urlscan.io logo urlscan.io
SecurityTrails logo

185.141.195.200 Open in urlscan Pro
185.141.195.200  Public Scan

Go To Rescan Add Verdict Report
URL: http://185.141.195.200/
Submission: On July 29 via manual from GR — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 25 IPs in 6 countries across 14 domains to perform 154 HTTP transactions. The main IP is 185.141.195.200, located in United Kingdom and belongs to SHARKTECH, US. The main domain is 185.141.195.200.
This is the only time 185.141.195.200 was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
46 185.141.195.200 46844 (SHARKTECH)
3 2a00:1450:400... 15169 (GOOGLE)
12 2a00:1450:400... 15169 (GOOGLE)
8 35.158.152.210 16509 (AMAZON-02)
4 2a00:1450:400... 15169 (GOOGLE)
2 3 54.171.27.201 16509 (AMAZON-02)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
4 2.16.202.122 20940 (AKAMAI-ASN1)
2 2a00:1450:400... 15169 (GOOGLE)
2 142.250.186.134 15169 (GOOGLE)
1 116.203.90.127 24940 (HETZNER-AS)
2 2001:4860:480... 15169 (GOOGLE)
4 2600:9000:223... 16509 (AMAZON-02)
8 2600:1f18:1ac... 14618 (AMAZON-AES)
1 2001:4860:480... 15169 (GOOGLE)
22 2a00:1450:400... 15169 (GOOGLE)
7 2a00:1450:400... 15169 (GOOGLE)
4 3.64.163.89 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
4 142.250.185.162 15169 (GOOGLE)
8 78.159.97.6 28753 (LEASEWEB-...)
1 146.59.47.10 16276 (OVH)
1 2a00:1450:400... 15169 (GOOGLE)
154 25
46    185.141.195.200 (United Kingdom)

ASN46844 (SHARKTECH, US)
185.141.195.200
3    2a00:1450:4001:82b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
12    2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
8    35.158.152.210 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-158-152-210.eu-central-1.compute.amazonaws.com
bs.serving-sys.com
4    2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
3    54.171.27.201 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-171-27-201.eu-west-1.compute.amazonaws.com
fw.adsafeprotected.com
1    2606:4700:10::ac43:d6b (United States)

ASN13335 (CLOUDFLARENET, US)
static.adman.gr
4    2.16.202.122 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-202-122.deploy.static.akamaitechnologies.com
secure-ds.serving-sys.com
2    2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
2    142.250.186.134 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f6.1e100.net
ad.doubleclick.net
1    116.203.90.127 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.127.90.203.116.clients.your-server.de
cdn.cookie-script.com
2    2001:4860:4802:34::178 (United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
4    2600:9000:223f:3c00:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
static.adsafeprotected.com
8    2600:1f18:1aca:4280:8e57:d2c2:3e3a:7dc0 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
dt.adsafeprotected.com
1    2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
22    2a00:1450:4001:82a::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
7    2a00:1450:4001:810::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
4    3.64.163.89 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-64-163-89.eu-central-1.compute.amazonaws.com
lm.serving-sys.com
1    2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
partner.googleadservices.com
1    2a00:1450:400c:c1b::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
4    142.250.185.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f2.1e100.net
googleads4.g.doubleclick.net
8    78.159.97.6 (Frankenthal, Germany)

ASN28753 (LEASEWEB-DE-FRA-10, DE)
PTR: hosted-by.leaseweb.com
servedbyadbutler.com
1    146.59.47.10 (France)

ASN16276 (OVH, FR)
PTR: naboo.phaistosnetworks.gr
x.grxchange.gr
1    2a00:1450:4001:806::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
Apex Domain
Subdomains		 Transfer
22 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 311
351 KB
19 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 130
tpc.googlesyndication.com — Cisco Umbrella Rank: 155
ade.googlesyndication.com Failed
292 KB
16 serving-sys.com
bs.serving-sys.com — Cisco Umbrella Rank: 1346
secure-ds.serving-sys.com — Cisco Umbrella Rank: 2256
lm.serving-sys.com — Cisco Umbrella Rank: 2331
181 KB
15 adsafeprotected.com
fw.adsafeprotected.com — Cisco Umbrella Rank: 886
static.adsafeprotected.com — Cisco Umbrella Rank: 595
dt.adsafeprotected.com — Cisco Umbrella Rank: 559
124 KB
9 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 55
ad.doubleclick.net — Cisco Umbrella Rank: 183
stats.g.doubleclick.net — Cisco Umbrella Rank: 114
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 347
65 KB
8 servedbyadbutler.com
servedbyadbutler.com — Cisco Umbrella Rank: 16168
85 KB
4 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 213
139 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 58
region1.google-analytics.com — Cisco Umbrella Rank: 1914
21 KB
3 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 73
199 KB
1 google.com
www.google.com — Cisco Umbrella Rank: 3
1 KB
1 grxchange.gr
x.grxchange.gr — Cisco Umbrella Rank: 75463
607 B
1 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 1196
602 B
1 cookie-script.com
cdn.cookie-script.com — Cisco Umbrella Rank: 30678
18 KB
1 adman.gr
static.adman.gr — Cisco Umbrella Rank: 68095
70 KB
154 14
Domain Requested by
22 s0.2mdn.net ad.doubleclick.net
s0.2mdn.net
185.141.195.200
servedbyadbutler.com
12 pagead2.googlesyndication.com 185.141.195.200
pagead2.googlesyndication.com
ad.doubleclick.net
tpc.googlesyndication.com
www.googletagservices.com
8 servedbyadbutler.com 185.141.195.200
servedbyadbutler.com
8 dt.adsafeprotected.com 185.141.195.200
8 bs.serving-sys.com 185.141.195.200
secure-ds.serving-sys.com
7 tpc.googlesyndication.com ad.doubleclick.net
tpc.googlesyndication.com
pagead2.googlesyndication.com
4 googleads4.g.doubleclick.net ad.doubleclick.net
4 lm.serving-sys.com secure-ds.serving-sys.com
4 static.adsafeprotected.com 185.141.195.200
4 secure-ds.serving-sys.com bs.serving-sys.com
secure-ds.serving-sys.com
185.141.195.200
4 www.googletagservices.com 185.141.195.200
www.googletagservices.com
s0.2mdn.net
3 fw.adsafeprotected.com 2 redirects 185.141.195.200
3 www.googletagmanager.com 185.141.195.200
www.googletagmanager.com
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 ad.doubleclick.net www.googletagservices.com
2 googleads.g.doubleclick.net pagead2.googlesyndication.com
1 www.google.com tpc.googlesyndication.com
1 x.grxchange.gr static.adman.gr
1 stats.g.doubleclick.net www.google-analytics.com
1 partner.googleadservices.com pagead2.googlesyndication.com
1 region1.google-analytics.com www.googletagmanager.com
1 cdn.cookie-script.com www.googletagmanager.com
1 static.adman.gr 185.141.195.200
0 ade.googlesyndication.com Failed 185.141.195.200
154 24
Subject Issuer Validity Valid
*.google-analytics.com
GTS CA 1C3		 2023-07-10 -
2023-10-02		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-07-10 -
2023-10-02		 3 months crt.sh
bs.serving-sys.com
Amazon RSA 2048 M02		 2023-03-11 -
2024-04-08		 a year crt.sh
fw.adsafeprotected.com
Amazon RSA 2048 M02		 2023-03-29 -
2024-04-27		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-05-18 -
2024-05-17		 a year crt.sh
secure-ds.serving-sys.com
R3		 2023-07-11 -
2023-10-09		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2023-07-10 -
2023-10-02		 3 months crt.sh
*.cookie-script.com
Sectigo RSA Domain Validation Secure Server CA		 2022-08-18 -
2023-09-18		 a year crt.sh
static.adsafeprotected.com
Amazon RSA 2048 M02		 2023-07-07 -
2024-08-04		 a year crt.sh
dt.adsafeprotected.com
Amazon RSA 2048 M02		 2023-05-09 -
2024-06-07		 a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-07-10 -
2023-10-02		 3 months crt.sh
lm.serving-sys.com
Amazon RSA 2048 M01		 2023-02-14 -
2024-02-15		 a year crt.sh
*.googleadservices.com
GTS CA 1C3		 2023-07-10 -
2023-10-02		 3 months crt.sh
servedbyadbutler.com
Sectigo RSA Domain Validation Secure Server CA		 2023-07-21 -
2024-01-03		 5 months crt.sh
*.grxchange.gr
Sectigo RSA Domain Validation Secure Server CA		 2022-10-03 -
2023-10-15		 a year crt.sh
www.google.com
GTS CA 1C3		 2023-07-10 -
2023-10-02		 3 months crt.sh

This page contains 15 frames:

Primary Page: http://185.141.195.200/
Frame ID: 51769CA0A871C84694026A4560E7D298
Requests: 100 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230726/r20190131/zrt_lookup.html
Frame ID: 819DF75E17A9B161A9ED52697B198ED5
Requests: 1 HTTP requests in this frame

Frame: https://ad.doubleclick.net/ddm/adi/N728603.3690221MANIFESTO.GR/B29146169.361336880;dc_ver=96.284;sz=300x250;u_sd=1;dc_adk=3864562868;ord=762hvj;dc_rfl=0,http%3A%2F%2F185.141.195.200%2F$0;xdt=0;crlt=U0OnqjSkV*;stc=1;sttr=95;prcl=s
Frame ID: F32A3B0F55EFBA9157470A5B87DA8A88
Requests: 9 HTTP requests in this frame

Frame: https://ad.doubleclick.net/ddm/adi/N728603.3690221MANIFESTO.GR/B29146169.361336880;dc_ver=96.284;dc_eid=40004000;sz=300x250;u_sd=1;dc_adk=1005484538;ord=c5jnof;dc_rfl=0,http%3A%2F%2F185.141.195.200%2F$0;xdt=0;crlt=U0OnqjSkV*;stc=1;sttr=4;prcl=s
Frame ID: 3B14CDC5B31281BFF924485601079067
Requests: 7 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: 396D75B5DB4884AD8511D83EA7A4312F
Requests: 1 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: 6EAFA9AF99100DB12FE03830BD909753
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2897426462420411&output=html&adk=1812271804&adf=3025194257&lmt=1690628206&plat=3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=http%3A%2F%2F185.141.195.200%2F&ea=0&pra=5&wgl=1&dt=1690628206130&bpp=4&bdt=498&idt=317&shv=r20230726&mjsv=m202307200101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1856380323681&frm=20&pv=2&ga_vid=867471191.1690628206&ga_sid=1690628206&ga_hid=191524434&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C31076340%2C31076343%2C31076446%2C31076509%2C44788441%2C21065725%2C44797784&oid=2&pvsid=3576276964665481&tmod=1318348193&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=1&uci=a!1&fsb=1&dtd=332
Frame ID: DD120C416BEA4AAFC7835459C32378E7
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: CE08C0C522C79D1C8584CAE858959056
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/6208020751271044958/index.html?ev=01_250
Frame ID: DB2CA5AF2048C97C5D352AC7EA1BE669
Requests: 11 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 9227CD3D4DC3EBB48E218589CC768518
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/13458257475971390350/index.html?ev=01_250
Frame ID: AD52D02F8BF916FC8E71E5B79E01ABC8
Requests: 9 HTTP requests in this frame

Frame: https://servedbyadbutler.com/creative-179386-3902195/index.html?clickTag=https%3A%2F%2Fservedbyadbutler.com%2Fredirect.spark%3FMID%3D179386%26plid%3D2141822%26setID%3D622092%26channelID%3D0%26CID%3D785344%26banID%3D521190906%26PID%3D0%26textadID%3D0%26tc%3D1%26adSize%3D300x250%26mt%3D1690628207095044%26sw%3D1600%26sh%3D1200%26spr%3D1%26referrer%3Dhttp%253A%252F%252F185.141.195.200%252F%26hc%3D2882881a8b59668da5220bca36bdecc86aec378a%26location%3D&clicktag=https%3A%2F%2Fservedbyadbutler.com%2Fredirect.spark%3FMID%3D179386%26plid%3D2141822%26setID%3D622092%26channelID%3D0%26CID%3D785344%26banID%3D521190906%26PID%3D0%26textadID%3D0%26tc%3D1%26adSize%3D300x250%26mt%3D1690628207095044%26sw%3D1600%26sh%3D1200%26spr%3D1%26referrer%3Dhttp%253A%252F%252F185.141.195.200%252F%26hc%3D2882881a8b59668da5220bca36bdecc86aec378a%26location%3D&__ab_location=https%3A%2F%2Fservedbyadbutler.com%2Fredirect.spark%3FMID%3D179386%26plid%3D2141822%26setID%3D622092%26channelID%3D0%26CID%3D785344%26banID%3D521190906%26PID%3D0%26textadID%3D0%26tc%3D1%26adSize%3D300x250%26mt%3D1690628207095044%26sw%3D1600%26sh%3D1200%26spr%3D1%26referrer%3Dhttp%253A%252F%252F185.141.195.200%252F%26hc%3D2882881a8b59668da5220bca36bdecc86aec378a%26location%3D&__ab_zone_id=622092&__ab_zone_name=tomanifesto.gr_300x250_Pepattikhs&__ab_publisher_id=91849&__ab_publisher_name=tomanifesto.gr&__ab_campaign_id=785344&__ab_campaign_name=Pep%20Attikhs%20Summer&__ab_advertiser_id=184399&__ab_advertiser_name=PEP%20Attikis&__ab_banner_id=521190906&__ab_extra_data=&sw=1600&sh=1200&spr=1
Frame ID: B29E9309AEBF7C73FBF251675665FF28
Requests: 2 HTTP requests in this frame

Frame: https://servedbyadbutler.com/creative-179386-3902155/index.html?clickTag=https%3A%2F%2Fservedbyadbutler.com%2Fredirect.spark%3FMID%3D179386%26plid%3D2141822%26setID%3D622092%26channelID%3D0%26CID%3D785344%26banID%3D521190904%26PID%3D0%26textadID%3D0%26tc%3D1%26adSize%3D300x250%26mt%3D1690628207159792%26sw%3D1600%26sh%3D1200%26spr%3D1%26referrer%3Dhttp%253A%252F%252F185.141.195.200%252F%26hc%3Da1f50cad1397c422cbc1ea3e1d137bc5543209c0%26location%3D&clicktag=https%3A%2F%2Fservedbyadbutler.com%2Fredirect.spark%3FMID%3D179386%26plid%3D2141822%26setID%3D622092%26channelID%3D0%26CID%3D785344%26banID%3D521190904%26PID%3D0%26textadID%3D0%26tc%3D1%26adSize%3D300x250%26mt%3D1690628207159792%26sw%3D1600%26sh%3D1200%26spr%3D1%26referrer%3Dhttp%253A%252F%252F185.141.195.200%252F%26hc%3Da1f50cad1397c422cbc1ea3e1d137bc5543209c0%26location%3D&__ab_location=https%3A%2F%2Fservedbyadbutler.com%2Fredirect.spark%3FMID%3D179386%26plid%3D2141822%26setID%3D622092%26channelID%3D0%26CID%3D785344%26banID%3D521190904%26PID%3D0%26textadID%3D0%26tc%3D1%26adSize%3D300x250%26mt%3D1690628207159792%26sw%3D1600%26sh%3D1200%26spr%3D1%26referrer%3Dhttp%253A%252F%252F185.141.195.200%252F%26hc%3Da1f50cad1397c422cbc1ea3e1d137bc5543209c0%26location%3D&__ab_zone_id=622092&__ab_zone_name=tomanifesto.gr_300x250_Pepattikhs&__ab_publisher_id=91849&__ab_publisher_name=tomanifesto.gr&__ab_campaign_id=785344&__ab_campaign_name=Pep%20Attikhs%20Summer&__ab_advertiser_id=184399&__ab_advertiser_name=PEP%20Attikis&__ab_banner_id=521190904&__ab_extra_data=&sw=1600&sh=1200&spr=1
Frame ID: DCC0619139FBCDE39DA0C5D62D8EECDF
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: E7A518F8A677BF5AB39E424C9B6D76A7
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 6867798FCF6910F5A40E2F53B45AB6F7
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

toManifesto.gr | Καθημερινή Πολιτική Εφημερίδα

Detected technologies

Overall confidence: 75%
Detected patterns
  • <[^>]+[^\w-]x-data[^\w-][^<]+
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • serving-sys\.com/

Page Statistics

154
Requests

63 %
HTTPS

58 %
IPv6

14
Domains

24
Subdomains

25
IPs

6
Countries

3139 kB
Transfer

6575 kB
Size

3
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 40
  • https://fw.adsafeprotected.com/rfw/track.adform.net/1555162/72607590/adfscript/?bn=66210563&adsafe_url=http%3A%2F%2F185.141.195.200%2F&adsafe_type=abdfq&adsafe_jsinfo=,id:bac8b3f7-1b35-4a69-8b62-c2d06e726a60,c:jKJc17,sl:outOfView,em:false,fr:true,thd:1,mn:jsserver-primary-7bdf49c444-bhdxd,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:0.0.1.1,am:s,cc:0.0.0.0,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,oam:0,scm:grpm1,mtim:2,mot:0,app:0,maw:0,fm:tLozF0g+1*.1555162-72607590%7C11%7C12%7C13,idMap:1*,pl:CV8L.VEBo.0YtC,rmeas:0,rend:0,renddet:na,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:1,tt:rjss,et:18,oid:9c2c83a4-2dfe-11ee-9f93-4a068d711491,v:19.8.434,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
  • https://static.adsafeprotected.com/skeleton.js
Request Chain 51
  • https://fw.adsafeprotected.com/rfw/track.adform.net/1555162/72607590/adfscript/?bn=66210563&adsafe_url=http%3A%2F%2F185.141.195.200%2F&adsafe_type=abdfq&adsafe_jsinfo=,id:da6f0317-3621-01e1-79cb-ed2a6d279a62,c:jKJc49,sl:outOfView,em:false,fr:true,thd:1,mn:jsserver-primary-7bdf49c444-bhdxd,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:0.0.1.1,am:s,cc:0.0.0.0,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,oam:0,scm:grpm1,mtim:0,mot:0,app:0,maw:0,fm:tLozF3u+1*.1555162-72607590%7C11%7C12%7C13%7C14,idMap:1*,pl:CV8L.VEBo.0YtC,rmeas:0,rend:0,renddet:na,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:1,tt:rjss,et:6,oid:9c2c83a4-2dfe-11ee-9f93-4a068d711491,v:19.8.434,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
  • https://static.adsafeprotected.com/skeleton.js

154 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
185.141.195.200/ 		143 KB
23 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://185.141.195.200/
Protocol
HTTP/1.1
Server
185.141.195.200 , United Kingdom, ASN46844 (SHARKTECH, US),
Reverse DNS
Software
LiteSpeed /
Resource Hash
ac3e84b0fe6c7f0496f115a52c1d65c1664005d096fb5dc7ecabd72a385c2314
Security Headers
Name Value
Strict-Transport-Security max-age=5; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block;

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
Keep-Alive
Keep-Alive
timeout=5, max=100
cache-control
no-cache, private
content-encoding
gzip
content-type
text/html; charset=UTF-8
cross-origin-embedder-policy
unsafe-none;
cross-origin-opener-policy
same-origin-allow-popups;
cross-origin-resource-policy
same-origin;
date
Sat, 29 Jul 2023 10:56:45 GMT
permissions-policy
geolocation=(self), payment=(self)
referrer-policy
strict-origin-when-cross-origin
server
LiteSpeed
strict-transport-security
max-age=5; includeSubDomains
transfer-encoding
chunked
vary
Accept-Encoding
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-litespeed-cache
hit
x-permitted-cross-domain-policies
none;
x-xss-protection
1; mode=block;
GeorgiaPro-Black.ttf
185.141.195.200/tomanifesto/css/fonts/georgia-pro/ 		128 KB
129 KB 		Font
General
Check archive.org
Download Go to
Full URL
http://185.141.195.200/tomanifesto/css/fonts/georgia-pro/GeorgiaPro-Black.ttf
Requested by
Host: 185.141.195.200
URL: http://185.141.195.200/
Protocol
HTTP/1.1
Server
185.141.195.200 , United Kingdom, ASN46844 (SHARKTECH, US),
Reverse DNS
Software
LiteSpeed /
Resource Hash
623ee4efb968667a025a5cbbd9aecec24589a452c0dff52c9906b4ae7e3defd8
Security Headers
Name Value
Strict-Transport-Security max-age=5; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block;

Request headers

Referer
http://185.141.195.200/
Origin
http://185.141.195.200
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Sat, 29 Jul 2023 10:56:45 GMT
strict-transport-security
max-age=5; includeSubDomains
x-content-type-options
nosniff
x-permitted-cross-domain-policies
none;
cross-origin-embedder-policy
unsafe-none;
cross-origin-resource-policy
same-origin;
Connection
Keep-Alive
content-length
131292
x-xss-protection
1; mode=block;
referrer-policy
strict-origin-when-cross-origin
last-modified
Fri, 28 Jul 2023 10:38:09 GMT
server
LiteSpeed
cross-origin-opener-policy
same-origin-allow-popups;
etag
"200dc-64c39a91-da034c11718635a4;;;"
x-frame-options
SAMEORIGIN
content-type
application/x-font-ttf
access-control-allow-origin
*
cache-control
max-age=31536000, public
access-control-allow-credentials
false
permissions-policy
geolocation=(self), payment=(self)
accept-ranges
bytes
Keep-Alive
timeout=5, max=100
access-control-allow-headers
x-requested-with
expires
Sat, 05 Aug 2023 10:56:45 GMT
GeorgiaPro-Semibold.ttf
185.141.195.200/tomanifesto/css/fonts/georgia-pro/ 		127 KB
128 KB 		Font
General
Check archive.org
Download Go to
Full URL
http://185.141.195.200/tomanifesto/css/fonts/georgia-pro/GeorgiaPro-Semibold.ttf
Requested by
Host: 185.141.195.200
URL: http://185.141.195.200/
Protocol
HTTP/1.1
Server
185.141.195.200 , United Kingdom, ASN46844 (SHARKTECH, US),
Reverse DNS
Software
LiteSpeed /
Resource Hash
b1dc96d4d60f5a6f3eb20a7f52df75cd7bcd23e6bbd2fba272bc703cffe2ae7d
Security Headers
Name Value
Strict-Transport-Security max-age=5; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block;

Request headers

Referer
http://185.141.195.200/
Origin
http://185.141.195.200
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Sat, 29 Jul 2023 10:56:45 GMT
strict-transport-security
max-age=5; includeSubDomains
x-content-type-options
nosniff
x-permitted-cross-domain-policies
none;
cross-origin-embedder-policy
unsafe-none;
cross-origin-resource-policy
same-origin;
Connection
Keep-Alive
content-length
130328
x-xss-protection
1; mode=block;
referrer-policy
strict-origin-when-cross-origin
last-modified
Fri, 28 Jul 2023 10:38:09 GMT
server
LiteSpeed
cross-origin-opener-policy
same-origin-allow-popups;
etag
"1fd18-64c39a91-cde60742275fd8b6;;;"
x-frame-options
SAMEORIGIN
content-type
application/x-font-ttf
access-control-allow-origin
*
cache-control
max-age=31536000, public
access-control-allow-credentials
false
permissions-policy
geolocation=(self), payment=(self)
accept-ranges
bytes
Keep-Alive
timeout=5, max=100
access-control-allow-headers
x-requested-with
expires
Sat, 05 Aug 2023 10:56:45 GMT
Averta-Regular.otf
185.141.195.200/tomanifesto/css/fonts/averta/ 		198 KB
199 KB 		Font
General
Check archive.org
Download Go to
Full URL
http://185.141.195.200/tomanifesto/css/fonts/averta/Averta-Regular.otf
Requested by
Host: 185.141.195.200
URL: http://185.141.195.200/
Protocol
HTTP/1.1
Server
185.141.195.200 , United Kingdom, ASN46844 (SHARKTECH, US),
Reverse DNS
Software
LiteSpeed /
Resource Hash
4cbcc122a9680f3d757b5c2a5eaed7ef17192cd62d2845107a54524bf7a831ff
Security Headers
Name Value
Strict-Transport-Security max-age=5; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block;

Request headers

Referer
http://185.141.195.200/
Origin
http://185.141.195.200
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Sat, 29 Jul 2023 10:56:45 GMT
strict-transport-security
max-age=5; includeSubDomains
x-content-type-options
nosniff
x-permitted-cross-domain-policies
none;
cross-origin-embedder-policy
unsafe-none;
cross-origin-resource-policy
same-origin;
Connection
Keep-Alive
content-length
202292
x-xss-protection
1; mode=block;
referrer-policy
strict-origin-when-cross-origin
last-modified
Fri, 28 Jul 2023 10:38:09 GMT
server
LiteSpeed
cross-origin-opener-policy
same-origin-allow-popups;
etag
"31634-64c39a91-7c44fe08ce2a3a3a;;;"
x-frame-options
SAMEORIGIN
content-type
application/x-font-woff
access-control-allow-origin
*
cache-control
max-age=31536000, public
access-control-allow-credentials
false
permissions-policy
geolocation=(self), payment=(self)
accept-ranges
bytes
Keep-Alive
timeout=5, max=100
access-control-allow-headers
x-requested-with
Averta-Semibold.otf
185.141.195.200/tomanifesto/css/fonts/averta/ 		192 KB
193 KB 		Font
General
Check archive.org
Download Go to
Full URL
http://185.141.195.200/tomanifesto/css/fonts/averta/Averta-Semibold.otf
Requested by
Host: 185.141.195.200
URL: http://185.141.195.200/
Protocol
HTTP/1.1
Server
185.141.195.200 , United Kingdom, ASN46844 (SHARKTECH, US),
Reverse DNS
Software
LiteSpeed /
Resource Hash
d3b3307b1a649262024e7a6ab3818d24d52baad4366d72b683c08c4b6f1d5374
Security Headers
Name Value
Strict-Transport-Security max-age=5; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block;

