubleclick.net/ Name: DSID
Value: NO_DATA

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

4tracking.net
adservice.google.com
adservice.google.de
dmws6zo5g7pcv.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
mc.yandex.com
mc.yandex.ru
pagead2.googlesyndication.com
partner.googleadservices.com
region1.google-analytics.com
tpc.googlesyndication.com
www.4tracking.net
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
2001:4860:4802:34::36
2600:9000:223f:a200:7:39c0:7c0:21
2606:4700:3033::6815:275
2a00:1450:4001:800::2002
2a00:1450:4001:802::2002
2a00:1450:4001:80b::2001
2a00:1450:4001:80b::2008
2a00:1450:4001:80f::2004
2a00:1450:4001:811::2002
2a00:1450:4001:813::2002
2a00:1450:4001:827::200e
2a00:1450:4001:82b::2002
2a00:1450:4001:82b::2003
2a00:1450:4001:82b::200a
2a00:1450:4001:831::2003
2a02:6b8::1:119
07fcca520be35d667be1609db403289fb0abf3d3ef26afade401d391d9299a4a
0db09a391baac16aac73981e79e3e633568e827ea1ccf14df6418c6c06f0424f
0dd17dd7ad7f943d8e6ca96d71aac8c51c849972a7d513f44b4610df0628e879
10a68e01209d939afa9318ee71601b0a6e10f025d4cd6d98a492d340b73941fb
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
28df7da4aa712323b65cbceabded81777805223bedd32f6ac5f7a5c31365fb25
291dd884f4e40a1a76f756adf2da11bcd369a054573da7f455e533e306f9c471
29e4c24a2fa1b6c2218b217e252a8d838cb65819a3b959a73c1a3565067ec0d9
2ba4822e338fdd56532a0ee740aebb6415f5853f5f55425c584bbfa20232bd57
2c839e6966a8fc1a5efa387397e910918ae859d980e42b0763a17b7a8c0b005f
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
37bf03c73c9cb5dd26189cdf94b1eea28e91956ddadeca9e6f6dbdd630d44699
386a0486e50aeb2e12ea21fcb15c785b93d83fa2739e425d834a389038578eab
3dac1ed800c6eac116cc9b4401034d759594c69fe39a7a4bbc8b8a05d19d030c
3ef3f7f2ef974d7690d16e36e4598cfb649eab643d0490257d10271a2d3108ac
3f9f546baec3fbb93af4453a98590a8e24bdc74fad166220c44aa051e4cf9dbc
424608008607b39674e00bca2428b48325f526d231ed04887c653decdd5ab445
45a61a04904fc2115c440a349a65dc93d2965b0b24dc5a8172bd8b792bdbf103
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
586c099a757627b53f44ceb074ded074aad6b7f5be072baa2e49629f0c552d22
5aeff5501617f2cb02daf2cca4a6dbe95f4b6ba4460f0a2a4d0ed2a131d7214d
5dd15667324ece0bfda84551cea4bb1d8b2acc06ffb06382e0e1cac83fed6c90
5f0668649977e9ecf834f8d2632be25ca35d3edac697774ec1a51640d9b3c996
6102d04c941d6210d46440fa9b49fd2e9c306044191f4d804235e467dbd128ec
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
650d4cf8d49a2d6ea2225fed9729a014cee737704311c8ac56ca613261495668
68c24818c6f6154da2512ad8c5e7a65e807515b77bd20181bb7b1fa9dce174dc
69fe2095aa8eb0968f01a97d73aa29888f499ed9727eb4ab41426e5a595567d1
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6e6d7ff7829bfa422d2a4f4151f62fa9281e974763c8089c52766f64bcc1ba64
7d25d283cffb27454f0defc451d2f1d42ea8ce681aa56a395817871b895420cd
7d6e5d1bbd1eb1dccde29043833a9e31bfc6b3d62c096f681e81cf0e4976675d
7d784d7f7f94e5a9339af2407aee24dc7f831c2bcf9a466873ad3bd264975a80
7ecc8f7948d19b7bc65ceaec9d6b42b8d1bd8e00ffd0a99359cf298d2912f44f
804c3aa6184b3009516c9330c448306ce0a8861d7deb244ff5881aff79cebe3e
858210ab243d1ab89ceb89864d3f07ef3d3fd2946a65842a6e6b62fc5166c955
8d9b4b794affc5daf4eafa12e0c6294ab31aaeed330886145676bd6b832e8b98
9bede90624851ed107c8c9c95eac1abc5d99a065129b6cadeaa0a12137011eed
a3208f29d81ac1b864d1e2b65dca1a1b19443de4b29f0f4a91882e64ed5294e7
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
ae6ad5e2a9cb266f689ad8463c67f9b7da15432c911f2921ba7f33603fbccc72
b1289ccca476df0a33259965671579525261926bf8ea0a9f4fb3ba67535c4f69
b5b33956a685abfb1f8f3dbeb318600204952fbeda827b252add64721e02d691
bc5ceb62932646b61fc1724ae1280fca194feeaf470f89de876056531ecf9150
bde129d054b39c1c28483ca6bb88e16742f4d6b3d2cedaf7fb2af5f201471fd5
c0acd32e2d4ee35ebc9307debe66ca22971302ebcc2758d6370a5f106feebf04
c560777099eaee85b8b70876660aaec906d2c34b3d95a7be54835c7578202b68
c92bba1d7ac0690363e7de5af3343e1f9048da7cd5402371a8be3eadfe751551
cad0665838239c3131cb1c2c167e98a2da46b4d2074e88df81ba5ba9a5f20071
cb97badeb08d7f30d333fd8bd238a615e1e40165d76f9f34d4ed3a0050e3c588
d108caa0362a6f440847dd0e29015022d163d44e662ca14d1725eaf4f9dbb54e
d48ce98c517477b521a4aef635b943cac461fc3b6f52b4f4b6fbe0d83a6e06d4
d6730a05e9d8fe70d4ee3f56ef8124382f7d61d4eed429257f9401814cfbcd42
d6bbcca6a56e95bfdac0eaedc26c740c6e999a8d823acb4eda3b52500e3538af
dbe21c3c1f5415a40c7af9b0441a8515ac4a160ac5f4149717c3288046cda78e
e0be8ceb2d04986e171369b3adac55b939dd5aa721857190ed77868420c95b59
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e41bf711499a80a6fe2535f793bbe6d41d8d8e747cfd7eb1b2cfa6b5e39d0427
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
eb7a209e3af2f5e7045a326f81414b39f02551eb158e859c190a7a84db7c4d5d
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f4a84757ad23fc860151a83a98fa94790d0a8440e3b623c1abba40ee4a70ddcc
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
ff70c9bc4650cf5e6b12d1feaa7af29ebf0681993fc0c5ffe3658cea0dbd5403