Request headers

Referer
http://185.141.195.200/
Origin
http://185.141.195.200
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Sat, 29 Jul 2023 10:56:45 GMT
strict-transport-security
max-age=5; includeSubDomains
x-content-type-options
nosniff
x-permitted-cross-domain-policies
none;
cross-origin-embedder-policy
unsafe-none;
cross-origin-resource-policy
same-origin;
Connection
Keep-Alive
content-length
196464
x-xss-protection
1; mode=block;
referrer-policy
strict-origin-when-cross-origin
last-modified
Fri, 28 Jul 2023 10:38:09 GMT
server
LiteSpeed
cross-origin-opener-policy
same-origin-allow-popups;
etag
"2ff70-64c39a91-2b1f608b61ed342;;;"
x-frame-options
SAMEORIGIN
content-type
application/x-font-woff
access-control-allow-origin
*
cache-control
max-age=31536000, public
access-control-allow-credentials
false
permissions-policy
geolocation=(self), payment=(self)
accept-ranges
bytes
Keep-Alive
timeout=5, max=100
access-control-allow-headers
x-requested-with
Averta-Bold.otf
185.141.195.200/tomanifesto/css/fonts/averta/ 		199 KB
200 KB 		Font
General
Check archive.org
Download Go to
Full URL
http://185.141.195.200/tomanifesto/css/fonts/averta/Averta-Bold.otf
Requested by
Host: 185.141.195.200
URL: http://185.141.195.200/
Protocol
HTTP/1.1
Server
185.141.195.200 , United Kingdom, ASN46844 (SHARKTECH, US),
Reverse DNS
Software
LiteSpeed /
Resource Hash
3acfb12858ae2b33ba5dc39ef71c1be0a4f8a92c55d92c051defd5f77798d745
Security Headers
Name Value
Strict-Transport-Security max-age=5; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block;

Request headers

Referer
http://185.141.195.200/
Origin
http://185.141.195.200
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Sat, 29 Jul 2023 10:56:45 GMT
strict-transport-security
max-age=5; includeSubDomains
x-content-type-options
nosniff
x-permitted-cross-domain-policies
none;
cross-origin-embedder-policy
unsafe-none;
cross-origin-resource-policy
same-origin;
Connection
Keep-Alive
content-length
203640
x-xss-protection
1; mode=block;
referrer-policy
strict-origin-when-cross-origin
last-modified
Fri, 28 Jul 2023 10:38:09 GMT
server
LiteSpeed
cross-origin-opener-policy
same-origin-allow-popups;
etag
"31b78-64c39a91-5d25a6d8ff9bfd5e;;;"
x-frame-options
SAMEORIGIN
content-type
application/x-font-woff
access-control-allow-origin
*
cache-control
max-age=31536000, public
access-control-allow-credentials
false
permissions-policy
geolocation=(self), payment=(self)
accept-ranges
bytes
Keep-Alive
timeout=5, max=100
access-control-allow-headers
x-requested-with
Averta-ExtraBold.otf
185.141.195.200/tomanifesto/css/fonts/averta/ 		199 KB
200 KB 		Font
General
Check archive.org
Download Go to
Full URL
http://185.141.195.200/tomanifesto/css/fonts/averta/Averta-ExtraBold.otf
Requested by
Host: 185.141.195.200
URL: http://185.141.195.200/
Protocol
HTTP/1.1
Server
185.141.195.200 , United Kingdom, ASN46844 (SHARKTECH, US),
Reverse DNS
Software
LiteSpeed /
Resource Hash
5e713baa3fe8fa216c832e43690375a15d6b3da3ac8fd2e884075b2e3afe0f97
Security Headers
Name Value
Strict-Transport-Security max-age=5; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block;

Request headers

Referer
http://185.141.195.200/
Origin
http://185.141.195.200
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Sat, 29 Jul 2023 10:56:45 GMT
strict-transport-security
max-age=5; includeSubDomains
x-content-type-options
nosniff
x-permitted-cross-domain-policies
none;
cross-origin-embedder-policy
unsafe-none;
cross-origin-resource-policy
same-origin;
Connection
Keep-Alive
content-length
203636
x-xss-protection
1; mode=block;
referrer-policy
strict-origin-when-cross-origin
last-modified
Fri, 28 Jul 2023 10:38:09 GMT
server
LiteSpeed
cross-origin-opener-policy
same-origin-allow-popups;
etag
"31b74-64c39a91-17c8ed4d37448176;;;"
x-frame-options
SAMEORIGIN
content-type
application/x-font-woff
access-control-allow-origin
*
cache-control
max-age=31536000, public
access-control-allow-credentials
false
permissions-policy
geolocation=(self), payment=(self)
accept-ranges
bytes
Keep-Alive
timeout=5, max=100
access-control-allow-headers
x-requested-with
fonts.css
185.141.195.200/tomanifesto/css/fonts/ 		1 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://185.141.195.200/tomanifesto/css/fonts/fonts.css
Requested by
Host: 185.141.195.200
URL: http://185.141.195.200/
Protocol
HTTP/1.1
Server
185.141.195.200 , United Kingdom, ASN46844 (SHARKTECH, US),
Reverse DNS
Software
LiteSpeed /
Resource Hash
bb1495acf60837af4f954cae34eab05277db24ff46b9ff02b94de5cc7b5b343f
Security Headers
Name Value
Strict-Transport-Security max-age=5; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block;

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://185.141.195.200/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Sat, 29 Jul 2023 10:56:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=5; includeSubDomains
x-permitted-cross-domain-policies
none;
cross-origin-embedder-policy
unsafe-none;
cross-origin-resource-policy
same-origin;
Connection
Keep-Alive
content-length
266
x-xss-protection
1; mode=block;
referrer-policy
strict-origin-when-cross-origin
last-modified
Fri, 28 Jul 2023 10:38:09 GMT
server
LiteSpeed
cross-origin-opener-policy
same-origin-allow-popups;
etag
"4fc-64c39a91-3abf84d661a0e586;gz"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=604800
access-control-allow-credentials
false
permissions-policy
geolocation=(self), payment=(self)
accept-ranges
bytes
Keep-Alive
timeout=5, max=100
access-control-allow-headers
x-requested-with
expires
Sat, 05 Aug 2023 10:56:45 GMT
final-app.css
185.141.195.200/tomanifesto/css/ 		198 KB
40 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://185.141.195.200/tomanifesto/css/final-app.css?id=251039e48c93b23a74342272f63af975
Requested by
Host: 185.141.195.200
URL: http://185.141.195.200/
Protocol
HTTP/1.1
Server
185.141.195.200 , United Kingdom, ASN46844 (SHARKTECH, US),
Reverse DNS
Software
LiteSpeed /
Resource Hash
d5382c633930ac082b240a55e34bb0fb60a6c716a50d4670f0dcbcd517a250bb
Security Headers
Name Value
Strict-Transport-Security max-age=5; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block;

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://185.141.195.200/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Sat, 29 Jul 2023 10:56:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=5; includeSubDomains
x-permitted-cross-domain-policies
none;
cross-origin-embedder-policy
unsafe-none;
cross-origin-resource-policy
same-origin;
Connection
Keep-Alive
content-length
39958
x-xss-protection
1; mode=block;
referrer-policy
strict-origin-when-cross-origin
last-modified
Fri, 28 Jul 2023 10:38:09 GMT
server
LiteSpeed
cross-origin-opener-policy
same-origin-allow-popups;
etag
"319b5-64c39a91-d634e850fd25e029;gz"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=604800
access-control-allow-credentials
false
permissions-policy
geolocation=(self), payment=(self)
accept-ranges
bytes
Keep-Alive
timeout=5, max=100
access-control-allow-headers
x-requested-with
expires
Sat, 05 Aug 2023 10:56:45 GMT
lazyload.min.js
185.141.195.200/tomanifesto/js/lazyload/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://185.141.195.200/tomanifesto/js/lazyload/lazyload.min.js
Requested by
Host: 185.141.195.200
URL: http://185.141.195.200/
Protocol
HTTP/1.1
Server
185.141.195.200 , United Kingdom, ASN46844 (SHARKTECH, US),
Reverse DNS
Software
LiteSpeed /
Resource Hash
d98b92fee3045fb0e5c63ebe7f015c12bf1a950687062e66d6536a28076b7f84
Security Headers
Name Value
Strict-Transport-Security max-age=5; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block;

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://185.141.195.200/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Sat, 29 Jul 2023 10:56:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=5; includeSubDomains
x-permitted-cross-domain-policies
none;
cross-origin-embedder-policy
unsafe-none;
cross-origin-resource-policy
same-origin;
Connection
Keep-Alive
content-length
881
x-xss-protection
1; mode=block;
referrer-policy
strict-origin-when-cross-origin
last-modified
Fri, 28 Jul 2023 10:38:09 GMT
server
LiteSpeed
cross-origin-opener-policy
same-origin-allow-popups;
etag
"8a3-64c39a91-f9e7f42af59efb48;gz"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=604800
access-control-allow-credentials
false
permissions-policy
geolocation=(self), payment=(self)
accept-ranges
bytes
Keep-Alive
timeout=5, max=100
access-control-allow-headers
x-requested-with
expires
Sat, 05 Aug 2023 10:56:46 GMT
js
www.googletagmanager.com/gtag/ 		178 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-4213274-72
Requested by
Host: 185.141.195.200
URL: http://185.141.195.200/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
ac24bba792c7c508c2c851d5e21b6748c819d4c76dc5f69d43a8a1554cc26599
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://185.141.195.200/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Sat, 29 Jul 2023 10:56:45 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65891
x-xss-protection
0
last-modified
Sat, 29 Jul 2023 09:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 29 Jul 2023 10:56:45 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		144 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2897426462420411
Requested by
Host: 185.141.195.200
URL: http://185.141.195.200/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
df1b04cae9d73e1266eecd6ca81e5d60d23b86aa8b89eaaec7fb50c431fe8ed1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://185.141.195.200/
Origin
http://185.141.195.200
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Sat, 29 Jul 2023 10:56:46 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
50633
x-xss-protection
0
server
cafe
etag
2438529776106022742
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sat, 29 Jul 2023 10:56:46 GMT
logo.svg
185.141.195.200/tomanifesto/images/logos/ 		20 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://185.141.195.200/tomanifesto/images/logos/logo.svg
Requested by
Host: 185.141.195.200
URL: http://185.141.195.200/
Protocol
HTTP/1.1
Server
185.141.195.200 , United Kingdom, ASN46844 (SHARKTECH, US),
Reverse DNS
Software
LiteSpeed /
Resource Hash
a5fef59428995ef5e84de81c79216b2e245d55917311c5843a042481c48a4539
Security Headers
Name Value
Strict-Transport-Security max-age=5; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block;

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://185.141.195.200/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Sat, 29 Jul 2023 10:56:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=5; includeSubDomains
x-permitted-cross-domain-policies
none;
cross-origin-embedder-policy
unsafe-none;
cross-origin-resource-policy
same-origin;
Connection
Keep-Alive
content-length
8108
x-xss-protection
1; mode=block;
referrer-policy
strict-origin-when-cross-origin
last-modified
Fri, 28 Jul 2023 10:38:09 GMT
server
LiteSpeed
cross-origin-opener-policy
same-origin-allow-popups;
etag
"5066-64c39a91-29d716d859ac0ede;gz"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=604800
access-control-allow-credentials
false
permissions-policy
geolocation=(self), payment=(self)
accept-ranges
bytes
Keep-Alive
timeout=5, max=100
access-control-allow-headers
x-requested-with
expires
Sat, 05 Aug 2023 10:56:45 GMT
search.svg
185.141.195.200/tomanifesto/images/icons/ 		614 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://185.141.195.200/tomanifesto/images/icons/search.svg
Requested by
Host: 185.141.195.200
URL: http://185.141.195.200/
Protocol
HTTP/1.1
Server
185.141.195.200 , United Kingdom, ASN46844 (SHARKTECH, US),
Reverse DNS
Software
LiteSpeed /
Resource Hash
5848bc0db3a6c13be006506aa6ff6adc34e82a7952c42dbd24200560e5be0a30
Security Headers
Name Value
Strict-Transport-Security max-age=5; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block;

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://185.141.195.200/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Sat, 29 Jul 2023 10:56:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=5; includeSubDomains
x-permitted-cross-domain-policies
none;
cross-origin-embedder-policy
unsafe-none;
cross-origin-resource-policy
same-origin;
Connection
Keep-Alive
content-length
326
x-xss-protection
1; mode=block;
referrer-policy
strict-origin-when-cross-origin
last-modified
Fri, 28 Jul 2023 10:38:09 GMT
server
LiteSpeed
cross-origin-opener-policy
same-origin-allow-popups;
etag
"266-64c39a91-792ef0c377156c43;gz"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=604800
access-control-allow-credentials
false
permissions-policy
geolocation=(self), payment=(self)
accept-ranges
bytes
Keep-Alive
timeout=5, max=100
access-control-allow-headers
x-requested-with
expires
Sat, 05 Aug 2023 10:56:45 GMT
manif-2807-001-cmyk.jpg
185.141.195.200/portal-img/issue_thumb/58/ 		38 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://185.141.195.200/portal-img/issue_thumb/58/manif-2807-001-cmyk.jpg
Requested by
Host: 185.141.195.200
URL: http://185.141.195.200/
Protocol
HTTP/1.1
Server
185.141.195.200 , United Kingdom, ASN46844 (SHARKTECH, US),
Reverse DNS
Software
LiteSpeed /
Resource Hash
a2f141de760ee5872576a8311ef1b326463cff8e29f5b94803ac85a1c9de8be7
Security Headers
Name Value
Strict-Transport-Security max-age=5; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block;

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://185.141.195.200/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Sat, 29 Jul 2023 10:56:45 GMT
strict-transport-security
max-age=5; includeSubDomains
x-content-type-options
nosniff
x-permitted-cross-domain-policies
none;
cross-origin-embedder-policy
unsafe-none;
x-litespeed-cache
hit
cross-origin-resource-policy
same-origin;
Connection
Keep-Alive
content-length
39103
x-xss-protection
1; mode=block;
referrer-policy
strict-origin-when-cross-origin
server
LiteSpeed
cross-origin-opener-policy
same-origin-allow-popups;
etag
"108100-1690628108;;;"
x-frame-options
SAMEORIGIN
content-type
image/jpeg
cache-control
max-age=31536000, public
permissions-policy
geolocation=(self), payment=(self)
Keep-Alive
timeout=5, max=100
expires
Mon, 29 Jul 2024 13:55:08 GMT
fb.svg
185.141.195.200/tomanifesto/images/icons/socials/ 		968 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://185.141.195.200/tomanifesto/images/icons/socials/fb.svg
Requested by
Host: 185.141.195.200
URL: http://185.141.195.200/
Protocol
HTTP/1.1
Server
185.141.195.200 , United Kingdom, ASN46844 (SHARKTECH, US),
Reverse DNS
Software
LiteSpeed /
Resource Hash
c8501980637b40d9cecdc1a9198d5c9c6d055616e1fe8592d312e3be7199d4d8
Security Headers
Name Value
Strict-Transport-Security max-age=5; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block;

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://185.141.195.200/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Sat, 29 Jul 2023 10:56:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=5; includeSubDomains
x-permitted-cross-domain-policies
none;
cross-origin-embedder-policy
unsafe-none;
cross-origin-resource-policy
same-origin;
Connection
Keep-Alive
content-length
419
x-xss-protection
1; mode=block;
referrer-policy
strict-origin-when-cross-origin
last-modified
Fri, 28 Jul 2023 10:38:09 GMT
server
LiteSpeed
cross-origin-opener-policy
same-origin-allow-popups;
etag
"3c8-64c39a91-71d6ee74998d615f;gz"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=604800
access-control-allow-credentials
false
permissions-policy
geolocation=(self), payment=(self)
accept-ranges
bytes
Keep-Alive
timeout=5, max=100
access-control-allow-headers
x-requested-with
expires
Sat, 05 Aug 2023 10:56:45 GMT
instagram.svg
185.141.195.200/tomanifesto/images/icons/socials/ 		4 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://185.141.195.200/tomanifesto/images/icons/socials/instagram.svg
Requested by
Host: 185.141.195.200
URL: http://185.141.195.200/
Protocol
HTTP/1.1
Server
185.141.195.200 , United Kingdom, ASN46844 (SHARKTECH, US),
Reverse DNS
Software
LiteSpeed /
Resource Hash
2b83a5db2089d8908b63cf98bdd4a6080823311229c114bedd685cd4c4659704
Security Headers
Name Value
Strict-Transport-Security max-age=5; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block;

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://185.141.195.200/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Sat, 29 Jul 2023 10:56:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=5; includeSubDomains
x-permitted-cross-domain-policies
none;
cross-origin-embedder-policy
unsafe-none;
cross-origin-resource-policy
same-origin;
Connection
Keep-Alive
content-length
1643
x-xss-protection
1; mode=block;
referrer-policy
strict-origin-when-cross-origin
last-modified
Fri, 28 Jul 2023 10:38:09 GMT
server
LiteSpeed
cross-origin-opener-policy
same-origin-allow-popups;
etag
"10b1-64c39a91-b84264a233e84742;gz"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=604800
access-control-allow-credentials
false
permissions-policy
geolocation=(self), payment=(self)
accept-ranges
bytes
Keep-Alive
timeout=5, max=100
access-control-allow-headers
x-requested-with
expires
Sat, 05 Aug 2023 10:56:45 GMT
twitter.svg
185.141.195.200/tomanifesto/images/icons/socials/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://185.141.195.200/tomanifesto/images/icons/socials/twitter.svg
Requested by
Host: 185.141.195.200
URL: http://185.141.195.200/
Protocol
HTTP/1.1
Server
185.141.195.200 , United Kingdom, ASN46844 (SHARKTECH, US),
Reverse DNS
Software
LiteSpeed /
Resource Hash
b4533db70d6fb219cba7cca73a7bb547de1e6510d6b32d6745babad98963a9da
Security Headers
Name Value
Strict-Transport-Security max-age=5; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block;

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://185.141.195.200/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Sat, 29 Jul 2023 10:56:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=5; includeSubDomains
x-permitted-cross-domain-policies
none;
cross-origin-embedder-policy
unsafe-none;
cross-origin-resource-policy
same-origin;
Connection
Keep-Alive
content-length
784
x-xss-protection
1; mode=block;
referrer-policy
strict-origin-when-cross-origin
last-modified
Fri, 28 Jul 2023 10:38:09 GMT
server
LiteSpeed
cross-origin-opener-policy
same-origin-allow-popups;
etag
"7f8-64c39a91-e2ca0c220108e799;gz"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=604800
access-control-allow-credentials
false
permissions-policy
geolocation=(self), payment=(self)
accept-ranges
bytes
Keep-Alive
timeout=5, max=100
access-control-allow-headers
x-requested-with
expires
Sat, 05 Aug 2023 10:56:45 GMT
linkedin.svg
185.141.195.200/tomanifesto/images/icons/socials/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://185.141.195.200/tomanifesto/images/icons/socials/linkedin.svg
Requested by
Host: 185.141.195.200
URL: http://185.141.195.200/
Protocol
HTTP/1.1
Server
185.141.195.200 , United Kingdom, ASN46844 (SHARKTECH, US),
Reverse DNS
Software
LiteSpeed /
Resource Hash
68f3bcd5501ce9c8276572a50dd9bc2a521e2a4228ecabd6df83532807a8fb9c
Security Headers
Name Value
Strict-Transport-Security max-age=5; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block;

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://185.141.195.200/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Sat, 29 Jul 2023 10:56:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=5; includeSubDomains
x-permitted-cross-domain-policies
none;
cross-origin-embedder-policy
unsafe-none;
cross-origin-resource-policy
same-origin;
Connection
Keep-Alive
content-length
676
x-xss-protection
1; mode=block;
referrer-policy
strict-origin-when-cross-origin
last-modified
Fri, 28 Jul 2023 10:38:09 GMT
server
LiteSpeed
cross-origin-opener-policy
same-origin-allow-popups;
etag
"6af-64c39a91-a3ea312d524bfaa3;gz"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=604800
access-control-allow-credentials
false
permissions-policy
geolocation=(self), payment=(self)
accept-ranges
bytes
Keep-Alive
timeout=5, max=100
access-control-allow-headers
x-requested-with
expires
Sat, 05 Aug 2023 10:56:45 GMT
caret.svg
185.141.195.200/tomanifesto/images/icons/ 		780 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://185.141.195.200/tomanifesto/images/icons/caret.svg
Requested by
Host: 185.141.195.200
URL: http://185.141.195.200/
Protocol
HTTP/1.1
Server
185.141.195.200 , United Kingdom, ASN46844 (SHARKTECH, US),
Reverse DNS
Software
LiteSpeed /
Resource Hash
1e41e2ff1878b14ee287db69cb6a6cfa937919ba9e665f8e78566ab7243e462a
Security Headers
Name Value
Strict-Transport-Security max-age=5; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block;

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://185.141.195.200/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Sat, 29 Jul 2023 10:56:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=5; includeSubDomains
x-permitted-cross-domain-policies
none;
cross-origin-embedder-policy
unsafe-none;
cross-origin-resource-policy
same-origin;
Connection
Keep-Alive
content-length
338
x-xss-protection
1; mode=block;
referrer-policy
strict-origin-when-cross-origin
last-modified
Fri, 28 Jul 2023 10:38:09 GMT
server
LiteSpeed
cross-origin-opener-policy
same-origin-allow-popups;
etag
"30c-64c39a91-3a3c740f42b85a1e;gz"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=604800
access-control-allow-credentials
false
permissions-policy
geolocation=(self), payment=(self)
accept-ranges
bytes
Keep-Alive
timeout=5, max=100
access-control-allow-headers
x-requested-with
expires
Sat, 05 Aug 2023 10:56:45 GMT
nd-nea-dimokratia.webp
185.141.195.200/portal-img/list_img_lg_webp/58/ 		35 KB
36 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://185.141.195.200/portal-img/list_img_lg_webp/58/nd-nea-dimokratia.webp?crop=1522,1304,489,0
Requested by
Host: 185.141.195.200
URL: http://185.141.195.200/
Protocol
HTTP/1.1
Server
185.141.195.200 , United Kingdom, ASN46844 (SHARKTECH, US),
Reverse DNS
Software
LiteSpeed /
Resource Hash
7a7317d143cbb831ee4d863a8652933ba4b042c27d02f517e22b049799633bcf
Security Headers
Name Value
Strict-Transport-Security max-age=5; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block;

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://185.141.195.200/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Sat, 29 Jul 2023 10:56:45 GMT
strict-transport-security
max-age=5; includeSubDomains
x-content-type-options
nosniff
x-permitted-cross-domain-policies
none;
cross-origin-embedder-policy
unsafe-none;
x-litespeed-cache
hit
cross-origin-resource-policy
same-origin;
Connection
Keep-Alive
content-length
35706
x-xss-protection
1; mode=block;
referrer-policy
strict-origin-when-cross-origin
server
LiteSpeed
cross-origin-opener-policy
same-origin-allow-popups;
etag
"108099-1690628108;;;"
x-frame-options
SAMEORIGIN
content-type
image/webp
cache-control
max-age=31536000, public
permissions-policy
geolocation=(self), payment=(self)
Keep-Alive
timeout=5, max=100
expires
Mon, 29 Jul 2024 13:55:08 GMT
adServer.bs
bs.serving-sys.com/Serving/ 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bs.serving-sys.com/Serving/adServer.bs?c=28&cn=display&pli=1079423835&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT_68}&us_privacy=${US_PRIVACY}&w=300&h=250&ord=[timestamp]&z=10000
Requested by
Host: 185.141.195.200
URL: http://185.141.195.200/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.158.152.210 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-158-152-210.eu-central-1.compute.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
97f824dfe9f76687e27714c67243ba12258ee4c837f994939d2d7da2772a32ea

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://185.141.195.200/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 29 Jul 2023 10:56:46 GMT
content-encoding
gzip
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
p3p
CP="NOI DEVa OUR BUS UNI"
cache-control
no-cache, no-store
content-length
4355
expires
Sun, 05-Jun-2005 22:00:00 GMT
dcmads.js
www.googletagservices.com/dcm/ 		16 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/dcm/dcmads.js
Requested by
Host: 185.141.195.200
URL: http://185.141.195.200/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d72c9fb59846aff6405d2973c81bd8da823493502fab893e026a736a1ba01838
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://185.141.195.200/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Sat, 29 Jul 2023 10:45:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
689
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6830
x-xss-protection
0
last-modified
Wed, 24 May 2023 18:59:20 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-dcm-tag"
vary
Accept-Encoding
report-to
{"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Sat, 29 Jul 2023 11:45:16 GMT
/
fw.adsafeprotected.com/rjss/track.adform.net/1555162/72607590/adfscript/ 		250 KB
75 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fw.adsafeprotected.com/rjss/track.adform.net/1555162/72607590/adfscript/?bn=66210563
Requested by
Host: 185.141.195.200
URL: http://185.141.195.200/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.171.27.201 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-171-27-201.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
a01d993bd666ad6f6e523c0b2bb8e35db9f18016c788e5cc37af4992d13d685d

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://185.141.195.200/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 29 Jul 2023 10:56:46 GMT
content-encoding
gzip
vary
accept-encoding
content-type
application/javascript;charset=utf-8
access-control-allow-origin
fw.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Wed, 31 Dec 1969 23:59:59 GMT
adServer.bs
bs.serving-sys.com/Serving/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://bs.serving-sys.com/Serving/adServer.bs?c=28&cn=display&pli=1079242678&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT_68}&us_privacy=${US_PRIVACY}&w=300&h=600&ord=[timestamp]&ifrm=-1&z=10000
Requested by
Host: 185.141.195.200
URL: http://185.141.195.200/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.158.152.210 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-158-152-210.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://185.141.195.200/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers
adman.js
static.adman.gr/ 		211 KB
70 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adman.gr/adman.js
Requested by
Host: 185.141.195.200
URL: http://185.141.195.200/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:d6b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
66a974edb28aaa40ca7f9ac5851f07a31274d9218d267a482265fc48a2aa2550

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://185.141.195.200/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Sat, 29 Jul 2023 10:56:46 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 27 Jul 2023 07:53:01 GMT
server
cloudflare
age
3630
etag
W/"64c2225d-34d24"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=7200
cf-ray
7ee4d64f99bd377c-FRA
dpheart.svg
185.141.195.200/tomanifesto/images/icons/ 		513 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://185.141.195.200/tomanifesto/images/icons/dpheart.svg
Requested by
Host: 185.141.195.200
URL: http://185.141.195.200/
Protocol
HTTP/1.1
Server
185.141.195.200 , United Kingdom, ASN46844 (SHARKTECH, US),
Reverse DNS
Software
LiteSpeed /
Resource Hash
1d688ba1a584d2e9ac5a1a96d4747650e3c5911df1f3e7f7fcb636d1d1463269
Security Headers
Name Value
Strict-Transport-Security max-age=5; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block;

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://185.141.195.200/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Sat, 29 Jul 2023 10:56:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=5; includeSubDomains
x-permitted-cross-domain-policies
none;
cross-origin-embedder-policy
unsafe-none;
cross-origin-resource-policy
same-origin;
Connection
Keep-Alive
content-length
306
x-xss-protection
1; mode=block;
referrer-policy
strict-origin-when-cross-origin
last-modified
Fri, 28 Jul 2023 10:38:09 GMT
server
LiteSpeed
cross-origin-opener-policy
same-origin-allow-popups;
etag
"201-64c39a91-e665278caa8bb83c;gz"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=604800
access-control-allow-credentials
false
permissions-policy
geolocation=(self), payment=(self)
accept-ranges
bytes
Keep-Alive
timeout=5, max=100
access-control-allow-headers
x-requested-with
expires
Sat, 05 Aug 2023 10:56:46 GMT
final-app.js
185.141.195.200/tomanifesto/js/ 		337 KB
102 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://185.141.195.200/tomanifesto/js/final-app.js?id=03d66c022483c437602553dfb6370703
Requested by
Host: 185.141.195.200
URL: http://185.141.195.200/
Protocol
HTTP/1.1
Server
185.141.195.200 , United Kingdom, ASN46844 (SHARKTECH, US),
Reverse DNS
Software
LiteSpeed /
Resource Hash
dd39f76fb2ca24f0932f53532961ffcd97890c706a4ae353f505238b877efb5c
Security Headers
Name Value
Strict-Transport-Security max-age=5; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block;

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://185.141.195.200/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Sat, 29 Jul 2023 10:56:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=5; includeSubDomains
x-permitted-cross-domain-policies
none;
cross-origin-embedder-policy
unsafe-none;
cross-origin-resource-policy
same-origin;
Connection
Keep-Alive
content-length
103257
x-xss-protection
1; mode=block;
referrer-policy
strict-origin-when-cross-origin
last-modified
Fri, 28 Jul 2023 10:38:09 GMT
server
LiteSpeed
cross-origin-opener-policy
same-origin-allow-popups;
etag
"543c4-64c39a91-e8828d56e18f2d54;gz"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=604800
access-control-allow-credentials
false
permissions-policy
geolocation=(self), payment=(self)
accept-ranges
bytes
Keep-Alive
timeout=5, max=100
access-control-allow-headers
x-requested-with
expires
Sat, 05 Aug 2023 10:56:46 GMT
gtm.js
www.googletagmanager.com/ 		159 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-KJZBRQP
Requested by
Host: 185.141.195.200
URL: http://185.141.195.200/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
bb15b5ce8e2e9e3e23a7025b0bdb1a5f7d9d36bfe70be07cb9cf853187c60215
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://185.141.195.200/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Sat, 29 Jul 2023 10:56:45 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
58805
x-xss-protection
0
last-modified
Sat, 29 Jul 2023 09:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 29 Jul 2023 10:56:45 GMT
tomanifesto.png
185.141.195.200/tomanifesto/images/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://185.141.195.200/tomanifesto/images/tomanifesto.png
Requested by
Host: 185.141.195.200
URL: http://185.141.195.200/
Protocol
HTTP/1.1
Server
185.141.195.200 , United Kingdom, ASN46844 (SHARKTECH, US),
Reverse DNS
Software
LiteSpeed /
Resource Hash
fee1581dd855b68335a76d3cfcf4721e8c336d1711ac9a490901684ffb1e3f7d
Security Headers
Name Value
Strict-Transport-Security max-age=5; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block;

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://185.141.195.200/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Sat, 29 Jul 2023 10:56:46 GMT
strict-transport-security
max-age=5; includeSubDomains
x-content-type-options
nosniff
x-permitted-cross-domain-policies
none;
cross-origin-embedder-policy
unsafe-none;
cross-origin-resource-policy
same-origin;
Connection
Keep-Alive
content-length
1376
x-xss-protection
1; mode=block;
referrer-policy
strict-origin-when-cross-origin
last-modified
Fri, 28 Jul 2023 10:38:09 GMT
server
LiteSpeed
cross-origin-opener-policy
same-origin-allow-popups;
etag
"560-64c39a91-50dbab9eade85093;;;"
x-frame-options
SAMEORIGIN
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=604800
access-control-allow-credentials
false
permissions-policy
geolocation=(self), payment=(self)
accept-ranges
bytes
Keep-Alive
timeout=5, max=100
access-control-allow-headers
x-requested-with
expires
Sat, 05 Aug 2023 10:56:46 GMT
versionsFR.js
secure-ds.serving-sys.com/BurstingCachedScripts/versions/ 		213 B
498 B 		Script
General
Check archive.org
Download Go to
Full URL
https://secure-ds.serving-sys.com/BurstingCachedScripts/versions/versionsFR.js
Requested by
Host: bs.serving-sys.com
URL: https://bs.serving-sys.com/Serving/adServer.bs?c=28&cn=display&pli=1079423835&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT_68}&us_privacy=${US_PRIVACY}&w=300&h=250&ord=[timestamp]&z=10000
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.202.122 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-202-122.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
47a8a6f78b6bc5902ca04c5aee6e8a85fafebd0ba5002db63ed4a696f62d3b73

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://185.141.195.200/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Sat, 29 Jul 2023 10:56:46 GMT
content-encoding
gzip
last-modified
Tue, 18 Jul 2023 10:48:42 GMT
server
AmazonS3
x-amz-request-id
HBSH84SNGM3J80W9
x-amz-cf-pop
JFK50-P7
etag
"8eb034f9e4568de857489b0930057a57"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
accept-ranges
bytes
x-amz-cf-id
ZDNtRd7DwEoJhxR_n5mbjKlQgoxYEo64DGQwFvsxmlkyyLPcGhHJnQ==
x-amz-id-2
RfXonrLZtit++P8JTnOvNj36h1JxRKWieRaS6EQJBOQLi82BQxmH6odMeRYldSqDUNqGUeY7R8c=
content-length
126
truncated
/ 		35 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
04c1bc744720c6e7542613e933c9a0f4bbd8f6ed45a5b1924223c256430dfd7b

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://185.141.195.200/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Content-Type
image/gif
adServer.bs
bs.serving-sys.com/Serving/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bs.serving-sys.com/Serving/adServer.bs?c=28&cn=display&pli=1079423835&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT_68}&us_privacy=${US_PRIVACY}&w=300&h=250&ord=[timestamp]&z=10000
Requested by
Host: 185.141.195.200
URL: http://185.141.195.200/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.158.152.210 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-158-152-210.eu-central-1.compute.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
d21d9229537f1664110ecfe283d2cc3c33f28b9d3c89cf45b2b99013e37b6083

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://185.141.195.200/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 29 Jul 2023 10:56:46 GMT
content-encoding
gzip
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
p3p
CP="NOI DEVa OUR BUS UNI"
cache-control
no-cache, no-store
content-length
4353
expires
Sun, 05-Jun-2005 22:00:00 GMT
impl_v96.js
www.googletagservices.com/dcm/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/dcm/impl_v96.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/dcmads.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
843dea1d022be79c95643821b1140cc2d081094ee77ccf7a1f637a1ad8fca33f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://185.141.195.200/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date
Sat, 29 Jul 2023 00:52:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
36274
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20157
x-xss-protection
0
last-modified
Mon, 22 May 2023 16:41:33 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-dcm-tag"
vary
Accept-Encoding
report-to
{"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 28 Jul 2024 00:52:12 GMT
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307200101/ 		363 KB
124 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307200101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2897426462420411&plah=185.141.195.200
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2897426462420411
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
bd13cd271e587362e366fddb82b92dc5bf7b653526b168e6722b6b34b96edfc7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://185.141.195.200/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Sat, 29 Jul 2023 10:56:46 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
127309
x-xss-protection
0
server
cafe
etag
3178639425978632102
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sat, 29 Jul 2023 10:56:46 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20230726/r20190131/ Frame 819D 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20230726/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2897426462420411
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18e7a53e3b3abd7ac0242719f7f62cb56b8efe7065091585b8ad22cbc2b8c41c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://185.141.195.200/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
8129
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4544
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 29 Jul 2023 08:41:17 GMT
etag
12368291122986407432
expires
Sat, 12 Aug 2023 08:41:17 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
B29146169.361336880;dc_ver=96.284;sz=300x250;u_sd=1;dc_adk=3864562868;ord=762hvj;dc_rfl=0,http%3A%2F%2F185.141.195.200%2F$0;xdt=0;crlt=U0OnqjSkV*;stc=1;sttr=95;prcl=s
ad.doubleclick.net/ddm/adi/N728603.3690221MANIFESTO.GR/ Frame F32A 		62 KB
29 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/ddm/adi/N728603.3690221MANIFESTO.GR/B29146169.361336880;dc_ver=96.284;sz=300x250;u_sd=1;dc_adk=3864562868;ord=762hvj;dc_rfl=0,http%3A%2F%2F185.141.195.200%2F$0;xdt=0;crlt=U0OnqjSkV*;stc=1;sttr=95;prcl=s
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/impl_v96.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.134 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f6.1e100.net
Software
cafe /
Resource Hash
df8ce6a8c82590aee85242f46222053a044cc615f5a96c75e2106e5695e9f734
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://185.141.195.200/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-encoding
br
content-length
29760
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 29 Jul 2023 10:56:46 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
c5e7a55e685b13451861036c5c03b7da.js
cdn.cookie-script.com/s/ 		103 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cookie-script.com/s/c5e7a55e685b13451861036c5c03b7da.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KJZBRQP
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
116.203.90.127 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.127.90.203.116.clients.your-server.de
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
b6fda015b769744c0482a5bc7ebfce503c634e1203688533285e3df2c12d36d8

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://185.141.195.200/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Sat, 29 Jul 2023 10:56:46 GMT
content-encoding
gzip
last-modified
Fri, 05 May 2023 09:49:23 GMT
server
nginx/1.18.0 (Ubuntu)
etag
W/"2a376469b494d3dbb360c222d65ad34e"
x-cache-status
HIT
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
js
www.googletagmanager.com/gtag/ 		217 KB
76 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-6NZBBJRGJC&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KJZBRQP
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
dfe0f214033137458ef713b2a321b79ffdc0c687e1d65478642ff093f4edae27
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://185.141.195.200/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Sat, 29 Jul 2023 10:56:46 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
78175
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sat, 29 Jul 2023 10:56:46 GMT
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-4213274-72
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://185.141.195.200/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Sat, 29 Jul 2023 09:44:24 GMT
last-modified
Mon, 12 Jun 2023 18:23:07 GMT
server
Golfe2
age
4342
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Sat, 29 Jul 2023 11:44:24 GMT
B29146169.361336880;dc_ver=96.284;dc_eid=40004000;sz=300x250;u_sd=1;dc_adk=1005484538;ord=c5jnof;dc_rfl=0,http%3A%2F%2F185.141.195.200%2F$0;xdt=0;crlt=U0OnqjSkV*;stc=1;sttr=4;prcl=s
ad.doubleclick.net/ddm/adi/N728603.3690221MANIFESTO.GR/ Frame 3B14 		62 KB
30 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/ddm/adi/N728603.3690221MANIFESTO.GR/B29146169.361336880;dc_ver=96.284;dc_eid=40004000;sz=300x250;u_sd=1;dc_adk=1005484538;ord=c5jnof;dc_rfl=0,http%3A%2F%2F185.141.195.200%2F$0;xdt=0;crlt=U0OnqjSkV*;stc=1;sttr=4;prcl=s
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/impl_v96.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.134 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f6.1e100.net
Software
cafe /
Resource Hash
045c180ce2e882b0f130c70f45c723918517d15e6dd06de43c06091ad015103f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://185.141.195.200/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-encoding
br
content-length
29834
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 29 Jul 2023 10:56:46 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
skeleton.js
static.adsafeprotected.com/
Redirect Chain
  • https://fw.adsafeprotected.com/rfw/track.adform.net/1555162/72607590/adfscript/?bn=66210563&adsafe_url=http%3A%2F%2F185.141.195.200%2F&adsafe_type=abdfq&adsafe_jsinfo=,id:bac8b3f7-1b35-4a69-8b62-c2...
  • https://static.adsafeprotected.com/skeleton.js
17 B
465 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/skeleton.js
Requested by
Host: 185.141.195.200
URL: http://185.141.195.200/
Protocol
H2
Server
2600:9000:223f:3c00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bdeed1e1c0751610c8f3dc2a5c78c93f841c366b36a7f7a54f5e6752c2656c05

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://185.141.195.200/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 16 Jan 2023 03:51:51 GMT
x-amz-version-id
nylqTweorRThFHMBJSrf_fHcWx3KVKN3
via
1.1 08d7dbeb0736051b46014fbaac0a421e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P5
age
16787096
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
17
last-modified
Mon, 17 Aug 2020 23:54:35 GMT
server
AmazonS3
etag
"53fab767ecbd3bf07990b10246befbd4"
content-type
application/javascript
cache-control
max-age=315360000
accept-ranges
bytes
x-amz-cf-id
6YCMcbIQUe9gRrY7XFxl4ZkAtdHrXrzV9r0ubq1fEckf_ZUHnTi4rg==

Redirect headers

pragma
no-cache
date
Sat, 29 Jul 2023 10:56:46 GMT
server
nginx
x-server-name
app14.ie.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
location
https://static.adsafeprotected.com/skeleton.js
cache-control
no-cache
content-length
0
sca.17.6.2.js
static.adsafeprotected.com/ Frame 396D 		91 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/sca.17.6.2.js
Requested by
Host: 185.141.195.200
URL: http://185.141.195.200/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:3c00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://185.141.195.200/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 15:36:17 GMT
x-amz-version-id
go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding
gzip
via
1.1 08d7dbeb0736051b46014fbaac0a421e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P5
age
26853630
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Tue, 20 Sep 2022 19:21:34 GMT
server
AmazonS3
etag
W/"1f3488247c90bb5de253d3d0cb3b7458"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-amz-cf-id
h-YknOTq_GPNd7hI2cgLaUMz_G2rM_U0ms-JB36wPH6JUKA8CSAqlA==
dt
dt.adsafeprotected.com/ 		43 B
216 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1555162&asId=bac8b3f7-1b35-4a69-8b62-c2d06e726a60&tv=%7Bc:jKJc1v,pingTime:-2,time:41,type:a,im:%7Bsf:0,pom:1,prf:%7BmdA:201,mdZ:627,beA:671,beZ:672,mfA:674,cmA:675,inA:675,inZ:678,prA:678,prZ:684,si:689,poA:690,poZ:707,cmZ:707,mfZ:707,loA:709,loZ:710,ltA:712,ltZ:712%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:1,h:1,t:17%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:41,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:17,wc:0.0.1600.1200,ac:0.0.1.1,am:s,cc:0.0.0.0,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B36~0%5D,as:%5B36~1.1%5D%7D%7D%5D,slEventCount:1,em:false,fr:true,e:,tt:rjss,dtt:0,fm:tLozF0g+1*.1555162-72607590%7C11%7C12%7C13,idMap:1*,pd:CV8L.internal-pdf-viewer,rmeas:1,rend:0,renddet:na,siq:18,slid:%5Bmain%5D,sinceFw:22,readyFired:false%7D&br=c
Requested by
Host: 185.141.195.200
URL: http://185.141.195.200/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4280:8e57:d2c2:3e3a:7dc0 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://185.141.195.200/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 29 Jul 2023 10:56:46 GMT
server
nginx
x-server-name
dt08.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
ebStdBannerEx.js
secure-ds.serving-sys.com/BurstingCachedScripts//Ad_2_241_3_0/ 		292 KB
81 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure-ds.serving-sys.com/BurstingCachedScripts//Ad_2_241_3_0/ebStdBannerEx.js
Requested by
Host: bs.serving-sys.com
URL: https://bs.serving-sys.com/Serving/adServer.bs?c=28&cn=display&pli=1079423835&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT_68}&us_privacy=${US_PRIVACY}&w=300&h=250&ord=[timestamp]&z=10000
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.202.122 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-202-122.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
ad45e2d674f6b9b7a6a92375f229b8b6a15b82c481da63af9b99f3dfc16e2650

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://185.141.195.200/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Sat, 29 Jul 2023 10:56:46 GMT
content-encoding
gzip
last-modified
Tue, 18 Jul 2023 10:25:07 GMT
server
AmazonS3
x-amz-request-id
TMBYHWWZAPR6SDCN
x-amz-cf-pop
JFK50-P7
etag
"6aa69677b0acd844ac82b06e371fb347"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
accept-ranges
bytes
x-amz-cf-id
b5Py0-dcgzVTZf6-i2jGWs259ztB3Ezby7L0AYGwo1qUbO8NCoQlSg==
x-amz-id-2
T+aAHaa54R9oW3th4/gqoBP+1Gjv/lS/DlLuZlBlBFKXaCK825lrqX/HM7h3xg6/X8Kgi9xuYV4=
content-length
82245
collect
region1.google-analytics.com/g/ 		0
253 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-6NZBBJRGJC&gtm=45je37q0&_p=191524434&gcs=G111&cid=867471191.1690628206&ul=en-us&sr=1600x1200&_s=1&sid=1690628206&sct=1&seg=0&dl=http%3A%2F%2F185.141.195.200%2F&dt=toManifesto.gr%20%7C%20%CE%9A%CE%B1%CE%B8%CE%B7%CE%BC%CE%B5%CF%81%CE%B9%CE%BD%CE%AE%20%CE%A0%CE%BF%CE%BB%CE%B9%CF%84%CE%B9%CE%BA%CE%AE%20%CE%95%CF%86%CE%B7%CE%BC%CE%B5%CF%81%CE%AF%CE%B4%CE%B1&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-6NZBBJRGJC&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://185.141.195.200/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 29 Jul 2023 10:56:46 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
http://185.141.195.200
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
URLUtil.js
secure-ds.serving-sys.com/BurstingCachedScripts/Modules_1_108_0_0/ 		7 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure-ds.serving-sys.com/BurstingCachedScripts/Modules_1_108_0_0/URLUtil.js
Requested by
Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/BurstingCachedScripts//Ad_2_241_3_0/ebStdBannerEx.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.202.122 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-202-122.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
91cf683ee0db61e475ee4f5c12ba9281256db5662fd80f2b812067fd9d39b691

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://185.141.195.200/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Sat, 29 Jul 2023 10:56:46 GMT
content-encoding
gzip
last-modified
Tue, 18 Jul 2023 10:39:37 GMT
server
AmazonS3
x-amz-request-id
M4JR6J2GBTFMGZPE
x-amz-cf-pop
JFK50-P7
etag
"3470a076f0022d50a41874998110932e"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
accept-ranges
bytes
x-amz-cf-id
k1O3hHKBid4XClUgevc90KvXMIgqRKc6BnksV1dYiDBdJTY0kXL9Hg==
x-amz-id-2
OfW1A9Pnu6rVAVj2FkfaC/q/s8qYPMkezQhAQ++IcwRJaYmX3brywhXvoe6Z1lx7OwfmoEC/FD4=
content-length
1951
300x250px_new_winbank_app_80585102911866053.gif
secure-ds.serving-sys.com/resources/PROD/asset/109701/IMAGE/20230707/ 		87 KB
87 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure-ds.serving-sys.com/resources/PROD/asset/109701/IMAGE/20230707/300x250px_new_winbank_app_80585102911866053.gif
Requested by
Host: 185.141.195.200
URL: http://185.141.195.200/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.202.122 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-202-122.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
2680a58612f6af87fa9be2984540690fc8a3b90e2bbd582474a272438ebf8e71

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://185.141.195.200/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

x-amz-version-id
6am8lRto0pIjg9TCKrh60SswYyWkjJrb
date
Sat, 29 Jul 2023 10:56:46 GMT
last-modified
Fri, 07 Jul 2023 13:41:43 GMT
server
AmazonS3
x-amz-cf-pop
EWR52-C1
etag
"86124816f79304cbbc88e796d981edb3"
x-amz-server-side-encryption
AES256
content-type
image/gif
access-control-allow-origin
*
accept-ranges
bytes
content-length
88704
x-amz-cf-id
T-uYi1-wnTCQalSH6rIZpUbTepENcmKzjL23b4QRYuqHhcxaZZER0g==
expires
Mon, 31 Dec 2035 00:00:00 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20230726/r20110914/elements/html/ Frame 3B14 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230726/r20110914/elements/html/omrhp.js
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adi/N728603.3690221MANIFESTO.GR/B29146169.361336880;dc_ver=96.284;dc_eid=40004000;sz=300x250;u_sd=1;dc_adk=1005484538;ord=c5jnof;dc_rfl=0,http%3A%2F%2F185.141.195.200%2F$0;xdt=0;crlt=U0OnqjSkV*;stc=1;sttr=4;prcl=s
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
597e4ec7ca2b12f9150e02e04096849d6b06061b09c2d131f1d2225871eedfdf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ad.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Fri, 28 Jul 2023 19:13:10 GMT
content-encoding
br
x-content-type-options
nosniff
age
56616
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4172
x-xss-protection
0
server
cafe
etag
16731591232229431525
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 11 Aug 2023 19:13:10 GMT
express_html_inpage_rendering_lib_200_278.js
s0.2mdn.net/879366/ Frame 3B14 		111 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adi/N728603.3690221MANIFESTO.GR/B29146169.361336880;dc_ver=96.284;dc_eid=40004000;sz=300x250;u_sd=1;dc_adk=1005484538;ord=c5jnof;dc_rfl=0,http%3A%2F%2F185.141.195.200%2F$0;xdt=0;crlt=U0OnqjSkV*;stc=1;sttr=4;prcl=s
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ad.doubleclick.net/
Origin
https://ad.doubleclick.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Fri, 28 Jul 2023 18:51:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
57945
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
39806
x-xss-protection
0
last-modified
Tue, 14 Mar 2023 18:44:05 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 29 Jul 2023 18:51:01 GMT
collect
www.google-analytics.com/j/ 		2 B
206 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=191524434&t=pageview&_s=1&dl=http%3A%2F%2F185.141.195.200%2F&ul=en-us&de=UTF-8&dt=toManifesto.gr%20%7C%20%CE%9A%CE%B1%CE%B8%CE%B7%CE%BC%CE%B5%CF%81%CE%B9%CE%BD%CE%AE%20%CE%A0%CE%BF%CE%BB%CE%B9%CF%84%CE%B9%CE%BA%CE%AE%20%CE%95%CF%86%CE%B7%CE%BC%CE%B5%CF%81%CE%AF%CE%B4%CE%B1&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YAhAAUABAAAAACAAI~&jid=1862259251&gjid=2097416414&cid=867471191.1690628206&tid=UA-4213274-72&_gid=2097058432.1690628206&_r=1&gtm=457e37q0&gcs=G111&jsscut=1&z=1431512880
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://185.141.195.200/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 29 Jul 2023 10:56:46 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
http://185.141.195.200
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20230726/r20110914/elements/html/ Frame F32A 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230726/r20110914/elements/html/omrhp.js
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adi/N728603.3690221MANIFESTO.GR/B29146169.361336880;dc_ver=96.284;sz=300x250;u_sd=1;dc_adk=3864562868;ord=762hvj;dc_rfl=0,http%3A%2F%2F185.141.195.200%2F$0;xdt=0;crlt=U0OnqjSkV*;stc=1;sttr=95;prcl=s
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
597e4ec7ca2b12f9150e02e04096849d6b06061b09c2d131f1d2225871eedfdf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ad.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Fri, 28 Jul 2023 19:13:10 GMT
content-encoding
br
x-content-type-options
nosniff
age
56616
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4172
x-xss-protection
0
server
cafe
etag
16731591232229431525
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 11 Aug 2023 19:13:10 GMT
skeleton.js
static.adsafeprotected.com/
Redirect Chain
  • https://fw.adsafeprotected.com/rfw/track.adform.net/1555162/72607590/adfscript/?bn=66210563&adsafe_url=http%3A%2F%2F185.141.195.200%2F&adsafe_type=abdfq&adsafe_jsinfo=,id:da6f0317-3621-01e1-79cb-ed...
  • https://static.adsafeprotected.com/skeleton.js
17 B
462 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/skeleton.js
Requested by
Host: 185.141.195.200
URL: http://185.141.195.200/
Protocol
H2
Server
2600:9000:223f:3c00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bdeed1e1c0751610c8f3dc2a5c78c93f841c366b36a7f7a54f5e6752c2656c05

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://185.141.195.200/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 16 Jan 2023 03:51:51 GMT
x-amz-version-id
nylqTweorRThFHMBJSrf_fHcWx3KVKN3
via
1.1 08d7dbeb0736051b46014fbaac0a421e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P5
age
16787096
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
17
last-modified
Mon, 17 Aug 2020 23:54:35 GMT
server
AmazonS3
etag
"53fab767ecbd3bf07990b10246befbd4"
content-type
application/javascript
cache-control
max-age=315360000
accept-ranges
bytes
x-amz-cf-id
wnX-Bhf663236tS8b7kjhKzxSd0cw6ViUqzc500yjC-oitdoPJciQA==

Redirect headers

pragma
no-cache
date
Sat, 29 Jul 2023 10:56:46 GMT
server
nginx
x-server-name
app01.ie.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
location
https://static.adsafeprotected.com/skeleton.js
cache-control
no-cache
content-length
0
sca.17.6.2.js
static.adsafeprotected.com/ Frame 6EAF 		91 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/sca.17.6.2.js
Requested by
Host: 185.141.195.200
URL: http://185.141.195.200/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:3c00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://185.141.195.200/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 15:36:17 GMT
x-amz-version-id
go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding
gzip
via
1.1 08d7dbeb0736051b46014fbaac0a421e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P5
age
26853630
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Tue, 20 Sep 2022 19:21:34 GMT
server
AmazonS3
etag
W/"1f3488247c90bb5de253d3d0cb3b7458"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-amz-cf-id
KsDFI4SFh8GqCMiSxHlVtDw-SHFLQ4A9U_tvT9KP0Is4uSB_dm8U3g==
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 3B14 		41 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adi/N728603.3690221MANIFESTO.GR/B29146169.361336880;dc_ver=96.284;dc_eid=40004000;sz=300x250;u_sd=1;dc_adk=1005484538;ord=c5jnof;dc_rfl=0,http%3A%2F%2F185.141.195.200%2F$0;xdt=0;crlt=U0OnqjSkV*;stc=1;sttr=4;prcl=s
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ad.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Sat, 29 Jul 2023 05:44:48 GMT
content-encoding
br
x-content-type-options
nosniff
age
18718
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13692
x-xss-protection
0
last-modified
Sun, 25 Jun 2023 02:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 28 Jul 2024 05:44:48 GMT
express_html_inpage_rendering_lib_200_278.js
s0.2mdn.net/879366/ Frame F32A 		111 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adi/N728603.3690221MANIFESTO.GR/B29146169.361336880;dc_ver=96.284;sz=300x250;u_sd=1;dc_adk=3864562868;ord=762hvj;dc_rfl=0,http%3A%2F%2F185.141.195.200%2F$0;xdt=0;crlt=U0OnqjSkV*;stc=1;sttr=95;prcl=s
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ad.doubleclick.net/
Origin
https://ad.doubleclick.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Fri, 28 Jul 2023 18:51:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
57945
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
39806
x-xss-protection
0
last-modified
Tue, 14 Mar 2023 18:44:05 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 29 Jul 2023 18:51:01 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame F32A 		41 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adi/N728603.3690221MANIFESTO.GR/B29146169.361336880;dc_ver=96.284;sz=300x250;u_sd=1;dc_adk=3864562868;ord=762hvj;dc_rfl=0,http%3A%2F%2F185.141.195.200%2F$0;xdt=0;crlt=U0OnqjSkV*;stc=1;sttr=95;prcl=s
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ad.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Sat, 29 Jul 2023 05:44:48 GMT
content-encoding
br
x-content-type-options
nosniff
age
18718
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13692
x-xss-protection
0
last-modified
Sun, 25 Jun 2023 02:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 28 Jul 2024 05:44:48 GMT
evt
lm.serving-sys.com/lm/ 		0
180 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lm.serving-sys.com/lm/evt
Requested by
Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/BurstingCachedScripts//Ad_2_241_3_0/ebStdBannerEx.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.64.163.89 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-64-163-89.eu-central-1.compute.amazonaws.com
Software
LogModule 0.6 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://185.141.195.200/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

Access-Control-Allow-Origin
http://185.141.195.200
Access-Control-Allow-Credentials
true
Server
LogModule 0.6
Content-Length
0
Content-Type
text/plain
evt
lm.serving-sys.com/lm/ 		0
180 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lm.serving-sys.com/lm/evt
Requested by
Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/BurstingCachedScripts//Ad_2_241_3_0/ebStdBannerEx.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.64.163.89 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-64-163-89.eu-central-1.compute.amazonaws.com
Software
LogModule 0.6 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://185.141.195.200/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

Access-Control-Allow-Origin
http://185.141.195.200
Access-Control-Allow-Credentials
true
Server
LogModule 0.6
Content-Length
0
Content-Type
text/plain
Serving
bs.serving-sys.com/ 		24 B
302 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bs.serving-sys.com/Serving?cn=display&c=40&sessionid=2681922662125653203&ai=1090953640&usercookie=u2=a49d1a0a-67b9-4e63-abee-86b6190e4ee1&oo=1&clsrc=2&clbv=_2_241_3_0&gdprpurposes=1010&dg=1077974426&sdg=1079156436&ctick=88&ord=0.200327954763881
Requested by
Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/BurstingCachedScripts//Ad_2_241_3_0/ebStdBannerEx.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.158.152.210 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-158-152-210.eu-central-1.compute.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
2e7778c6ed3c31a131da378d6e573a1b3b6723037cdeea4c4832da83e60c9399

Request headers

Referer
http://185.141.195.200/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-type
text/plain

Response headers

pragma
no-cache
date
Sat, 29 Jul 2023 10:56:46 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
content-type
text/html; charset=UTF-8
access-control-allow-origin
http://185.141.195.200
p3p
CP="NOI DEVa OUR BUS UNI"
cache-control
no-cache, no-store
access-control-allow-credentials
true
content-length
24
expires
Sun, 05-Jun-2005 22:00:00 GMT
adServer.bs
bs.serving-sys.com/Serving/ 		0
259 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://bs.serving-sys.com/Serving/adServer.bs?cn=int&iv=2&int=1090953640~~0~~1077974426~~2681922662125653203^VsR~0~0~01020~89^VsRAg~0~0~01020~89^AdStart~0~0~01020~89&usercookie=u2=a49d1a0a-67b9-4e63-abee-86b6190e4ee1&OptOut=1&rnd=0.47408596666204206&res=32
Requested by
Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/BurstingCachedScripts//Ad_2_241_3_0/ebStdBannerEx.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.158.152.210 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-158-152-210.eu-central-1.compute.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://185.141.195.200/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 29 Jul 2023 10:56:46 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
content-type
text/html; charset=UTF-8
access-control-allow-origin
http://185.141.195.200
p3p
CP="NOI DEVa OUR BUS UNI"
cache-control
no-cache, no-store
access-control-allow-credentials
true
content-length
0
expires
Sun, 05-Jun-2005 22:00:00 GMT
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1555162&asId=da6f0317-3621-01e1-79cb-ed2a6d279a62&tv=%7Bc:jKJc4H,pingTime:-2,time:39,type:a,im:%7Bsf:0,pom:1,prf:%7BmdA:201,mdZ:627,beA:871,beZ:872,mfA:872,cmA:872,inA:872,inZ:873,prA:873,prZ:875,si:877,poA:878,poZ:885,cmZ:885,mfZ:885,loA:901,loZ:901,ltA:911,ltZ:911%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:1,h:1,t:5%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:40,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:5,wc:0.0.1600.1200,ac:0.0.1.1,am:s,cc:0.0.0.0,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B39~0%5D,as:%5B39~1.1%5D%7D%7D%5D,slEventCount:1,em:false,fr:true,e:,tt:rjss,dtt:0,fm:tLozF0g+1*.1555162-72607590%7C11%7C12%7C13%7C14,idMap:1*,pd:0YtC.internal-nacl-plugin,rmeas:1,rend:0,renddet:na,siq:6,slid:%5Bmain%5D,sinceFw:33,readyFired:false%7D&br=c
Requested by
Host: 185.141.195.200
URL: http://185.141.195.200/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4280:8e57:d2c2:3e3a:7dc0 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://185.141.195.200/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 29 Jul 2023 10:56:46 GMT
server
nginx
x-server-name
dt14.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
cookie.js
partner.googleadservices.com/gampad/ 		389 B
602 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=185.141.195.200&callback=_gfp_s_&client=ca-pub-2897426462420411
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307200101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2897426462420411&plah=185.141.195.200
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2ca8bbb21aae0ba76ff29211a44f614799fc257d19551839da542ba3ce700792
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://185.141.195.200/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Sat, 29 Jul 2023 10:56:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
251
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame DD12 		603 B
346 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2897426462420411&output=html&adk=1812271804&adf=3025194257&lmt=1690628206&plat=3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=http%3A%2F%2F185.141.195.200%2F&ea=0&pra=5&wgl=1&dt=1690628206130&bpp=4&bdt=498&idt=317&shv=r20230726&mjsv=m202307200101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1856380323681&frm=20&pv=2&ga_vid=867471191.1690628206&ga_sid=1690628206&ga_hid=191524434&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C31076340%2C31076343%2C31076446%2C31076509%2C44788441%2C21065725%2C44797784&oid=2&pvsid=3576276964665481&tmod=1318348193&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=1&uci=a!1&fsb=1&dtd=332
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307200101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2897426462420411&plah=185.141.195.200
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://185.141.195.200/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 29 Jul 2023 10:56:46 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
collect
stats.g.doubleclick.net/j/ 		1 B
345 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-4213274-72&cid=867471191.1690628206&jid=1862259251&gjid=2097416414&_gid=2097058432.1690628206&_u=YAhAAUAAAAAAACAAI~&z=1985529290
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c1b::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://185.141.195.200/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Sat, 29 Jul 2023 10:56:46 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
http://185.141.195.200
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1555162&asId=bac8b3f7-1b35-4a69-8b62-c2d06e726a60&tv=%7Bc:jKJc5w,time:290,type:e,im:%7Bimprf:%7Bttecl:663,ecd:149,tsecr:25%7D%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:290,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:17,wc:0.0.1600.1200,ac:0.0.1.1,am:s,cc:0.0.0.0,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B285~0%5D,as:%5B285~1.1%5D%7D%7D%5D,slEventCount:1,em:false,fr:true,e:,tt:rjss,dtt:0,fm:tLozF0g+1*.1555162-72607590%7C11%7C12%7C13,idMap:1*,rmeas:1,rend:0,renddet:na,siq:18,sis:193%7D&br=c
Requested by
Host: 185.141.195.200
URL: http://185.141.195.200/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4280:8e57:d2c2:3e3a:7dc0 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://185.141.195.200/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 29 Jul 2023 10:56:46 GMT
server
nginx
x-server-name
dt15.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame CE08 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ad.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
135687
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 27 Jul 2023 21:15:19 GMT
expires
Fri, 26 Jul 2024 21:15:19 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 3B14 		179 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5b7d1e63e50218b22558bc94b9d37faac51551fcdb29a7390226a6669d24d8de
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ad.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Sat, 29 Jul 2023 10:56:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57355
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1690371356542162"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 29 Jul 2023 10:56:46 GMT
index.html
s0.2mdn.net/sadbundle/6208020751271044958/ Frame DB2C 		6 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/6208020751271044958/index.html?ev=01_250
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a18aae231a8aa3c958c090418bd52e29cfec0dc5b7d74f1223893b7d2d52362e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ad.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
83079
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
2308
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Fri, 28 Jul 2023 11:52:07 GMT
expires
Sat, 27 Jul 2024 11:52:07 GMT
last-modified
Mon, 26 Jun 2023 13:19:24 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame 3B14 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuYl1r-wsbKqCJ5-MBfLP3XGR0YKIaOFcuUECHd0r9d04z-cwjzG213SJM09res7m35r_sWEqz_a5S7tHusoz45U9bzVpgrrcBGYCf02KrQ6jpL4PUYjeAbx-xm9AA0tjkZg3KgmFVLgNiJ8hCUH3c&sai=AMfl-YSIZtJnp-vPUBOtqiyOOHlHu1mkMtSfBzqUIvWmVpVru2SBFXZi1KS4SiQf3Li0-LM6YyFkhM4mnxvum0E&sig=Cg0ArKJSzF_JTIfIBOMwEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=260&cbvp=1&cstd=257&cisv=r20230726.05592&arae=0&ftch=1&adurl=
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adi/N728603.3690221MANIFESTO.GR/B29146169.361336880;dc_ver=96.284;dc_eid=40004000;sz=300x250;u_sd=1;dc_adk=1005484538;ord=c5jnof;dc_rfl=0,http%3A%2F%2F185.141.195.200%2F$0;xdt=0;crlt=U0OnqjSkV*;stc=1;sttr=4;prcl=s
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ad.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Sat, 29 Jul 2023 10:56:46 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Sat, 29 Jul 2023 10:56:46 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 9227 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ad.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
135687
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 27 Jul 2023 21:15:19 GMT
expires
Fri, 26 Jul 2024 21:15:19 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame F32A 		179 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5b7d1e63e50218b22558bc94b9d37faac51551fcdb29a7390226a6669d24d8de
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ad.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Sat, 29 Jul 2023 10:56:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57355
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1690371356542162"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 29 Jul 2023 10:56:46 GMT
index.html
s0.2mdn.net/sadbundle/13458257475971390350/ Frame AD52 		6 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/13458257475971390350/index.html?ev=01_250
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a18aae231a8aa3c958c090418bd52e29cfec0dc5b7d74f1223893b7d2d52362e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ad.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
289222
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
2308
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Wed, 26 Jul 2023 02:36:24 GMT
expires
Thu, 25 Jul 2024 02:36:24 GMT
last-modified
Mon, 17 Jul 2023 09:09:23 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame F32A 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvGgbHy-UhM1fJQ9M2ysfXL3tnccqrc0j9w-HHUn3uC7zqZW3MFPV_he7BzV1htdodN26hZ5C0WBsThuImuaXCZZLiOfW6PkcJ4JQFaHVt7nsR0xGcYv2KgKKwPc7Zdz4zoPATZs_ilFwN8z6wrp_M&sai=AMfl-YSNakC24OWuAGzF-6vMi_gla-swUUtIyYvqzA16cRtwi_fM2zJ1GXK7wqeDwsClJ0MWd96buiSz8ban4wQ&sig=Cg0ArKJSzCTrdrdQGb4aEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=204&cbvp=1&cstd=203&cisv=r20230726.46672&arae=0&ftch=1&adurl=
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adi/N728603.3690221MANIFESTO.GR/B29146169.361336880;dc_ver=96.284;sz=300x250;u_sd=1;dc_adk=3864562868;ord=762hvj;dc_rfl=0,http%3A%2F%2F185.141.195.200%2F$0;xdt=0;crlt=U0OnqjSkV*;stc=1;sttr=95;prcl=s
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ad.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Sat, 29 Jul 2023 10:56:46 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Sat, 29 Jul 2023 10:56:46 GMT
fEcdG_B7pUQXAq0S1D0jGwFCW0QHifFmsZMHxcblrt4.js
pagead2.googlesyndication.com/bg/ Frame CE08 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/fEcdG_B7pUQXAq0S1D0jGwFCW0QHifFmsZMHxcblrt4.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7c471d1bf07ba5441702ad12d43d231b01425b440789f166b19307c5c6e5aede
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Fri, 28 Jul 2023 19:44:24 GMT
content-encoding
br
x-content-type-options
nosniff
age
54742
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14619
x-xss-protection
0
last-modified
Mon, 24 Jul 2023 13:39:59 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 27 Jul 2024 19:44:24 GMT
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1555162&asId=bac8b3f7-1b35-4a69-8b62-c2d06e726a60&tv=%7Bc:jKJc9c,pingTime:-10,time:518,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwwfHxNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTE1LjAuNTc5MC4xMTAgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,ch:n,fsc:17.6.2v222222220002022202222222000020222222202022222220222202000022000220222220000000202202002222202222222220222222220000020022022200022222220200000222200022020002022022022222202002220222022222022220000000200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022020000000020000000000000000000020220202220000022200202202220022000200222022200200022220222200202222020002200002222022222202222000002002002222222202220022202200022002220202202,asp:1690628206722%7C%7C4b741d0e4a7260e4c8dca18c8e495397%7C%7Cd0bbb78e6e470472c335369488825264%7C%7C5b3df07a72729822f664a66b2986686e%7C%7C261c7d8d6d3df39dacd3ccbfaff85988%7C%7C901a94f154495d8490f10e8be0dbbe6e%7C%7Ce4b98fa7d72c79c40b36061f3a581a6d%7C%7C1e2db4d1d3a3ac9b5ddeffe74f90d367%7C%7C1663701684%7D
Requested by
Host: 185.141.195.200
URL: http://185.141.195.200/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4280:8e57:d2c2:3e3a:7dc0 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://185.141.195.200/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 29 Jul 2023 10:56:46 GMT
server
nginx
x-server-name
dt04.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
fEcdG_B7pUQXAq0S1D0jGwFCW0QHifFmsZMHxcblrt4.js
pagead2.googlesyndication.com/bg/ Frame 9227 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/fEcdG_B7pUQXAq0S1D0jGwFCW0QHifFmsZMHxcblrt4.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7c471d1bf07ba5441702ad12d43d231b01425b440789f166b19307c5c6e5aede
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Fri, 28 Jul 2023 19:44:24 GMT
content-encoding
br
x-content-type-options
nosniff
age
54742
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14619
x-xss-protection
0
last-modified
Mon, 24 Jul 2023 13:39:59 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 27 Jul 2024 19:44:24 GMT
createjs_2019.11.15_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame DB2C 		236 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/createjs_2019.11.15_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6208020751271044958/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bc12347103da4da2ac30f8b4defd567679284e0bad691a54fad78ad804fc9c27
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6208020751271044958/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Sat, 29 Jul 2023 10:56:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
64275
x-xss-protection
0
last-modified
Fri, 15 Nov 2019 19:16:20 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 29 Jul 2023 10:56:46 GMT
300x250.js
s0.2mdn.net/sadbundle/6208020751271044958/ Frame DB2C 		14 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/6208020751271044958/300x250.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6208020751271044958/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ccce9fb5b5fb558b285701f9bc0e4335b0e9c84c6990f8ebab1091756e12ac5f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6208020751271044958/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Sat, 29 Jul 2023 07:57:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
10753
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3038
x-xss-protection
0
last-modified
Mon, 26 Jun 2023 13:19:24 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 28 Jul 2024 07:57:33 GMT
createjs_2019.11.15_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame AD52 		236 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/createjs_2019.11.15_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13458257475971390350/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bc12347103da4da2ac30f8b4defd567679284e0bad691a54fad78ad804fc9c27
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/13458257475971390350/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Sat, 29 Jul 2023 10:56:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
64275
x-xss-protection
0
last-modified
Fri, 15 Nov 2019 19:16:20 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 29 Jul 2023 10:56:46 GMT
300x250.js
s0.2mdn.net/sadbundle/13458257475971390350/ Frame AD52 		20 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/13458257475971390350/300x250.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13458257475971390350/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
60e2d10ec5f635eac5e5992bd2b3fa778c4fa9aa98f527845cb09d2cef46b6aa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/13458257475971390350/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Fri, 28 Jul 2023 21:57:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
46775
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3853
x-xss-protection
0
last-modified
Mon, 17 Jul 2023 09:09:23 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 27 Jul 2024 21:57:11 GMT
app.js
servedbyadbutler.com/ 		67 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://servedbyadbutler.com/app.js
Requested by
Host: 185.141.195.200
URL: http://185.141.195.200/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
78.159.97.6 Frankenthal, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS
hosted-by.leaseweb.com
Software
nginx /
Resource Hash
7d9b7ee9ae860b2f27e08578dacc166269ab838417994fb62c568ff40245b5a3

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://185.141.195.200/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Sat, 29 Jul 2023 10:56:46 GMT
content-encoding
gzip
last-modified
Fri, 17 Mar 2023 20:55:24 GMT
server
nginx
etag
W/"6414d3bc-10c8e"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=1800
expires
Sat, 29 Jul 2023 11:26:46 GMT
;ID=179386;size=300x250;setID=622092;type=js;sw=1600;sh=1200;spr=1;kw=;pid=143886;place=0;rnd=143886;click=CLICK_MACRO_PLACEHOLDER
servedbyadbutler.com/adserve/ 		2 KB
905 B 		Script
General
Check archive.org
Download Go to
Full URL
https://servedbyadbutler.com/adserve/;ID=179386;size=300x250;setID=622092;type=js;sw=1600;sh=1200;spr=1;kw=;pid=143886;place=0;rnd=143886;click=CLICK_MACRO_PLACEHOLDER
Requested by
Host: 185.141.195.200
URL: http://185.141.195.200/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
78.159.97.6 Frankenthal, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS
hosted-by.leaseweb.com
Software
nginx /
Resource Hash
f28c0836fa2ac47d1909d6ca79215cba27598352fa5f0361d2d145b8add706a2
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://185.141.195.200/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

pragma
no-cache
date
Sat, 29 Jul 2023 10:56:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
nginx
vary
Accept-Encoding
p3p
CP="ALL DSP COR CUR ADMi DEVi CONi TELi OUR BUS UNI PRE"
content-type
application/javascript
access-control-allow-origin
*
cache-control
post-check=0, pre-check=0
access-control-allow-credentials
true
expires
Mon, 26 Jul 1997 05:00:00 GMT
tomanifesto.png
185.141.195.200/tomanifesto/images/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://185.141.195.200/tomanifesto/images/tomanifesto.png
Requested by
Host: 185.141.195.200
URL: http://185.141.195.200/
Protocol
HTTP/1.1
Server
185.141.195.200 , United Kingdom, ASN46844 (SHARKTECH, US),
Reverse DNS
Software
LiteSpeed /
Resource Hash
fee1581dd855b68335a76d3cfcf4721e8c336d1711ac9a490901684ffb1e3f7d
Security Headers
Name Value
Strict-Transport-Security max-age=5; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block;

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://185.141.195.200/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Sat, 29 Jul 2023 10:56:46 GMT
strict-transport-security
max-age=5; includeSubDomains
x-content-type-options
nosniff
x-permitted-cross-domain-policies
none;
cross-origin-embedder-policy
unsafe-none;
cross-origin-resource-policy
same-origin;
Connection
Keep-Alive
content-length
1376
x-xss-protection
1; mode=block;
referrer-policy
strict-origin-when-cross-origin
last-modified
Fri, 28 Jul 2023 10:38:09 GMT
server
LiteSpeed
cross-origin-opener-policy
same-origin-allow-popups;
etag
"560-64c39a91-50dbab9eade85093;;;"
x-frame-options
SAMEORIGIN
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=604800
access-control-allow-credentials
false
permissions-policy
geolocation=(self), payment=(self)
accept-ranges
bytes
Keep-Alive
timeout=5, max=100
access-control-allow-headers
x-requested-with
expires
Sat, 05 Aug 2023 10:56:46 GMT
ads
x.grxchange.gr/ 		69 B
607 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://x.grxchange.gr/ads?pageurl=https%3A%2F%2F185.141.195.200%2F&w=1600&h=1200&ids=3510
Requested by
Host: static.adman.gr
URL: https://static.adman.gr/adman.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
146.59.47.10 , France, ASN16276 (OVH, FR),
Reverse DNS
naboo.phaistosnetworks.gr
Software
ADMAN (ADMAN X) /
Resource Hash
73dd1b11098d6a6994addda7a55118b5eb24a733977f9aa810e1a1da8253351d
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://185.141.195.200/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

content-encoding
identity
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA
server
ADMAN (ADMAN X)
content-type
application/json
access-control-allow-origin
http://185.141.195.200
p3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
max-age=0, private, must-revalidate, proxy-revalidate, no-store, no-cache
access-control-allow-credentials
true
alt-svc
h3=":443";ma=1200;
content-length
69
cta.png
s0.2mdn.net/sadbundle/6208020751271044958/images/ Frame DB2C 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/6208020751271044958/images/cta.png?1687441249562
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adi/N728603.3690221MANIFESTO.GR/B29146169.361336880;dc_ver=96.284;dc_eid=40004000;sz=300x250;u_sd=1;dc_adk=1005484538;ord=c5jnof;dc_rfl=0,http%3A%2F%2F185.141.195.200%2F$0;xdt=0;crlt=U0OnqjSkV*;stc=1;sttr=4;prcl=s
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2edb82cf4100410099bbd886f0fde5571e096077a4e014a03f93615608e0a90d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6208020751271044958/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Sat, 29 Jul 2023 07:56:20 GMT
x-content-type-options
nosniff
age
10826
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2886
x-xss-protection
0
last-modified
Mon, 26 Jun 2023 13:19:24 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 28 Jul 2024 07:56:20 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 3B14 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuYl1r-wsbKqCJ5-MBfLP3XGR0YKIaOFcuUECHd0r9d04z-cwjzG213SJM09res7m35r_sWEqz_a5S7tHusoz45U9bzVpgrrcBGYCf02KrQ6jpL4PUYjeAbx-xm9AA0tjkZg3KgmFVLgNiJ8hCUH3c&sai=AMfl-YSIZtJnp-vPUBOtqiyOOHlHu1mkMtSfBzqUIvWmVpVru2SBFXZi1KS4SiQf3Li0-LM6YyFkhM4mnxvum0E&sig=Cg0ArKJSzF_JTIfIBOMwEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=568&vt=11&dtpt=308&dett=3&cstd=257&cisv=r20230726.05592&arae=0&ftch=1&adurl=
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adi/N728603.3690221MANIFESTO.GR/B29146169.361336880;dc_ver=96.284;dc_eid=40004000;sz=300x250;u_sd=1;dc_adk=1005484538;ord=c5jnof;dc_rfl=0,http%3A%2F%2F185.141.195.200%2F$0;xdt=0;crlt=U0OnqjSkV*;stc=1;sttr=4;prcl=s
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ad.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Sat, 29 Jul 2023 10:56:46 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Sat, 29 Jul 2023 10:56:46 GMT
cta.png
s0.2mdn.net/sadbundle/13458257475971390350/images/ Frame AD52 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/13458257475971390350/images/cta.png?1689334741185
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adi/N728603.3690221MANIFESTO.GR/B29146169.361336880;dc_ver=96.284;sz=300x250;u_sd=1;dc_adk=3864562868;ord=762hvj;dc_rfl=0,http%3A%2F%2F185.141.195.200%2F$0;xdt=0;crlt=U0OnqjSkV*;stc=1;sttr=95;prcl=s
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2099d32288a842713a5890643cc4f3e8cf5e21fc53a809d3b39fa287b0762884
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/13458257475971390350/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Sat, 29 Jul 2023 05:57:53 GMT
x-content-type-options
nosniff
age
17933
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3278
x-xss-protection
0
last-modified
Mon, 17 Jul 2023 09:09:23 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 28 Jul 2024 05:57:53 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame F32A 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvGgbHy-UhM1fJQ9M2ysfXL3tnccqrc0j9w-HHUn3uC7zqZW3MFPV_he7BzV1htdodN26hZ5C0WBsThuImuaXCZZLiOfW6PkcJ4JQFaHVt7nsR0xGcYv2KgKKwPc7Zdz4zoPATZs_ilFwN8z6wrp_M&sai=AMfl-YSNakC24OWuAGzF-6vMi_gla-swUUtIyYvqzA16cRtwi_fM2zJ1GXK7wqeDwsClJ0MWd96buiSz8ban4wQ&sig=Cg0ArKJSzCTrdrdQGb4aEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=510&vt=11&dtpt=306&dett=3&cstd=203&cisv=r20230726.46672&arae=0&ftch=1&adurl=
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adi/N728603.3690221MANIFESTO.GR/B29146169.361336880;dc_ver=96.284;sz=300x250;u_sd=1;dc_adk=3864562868;ord=762hvj;dc_rfl=0,http%3A%2F%2F185.141.195.200%2F$0;xdt=0;crlt=U0OnqjSkV*;stc=1;sttr=95;prcl=s
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ad.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Sat, 29 Jul 2023 10:56:46 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Sat, 29 Jul 2023 10:56:46 GMT
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1555162&asId=da6f0317-3621-01e1-79cb-ed2a6d279a62&tv=%7Bc:jKJcdh,time:571,type:e,im:%7Bimprf:%7Bttecl:1082,ecd:367,tsecr:38%7D%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:571,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:5,wc:0.0.1600.1200,ac:0.0.1.1,am:s,cc:0.0.0.0,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B570~0%5D,as:%5B570~1.1%5D%7D%7D%5D,slEventCount:1,em:false,fr:true,e:,tt:rjss,dtt:200,fm:tLozF0g+1*.1555162-72607590%7C11%7C12%7C13%7C14,idMap:1*,rmeas:1,rend:0,renddet:na,siq:6,sis:411%7D&br=c
Requested by
Host: 185.141.195.200
URL: http://185.141.195.200/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4280:8e57:d2c2:3e3a:7dc0 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://185.141.195.200/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 29 Jul 2023 10:56:47 GMT
server
nginx
x-server-name
dt04.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
gen_204
pagead2.googlesyndication.com/pagead/ Frame CE08 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BRE_2bvDEZKucEoOb9u8PgOea8AkAAAAAOAHgBAI&bg=!kpGlkcXNAAZGOVy5Zjk7ADkAdvg8WvKDT1GIz-EqpHgujSmxmueYuLn_loqLKtQsbK68TyIKkhHVk5W5Pvd9bCIk8sB2rSnlElYCAAAAzlIAAAAJaAEHCgADp9I0mQLLhZJJdF5SCwisa9HAx1mzDkha3piUudwW26loKS9XyxlHUySMAKH1F-M0GUCmUmiVlTQwAOzVwSoYlmtElPxKwifekxdDEStC40DGAIzJffKbI60o-oFo0QnjZStHzq62ghzmiDuPlvhV5VypZYMnXwG-kBNLJuWzwnywCjim4G3Y4c168TkNmo7Mxx0GDsdwxf6ijEBuWUto-tTAPUlXhIOcOaSkeml6s3M8ltGp6WQT46cAW1r2-shjZD4NEx1xhEU-J0Q6zcdxz0uJzVEz1QzPXjuivyycbjGIib7N8S5urYrxuW4LdrDxEOKk9ulkRtnj5MKRVtwvPitO2Qy9UekvMWNqL_Crt4ZJRHxYMKioWH-6za1c-zr6NS2IZIEUhP3F_fhNImvmyAGxvTLWvNiQzDl8M4v-3522ygNg8R8bGrpAoMtMmsIzpG14WyXNOtWGUCJYPYDilyKfnoT0x9QI3geZ9oHpkY71iOybtZ-YcQgJyrLTUABJtcuWeDdkmVvrTy7Lg6b4NegUByxN_uaKQCBlZL9n9_Ob2PkDu_JFW7BFf98MiHvlJmnQX7Bs_ocYJ5q_iIzpZGnHIl0CTwJ6J7y-A8DjyfiIz1-bEL5mUrGRbnUpX83mZUHcooq9ljwxtHkDNvV0Wajflo9s3JCSEInU54RvYhfQkEn3LivzHmJFFOGpcb5HdkCty6buhE36eN7LInSdMNz7y96xih1Z6S8a_nNh2fsi2lNIZrReu30LPnadXuMljZI0UG6zDLOoNo2yqbhhh0iTdRZfs-p0xNwK2SfNaG_NRSG9vZ-G01PjMv4zPsGftr6bnkttF1D4ht-hxeYwTMTSte50J206vaelavzdIQb99u7zJZfhMBljsvzOZ1L34SSIPKFYoGDTrjsTgLlNAQRpq-XglrvgF_3dZjrlISw_VhdDTWVCfIMAQSDVHz8TmA
Requested by
Host: 185.141.195.200
URL: http://185.141.195.200/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 29 Jul 2023 10:56:47 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
devices.png
s0.2mdn.net/sadbundle/6208020751271044958/images/ Frame DB2C 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/6208020751271044958/images/devices.png?1687441249562
Requested by
Host: 185.141.195.200
URL: http://185.141.195.200/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
683f97e85a417a2e549f70a9579020bc378b8378f874c00366c87cdad11f2419
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6208020751271044958/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Wed, 26 Jul 2023 14:49:09 GMT
x-content-type-options
nosniff
age
245258
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1797
x-xss-protection
0
last-modified
Mon, 26 Jun 2023 13:19:24 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 25 Jul 2024 14:49:09 GMT
eurobank_logo.png
s0.2mdn.net/sadbundle/13458257475971390350/images/ Frame AD52 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/13458257475971390350/images/eurobank_logo.png?1689334741185
Requested by
Host: 185.141.195.200
URL: http://185.141.195.200/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a626acd478f8809886b4158c7345f72c60aa6c4525b40c3c6ae0b5391433db5f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/13458257475971390350/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Fri, 28 Jul 2023 20:31:26 GMT
x-content-type-options
nosniff
age
51921
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3904
x-xss-protection
0
last-modified
Mon, 17 Jul 2023 09:09:23 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 27 Jul 2024 20:31:26 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 9227 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BxItVbvDEZOecEqWl9u8PnaONkAgAAAAAOAHgBAI&bg=!_v2l_anNAAZGOVy5Zjk7ADkAdvg8WlTOzvPIY9kFPN3ajjroYhvvV9UfVDUn_ACp7BIPNkTGrjdfNnecW3HB_zajFs0zSrYr0vYCAAAAqFIAAAAFaAEHCgA42R3jj4-N3Ju5oCCzeFa7BjQyAffGHMwx2yNC8a1FWzd5pl2ddx2G0FYhoC1g6UaWy4y4WIOpIGeZAs0NIMkYOZDonnurlGnFRTKMUc98QGUVXDf7hp9QNzTco4lEoXh1J7CiDLxeENumXoRr_3iGQlhrK_OnFSlamFi4DGrEOZN656lLxuLnDxtbXS9Lep693EKIqBT1CEFJigfIywxvnjzLG1tMDeNr3OrWOhuPhtGzzlU6T7aMnCcPq0fc7quZB9xqZSOnS--trfFg86BO99NdcCZNX-VHk-ZpJSB0UC5z1IpFg6iKkLmmahQoBg4_EKUEbZ0C3Yu9SS5lbXrkeHXBDvBQOJBXvsjoXqRffUgoz_PSKIklE1KFrPIXwGmr0wtqMOhjRcAldLqmyXH8tGxi1dSXHSOcg9_Q0jLT5-OQUOJ0P5_ThstkaD009PuCrtotiCe8MtZ3j3OGYv-myBre7oBU-ZJoiYQCiCOBYWRa-1ajAa5r4CmYazV-g0kZVF8aNCC_oTHpMVvyP9ZiMTcMRGVsKzsL4lBlvLnS9ngstvcUJEaP6nTVkfVPC67TjiWiQOXg-HFTCmikmcll82eMgb004T--TI6p7xSlkWDFXakgRWZNazLO4oLSRSkMQuM1MsDjGT3T96lUweIewzqc04agERek-mNaNgzyuVI6dujuwUOuKcs5UptjucLwVg6w2QkLE7Xc3T6MslpmB_MJD62Gr4K_B9x6TumUolVZMKoAbNFHQHqg08zEBIM16rQ-1r2L19uTii0qg14CA_u6GJbkW9YF2BGoVAHpKnujLTIQ5P51s6_G5a0n3xqBUNTJOB-Kwg_Q1-iq1CDv6MmbXMRPO5F-D0hmrG5GgnFC_36HlhL8o78NEm2oPLZS9uiivAgRPc58su176dU8ps1p-R_UATgz9pqtIYabW51O1uGTjCn5gq9SdyitNmK704X1mhC97osmuxMn20F7jWVpsIOP27k4-MOL2u4di7k0MPIHzmkUb3F10encRKEgNshWxgJ15vU
Requested by
Host: 185.141.195.200
URL: http://185.141.195.200/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 29 Jul 2023 10:56:47 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
;ID=179386;size=300x250;setID=481379;type=async;domid=placement_481379_0;place=0;pid=143886;sw=1600;sh=1200;spr=1;rnd=143886;referrer=http%3A%2F%2F185.141.195.200%2F;atf=1;click=CLICK_MACRO_PLACEHO...
servedbyadbutler.com/adserve/ 		720 B
979 B 		Script
General
Check archive.org
Download Go to
Full URL
http://servedbyadbutler.com/adserve/;ID=179386;size=300x250;setID=481379;type=async;domid=placement_481379_0;place=0;pid=143886;sw=1600;sh=1200;spr=1;rnd=143886;referrer=http%3A%2F%2F185.141.195.200%2F;atf=1;click=CLICK_MACRO_PLACEHOLDER
Requested by
Host: servedbyadbutler.com
URL: https://servedbyadbutler.com/app.js
Protocol
HTTP/1.1
Server
78.159.97.6 Frankenthal, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS
hosted-by.leaseweb.com
Software
nginx /
Resource Hash
505f05a230e913703ea01cbc6d206725f6791b442e6349cd1006c35bcd231d3c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://185.141.195.200/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 29 Jul 2023 10:56:47 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
nginx
Transfer-Encoding
chunked
Vary
Accept-Encoding
P3P
CP="ALL DSP COR CUR ADMi DEVi CONi TELi OUR BUS UNI PRE"
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
post-check=0, pre-check=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Expires
Mon, 26 Jul 1997 05:00:00 GMT
;ID=179386;size=300x250;setID=481379;type=async;domid=placement_481379_1;place=1;pid=143886;sw=1600;sh=1200;spr=1;rnd=143886;referrer=http%3A%2F%2F185.141.195.200%2F;atf=1;click=CLICK_MACRO_PLACEHO...
servedbyadbutler.com/adserve/ 		720 B
980 B 		Script
General
Check archive.org
Download Go to
Full URL
http://servedbyadbutler.com/adserve/;ID=179386;size=300x250;setID=481379;type=async;domid=placement_481379_1;place=1;pid=143886;sw=1600;sh=1200;spr=1;rnd=143886;referrer=http%3A%2F%2F185.141.195.200%2F;atf=1;click=CLICK_MACRO_PLACEHOLDER
Requested by
Host: servedbyadbutler.com
URL: https://servedbyadbutler.com/app.js
Protocol
HTTP/1.1
Server
78.159.97.6 Frankenthal, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS
hosted-by.leaseweb.com
Software
nginx /
Resource Hash
ef0884934d167c1a878dd2ceff085b16467976327f669e34b4a5107ae8304163
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://185.141.195.200/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 29 Jul 2023 10:56:47 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
nginx
Transfer-Encoding
chunked
Vary
Accept-Encoding
P3P
CP="ALL DSP COR CUR ADMi DEVi CONi TELi OUR BUS UNI PRE"
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
post-check=0, pre-check=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Expires
Mon, 26 Jul 1997 05:00:00 GMT
eurobank_logo.png
s0.2mdn.net/sadbundle/6208020751271044958/images/ Frame DB2C 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/6208020751271044958/images/eurobank_logo.png?1687441249562
Requested by
Host: 185.141.195.200
URL: http://185.141.195.200/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1720c0c827f55660327430419698f3b0c0ad76f7a1e91cada7011996494904bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6208020751271044958/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Thu, 27 Jul 2023 00:08:53 GMT
x-content-type-options
nosniff
age
211674
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5888
x-xss-protection
0
last-modified
Mon, 26 Jun 2023 13:19:24 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 26 Jul 2024 00:08:53 GMT
eurobank_logo2.png
s0.2mdn.net/sadbundle/13458257475971390350/images/ Frame AD52 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/13458257475971390350/images/eurobank_logo2.png?1689334741185
Requested by
Host: 185.141.195.200
URL: http://185.141.195.200/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c58ec14ea79b2b776949764b7bbe3c45e7721a8e0a53537dc5c10cc6053c3106
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/13458257475971390350/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Fri, 28 Jul 2023 07:05:46 GMT
x-content-type-options
nosniff
age
100261
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3613
x-xss-protection
0
last-modified
Mon, 17 Jul 2023 09:09:23 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 27 Jul 2024 07:05:46 GMT
img1.jpg
s0.2mdn.net/sadbundle/6208020751271044958/images/ Frame DB2C 		31 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/6208020751271044958/images/img1.jpg?1687441249562
Requested by
Host: 185.141.195.200
URL: http://185.141.195.200/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
de5930d6e271c5c1c05b7aea56d8f2c2d849c316b69b9ed3cc6cc6fa55d2fbc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6208020751271044958/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Sat, 29 Jul 2023 10:18:19 GMT
x-content-type-options
nosniff
age
2308
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31814
x-xss-protection
0
last-modified
Mon, 26 Jun 2023 13:19:24 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 28 Jul 2024 10:18:19 GMT
img1.jpg
s0.2mdn.net/sadbundle/13458257475971390350/images/ Frame AD52 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/13458257475971390350/images/img1.jpg?1689334741185
Requested by
Host: 185.141.195.200
URL: http://185.141.195.200/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2c7bfad8d4f34b4070fdff2b119a08204269f174054f1305f3b2f5f27ab4d7d5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/13458257475971390350/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Sat, 29 Jul 2023 05:15:28 GMT
x-content-type-options
nosniff
age
20479
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12204
x-xss-protection
0
last-modified
Mon, 17 Jul 2023 09:09:23 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 28 Jul 2024 05:15:28 GMT
index.html
servedbyadbutler.com/creative-179386-3902195/ Frame B29E 		133 KB
24 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://servedbyadbutler.com/creative-179386-3902195/index.html?clickTag=https%3A%2F%2Fservedbyadbutler.com%2Fredirect.spark%3FMID%3D179386%26plid%3D2141822%26setID%3D622092%26channelID%3D0%26CID%3D785344%26banID%3D521190906%26PID%3D0%26textadID%3D0%26tc%3D1%26adSize%3D300x250%26mt%3D1690628207095044%26sw%3D1600%26sh%3D1200%26spr%3D1%26referrer%3Dhttp%253A%252F%252F185.141.195.200%252F%26hc%3D2882881a8b59668da5220bca36bdecc86aec378a%26location%3D&clicktag=https%3A%2F%2Fservedbyadbutler.com%2Fredirect.spark%3FMID%3D179386%26plid%3D2141822%26setID%3D622092%26channelID%3D0%26CID%3D785344%26banID%3D521190906%26PID%3D0%26textadID%3D0%26tc%3D1%26adSize%3D300x250%26mt%3D1690628207095044%26sw%3D1600%26sh%3D1200%26spr%3D1%26referrer%3Dhttp%253A%252F%252F185.141.195.200%252F%26hc%3D2882881a8b59668da5220bca36bdecc86aec378a%26location%3D&__ab_location=https%3A%2F%2Fservedbyadbutler.com%2Fredirect.spark%3FMID%3D179386%26plid%3D2141822%26setID%3D622092%26channelID%3D0%26CID%3D785344%26banID%3D521190906%26PID%3D0%26textadID%3D0%26tc%3D1%26adSize%3D300x250%26mt%3D1690628207095044%26sw%3D1600%26sh%3D1200%26spr%3D1%26referrer%3Dhttp%253A%252F%252F185.141.195.200%252F%26hc%3D2882881a8b59668da5220bca36bdecc86aec378a%26location%3D&__ab_zone_id=622092&__ab_zone_name=tomanifesto.gr_300x250_Pepattikhs&__ab_publisher_id=91849&__ab_publisher_name=tomanifesto.gr&__ab_campaign_id=785344&__ab_campaign_name=Pep%20Attikhs%20Summer&__ab_advertiser_id=184399&__ab_advertiser_name=PEP%20Attikis&__ab_banner_id=521190906&__ab_extra_data=&sw=1600&sh=1200&spr=1
Requested by
Host: servedbyadbutler.com
URL: https://servedbyadbutler.com/adserve/;ID=179386;size=300x250;setID=622092;type=js;sw=1600;sh=1200;spr=1;kw=;pid=143886;place=0;rnd=143886;click=CLICK_MACRO_PLACEHOLDER
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
78.159.97.6 Frankenthal, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS
hosted-by.leaseweb.com
Software
nginx /
Resource Hash
edd3a3883085ee1bed0760608197edfcdc77bfa78e12bae10f9bd9e1f4e28b7b

Request headers

Referer
http://185.141.195.200/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-origin
http://185.141.195.200
cache-control
max-age=31536000
content-disposition
inline; filename=index.html
content-encoding
gzip
content-type
text/html
date
Sat, 29 Jul 2023 10:56:47 GMT
expires
Sun, 28 Jul 2024 03:56:47 PDT
server
nginx
vary
Accept-Encoding
;ID=179386;size=300x250;setID=622092;type=js;sw=1600;sh=1200;spr=1;kw=;pid=143886;place=1;rnd=143886;click=CLICK_MACRO_PLACEHOLDER
servedbyadbutler.com/adserve/ 		2 KB
906 B 		Script
General
Check archive.org
Download Go to
Full URL
https://servedbyadbutler.com/adserve/;ID=179386;size=300x250;setID=622092;type=js;sw=1600;sh=1200;spr=1;kw=;pid=143886;place=1;rnd=143886;click=CLICK_MACRO_PLACEHOLDER
Requested by
Host: 185.141.195.200
URL: http://185.141.195.200/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
78.159.97.6 Frankenthal, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS
hosted-by.leaseweb.com
Software
nginx /
Resource Hash
6679c4cf8d25b71d9b0a9e509608b505e987cf4f44ee1b824b62145750936702
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://185.141.195.200/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

pragma
no-cache
date
Sat, 29 Jul 2023 10:56:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
nginx
vary
Accept-Encoding
p3p
CP="ALL DSP COR CUR ADMi DEVi CONi TELi OUR BUS UNI PRE"
content-type
application/javascript
access-control-allow-origin
*
cache-control
post-check=0, pre-check=0
access-control-allow-credentials
true
expires
Mon, 26 Jul 1997 05:00:00 GMT
t1.png
s0.2mdn.net/sadbundle/6208020751271044958/images/ Frame DB2C 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/6208020751271044958/images/t1.png?1687441249562
Requested by
Host: 185.141.195.200
URL: http://185.141.195.200/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
31b16722efc21fa768473abeef8f68c7a143a38c838d355b5fd6984cfb35993b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6208020751271044958/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Sat, 29 Jul 2023 06:25:35 GMT
x-content-type-options
nosniff
age
16272
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4896
x-xss-protection
0
last-modified
Mon, 26 Jun 2023 13:19:24 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 28 Jul 2024 06:25:35 GMT
logo_top.png
s0.2mdn.net/sadbundle/13458257475971390350/images/ Frame AD52 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/13458257475971390350/images/logo_top.png?1689334741185
Requested by
Host: 185.141.195.200
URL: http://185.141.195.200/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5b8bebfe86b60cc1099e37d75bdbf42f8a84352f35a8ccdb64633c5ade63ea9e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/13458257475971390350/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Wed, 26 Jul 2023 14:57:07 GMT
x-content-type-options
nosniff
age
244780
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5793
x-xss-protection
0
last-modified
Mon, 17 Jul 2023 09:09:23 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 25 Jul 2024 14:57:07 GMT
;libID=3678412
servedbyadbutler.com/getad.img/ 		20 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://servedbyadbutler.com/getad.img/;libID=3678412
Requested by
Host: 185.141.195.200
URL: http://185.141.195.200/
Protocol
HTTP/1.1
Server
78.159.97.6 Frankenthal, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS
hosted-by.leaseweb.com
Software
nginx /
Resource Hash
6a179f3ccfe9ed3b8be771eb55366245c366bb5698f9987c693b8fd0f10ddf21

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://185.141.195.200/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Date
Sat, 29 Jul 2023 10:56:47 GMT
Last-Modified
Thu, 24 Nov 2022 22:00:19 GMT
Server
nginx
ETag
"637fe973-516d"
Content-Type
image/gif
Access-Control-Allow-Origin
http://185.141.195.200
Cache-Control
max-age=31536000
Access-Control-Allow-Credentials
true
Content-Disposition
inline; filename="FISIKON-paketo-300x250.gif"
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
20845
Expires
Sun, 28 Jul 2024 03:56:47 PDT
t2.png
s0.2mdn.net/sadbundle/6208020751271044958/images/ Frame DB2C 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/6208020751271044958/images/t2.png?1687441249562
Requested by
Host: 185.141.195.200
URL: http://185.141.195.200/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
53fb993a40c068e1a90cd360cf4d802db5638c29ebcb1d8938196ec31742d62c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6208020751271044958/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Sat, 29 Jul 2023 01:19:04 GMT
x-content-type-options
nosniff
age
34663
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5182
x-xss-protection
0
last-modified
Mon, 26 Jun 2023 13:19:24 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 28 Jul 2024 01:19:04 GMT
red_device.png
s0.2mdn.net/sadbundle/13458257475971390350/images/ Frame AD52 		0
0
Enabler.js
s0.2mdn.net/ads/studio/ Frame B29E 		0
0
index.html
servedbyadbutler.com/creative-179386-3902155/ Frame DCC0 		138 KB
24 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://servedbyadbutler.com/creative-179386-3902155/index.html?clickTag=https%3A%2F%2Fservedbyadbutler.com%2Fredirect.spark%3FMID%3D179386%26plid%3D2141822%26setID%3D622092%26channelID%3D0%26CID%3D785344%26banID%3D521190904%26PID%3D0%26textadID%3D0%26tc%3D1%26adSize%3D300x250%26mt%3D1690628207159792%26sw%3D1600%26sh%3D1200%26spr%3D1%26referrer%3Dhttp%253A%252F%252F185.141.195.200%252F%26hc%3Da1f50cad1397c422cbc1ea3e1d137bc5543209c0%26location%3D&clicktag=https%3A%2F%2Fservedbyadbutler.com%2Fredirect.spark%3FMID%3D179386%26plid%3D2141822%26setID%3D622092%26channelID%3D0%26CID%3D785344%26banID%3D521190904%26PID%3D0%26textadID%3D0%26tc%3D1%26adSize%3D300x250%26mt%3D1690628207159792%26sw%3D1600%26sh%3D1200%26spr%3D1%26referrer%3Dhttp%253A%252F%252F185.141.195.200%252F%26hc%3Da1f50cad1397c422cbc1ea3e1d137bc5543209c0%26location%3D&__ab_location=https%3A%2F%2Fservedbyadbutler.com%2Fredirect.spark%3FMID%3D179386%26plid%3D2141822%26setID%3D622092%26channelID%3D0%26CID%3D785344%26banID%3D521190904%26PID%3D0%26textadID%3D0%26tc%3D1%26adSize%3D300x250%26mt%3D1690628207159792%26sw%3D1600%26sh%3D1200%26spr%3D1%26referrer%3Dhttp%253A%252F%252F185.141.195.200%252F%26hc%3Da1f50cad1397c422cbc1ea3e1d137bc5543209c0%26location%3D&__ab_zone_id=622092&__ab_zone_name=tomanifesto.gr_300x250_Pepattikhs&__ab_publisher_id=91849&__ab_publisher_name=tomanifesto.gr&__ab_campaign_id=785344&__ab_campaign_name=Pep%20Attikhs%20Summer&__ab_advertiser_id=184399&__ab_advertiser_name=PEP%20Attikis&__ab_banner_id=521190904&__ab_extra_data=&sw=1600&sh=1200&spr=1
Requested by
Host: servedbyadbutler.com
URL: https://servedbyadbutler.com/adserve/;ID=179386;size=300x250;setID=622092;type=js;sw=1600;sh=1200;spr=1;kw=;pid=143886;place=1;rnd=143886;click=CLICK_MACRO_PLACEHOLDER
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
78.159.97.6 Frankenthal, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS
hosted-by.leaseweb.com
Software
nginx /
Resource Hash
fffc3dc4d563105885df621a4eb075480a26f067827c813c2b9db0eaf73b5cea

Request headers

Referer
http://185.141.195.200/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-origin
http://185.141.195.200
cache-control
max-age=31536000
content-disposition
inline; filename=index.html
content-encoding
gzip
content-type
text/html
date
Sat, 29 Jul 2023 10:56:47 GMT
expires
Sun, 28 Jul 2024 03:56:47 PDT
server
nginx
vary
Accept-Encoding
fb.svg
185.141.195.200/tomanifesto/images/icons/socials/ 		968 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://185.141.195.200/tomanifesto/images/icons/socials/fb.svg
Requested by
Host: 185.141.195.200
URL: http://185.141.195.200/
Protocol
HTTP/1.1
Server
185.141.195.200 , United Kingdom, ASN46844 (SHARKTECH, US),
Reverse DNS
Software
LiteSpeed /
Resource Hash
c8501980637b40d9cecdc1a9198d5c9c6d055616e1fe8592d312e3be7199d4d8
Security Headers
Name Value
Strict-Transport-Security max-age=5; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block;

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://185.141.195.200/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Sat, 29 Jul 2023 10:56:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=5; includeSubDomains
x-permitted-cross-domain-policies
none;
cross-origin-embedder-policy
unsafe-none;
cross-origin-resource-policy
same-origin;
Connection
Keep-Alive
content-length
419
x-xss-protection
1; mode=block;
referrer-policy
strict-origin-when-cross-origin
last-modified
Fri, 28 Jul 2023 10:38:09 GMT
server
LiteSpeed
cross-origin-opener-policy
same-origin-allow-popups;
etag
"3c8-64c39a91-71d6ee74998d615f;gz"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=604800
access-control-allow-credentials
false
permissions-policy
geolocation=(self), payment=(self)
accept-ranges
bytes
Keep-Alive
timeout=5, max=100
access-control-allow-headers
x-requested-with
expires
Sat, 05 Aug 2023 10:56:47 GMT
instagram.svg
185.141.195.200/tomanifesto/images/icons/socials/ 		4 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://185.141.195.200/tomanifesto/images/icons/socials/instagram.svg
Requested by
Host: 185.141.195.200
URL: http://185.141.195.200/
Protocol
HTTP/1.1
Server
185.141.195.200 , United Kingdom, ASN46844 (SHARKTECH, US),
Reverse DNS
Software
LiteSpeed /
Resource Hash
2b83a5db2089d8908b63cf98bdd4a6080823311229c114bedd685cd4c4659704
Security Headers
Name Value
Strict-Transport-Security max-age=5; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block;

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://185.141.195.200/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Sat, 29 Jul 2023 10:56:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=5; includeSubDomains
x-permitted-cross-domain-policies
none;
cross-origin-embedder-policy
unsafe-none;
cross-origin-resource-policy
same-origin;
Connection
Keep-Alive
content-length
1643
x-xss-protection
1; mode=block;
referrer-policy
strict-origin-when-cross-origin
last-modified
Fri, 28 Jul 2023 10:38:09 GMT
server
LiteSpeed
cross-origin-opener-policy
same-origin-allow-popups;
etag
"10b1-64c39a91-b84264a233e84742;gz"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=604800
access-control-allow-credentials
false
permissions-policy
geolocation=(self), payment=(self)
accept-ranges
bytes
Keep-Alive
timeout=5, max=100
access-control-allow-headers
x-requested-with
expires
Sat, 05 Aug 2023 10:56:47 GMT
twitter.svg
185.141.195.200/tomanifesto/images/icons/socials/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://185.141.195.200/tomanifesto/images/icons/socials/twitter.svg
Requested by
Host: 185.141.195.200
URL: http://185.141.195.200/
Protocol
HTTP/1.1
Server
185.141.195.200 , United Kingdom, ASN46844 (SHARKTECH, US),
Reverse DNS
Software
LiteSpeed /
Resource Hash
b4533db70d6fb219cba7cca73a7bb547de1e6510d6b32d6745babad98963a9da
Security Headers
Name Value
Strict-Transport-Security max-age=5; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block;

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://185.141.195.200/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Sat, 29 Jul 2023 10:56:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=5; includeSubDomains
x-permitted-cross-domain-policies
none;
cross-origin-embedder-policy
unsafe-none;
cross-origin-resource-policy
same-origin;
Connection
Keep-Alive
content-length
784
x-xss-protection
1; mode=block;
referrer-policy
strict-origin-when-cross-origin
last-modified
Fri, 28 Jul 2023 10:38:09 GMT
server
LiteSpeed
cross-origin-opener-policy
same-origin-allow-popups;
etag
"7f8-64c39a91-e2ca0c220108e799;gz"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=604800
access-control-allow-credentials
false
permissions-policy
geolocation=(self), payment=(self)
accept-ranges
bytes
Keep-Alive
timeout=5, max=100
access-control-allow-headers
x-requested-with
expires
Sat, 05 Aug 2023 10:56:47 GMT
linkedin.svg
185.141.195.200/tomanifesto/images/icons/socials/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://185.141.195.200/tomanifesto/images/icons/socials/linkedin.svg
Requested by
Host: 185.141.195.200
URL: http://185.141.195.200/
Protocol
HTTP/1.1
Server
185.141.195.200 , United Kingdom, ASN46844 (SHARKTECH, US),
Reverse DNS
Software
LiteSpeed /
Resource Hash
68f3bcd5501ce9c8276572a50dd9bc2a521e2a4228ecabd6df83532807a8fb9c
Security Headers
Name Value
Strict-Transport-Security max-age=5; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block;

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://185.141.195.200/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Sat, 29 Jul 2023 10:56:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=5; includeSubDomains
x-permitted-cross-domain-policies
none;
cross-origin-embedder-policy
unsafe-none;
cross-origin-resource-policy
same-origin;
Connection
Keep-Alive
content-length
676
x-xss-protection
1; mode=block;
referrer-policy
strict-origin-when-cross-origin
last-modified
Fri, 28 Jul 2023 10:38:09 GMT
server
LiteSpeed
cross-origin-opener-policy
same-origin-allow-popups;
etag
"6af-64c39a91-a3ea312d524bfaa3;gz"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=604800
access-control-allow-credentials
false
permissions-policy
geolocation=(self), payment=(self)
accept-ranges
bytes
Keep-Alive
timeout=5, max=100
access-control-allow-headers
x-requested-with
expires
Sat, 05 Aug 2023 10:56:47 GMT
logo.svg
185.141.195.200/tomanifesto/images/logos/ 		20 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://185.141.195.200/tomanifesto/images/logos/logo.svg
Requested by
Host: 185.141.195.200
URL: http://185.141.195.200/
Protocol
HTTP/1.1
Server
185.141.195.200 , United Kingdom, ASN46844 (SHARKTECH, US),
Reverse DNS
Software
LiteSpeed /
Resource Hash
a5fef59428995ef5e84de81c79216b2e245d55917311c5843a042481c48a4539
Security Headers
Name Value
Strict-Transport-Security max-age=5; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block;

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://185.141.195.200/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Sat, 29 Jul 2023 10:56:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=5; includeSubDomains
x-permitted-cross-domain-policies
none;
cross-origin-embedder-policy
unsafe-none;
cross-origin-resource-policy
same-origin;
Connection
Keep-Alive
content-length
8108
x-xss-protection
1; mode=block;
referrer-policy
strict-origin-when-cross-origin
last-modified
Fri, 28 Jul 2023 10:38:09 GMT
server
LiteSpeed
cross-origin-opener-policy
same-origin-allow-popups;
etag
"5066-64c39a91-29d716d859ac0ede;gz"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=604800
access-control-allow-credentials
false
permissions-policy
geolocation=(self), payment=(self)
accept-ranges
bytes
Keep-Alive
timeout=5, max=100
access-control-allow-headers
x-requested-with
expires
Sat, 05 Aug 2023 10:56:47 GMT
dc_oe=ChMI54u87eCzgAMVpZL9Bx2dUQOCEAAYACDE4YNd;met=1;&timestamp=1690628207198;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=0;
ade.googlesyndication.com/ddm/activity/ Frame F32A 		0
0
activeview
pagead2.googlesyndication.com/pcs/ Frame F32A 		0
0
t3.png
s0.2mdn.net/sadbundle/6208020751271044958/images/ Frame DB2C 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/6208020751271044958/images/t3.png?1687441249562
Requested by
Host: 185.141.195.200
URL: http://185.141.195.200/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8d86696a8c678eead17fd20b390a386e6c49c1758fe5c7168d05ade5f36d6ce8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6208020751271044958/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Fri, 28 Jul 2023 09:03:00 GMT
x-content-type-options
nosniff
age
93227
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4391
x-xss-protection
0
last-modified
Mon, 26 Jun 2023 13:19:24 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 27 Jul 2024 09:03:00 GMT
fb.svg
185.141.195.200/tomanifesto/images/icons/socials/ 		968 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
http://185.141.195.200/tomanifesto/images/icons/socials/fb.svg
Requested by
Host: 185.141.195.200
URL: http://185.141.195.200/tomanifesto/js/final-app.js?id=03d66c022483c437602553dfb6370703
Protocol
HTTP/1.1
Server
185.141.195.200 , United Kingdom, ASN46844 (SHARKTECH, US),
Reverse DNS
Software
LiteSpeed /
Resource Hash
c8501980637b40d9cecdc1a9198d5c9c6d055616e1fe8592d312e3be7199d4d8
Security Headers
Name Value
Strict-Transport-Security max-age=5; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block;

Request headers

Accept
application/xml, text/xml, */*; q=0.01
Referer
http://185.141.195.200/
X-CSRF-TOKEN
gxaUdTd4xgWyLDri9Eo0jSXqffDmrYWMEwplHPWI
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Sat, 29 Jul 2023 10:56:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=5; includeSubDomains
x-permitted-cross-domain-policies
none;
cross-origin-embedder-policy
unsafe-none;
cross-origin-resource-policy
same-origin;
Connection
Keep-Alive
content-length
419
x-xss-protection
1; mode=block;
referrer-policy
strict-origin-when-cross-origin
last-modified
Fri, 28 Jul 2023 10:38:09 GMT
server
LiteSpeed
cross-origin-opener-policy
same-origin-allow-popups;
etag
"3c8-64c39a91-71d6ee74998d615f;gz"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=604800
access-control-allow-credentials
false
permissions-policy
geolocation=(self), payment=(self)
accept-ranges
bytes
Keep-Alive
timeout=5, max=100
access-control-allow-headers
x-requested-with
expires
Sat, 05 Aug 2023 10:56:47 GMT
instagram.svg
185.141.195.200/tomanifesto/images/icons/socials/ 		4 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
http://185.141.195.200/tomanifesto/images/icons/socials/instagram.svg
Requested by
Host: 185.141.195.200
URL: http://185.141.195.200/tomanifesto/js/final-app.js?id=03d66c022483c437602553dfb6370703
Protocol
HTTP/1.1
Server
185.141.195.200 , United Kingdom, ASN46844 (SHARKTECH, US),
Reverse DNS
Software
LiteSpeed /
Resource Hash
2b83a5db2089d8908b63cf98bdd4a6080823311229c114bedd685cd4c4659704
Security Headers
Name Value
Strict-Transport-Security max-age=5; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block;

Request headers

Accept
application/xml, text/xml, */*; q=0.01
Referer
http://185.141.195.200/
X-CSRF-TOKEN
gxaUdTd4xgWyLDri9Eo0jSXqffDmrYWMEwplHPWI
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Sat, 29 Jul 2023 10:56:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=5; includeSubDomains
x-permitted-cross-domain-policies
none;
cross-origin-embedder-policy
unsafe-none;
cross-origin-resource-policy
same-origin;
Connection
Keep-Alive
content-length
1643
x-xss-protection
1; mode=block;
referrer-policy
strict-origin-when-cross-origin
last-modified
Fri, 28 Jul 2023 10:38:09 GMT
server
LiteSpeed
cross-origin-opener-policy
same-origin-allow-popups;
etag
"10b1-64c39a91-b84264a233e84742;gz"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=604800
access-control-allow-credentials
false
permissions-policy
geolocation=(self), payment=(self)
accept-ranges
bytes
Keep-Alive
timeout=5, max=100
access-control-allow-headers
x-requested-with
expires
Sat, 05 Aug 2023 10:56:47 GMT
twitter.svg
185.141.195.200/tomanifesto/images/icons/socials/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
http://185.141.195.200/tomanifesto/images/icons/socials/twitter.svg
Requested by
Host: 185.141.195.200
URL: http://185.141.195.200/tomanifesto/js/final-app.js?id=03d66c022483c437602553dfb6370703
Protocol
HTTP/1.1
Server
185.141.195.200 , United Kingdom, ASN46844 (SHARKTECH, US),
Reverse DNS
Software
LiteSpeed /
Resource Hash
b4533db70d6fb219cba7cca73a7bb547de1e6510d6b32d6745babad98963a9da
Security Headers
Name Value
Strict-Transport-Security max-age=5; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block;

Request headers

Accept
application/xml, text/xml, */*; q=0.01
Referer
http://185.141.195.200/
X-CSRF-TOKEN
gxaUdTd4xgWyLDri9Eo0jSXqffDmrYWMEwplHPWI
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Sat, 29 Jul 2023 10:56:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=5; includeSubDomains
x-permitted-cross-domain-policies
none;
cross-origin-embedder-policy
unsafe-none;
cross-origin-resource-policy
same-origin;
Connection
Keep-Alive
content-length
784
x-xss-protection
1; mode=block;
referrer-policy
strict-origin-when-cross-origin
last-modified
Fri, 28 Jul 2023 10:38:09 GMT
server
LiteSpeed
cross-origin-opener-policy
same-origin-allow-popups;
etag
"7f8-64c39a91-e2ca0c220108e799;gz"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=604800
access-control-allow-credentials
false
permissions-policy
geolocation=(self), payment=(self)
accept-ranges
bytes
Keep-Alive
timeout=5, max=100
access-control-allow-headers
x-requested-with
expires
Sat, 05 Aug 2023 10:56:47 GMT
linkedin.svg
185.141.195.200/tomanifesto/images/icons/socials/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
http://185.141.195.200/tomanifesto/images/icons/socials/linkedin.svg
Requested by
Host: 185.141.195.200
URL: http://185.141.195.200/tomanifesto/js/final-app.js?id=03d66c022483c437602553dfb6370703
Protocol
HTTP/1.1
Server
185.141.195.200 , United Kingdom, ASN46844 (SHARKTECH, US),
Reverse DNS
Software
LiteSpeed /
Resource Hash
68f3bcd5501ce9c8276572a50dd9bc2a521e2a4228ecabd6df83532807a8fb9c
Security Headers
Name Value
Strict-Transport-Security max-age=5; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block;

Request headers

Accept
application/xml, text/xml, */*; q=0.01
Referer
http://185.141.195.200/
X-CSRF-TOKEN
gxaUdTd4xgWyLDri9Eo0jSXqffDmrYWMEwplHPWI
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Sat, 29 Jul 2023 10:56:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=5; includeSubDomains
x-permitted-cross-domain-policies
none;
cross-origin-embedder-policy
unsafe-none;
cross-origin-resource-policy
same-origin;
Connection
Keep-Alive
content-length
676
x-xss-protection
1; mode=block;
referrer-policy
strict-origin-when-cross-origin
last-modified
Fri, 28 Jul 2023 10:38:09 GMT
server
LiteSpeed
cross-origin-opener-policy
same-origin-allow-popups;
etag
"6af-64c39a91-a3ea312d524bfaa3;gz"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=604800
access-control-allow-credentials
false
permissions-policy
geolocation=(self), payment=(self)
accept-ranges
bytes
Keep-Alive
timeout=5, max=100
access-control-allow-headers
x-requested-with
expires
Sat, 05 Aug 2023 10:56:47 GMT
caret.svg
185.141.195.200/tomanifesto/images/icons/ 		780 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
http://185.141.195.200/tomanifesto/images/icons/caret.svg
Requested by
Host: 185.141.195.200
URL: http://185.141.195.200/tomanifesto/js/final-app.js?id=03d66c022483c437602553dfb6370703
Protocol
HTTP/1.1
Server
185.141.195.200 , United Kingdom, ASN46844 (SHARKTECH, US),
Reverse DNS
Software
LiteSpeed /
Resource Hash
1e41e2ff1878b14ee287db69cb6a6cfa937919ba9e665f8e78566ab7243e462a
Security Headers
Name Value
Strict-Transport-Security max-age=5; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block;

Request headers

Accept
application/xml, text/xml, */*; q=0.01
Referer
http://185.141.195.200/
X-CSRF-TOKEN
gxaUdTd4xgWyLDri9Eo0jSXqffDmrYWMEwplHPWI
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Sat, 29 Jul 2023 10:56:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=5; includeSubDomains
x-permitted-cross-domain-policies
none;
cross-origin-embedder-policy
unsafe-none;
cross-origin-resource-policy
same-origin;
Connection
Keep-Alive
content-length
338
x-xss-protection
1; mode=block;
referrer-policy
strict-origin-when-cross-origin
last-modified
Fri, 28 Jul 2023 10:38:09 GMT
server
LiteSpeed
cross-origin-opener-policy
same-origin-allow-popups;
etag
"30c-64c39a91-3a3c740f42b85a1e;gz"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=604800
access-control-allow-credentials
false
permissions-policy
geolocation=(self), payment=(self)
accept-ranges
bytes
Keep-Alive
timeout=5, max=100
access-control-allow-headers
x-requested-with
expires
Sat, 05 Aug 2023 10:56:47 GMT
fb.svg
185.141.195.200/tomanifesto/images/icons/socials/ 		968 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
http://185.141.195.200/tomanifesto/images/icons/socials/fb.svg
Requested by
Host: 185.141.195.200
URL: http://185.141.195.200/tomanifesto/js/final-app.js?id=03d66c022483c437602553dfb6370703
Protocol
HTTP/1.1
Server
185.141.195.200 , United Kingdom, ASN46844 (SHARKTECH, US),
Reverse DNS
Software
LiteSpeed /
Resource Hash
c8501980637b40d9cecdc1a9198d5c9c6d055616e1fe8592d312e3be7199d4d8
Security Headers
Name Value
Strict-Transport-Security max-age=5; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block;

Request headers

Accept
application/xml, text/xml, */*; q=0.01
Referer
http://185.141.195.200/
X-CSRF-TOKEN
gxaUdTd4xgWyLDri9Eo0jSXqffDmrYWMEwplHPWI
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Sat, 29 Jul 2023 10:56:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=5; includeSubDomains
x-permitted-cross-domain-policies
none;
cross-origin-embedder-policy
unsafe-none;
cross-origin-resource-policy
same-origin;
Connection
Keep-Alive
content-length
419
x-xss-protection
1; mode=block;
referrer-policy
strict-origin-when-cross-origin
last-modified
Fri, 28 Jul 2023 10:38:09 GMT
server
LiteSpeed
cross-origin-opener-policy
same-origin-allow-popups;
etag
"3c8-64c39a91-71d6ee74998d615f;gz"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=604800
access-control-allow-credentials
false
permissions-policy
geolocation=(self), payment=(self)
accept-ranges
bytes
Keep-Alive
timeout=5, max=100
access-control-allow-headers
x-requested-with
expires
Sat, 05 Aug 2023 10:56:47 GMT
instagram.svg
185.141.195.200/tomanifesto/images/icons/socials/ 		4 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
http://185.141.195.200/tomanifesto/images/icons/socials/instagram.svg
Requested by
Host: 185.141.195.200
URL: http://185.141.195.200/tomanifesto/js/final-app.js?id=03d66c022483c437602553dfb6370703
Protocol
HTTP/1.1
Server
185.141.195.200 , United Kingdom, ASN46844 (SHARKTECH, US),
Reverse DNS
Software
LiteSpeed /
Resource Hash
2b83a5db2089d8908b63cf98bdd4a6080823311229c114bedd685cd4c4659704
Security Headers
Name Value
Strict-Transport-Security max-age=5; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block;

Request headers

Accept
application/xml, text/xml, */*; q=0.01
Referer
http://185.141.195.200/
X-CSRF-TOKEN
gxaUdTd4xgWyLDri9Eo0jSXqffDmrYWMEwplHPWI
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Sat, 29 Jul 2023 10:56:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=5; includeSubDomains
x-permitted-cross-domain-policies
none;
cross-origin-embedder-policy
unsafe-none;
cross-origin-resource-policy
same-origin;
Connection
Keep-Alive
content-length
1643
x-xss-protection
1; mode=block;
referrer-policy
strict-origin-when-cross-origin
last-modified
Fri, 28 Jul 2023 10:38:09 GMT
server
LiteSpeed
cross-origin-opener-policy
same-origin-allow-popups;
etag
"10b1-64c39a91-b84264a233e84742;gz"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=604800
access-control-allow-credentials
false
permissions-policy
geolocation=(self), payment=(self)
accept-ranges
bytes
Keep-Alive
timeout=5, max=100
access-control-allow-headers
x-requested-with
expires
Sat, 05 Aug 2023 10:56:47 GMT
twitter.svg
185.141.195.200/tomanifesto/images/icons/socials/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
http://185.141.195.200/tomanifesto/images/icons/socials/twitter.svg
Requested by
Host: 185.141.195.200
URL: http://185.141.195.200/tomanifesto/js/final-app.js?id=03d66c022483c437602553dfb6370703
Protocol
HTTP/1.1
Server
185.141.195.200 , United Kingdom, ASN46844 (SHARKTECH, US),
Reverse DNS
Software
LiteSpeed /
Resource Hash
b4533db70d6fb219cba7cca73a7bb547de1e6510d6b32d6745babad98963a9da
Security Headers
Name Value
Strict-Transport-Security max-age=5; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block;

Request headers

Accept
application/xml, text/xml, */*; q=0.01
Referer
http://185.141.195.200/
X-CSRF-TOKEN
gxaUdTd4xgWyLDri9Eo0jSXqffDmrYWMEwplHPWI
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Sat, 29 Jul 2023 10:56:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=5; includeSubDomains
x-permitted-cross-domain-policies
none;
cross-origin-embedder-policy
unsafe-none;
cross-origin-resource-policy
same-origin;
Connection
Keep-Alive
content-length
784
x-xss-protection
1; mode=block;
referrer-policy
strict-origin-when-cross-origin
last-modified
Fri, 28 Jul 2023 10:38:09 GMT
server
LiteSpeed
cross-origin-opener-policy
same-origin-allow-popups;
etag
"7f8-64c39a91-e2ca0c220108e799;gz"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=604800
access-control-allow-credentials
false
permissions-policy
geolocation=(self), payment=(self)
accept-ranges
bytes
Keep-Alive
timeout=5, max=100
access-control-allow-headers
x-requested-with
expires
Sat, 05 Aug 2023 10:56:47 GMT
linkedin.svg
185.141.195.200/tomanifesto/images/icons/socials/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
http://185.141.195.200/tomanifesto/images/icons/socials/linkedin.svg
Requested by
Host: 185.141.195.200
URL: http://185.141.195.200/tomanifesto/js/final-app.js?id=03d66c022483c437602553dfb6370703
Protocol
HTTP/1.1
Server
185.141.195.200 , United Kingdom, ASN46844 (SHARKTECH, US),
Reverse DNS
Software
LiteSpeed /
Resource Hash
68f3bcd5501ce9c8276572a50dd9bc2a521e2a4228ecabd6df83532807a8fb9c
Security Headers
Name Value
Strict-Transport-Security max-age=5; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block;

Request headers

Accept
application/xml, text/xml, */*; q=0.01
Referer
http://185.141.195.200/
X-CSRF-TOKEN
gxaUdTd4xgWyLDri9Eo0jSXqffDmrYWMEwplHPWI
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Sat, 29 Jul 2023 10:56:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=5; includeSubDomains
x-permitted-cross-domain-policies
none;
cross-origin-embedder-policy
unsafe-none;
cross-origin-resource-policy
same-origin;
Connection
Keep-Alive
content-length
676
x-xss-protection
1; mode=block;
referrer-policy
strict-origin-when-cross-origin
last-modified
Fri, 28 Jul 2023 10:38:09 GMT
server
LiteSpeed
cross-origin-opener-policy
same-origin-allow-popups;
etag
"6af-64c39a91-a3ea312d524bfaa3;gz"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=604800
access-control-allow-credentials
false
permissions-policy
geolocation=(self), payment=(self)
accept-ranges
bytes
Keep-Alive
timeout=5, max=100
access-control-allow-headers
x-requested-with
expires
Sat, 05 Aug 2023 10:56:47 GMT
dpheart.svg
185.141.195.200/tomanifesto/images/icons/ 		513 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
http://185.141.195.200/tomanifesto/images/icons/dpheart.svg
Requested by
Host: 185.141.195.200
URL: http://185.141.195.200/tomanifesto/js/final-app.js?id=03d66c022483c437602553dfb6370703
Protocol
HTTP/1.1
Server
185.141.195.200 , United Kingdom, ASN46844 (SHARKTECH, US),
Reverse DNS
Software
LiteSpeed /
Resource Hash
1d688ba1a584d2e9ac5a1a96d4747650e3c5911df1f3e7f7fcb636d1d1463269
Security Headers
Name Value
Strict-Transport-Security max-age=5; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block;

Request headers

Accept
application/xml, text/xml, */*; q=0.01
Referer
http://185.141.195.200/
X-CSRF-TOKEN
gxaUdTd4xgWyLDri9Eo0jSXqffDmrYWMEwplHPWI
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Sat, 29 Jul 2023 10:56:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=5; includeSubDomains
x-permitted-cross-domain-policies
none;
cross-origin-embedder-policy
unsafe-none;
cross-origin-resource-policy
same-origin;
Connection
Keep-Alive
content-length
306
x-xss-protection
1; mode=block;
referrer-policy
strict-origin-when-cross-origin
last-modified
Fri, 28 Jul 2023 10:38:09 GMT
server
LiteSpeed
cross-origin-opener-policy
same-origin-allow-popups;
etag
"201-64c39a91-e665278caa8bb83c;gz"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=604800
access-control-allow-credentials
false
permissions-policy
geolocation=(self), payment=(self)
accept-ranges
bytes
Keep-Alive
timeout=5, max=100
access-control-allow-headers
x-requested-with
expires
Sat, 05 Aug 2023 10:56:47 GMT
akinita-chrysi-viza.jpg
185.141.195.200/portal-img/list_img_webp/57/ 		31 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://185.141.195.200/portal-img/list_img_webp/57/akinita-chrysi-viza.jpg
Requested by
Host: 185.141.195.200
URL: http://185.141.195.200/
Protocol
HTTP/1.1
Server
185.141.195.200 , United Kingdom, ASN46844 (SHARKTECH, US),
Reverse DNS
Software
LiteSpeed /
Resource Hash
823a477ff04462a9ab9d1e6119ee7e863e6a7385cd14dcdbedc57f73b1d6ac0e
Security Headers
Name Value
Strict-Transport-Security max-age=5; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block;

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://185.141.195.200/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Sat, 29 Jul 2023 10:56:47 GMT
strict-transport-security
max-age=5; includeSubDomains
x-content-type-options
nosniff
x-permitted-cross-domain-policies
none;
cross-origin-embedder-policy
unsafe-none;
x-litespeed-cache
hit
cross-origin-resource-policy
same-origin;
Connection
Keep-Alive
content-length
31296
x-xss-protection
1; mode=block;
referrer-policy
strict-origin-when-cross-origin
server
LiteSpeed
cross-origin-opener-policy
same-origin-allow-popups;
etag
"108102-1690628111;;;"
x-frame-options
SAMEORIGIN
content-type
image/webp
cache-control
max-age=31536000, public
permissions-policy
geolocation=(self), payment=(self)
Keep-Alive
timeout=5, max=100
expires
Mon, 29 Jul 2024 13:55:11 GMT
5932257-idvxD.jpg
185.141.195.200/portal-img/list_img_webp/57/ 		23 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://185.141.195.200/portal-img/list_img_webp/57/5932257-idvxD.jpg
Requested by
Host: 185.141.195.200
URL: http://185.141.195.200/
Protocol
HTTP/1.1
Server
185.141.195.200 , United Kingdom, ASN46844 (SHARKTECH, US),
Reverse DNS
Software
LiteSpeed /
Resource Hash
c1d8f83e63cf78a8dd793243c768dc01b86b5260296efed518e9d19f5e20b739
Security Headers
Name Value
Strict-Transport-Security max-age=5; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block;

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://185.141.195.200/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Sat, 29 Jul 2023 10:56:47 GMT
strict-transport-security
max-age=5; includeSubDomains
x-content-type-options
nosniff
x-permitted-cross-domain-policies
none;
cross-origin-embedder-policy
unsafe-none;
x-litespeed-cache
hit
cross-origin-resource-policy
same-origin;
Connection
Keep-Alive
content-length
23616
x-xss-protection
1; mode=block;
referrer-policy
strict-origin-when-cross-origin
server
LiteSpeed
cross-origin-opener-policy
same-origin-allow-popups;
etag
"108103-1690628111;;;"
x-frame-options
SAMEORIGIN
content-type
image/webp
cache-control
max-age=31536000, public
permissions-policy
geolocation=(self), payment=(self)
Keep-Alive
timeout=5, max=100
expires
Mon, 29 Jul 2024 13:55:11 GMT
5927698.jpg
185.141.195.200/portal-img/list_img_webp/57/ 		35 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://185.141.195.200/portal-img/list_img_webp/57/5927698.jpg
Requested by
Host: 185.141.195.200
URL: http://185.141.195.200/
Protocol
HTTP/1.1
Server
185.141.195.200 , United Kingdom, ASN46844 (SHARKTECH, US),
Reverse DNS
Software
LiteSpeed /
Resource Hash
ad1529c3ceaca35026159b91ea6a7d218cd48ded2dfbdcfad1b8df109c8b33db
Security Headers
Name Value
Strict-Transport-Security max-age=5; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block;

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://185.141.195.200/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Sat, 29 Jul 2023 10:56:47 GMT
strict-transport-security
max-age=5; includeSubDomains
x-content-type-options
nosniff
x-permitted-cross-domain-policies
none;
cross-origin-embedder-policy
unsafe-none;
x-litespeed-cache
hit
cross-origin-resource-policy
same-origin;
Connection
Keep-Alive
content-length
35544
x-xss-protection
1; mode=block;
referrer-policy
strict-origin-when-cross-origin
server
LiteSpeed
cross-origin-opener-policy
same-origin-allow-popups;
etag
"108101-1690628111;;;"
x-frame-options
SAMEORIGIN
content-type
image/webp
cache-control
max-age=31536000, public
permissions-policy
geolocation=(self), payment=(self)
Keep-Alive
timeout=5, max=100
expires
Mon, 29 Jul 2024 13:55:11 GMT
syriza-Do1ZI.jpg
185.141.195.200/portal-img/list_img_webp/57/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://185.141.195.200/portal-img/list_img_webp/57/syriza-Do1ZI.jpg
Requested by
Host: 185.141.195.200
URL: http://185.141.195.200/
Protocol
HTTP/1.1
Server
185.141.195.200 , United Kingdom, ASN46844 (SHARKTECH, US),
Reverse DNS
Software
LiteSpeed /
Resource Hash
e055a9f15a6cc5e2488bd408dffbf00b3691d6e857c20c34eb7f4bcc70271e18
Security Headers
Name Value
Strict-Transport-Security max-age=5; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block;

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://185.141.195.200/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Sat, 29 Jul 2023 10:56:47 GMT
strict-transport-security
max-age=5; includeSubDomains
x-content-type-options
nosniff
x-permitted-cross-domain-policies
none;
cross-origin-embedder-policy
unsafe-none;
x-litespeed-cache
hit
cross-origin-resource-policy
same-origin;
Connection
Keep-Alive
content-length
13056
x-xss-protection
1; mode=block;
referrer-policy
strict-origin-when-cross-origin
server
LiteSpeed
cross-origin-opener-policy
same-origin-allow-popups;
etag
"108109-1690628137;;;"
x-frame-options
SAMEORIGIN
content-type
image/webp
cache-control
max-age=31536000, public
permissions-policy
geolocation=(self), payment=(self)
Keep-Alive
timeout=5, max=100
expires
Mon, 29 Jul 2024 13:55:37 GMT
fotia-dasos-pirosvestis.jpg
185.141.195.200/portal-img/list_img_webp/58/ 		21 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://185.141.195.200/portal-img/list_img_webp/58/fotia-dasos-pirosvestis.jpg
Requested by
Host: 185.141.195.200
URL: http://185.141.195.200/
Protocol
HTTP/1.1
Server
185.141.195.200 , United Kingdom, ASN46844 (SHARKTECH, US),
Reverse DNS
Software
LiteSpeed /
Resource Hash
004507b978a5cdbd52baf0b664a6be0bb25d24d2ba8fc25d03d16908e58f92b3
Security Headers
Name Value
Strict-Transport-Security max-age=5; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block;

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://185.141.195.200/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Sat, 29 Jul 2023 10:56:47 GMT
strict-transport-security
max-age=5; includeSubDomains
x-content-type-options
nosniff
x-permitted-cross-domain-policies
none;
cross-origin-embedder-policy
unsafe-none;
x-litespeed-cache
hit
cross-origin-resource-policy
same-origin;
Connection
Keep-Alive
content-length
21828
x-xss-protection
1; mode=block;
referrer-policy
strict-origin-when-cross-origin
server
LiteSpeed
cross-origin-opener-policy
same-origin-allow-popups;
etag
"108105-1690628137;;;"
x-frame-options
SAMEORIGIN
content-type
image/webp
cache-control
max-age=31536000, public
permissions-policy
geolocation=(self), payment=(self)
Keep-Alive
timeout=5, max=100
expires
Mon, 29 Jul 2024 13:55:37 GMT
5814826.jpg
185.141.195.200/portal-img/list_img_webp/57/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://185.141.195.200/portal-img/list_img_webp/57/5814826.jpg
Requested by
Host: 185.141.195.200
URL: http://185.141.195.200/
Protocol
HTTP/1.1
Server
185.141.195.200 , United Kingdom, ASN46844 (SHARKTECH, US),
Reverse DNS
Software
LiteSpeed /
Resource Hash
1e135566d092d253ab91cf580c0cc5ce00f4cc2fbb39cb7d5917a5403cc7888c
Security Headers
Name Value
Strict-Transport-Security max-age=5; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block;

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://185.141.195.200/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Sat, 29 Jul 2023 10:56:47 GMT
strict-transport-security
max-age=5; includeSubDomains
x-content-type-options
nosniff
x-permitted-cross-domain-policies
none;
cross-origin-embedder-policy
unsafe-none;
x-litespeed-cache
hit
cross-origin-resource-policy
same-origin;
Connection
Keep-Alive
content-length
19166
x-xss-protection
1; mode=block;
referrer-policy
strict-origin-when-cross-origin
server
LiteSpeed
cross-origin-opener-policy
same-origin-allow-popups;
etag
"108116-1690628138;;;"
x-frame-options
SAMEORIGIN
content-type
image/webp
cache-control
max-age=31536000, public
permissions-policy
geolocation=(self), payment=(self)
Keep-Alive
timeout=5, max=100
expires
Mon, 29 Jul 2024 13:55:38 GMT
polo-andron.jpg
185.141.195.200/portal-img/list_img_webp/58/ 		20 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://185.141.195.200/portal-img/list_img_webp/58/polo-andron.jpg
Requested by
Host: 185.141.195.200
URL: http://185.141.195.200/
Protocol
HTTP/1.1
Server
185.141.195.200 , United Kingdom, ASN46844 (SHARKTECH, US),
Reverse DNS
Software
LiteSpeed /
Resource Hash
8bff1d175510f97242cf2442c5f4725051be2f9ed9a7fd15e64ec87d4a6349a1
Security Headers
Name Value
Strict-Transport-Security max-age=5; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block;

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://185.141.195.200/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Sat, 29 Jul 2023 10:56:47 GMT
strict-transport-security
max-age=5; includeSubDomains
x-content-type-options
nosniff
x-permitted-cross-domain-policies
none;
cross-origin-embedder-policy
unsafe-none;
x-litespeed-cache
hit
cross-origin-resource-policy
same-origin;
Connection
Keep-Alive
content-length
20900
x-xss-protection
1; mode=block;
referrer-policy
strict-origin-when-cross-origin
server
LiteSpeed
cross-origin-opener-policy
same-origin-allow-popups;
etag
"108104-1690628111;;;"
x-frame-options
SAMEORIGIN
content-type
image/webp
cache-control
max-age=31536000, public
permissions-policy
geolocation=(self), payment=(self)
Keep-Alive
timeout=5, max=100
expires
Mon, 29 Jul 2024 13:55:11 GMT
43tgh43-removebg-preview.png
185.141.195.200/uploads/originals/53/ 		74 KB
75 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://185.141.195.200/uploads/originals/53/43tgh43-removebg-preview.png
Requested by
Host: 185.141.195.200
URL: http://185.141.195.200/
Protocol
HTTP/1.1
Server
185.141.195.200 , United Kingdom, ASN46844 (SHARKTECH, US),
Reverse DNS
Software
LiteSpeed /
Resource Hash
887ee9ea1f65fa75f76a20e4a63d64ee24b9266b224c7bd6468207c81afbbda5
Security Headers
Name Value
Strict-Transport-Security max-age=5; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block;

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://185.141.195.200/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Sat, 29 Jul 2023 10:56:47 GMT
strict-transport-security
max-age=5; includeSubDomains
x-content-type-options
nosniff
x-permitted-cross-domain-policies
none;
cross-origin-embedder-policy
unsafe-none;
cross-origin-resource-policy
same-origin;
Connection
Keep-Alive
content-length
75501
x-xss-protection
1; mode=block;
referrer-policy
strict-origin-when-cross-origin
last-modified
Mon, 01 May 2023 10:17:47 GMT
server
LiteSpeed
cross-origin-opener-policy
same-origin-allow-popups;
etag
"126ed-644f91cb-f628697e44acaffb;;;"
x-frame-options
SAMEORIGIN
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=604800
access-control-allow-credentials
false
permissions-policy
geolocation=(self), payment=(self)
accept-ranges
bytes
Keep-Alive
timeout=5, max=100
access-control-allow-headers
x-requested-with
expires
Sat, 05 Aug 2023 10:56:47 GMT
Enabler.js
s0.2mdn.net/ads/studio/ Frame DCC0 		139 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/Enabler.js
Requested by
Host: servedbyadbutler.com
URL: https://servedbyadbutler.com/creative-179386-3902155/index.html?clickTag=https%3A%2F%2Fservedbyadbutler.com%2Fredirect.spark%3FMID%3D179386%26plid%3D2141822%26setID%3D622092%26channelID%3D0%26CID%3D785344%26banID%3D521190904%26PID%3D0%26textadID%3D0%26tc%3D1%26adSize%3D300x250%26mt%3D1690628207159792%26sw%3D1600%26sh%3D1200%26spr%3D1%26referrer%3Dhttp%253A%252F%252F185.141.195.200%252F%26hc%3Da1f50cad1397c422cbc1ea3e1d137bc5543209c0%26location%3D&clicktag=https%3A%2F%2Fservedbyadbutler.com%2Fredirect.spark%3FMID%3D179386%26plid%3D2141822%26setID%3D622092%26channelID%3D0%26CID%3D785344%26banID%3D521190904%26PID%3D0%26textadID%3D0%26tc%3D1%26adSize%3D300x250%26mt%3D1690628207159792%26sw%3D1600%26sh%3D1200%26spr%3D1%26referrer%3Dhttp%253A%252F%252F185.141.195.200%252F%26hc%3Da1f50cad1397c422cbc1ea3e1d137bc5543209c0%26location%3D&__ab_location=https%3A%2F%2Fservedbyadbutler.com%2Fredirect.spark%3FMID%3D179386%26plid%3D2141822%26setID%3D622092%26channelID%3D0%26CID%3D785344%26banID%3D521190904%26PID%3D0%26textadID%3D0%26tc%3D1%26adSize%3D300x250%26mt%3D1690628207159792%26sw%3D1600%26sh%3D1200%26spr%3D1%26referrer%3Dhttp%253A%252F%252F185.141.195.200%252F%26hc%3Da1f50cad1397c422cbc1ea3e1d137bc5543209c0%26location%3D&__ab_zone_id=622092&__ab_zone_name=tomanifesto.gr_300x250_Pepattikhs&__ab_publisher_id=91849&__ab_publisher_name=tomanifesto.gr&__ab_campaign_id=785344&__ab_campaign_name=Pep%20Attikhs%20Summer&__ab_advertiser_id=184399&__ab_advertiser_name=PEP%20Attikis&__ab_banner_id=521190904&__ab_extra_data=&sw=1600&sh=1200&spr=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c3ec5fd82b2b5642bcd2bb6f6db113306135239c684e8b41ee971aaeeb436d84
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://servedbyadbutler.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Sat, 29 Jul 2023 10:54:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
143
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48652
x-xss-protection
0
last-modified
Tue, 14 Mar 2023 21:28:49 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 29 Jul 2023 11:09:24 GMT
t4.png
s0.2mdn.net/sadbundle/6208020751271044958/images/ Frame DB2C 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/6208020751271044958/images/t4.png?1687441249562
Requested by
Host: 185.141.195.200
URL: http://185.141.195.200/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3bbf1b2ee2d5ef44a4ed372351660a2ecf0fbcd675c95f75c00a73006c341735
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6208020751271044958/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Fri, 28 Jul 2023 19:45:43 GMT
x-content-type-options
nosniff
age
54664
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4265
x-xss-protection
0
last-modified
Mon, 26 Jun 2023 13:19:24 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 27 Jul 2024 19:45:43 GMT
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1555162&asId=da6f0317-3621-01e1-79cb-ed2a6d279a62&tv=%7Bc:jKJcib,pingTime:-10,time:875,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwwfHxNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTE1LjAuNTc5MC4xMTAgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,ch:n,fsc:17.6.2v222222220002022202222222000020222222202022222220222202000022000220222220000000202202002222202222222220222222220000020022022200022222220200000222200022020002022022022222202002220222022222022220000000200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022020000000020000000000000000000020220202220000022200202202220022000200222022200200022220222200202222020002200002222022222202222000002002002222222202220022202200022002220202202,asp:1690628206722%7C%7C4b741d0e4a7260e4c8dca18c8e495397%7C%7Cd0bbb78e6e470472c335369488825264%7C%7C5b3df07a72729822f664a66b2986686e%7C%7C261c7d8d6d3df39dacd3ccbfaff85988%7C%7C901a94f154495d8490f10e8be0dbbe6e%7C%7Ce4b98fa7d72c79c40b36061f3a581a6d%7C%7C1e2db4d1d3a3ac9b5ddeffe74f90d367%7C%7C1663701684,sca:%7Bspg:bac8b3f7-1b35-4a69-8b62-c2d06e726a60%7D%7D
Requested by
Host: 185.141.195.200
URL: http://185.141.195.200/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4280:8e57:d2c2:3e3a:7dc0 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://185.141.195.200/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 29 Jul 2023 10:56:47 GMT
server
nginx
x-server-name
dt10.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
adServer.bs
bs.serving-sys.com/Serving/ 		0
259 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bs.serving-sys.com/Serving/adServer.bs?cn=int&iv=2&interactionsStr=$$1090953640~~0~~1077974426~~2681922662125653203%5EActualSize~300x250x0x1x0000x0x0x300x250~0~01020~1107$$&usercookie=u2=a49d1a0a-67b9-4e63-abee-86b6190e4ee1&OptOut=1&rnd=0.1923271091295211&res=32
Requested by
Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/BurstingCachedScripts//Ad_2_241_3_0/ebStdBannerEx.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.158.152.210 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-158-152-210.eu-central-1.compute.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://185.141.195.200/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-type
text/plain

Response headers

pragma
no-cache
date
Sat, 29 Jul 2023 10:56:47 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
content-type
text/html; charset=UTF-8
access-control-allow-origin
http://185.141.195.200
p3p
CP="NOI DEVa OUR BUS UNI"
cache-control
no-cache, no-store
access-control-allow-credentials
true
content-length
0
expires
Sun, 05-Jun-2005 22:00:00 GMT
adServer.bs
bs.serving-sys.com/Serving/ 		0
259 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bs.serving-sys.com/Serving/adServer.bs?cn=int&iv=2&interactionsStr=$$1090953640~~0~~1077974426~~2681922662125653203%5EAdParams~ifr%3D0%26loc%3D1198x1055%26size%3D300x250%26cb%3D0%26env%3D0%26vsbp%3D1%26bi%3D-1%26idx%3D1~0~01020~1108$$&usercookie=u2=a49d1a0a-67b9-4e63-abee-86b6190e4ee1&OptOut=1&rnd=0.18618696101398013&res=32
Requested by
Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/BurstingCachedScripts//Ad_2_241_3_0/ebStdBannerEx.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.158.152.210 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-158-152-210.eu-central-1.compute.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://185.141.195.200/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-type
text/plain

Response headers

pragma
no-cache
date
Sat, 29 Jul 2023 10:56:47 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
content-type
text/html; charset=UTF-8
access-control-allow-origin
http://185.141.195.200
p3p
CP="NOI DEVa OUR BUS UNI"
cache-control
no-cache, no-store
access-control-allow-credentials
true
content-length
0
expires
Sun, 05-Jun-2005 22:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		15 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230726&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307200101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2897426462420411&plah=185.141.195.200
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
521ae4528f5032eef0ee24f1f19956b29ea495a6124c856a35c4875985b06ab1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://185.141.195.200/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Sat, 29 Jul 2023 10:56:47 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11770
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307200101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2897426462420411&plah=185.141.195.200
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://185.141.195.200/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Sat, 29 Jul 2023 10:56:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 29 Jul 2023 10:56:47 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame E7A5 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://185.141.195.200/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
88299
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 28 Jul 2023 10:25:08 GMT
expires
Sat, 27 Jul 2024 10:25:08 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 6867 		783 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
81e0a82c2f923b2fe909ab509911a35778b4eb3e1c8031f07964a50921d8c53a
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-wBUbrC3c8FlwQHBXg3pKWw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://185.141.195.200/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-length
513
content-security-policy
script-src 'report-sample' 'nonce-wBUbrC3c8FlwQHBXg3pKWw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sat, 29 Jul 2023 10:56:47 GMT
expires
Sat, 29 Jul 2023 10:56:47 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
exXNUSsPja7e8iu35jrfljSpibGDl_1pyv4-G5NBtGM.js
pagead2.googlesyndication.com/bg/ Frame E7A5 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/exXNUSsPja7e8iu35jrfljSpibGDl_1pyv4-G5NBtGM.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7b15cd512b0f8daedef22bb7e63adf9634a989b18397fd69cafe3e1b9341b463
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Fri, 28 Jul 2023 07:27:23 GMT
content-encoding
br
x-content-type-options
nosniff
age
98964
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14592
x-xss-protection
0
last-modified
Mon, 24 Jul 2023 13:39:59 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 27 Jul 2024 07:27:23 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 6867 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230726&jk=3576276964665481&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers
generate_204
tpc.googlesyndication.com/ Frame E7A5 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?JN62Zg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Sat, 29 Jul 2023 10:56:47 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230726&jk=3576276964665481&bg=!TU6lThrNAAZGOVy5Zjk7ADkAdvg8WmkJhljNzYWa2Qvlv7ddHNNPFRF09HmpQgu1viDMLCLTyCkJ-6Gq5EI63iyZW8cFFpeeh5ACAAAAU1IAAAAHaAEHmQKuvHL-vKwR5oIIOTFSjB5c8MSVrbcfHY8ChHJ_5GPiOR2O1qCk1E-OBKqRRx2wIQViZAo_OSMpWxeLviB9HuSiQ420Jtx-mfQaLFic8vCyGswI_PxDT9iqs-Z9_R2tdL_BGcmP935Khn0nAiKo6XVxy-Lz1mXvgEMCS7UQuPmgi_w2K7hmewzd-qWzD76v4rz-MNpICVL4xs-tEiKvdXYuV1z24csJKLsIog6SesPQZpJfZI1e3KbajVRzh4fQxSWVbMaLfPMt94Fe3xCtCpIHfm3bZRL8lX_eg_O98YbuAOMKZ2HlnG46WzbwaiHxJAVJg1DuHYGgWk-NHGzJxwnqIs1YKz22qVaKB-73Wyufo0B3HQy5IPORcxDxp8916pPdVkT3YXQCiVkLG_O3hSSM6ge9r0nQXoBOx9_w9X4gbSRs0MieF0Uo_Hw7_YaXpNanH_YnKBuPEmMRB7CTEDxmVrXQMTj5aUV7FVDXfeC7AlNYBriE5WeTOX-_oelUhKa_bTGA88Wv6xnA5fA2cRlJ5uYUVl8fXw0IyZ2MNbU0zTG0hxk9eGH-dilfmJ95gnpmFVxe6jFrRf_A22KYLCWQ8D92KHGBOKB4v0ezRJE7htDG4aBCob2Ofgc9rS0cc9YueosKKHxWiX8IHEZiE5qxkdAQguvRnmgpCyWNwg_AoycQtrgWgMMSHuhaHaIkri8v9LFJmyx0VUchBIT8_by76YBlTF0XAs8_nRGpVnmXPZGx5Scybjrf93SM9m_eld3j_QrtDHJzOciU50raXnzuF9bq60xFiE2RS1SDiL7ZnpE31E3_F9alglzzzkRP9ZQRC_zo6bsvfvx3W4ronNcZ-jAwJN-47vO_X5eXksqsLJiwcuyVfWuJPX8zt4-b6W_tMY9f5AwtJcQfAAJliMM
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://185.141.195.200/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1555162&asId=bac8b3f7-1b35-4a69-8b62-c2d06e726a60&tv=%7Bc:jKJczC,time:2156,type:e,env:%7Bnr_p:1,nr_grpm1:1%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:2156,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:17,wc:0.0.1600.1200,ac:0.0.1.1,am:s,cc:0.0.0.0,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B2152~0%5D,as:%5B2152~1.1%5D%7D%7D%5D,slEventCount:1,em:false,fr:true,e:,tt:rjss,dtt:186,fm:tLozF0g+1*.1555162-72607590%7C11%7C12%7C13,idMap:1*,rmeas:1,rend:0,renddet:na,siq:18,sis:193%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4280:8e57:d2c2:3e3a:7dc0 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://185.141.195.200/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 29 Jul 2023 10:56:48 GMT
server
nginx
x-server-name
dt09.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1555162&asId=da6f0317-3621-01e1-79cb-ed2a6d279a62&tv=%7Bc:jKJczH,time:1961,type:e,env:%7Bnr_p:1,nr_grpm1:1%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:1961,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:5,wc:0.0.1600.1200,ac:0.0.1.1,am:s,cc:1198.3207.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1960~0%5D,as:%5B1960~1.1%5D%7D%7D%5D,slEventCount:1,em:false,fr:true,e:,tt:rjss,dtt:122,fm:tLozF0g+1*.1555162-72607590%7C11%7C12%7C13%7C14,idMap:1*,rmeas:1,rend:0,renddet:na,siq:6,sis:411%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4280:8e57:d2c2:3e3a:7dc0 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://185.141.195.200/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 29 Jul 2023 10:56:48 GMT
server
nginx
x-server-name
dt12.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
adServer.bs
bs.serving-sys.com/Serving/ 		0
259 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://bs.serving-sys.com/Serving/adServer.bs?cn=int&iv=2&int=1090953640~~0~~1077974426~~2681922662125653203^VsIAB~0~0~01020~2093&usercookie=u2=a49d1a0a-67b9-4e63-abee-86b6190e4ee1&OptOut=1&rnd=0.7301508870240483&res=32
Requested by
Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/BurstingCachedScripts//Ad_2_241_3_0/ebStdBannerEx.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.158.152.210 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-158-152-210.eu-central-1.compute.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://185.141.195.200/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 29 Jul 2023 10:56:48 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
content-type
text/html; charset=UTF-8
access-control-allow-origin
http://185.141.195.200
p3p
CP="NOI DEVa OUR BUS UNI"
cache-control
no-cache, no-store
access-control-allow-credentials
true
content-length
0
expires
Sun, 05-Jun-2005 22:00:00 GMT
int
lm.serving-sys.com/lm/ 		0
180 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lm.serving-sys.com/lm/int
Requested by
Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/BurstingCachedScripts//Ad_2_241_3_0/ebStdBannerEx.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.64.163.89 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-64-163-89.eu-central-1.compute.amazonaws.com
Software
LogModule 0.6 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://185.141.195.200/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

Access-Control-Allow-Origin
http://185.141.195.200
Access-Control-Allow-Credentials
true
Server
LogModule 0.6
Content-Length
0
Content-Type
text/plain
int
lm.serving-sys.com/lm/ 		0
180 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lm.serving-sys.com/lm/int
Requested by
Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/BurstingCachedScripts//Ad_2_241_3_0/ebStdBannerEx.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.64.163.89 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-64-163-89.eu-central-1.compute.amazonaws.com
Software
LogModule 0.6 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://185.141.195.200/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

Access-Control-Allow-Origin
http://185.141.195.200
Access-Control-Allow-Credentials
true
Server
LogModule 0.6
Content-Length
0
Content-Type
text/plain
dt
dt.adsafeprotected.com/ 		0
0
dt
dt.adsafeprotected.com/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
s0.2mdn.net
URL
https://s0.2mdn.net/sadbundle/13458257475971390350/images/red_device.png?1689334741185
Domain
s0.2mdn.net
URL
https://s0.2mdn.net/ads/studio/Enabler.js
Domain
ade.googlesyndication.com
URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMI54u87eCzgAMVpZL9Bx2dUQOCEAAYACDE4YNd;met=1;&timestamp=1690628207198;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=0;
Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstVRk2uNV1aOG1gB0CTxGiDkDEFS6kkY2ON-yImPQGdTtfwQP5ahPKTtsoCrrvBkWoEQkve053Ak-EtF5MRpgw&sig=Cg0ArKJSzBJXstBGZqLvEAE&id=lidartos&mcvt=0&p=0,0,0,0&mtos=0,0,0,0,0&tos=0,0,0,0,0&v=20230726&bin=7&avms=nio&bs=0,0&mc=0&if=1&vu=1&app=0&itpl=34&adk=3864562868&rs=6&la=0&cr=0&vs=3&r=b&rst=1690628206173&rpt=639&ec=1&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Domain
dt.adsafeprotected.com
URL
https://dt.adsafeprotected.com/dt?advEntityId=1555162&asId=bac8b3f7-1b35-4a69-8b62-c2d06e726a60&tv=%7Bc:jKJdCg,time:6164,type:e,env:%7Bnr_p:5%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:6164,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:17,wc:0.0.1600.1200,ac:0.0.1.1,am:s,cc:0.0.0.0,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B6160~0%5D,as:%5B6160~1.1%5D%7D%7D%5D,slEventCount:1,em:false,fr:true,e:,tt:rjss,dtt:120,fm:tLozF0g+1*.1555162-72607590%7C11%7C12%7C13,idMap:1*,rmeas:1,rend:0,renddet:na,siq:18,sis:193%7D&br=c
Domain
dt.adsafeprotected.com
URL
https://dt.adsafeprotected.com/dt?advEntityId=1555162&asId=da6f0317-3621-01e1-79cb-ed2a6d279a62&tv=%7Bc:jKJdCl,time:5969,type:e,env:%7Bnr_p:5%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:5969,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:5,wc:0.0.1600.1200,ac:0.0.1.1,am:s,cc:1198.3207.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B5968~0%5D,as:%5B5968~1.1%5D%7D%7D%5D,slEventCount:1,em:false,fr:true,e:,tt:rjss,dtt:119,fm:tLozF0g+1*.1555162-72607590%7C11%7C12%7C13%7C14,idMap:1*,rmeas:1,rend:0,renddet:na,siq:6,sis:411%7D&br=c

Verdicts & Comments Add Verdict or Comment

153 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| lastCheck function| caffeineSendDrip boolean| detectBots object| dataLayer function| gtag object| targettingValues number| timeBS string| ebPtcl string| ebBigS string| ebResourcePath string| ebNSRP string| sHost number| ebPi number| ebNxt boolean| dmg number| placementId boolean| asc number| ebInStrm function| ebAC function| ebTokens function| ebReport object| a undefined| url object| nav string| ua undefined| standalone function| isGlobalDefined object| x string| templateName object| ebDCAry string| ebDCLoc object| ebVScript function| ebLoadVersions number| ebAdID number| ebPli string| ebTN number| ebDSGID string| ebRand function| ebDecode string| gEbUT object| ebO object| AdConfig_1090953640 object| ebOArr object| szmk boolean| ebAdCS boolean| ebIfrm string| s object| dcmads object| google_js_reporting_queue number| google_srt object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac object| google_persistent_state_async boolean| google_measure_js_timing boolean| google_plmetrics object| google_reactive_ads_global_state object| adsbygoogle object| google_sa_queue function| google_process_slots function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter object| google_tag_manager object| google_tag_data object| googDdmPs object| ampInaboxIframes object| ampInaboxPendingMessages string| GoogleAnalyticsObject function| ga function| __IntegralASDiagnosticCall object| __IntegralASConfig object| __IASScope boolean| isDomless object| __IASOmidVerificationClient function| __IntegralASAdPush function| __IntegralASEventLoadHandler_bac8b3f71b354a698b62c2d06e726a60 object| vData object| googletag object| gaGlobal object| $jscomp function| $jscomp$lookupPolyfilledValue object| EBGInfra function| EBGUUID function| EBGTimeline object| currentResponse undefined| vizClone undefined| newEbSrc undefined| newScript undefined| target undefined| sub object| EBG object| ebAds function| doIfAccessible object| newEvent object| szmkSession number| val function| CookieScript object| gaplugins object| gaData function| __IntegralASEventLoadHandler_da6f0317362101e179cbed2a6d279a62 function| google_sa_impl boolean| _gfp_p_ number| google_global_correlator object| google_prev_clients object| AdButler string| abkw number| plc481379 object| AdmanQueue number| rnd number| pid622092 number| plc622092 string| absrc object| webpackAdmanV2 function| htmlParser function| postscribe function| _getBody function| _getScrollTop function| _getScrollLeft function| _getWidth function| _getHeight function| _getScrollWidth function| _getScrollHeight string| _br number| _brV object| regeneratorRuntime boolean| _isFramed function| isSameOrigin object| Adman boolean| _admanIsListening object| _admanWsByUID object| webpackChunk object| Alpine function| JQuery function| jQuery function| $ object| iziToast object| lightGallery object| Swiper object| routesObj function| lazyload function| LazyLoad object| GoogleGcLKhOms object| google_image_requests

3 Cookies

Domain/Path Name / Value
185.141.195.200/ Name: manifestobarbio
Value: eyJpdiI6IkRJdUcyd1BRY3NLR1NnTG1OQ2hkb1E9PSIsInZhbHVlIjoiNHpjUmRpY0hLSDRWNXFTczlnSHhidEdVY21mdUMxSExvOExudXl5MmxFcVFScTBudWg3bld0R2NHS1EwZG9DLzh5S2hRTit6ZnN3ZXcxbzZUTmNuT0Z0NDhUcVh0K2cremlCR1BER0hHUTB1bTBKRUNUQjlVa0JUMnFFekhWM1YiLCJtYWMiOiJiZjdiOWRlNWU5MmZmZjhjNmE2MDhlZTQ1ZWU1MDUyZGYzNWZkZmJjNzU1MTVhMGNiYTQ0NTc2OTdmYTNlZTE2IiwidGFnIjoiIn0%3D
.doubleclick.net/ Name: APC
Value: Aa3gxNoXHu_Xl5wb8DyofOA9-2tNZdRpvYDuXbnp8pMtuPQM1O1QQA
.doubleclick.net/ Name: IDE
Value: AHWqTUnAY4VMO5fqReIaJPU-hyqBFCQCWEcZuSYvPB7ZzW5eX-fTUqYrK01Xp4p4hW0

16 Console Messages

Source Level URL
Text
javascript warning URL: https://www.googletagservices.com/dcm/dcmads.js(Line 31)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://www.googletagservices.com/dcm/impl_v96.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://www.googletagservices.com/dcm/dcmads.js(Line 31)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://www.googletagservices.com/dcm/impl_v96.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
other warning URL: https://www.googletagservices.com/dcm/impl_v96.js(Line 77)
Message:
Unrecognized feature: 'attribution-reporting'.
other warning URL: https://www.googletagservices.com/dcm/impl_v96.js(Line 89)
Message:
Origin trial controlled feature not enabled: 'attribution-reporting'.
javascript warning URL: https://www.googletagservices.com/dcm/dcmads.js(Line 31)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://www.googletagservices.com/dcm/impl_v96.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://www.googletagservices.com/dcm/dcmads.js(Line 31)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://www.googletagservices.com/dcm/impl_v96.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
other warning URL: https://www.googletagservices.com/dcm/impl_v96.js(Line 77)
Message:
Unrecognized feature: 'attribution-reporting'.
javascript warning URL: https://fw.adsafeprotected.com/rjss/track.adform.net/1555162/72607590/adfscript/?bn=66210563(Line 926)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://fw.adsafeprotected.com/rfw/track.adform.net/1555162/72607590/adfscript/?bn=66210563&adsafe_url=http%3A%2F%2F185.141.195.200%2F&adsafe_type=abdfq&adsafe_jsinfo=,id:bac8b3f7-1b35-4a69-8b62-c2d06e726a60,c:jKJc17,sl:outOfView,em:false,fr:true,thd:1,mn:jsserver-primary-7bdf49c444-bhdxd,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:0.0.1.1,am:s,cc:0.0.0.0,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,oam:0,scm:grpm1,mtim:2,mot:0,app:0,maw:0,fm:tLozF0g+1*.1555162-72607590%7C11%7C12%7C13,idMap:1*,pl:CV8L.VEBo.0YtC,rmeas:0,rend:0,renddet:na,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:1,tt:rjss,et:18,oid:9c2c83a4-2dfe-11ee-9f93-4a068d711491,v:19.8.434,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://fw.adsafeprotected.com/rjss/track.adform.net/1555162/72607590/adfscript/?bn=66210563(Line 926)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://fw.adsafeprotected.com/rfw/track.adform.net/1555162/72607590/adfscript/?bn=66210563&adsafe_url=http%3A%2F%2F185.141.195.200%2F&adsafe_type=abdfq&adsafe_jsinfo=,id:bac8b3f7-1b35-4a69-8b62-c2d06e726a60,c:jKJc17,sl:outOfView,em:false,fr:true,thd:1,mn:jsserver-primary-7bdf49c444-bhdxd,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:0.0.1.1,am:s,cc:0.0.0.0,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,oam:0,scm:grpm1,mtim:2,mot:0,app:0,maw:0,fm:tLozF0g+1*.1555162-72607590%7C11%7C12%7C13,idMap:1*,pl:CV8L.VEBo.0YtC,rmeas:0,rend:0,renddet:na,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:1,tt:rjss,et:18,oid:9c2c83a4-2dfe-11ee-9f93-4a068d711491,v:19.8.434,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://fw.adsafeprotected.com/rjss/track.adform.net/1555162/72607590/adfscript/?bn=66210563(Line 926)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://fw.adsafeprotected.com/rfw/track.adform.net/1555162/72607590/adfscript/?bn=66210563&adsafe_url=http%3A%2F%2F185.141.195.200%2F&adsafe_type=abdfq&adsafe_jsinfo=,id:da6f0317-3621-01e1-79cb-ed2a6d279a62,c:jKJc49,sl:outOfView,em:false,fr:true,thd:1,mn:jsserver-primary-7bdf49c444-bhdxd,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:0.0.1.1,am:s,cc:0.0.0.0,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,oam:0,scm:grpm1,mtim:0,mot:0,app:0,maw:0,fm:tLozF3u+1*.1555162-72607590%7C11%7C12%7C13%7C14,idMap:1*,pl:CV8L.VEBo.0YtC,rmeas:0,rend:0,renddet:na,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:1,tt:rjss,et:6,oid:9c2c83a4-2dfe-11ee-9f93-4a068d711491,v:19.8.434,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://fw.adsafeprotected.com/rjss/track.adform.net/1555162/72607590/adfscript/?bn=66210563(Line 926)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://fw.adsafeprotected.com/rfw/track.adform.net/1555162/72607590/adfscript/?bn=66210563&adsafe_url=http%3A%2F%2F185.141.195.200%2F&adsafe_type=abdfq&adsafe_jsinfo=,id:da6f0317-3621-01e1-79cb-ed2a6d279a62,c:jKJc49,sl:outOfView,em:false,fr:true,thd:1,mn:jsserver-primary-7bdf49c444-bhdxd,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:0.0.1.1,am:s,cc:0.0.0.0,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,oam:0,scm:grpm1,mtim:0,mot:0,app:0,maw:0,fm:tLozF3u+1*.1555162-72607590%7C11%7C12%7C13%7C14,idMap:1*,pl:CV8L.VEBo.0YtC,rmeas:0,rend:0,renddet:na,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:1,tt:rjss,et:6,oid:9c2c83a4-2dfe-11ee-9f93-4a068d711491,v:19.8.434,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network error URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2897426462420411&output=html&adk=1812271804&adf=3025194257&lmt=1690628206&plat=3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=http%3A%2F%2F185.141.195.200%2F&ea=0&pra=5&wgl=1&dt=1690628206130&bpp=4&bdt=498&idt=317&shv=r20230726&mjsv=m202307200101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1856380323681&frm=20&pv=2&ga_vid=867471191.1690628206&ga_sid=1690628206&ga_hid=191524434&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C31076340%2C31076343%2C31076446%2C31076509%2C44788441%2C21065725%2C44797784&oid=2&pvsid=3576276964665481&tmod=1318348193&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=1&uci=a!1&fsb=1&dtd=332
Message:
Failed to load resource: the server responded with a status of 403 ()
javascript warning URL: http://185.141.195.200/(Line 1520)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://servedbyadbutler.com/adserve/;ID=179386;size=300x250;setID=622092;type=js;sw=1600;sh=1200;spr=1;kw=;pid=143886;place=0;rnd=143886;click=CLICK_MACRO_PLACEHOLDER, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: http://185.141.195.200/(Line 1520)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://servedbyadbutler.com/adserve/;ID=179386;size=300x250;setID=622092;type=js;sw=1600;sh=1200;spr=1;kw=;pid=143886;place=0;rnd=143886;click=CLICK_MACRO_PLACEHOLDER, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: http://185.141.195.200/(Line 1613)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://servedbyadbutler.com/adserve/;ID=179386;size=300x250;setID=622092;type=js;sw=1600;sh=1200;spr=1;kw=;pid=143886;place=1;rnd=143886;click=CLICK_MACRO_PLACEHOLDER, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: http://185.141.195.200/(Line 1613)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://servedbyadbutler.com/adserve/;ID=179386;size=300x250;setID=622092;type=js;sw=1600;sh=1200;spr=1;kw=;pid=143886;place=1;rnd=143886;click=CLICK_MACRO_PLACEHOLDER, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=5; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block;

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.doubleclick.net
ade.googlesyndication.com
bs.serving-sys.com
cdn.cookie-script.com
dt.adsafeprotected.com
fw.adsafeprotected.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
lm.serving-sys.com
pagead2.googlesyndication.com
partner.googleadservices.com
region1.google-analytics.com
s0.2mdn.net
secure-ds.serving-sys.com
servedbyadbutler.com
static.adman.gr
static.adsafeprotected.com
stats.g.doubleclick.net
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
x.grxchange.gr
ade.googlesyndication.com
dt.adsafeprotected.com
pagead2.googlesyndication.com
s0.2mdn.net
116.203.90.127
142.250.185.162
142.250.186.134
146.59.47.10
185.141.195.200
2.16.202.122
2001:4860:4802:32::36
2001:4860:4802:34::178
2600:1f18:1aca:4280:8e57:d2c2:3e3a:7dc0
2600:9000:223f:3c00:8:48e:53c0:93a1
2606:4700:10::ac43:d6b
2a00:1450:4001:806::2004
2a00:1450:4001:810::2001
2a00:1450:4001:810::2002
2a00:1450:4001:828::2002
2a00:1450:4001:82a::2002
2a00:1450:4001:82a::2006
2a00:1450:4001:82b::2002
2a00:1450:4001:82b::2008
2a00:1450:400c:c1b::9c
3.64.163.89
35.158.152.210
54.171.27.201
78.159.97.6
004507b978a5cdbd52baf0b664a6be0bb25d24d2ba8fc25d03d16908e58f92b3
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd
045c180ce2e882b0f130c70f45c723918517d15e6dd06de43c06091ad015103f
04c1bc744720c6e7542613e933c9a0f4bbd8f6ed45a5b1924223c256430dfd7b
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
1720c0c827f55660327430419698f3b0c0ad76f7a1e91cada7011996494904bc
18e7a53e3b3abd7ac0242719f7f62cb56b8efe7065091585b8ad22cbc2b8c41c
1d688ba1a584d2e9ac5a1a96d4747650e3c5911df1f3e7f7fcb636d1d1463269
1e135566d092d253ab91cf580c0cc5ce00f4cc2fbb39cb7d5917a5403cc7888c
1e41e2ff1878b14ee287db69cb6a6cfa937919ba9e665f8e78566ab7243e462a
2099d32288a842713a5890643cc4f3e8cf5e21fc53a809d3b39fa287b0762884
2680a58612f6af87fa9be2984540690fc8a3b90e2bbd582474a272438ebf8e71
2b83a5db2089d8908b63cf98bdd4a6080823311229c114bedd685cd4c4659704
2c7bfad8d4f34b4070fdff2b119a08204269f174054f1305f3b2f5f27ab4d7d5
2ca8bbb21aae0ba76ff29211a44f614799fc257d19551839da542ba3ce700792
2e7778c6ed3c31a131da378d6e573a1b3b6723037cdeea4c4832da83e60c9399
2edb82cf4100410099bbd886f0fde5571e096077a4e014a03f93615608e0a90d
31b16722efc21fa768473abeef8f68c7a143a38c838d355b5fd6984cfb35993b
3acfb12858ae2b33ba5dc39ef71c1be0a4f8a92c55d92c051defd5f77798d745
3bbf1b2ee2d5ef44a4ed372351660a2ecf0fbcd675c95f75c00a73006c341735
47a8a6f78b6bc5902ca04c5aee6e8a85fafebd0ba5002db63ed4a696f62d3b73
4cbcc122a9680f3d757b5c2a5eaed7ef17192cd62d2845107a54524bf7a831ff
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
505f05a230e913703ea01cbc6d206725f6791b442e6349cd1006c35bcd231d3c
521ae4528f5032eef0ee24f1f19956b29ea495a6124c856a35c4875985b06ab1
53fb993a40c068e1a90cd360cf4d802db5638c29ebcb1d8938196ec31742d62c
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5848bc0db3a6c13be006506aa6ff6adc34e82a7952c42dbd24200560e5be0a30
597e4ec7ca2b12f9150e02e04096849d6b06061b09c2d131f1d2225871eedfdf
5b7d1e63e50218b22558bc94b9d37faac51551fcdb29a7390226a6669d24d8de
5b8bebfe86b60cc1099e37d75bdbf42f8a84352f35a8ccdb64633c5ade63ea9e
5e713baa3fe8fa216c832e43690375a15d6b3da3ac8fd2e884075b2e3afe0f97
60e2d10ec5f635eac5e5992bd2b3fa778c4fa9aa98f527845cb09d2cef46b6aa
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
623ee4efb968667a025a5cbbd9aecec24589a452c0dff52c9906b4ae7e3defd8
6679c4cf8d25b71d9b0a9e509608b505e987cf4f44ee1b824b62145750936702
66a974edb28aaa40ca7f9ac5851f07a31274d9218d267a482265fc48a2aa2550
683f97e85a417a2e549f70a9579020bc378b8378f874c00366c87cdad11f2419
68f3bcd5501ce9c8276572a50dd9bc2a521e2a4228ecabd6df83532807a8fb9c
6a179f3ccfe9ed3b8be771eb55366245c366bb5698f9987c693b8fd0f10ddf21
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
73dd1b11098d6a6994addda7a55118b5eb24a733977f9aa810e1a1da8253351d
7a7317d143cbb831ee4d863a8652933ba4b042c27d02f517e22b049799633bcf
7b15cd512b0f8daedef22bb7e63adf9634a989b18397fd69cafe3e1b9341b463
7c471d1bf07ba5441702ad12d43d231b01425b440789f166b19307c5c6e5aede
7d9b7ee9ae860b2f27e08578dacc166269ab838417994fb62c568ff40245b5a3
81e0a82c2f923b2fe909ab509911a35778b4eb3e1c8031f07964a50921d8c53a
823a477ff04462a9ab9d1e6119ee7e863e6a7385cd14dcdbedc57f73b1d6ac0e
843dea1d022be79c95643821b1140cc2d081094ee77ccf7a1f637a1ad8fca33f
887ee9ea1f65fa75f76a20e4a63d64ee24b9266b224c7bd6468207c81afbbda5
8bff1d175510f97242cf2442c5f4725051be2f9ed9a7fd15e64ec87d4a6349a1
8d86696a8c678eead17fd20b390a386e6c49c1758fe5c7168d05ade5f36d6ce8
91cf683ee0db61e475ee4f5c12ba9281256db5662fd80f2b812067fd9d39b691
97f824dfe9f76687e27714c67243ba12258ee4c837f994939d2d7da2772a32ea
a01d993bd666ad6f6e523c0b2bb8e35db9f18016c788e5cc37af4992d13d685d
a18aae231a8aa3c958c090418bd52e29cfec0dc5b7d74f1223893b7d2d52362e
a2f141de760ee5872576a8311ef1b326463cff8e29f5b94803ac85a1c9de8be7
a5fef59428995ef5e84de81c79216b2e245d55917311c5843a042481c48a4539
a626acd478f8809886b4158c7345f72c60aa6c4525b40c3c6ae0b5391433db5f
ac24bba792c7c508c2c851d5e21b6748c819d4c76dc5f69d43a8a1554cc26599
ac3e84b0fe6c7f0496f115a52c1d65c1664005d096fb5dc7ecabd72a385c2314
ad1529c3ceaca35026159b91ea6a7d218cd48ded2dfbdcfad1b8df109c8b33db
ad45e2d674f6b9b7a6a92375f229b8b6a15b82c481da63af9b99f3dfc16e2650
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1dc96d4d60f5a6f3eb20a7f52df75cd7bcd23e6bbd2fba272bc703cffe2ae7d
b4533db70d6fb219cba7cca73a7bb547de1e6510d6b32d6745babad98963a9da
b6fda015b769744c0482a5bc7ebfce503c634e1203688533285e3df2c12d36d8
bb1495acf60837af4f954cae34eab05277db24ff46b9ff02b94de5cc7b5b343f
bb15b5ce8e2e9e3e23a7025b0bdb1a5f7d9d36bfe70be07cb9cf853187c60215
bc12347103da4da2ac30f8b4defd567679284e0bad691a54fad78ad804fc9c27
bd13cd271e587362e366fddb82b92dc5bf7b653526b168e6722b6b34b96edfc7
bdeed1e1c0751610c8f3dc2a5c78c93f841c366b36a7f7a54f5e6752c2656c05
c1d8f83e63cf78a8dd793243c768dc01b86b5260296efed518e9d19f5e20b739
c3ec5fd82b2b5642bcd2bb6f6db113306135239c684e8b41ee971aaeeb436d84
c58ec14ea79b2b776949764b7bbe3c45e7721a8e0a53537dc5c10cc6053c3106
c8501980637b40d9cecdc1a9198d5c9c6d055616e1fe8592d312e3be7199d4d8
ccce9fb5b5fb558b285701f9bc0e4335b0e9c84c6990f8ebab1091756e12ac5f
d21d9229537f1664110ecfe283d2cc3c33f28b9d3c89cf45b2b99013e37b6083
d3b3307b1a649262024e7a6ab3818d24d52baad4366d72b683c08c4b6f1d5374
d5382c633930ac082b240a55e34bb0fb60a6c716a50d4670f0dcbcd517a250bb
d72c9fb59846aff6405d2973c81bd8da823493502fab893e026a736a1ba01838
d98b92fee3045fb0e5c63ebe7f015c12bf1a950687062e66d6536a28076b7f84
dd39f76fb2ca24f0932f53532961ffcd97890c706a4ae353f505238b877efb5c
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
de5930d6e271c5c1c05b7aea56d8f2c2d849c316b69b9ed3cc6cc6fa55d2fbc5
df1b04cae9d73e1266eecd6ca81e5d60d23b86aa8b89eaaec7fb50c431fe8ed1
df8ce6a8c82590aee85242f46222053a044cc615f5a96c75e2106e5695e9f734
dfe0f214033137458ef713b2a321b79ffdc0c687e1d65478642ff093f4edae27
e055a9f15a6cc5e2488bd408dffbf00b3691d6e857c20c34eb7f4bcc70271e18
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
edd3a3883085ee1bed0760608197edfcdc77bfa78e12bae10f9bd9e1f4e28b7b
ef0884934d167c1a878dd2ceff085b16467976327f669e34b4a5107ae8304163
f28c0836fa2ac47d1909d6ca79215cba27598352fa5f0361d2d145b8add706a2
fee1581dd855b68335a76d3cfcf4721e8c336d1711ac9a490901684ffb1e3f7d
fffc3dc4d563105885df621a4eb075480a26f067827c813c2b9db0eaf73b5cea